Im just asking great tools and docs about lua to learn it in the summertime when im OFFLINE :( - thx in advance.
Offtopic : sorry for doing so many requests here in the board but i simply have no time to learn lua, and the hub must go on... :D
Yes pls,... I 'd like that kind of resources ... if someone knows something it will be good help .. ;)
For us two and many others ...
some good resource starts with... as plop pointed out in another post, scripting.txt in the docs folder of ptokax...
Also another good place is http://www.lua.org/manual/ but remember ptokax currently uses lua4.0...
And the last good place is http://wza.digitalbrains.com/DC/doc/, this contains docs on the p2p protocol
which can be very usefull when working with clients...
more to come soon
Thx m8
Now the only q is the compiling, writing etc tools for lua.
hey bastya_elvtars,... not sure what u ment, but for ptokax lua is simply writin in notepad
and saved with the extension .lua. The best thing to do, is set windows to automaticly
open .lua files with notepad...
neways...here is more usefull info, ...
The basic functions ptokax uses and the main protocol commands that can be handled...
function Main()
frmHub:EnableSearchData(1)
frmHub:EnableFullData(1)
end
function DataArrival(user, data)
if strsub(data, 1, 4) == "$Key" then
elseif strsub(data, 1, 13) == "$ValidateNick" then
elseif strsub(data, 1, 7) == "$MyPass"
elseif strsub(data, 1, 12) == "$GetNickList" then
elseif strsub(data, 1, 7) == "$MyINFO" then
elseif strsub(data, 1, 8) == "$GetINFO" then
elseif strsub(data, 1, 8) == "$Version" then
elseif strsub(data, 1, 12) == "$ConnectToMe" then
elseif strsub(data, 1, 15) == "$RevConnectToMe" then
elseif strsub(data, 1, 7) == "$Search" then
elseif strsub(data, 1, 3) == "$SR" then
elseif strsub(data, 1, 4) == "$To:" then
elseif strsub(data, 1, 5) == "$Kick" then
elseif strsub(data, 1, 12) == "$OpForceMove" then
elseif strsub(data, 1, 5) == "$Quit" then
end
end
function OpConnected(user)
end
function OpDisconnected(user)
end
function NewUserConnected(user)
end
function UserDisconnected(user)
end
function OnExit()
end
*** Edited
the best way to learn is by looking at other scripts that can do something u wanna do, and tri
to write it into ur own scripts...
one of the most important things is ur script layout and how you name your variables, because
if this is poor, ur script becomes very hard to read and maintain when debugin.
more to come on this very soon, have to run home for a miny =]
hey guys, had some more spare time =]...
before i showed you guys all the main p2p protocol and how to handle it on ptokax servers,
now im gonna show you how load all the variables from the protocol commands using the strfind method in lua...
in this example the server script will listen for all p2p commands and then break down the variables in the
commands, to then send back the variable names and settings that were in the command.
:: note :: $OpForceMove
function Main()
frmHub:EnableSearchData(1)
frmHub:EnableFullData(1)
end
function DataArrival(tUser, sData)
if strsub(sData, 1, 4) == "$Key" then
-- :: $Key |
local _,_, sLock = strfind(sData, "%$Key (.*)|")
tUser:SendData("Key -> sLock: " .. sLock)
elseif strsub(sData, 1, 13) == "$ValidateNick" then
-- :: $ValidateNick |
local _,_, sNick = strfind(sData, "%$ValidateNick (%S+)|")
tUser:SendData("ValidateNick -> sNick: " .. sNick)
elseif strsub(sData, 1, 7) == "$MyPass" then
-- :: $MyPass |
local _,_, sPassword = strfind(sData, "%$MyPass (.*)|")
tUser:SendData("MyPass -> sPassword: " .. sPassword)
elseif strsub(sData, 1, 8) == "$Version" then
-- :: $Version |
local _,_, iVersion = strfind(sData, "%$Version (%S+)|")
tUser:SendData("Version -> iVersion: " .. iVersion)
elseif strsub(sData, 1, 12) == "$GetNickList" then
-- :: $GetNickList|
elseif strsub(sData, 1, 7) == "$MyINFO" then
-- :: $MyINFO $ALL <>$ $$$$|
local _,_, sUsername, sDescription, sSpeed, sEmail, iShareSize = strfind(sData, "^%$MyINFO %$ALL ([^ ]+) ([^$]*)%$ $([^$]+)[^$]%$([^$]*)%$%s*(%d+)%$")
local _,_, sTag = strfind(sDescription, "<(.*)>")
tUser:SendData("MyINFO -> sUsername: " .. (sUsername or "none") .. " -> sDescription: " .. (sDescription or "none") .. " -> sSpeed: " .. (sSpeed or "none") .. " -> sEmail: " .. (sEmail or "none") .. " -> iShareSize: " .. (iShareSize or "none"))
elseif strsub(sData, 1, 8) == "$GetINFO" then
-- :: $GetINFO |
local _,_, sToGet, sUsername = strfind(sData, "%$GetINFO (%S+) (.*)|")
tUser:SendData("GetINFO -> sToGet: " .. sToGet .. ", sUsername: " .. sUsername)
elseif strsub(sData, 1, 12) == "$ConnectToMe" then
-- :: $ConnectToMe :|
local _,_, sToGet, sIP, sPort = strfind(sData, "%$ConnectToMe (%S+) (%d+):(%d+)|")
tUser:SendData("ConnectToMe -> sToGet: " .. sToGet .. ", sIP: " .. sIP .. ", sPort: " .. sPort)
elseif strsub(sData, 1, 15) == "$RevConnectToMe" then
-- :: $RevConnectToMe |
local _,_, sUsername, sToGet = strfind(sData, "%$RevConnectToMe (%S+)%s+(.*)|")
tUser:SendData("RevConnectToMe -> sUsername: " .. sUsername .. ", sToGet: " .. sToGet)
elseif strsub(sData, 1, 17) == "$MultiConnectToMe" then
-- :: $MultiConnectToMe : :|
local _,_, sUsername, sIP, sPort, sServerIP, sServerPort = strfind(sData, "%$MultiConnectToMe (%S+)%s+(%d+):(%d+)%s+(%d+):(%d+)|")
tUser:SendData("MultiConnectToMe -> sUsername: " .. sUsername .. ", sIP: " .. sIP .. ", sPort: " .. sPort .. ", sServerIP: " .. sServerIP .. ", sServerPort: " .. sServerPort)
elseif strsub(sData, 1, 12) == "$Search Hub:" then -- Pasive Searchs
-- :: $Search Hub: |
local _,_, sUsername, sSearch = strfind(sData, "$Search Hub:(%S+)%s+(.*)|")
tUser:SendData("Search Hub: -> sUsername: " .. sUsername .. ", sSearch: " .. sSearch)
elseif strsub(sData, 1, 7) == "$Search" then -- Active Searchs
-- :: $Search : |
local _,_, sIP, sPort, sSearch = strfind(sData, "%$Search (%d+):(%d+)%s+(.*)|")
tUser:SendData("Search -> sIP: " .. sIP .. ", sPort: " .. sPort .. ", sSearch: " .. sSearch)
elseif strsub(sData, 1, 3) == "$SR" then -- Passive Search Returns
-- :: $SR / ([:])|
local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)(%d+) (%d+)/(%d+)(.*)(.*)|")
elseif strsub(sData, 1, 4) == "$To:" then
-- :: $To: From: $<> |
local _,_, sTo, sFrom, sUsername, sMessage = strfind(sData, "%$To: (%S+)%s+%From:%s+(%S+)%s+%$<(.*)>%s+(.*)|")
tUser:SendData("To: -> sTo: " .. sTo .. ", sFrom: " .. sFrom .. ", sUsername: " .. sUsername .. ", sMessage: " .. sMessage)
elseif strsub(sData, 1, 5) == "$Kick" then
-- :: $Kick |
local _,_, sToGet = strfind(sData, "%$Kick (.*)|")
tUser:SendData("Kick -> sToGet: " .. sToGet)
elseif strsub(sData, 1, 12) == "$OpForceMove" then
-- :: $OpForceMove $Who:$Where:$Msg:|
--local _,_, s = strfind(sData, "")
elseif strsub(sData, 1, 5) == "$Quit" then
-- :: $Quit |
local _,_, sUsername = strfind(sData, "%$Quit (.*)|")
tUser:SendData("Quit -> sUsername: " .. sUsername)
end
end
function OpConnected(user)
end
function OpDisconnected(user)
end
function NewUserConnected(user)
end
function UserDisconnected(user)
end
function OnExit()
end
now, one thing to notice is how most of the commands actually contain a username variable. This
makes the system open to hackers unless these gates are closed by scripts.
An example of how to find a '$GetINFO' hack
elseif strsub(sData, 1, 8) == "$GetINFO" then
-- :: $GetINFO |
local _,_, sToGet, sUsername = strfind(sData, "%$GetINFO (%S+) (.*)|")
tUser:SendData("GetINFO -> sToGet: " .. sToGet .. ", sUsername: " .. sUsername)
if sUsername ~= tUser.sName then
tUser:SendData("*** We dont like hackers in our hubs!")
tUser:Ban()
tUser:Disconnect()
return 1
end
Here the sUsername variables should be the same as tUser.sName, and if its not, then the client sending
the getinfo command is faking its name, and should be banned from the server.
:: A list of commands that can be hacked! ::
:: note :: important hack detectors that should be added to p2p commands ive places ! infront of ::
!$MyINFO -- Fake user
$GetINFO -- Fake user
$ConnectToMe -- Fake ip\port
$RevConnectToMe -- Fake user
$MultiConnectToMe -- Fake user
$Search Hub: -- Fake user
$Search -- Fake ip\port
!$SR -- Fake user
!$To: -- Fake user
!$Quit -- Fake user
With a hacked MyINFO string, clients can pass invalid usernames to the server, and have
the server resend the new nicks to clients. besides this they can used make fake shares, fake
open slots, fake bandwidth and a whole bunch more.
SR hacks can stop users from being kicked by bots when banned expressions are found in
the passive search returns.
To: hacks enable clients to send pms to any user with a fake nick. It can even allow operator
names to be used to advertise and beat anti adversting shields.
and Quit hacks can remove every user from the userlist while still leaving the connections open,
meaning it can hide clients, and inturn these clients can spam the server, while the admin doesnt
have a clue whats going on
hope this teaches someone something new =]
Isnt there a way to close socket in Ptokax, when $Quit are sent, by client?
yea there is VidFamne ...
to close a socket simply use, ...
user table : Disconnect()
eg, ...
tUser:Disconnect()
noza
just realised that $SL had no handle above:-
elseif strsub(sData, 1, 3) == "$SR" then -- Passive Search Returns
-- :: $SR / ([:])|
local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)(%d+) (%d+)/(%d+)(.*)(.*)|")
*** last post updated for this topic
Corayzon man ...
Really amazing jumpstart script for capturing Protocol data in this DataArrival of yours,
! ! Appreciated ! !
just to point out, ...
local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)(%d+) (%d+)/(%d+)(.*)(.*)|")
has some problems, ...
local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)%(%d+) (%d+)/(%d+)%(.*)%(.*)|")
the chars are not escaped. this can cause all the locals to nil out, therefor fuking up entire handle.
This was found in cslave after i had bout 50 $SR hacker disconnections on a small test hub awhile ago :P
n0za
QuoteThis was found in cslave after i had bout 50 $SR hacker disconnections on a small test hub awhile ago :P
hehe
Still damn good code ;)
Thanks for sharing :)