Author Topic: Howto how to?  (Read 3981 times)

0 Members and 1 Guest are viewing this topic.

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 752
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
Howto how to?
« on: 02 June, 2004, 02:22:37 »
Im just asking great tools and docs about lua to learn it in the summertime when im OFFLINE :( - thx in advance.

Offtopic : sorry for doing so many requests here in the board but i simply have no time to learn lua, and the hub must go on... :D
Everything could have been anything else and it would have just as much meaning.

PtokaX forum

Howto how to?
« on: 02 June, 2004, 02:22:37 »

Herodes

  • Guest
(No subject)
« Reply #1 on: 02 June, 2004, 02:29:20 »
Yes pls,... I 'd like that kind of resources ... if someone knows something it will be good help .. ;)  
For us two and many others ...

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #2 on: 02 June, 2004, 03:42:33 »
some good resource starts with... as plop pointed out in another post, scripting.txt in the docs folder of ptokax...

Also another good place is http://www.lua.org/manual/ but remember ptokax currently uses lua4.0...

And the last good place is http://wza.digitalbrains.com/DC/doc/, this contains docs on the p2p protocol
which can be very usefull when working with clients...

more to come soon
« Last Edit: 05 June, 2004, 07:15:28 by Corayzon »

Offline bastya_elvtars

  • Forum God
  • ****
  • Posts: 3 752
  • Karma: +173/-7
  • The rock n' roll doctor
    • The FreshStuff3 Site
(No subject)
« Reply #3 on: 02 June, 2004, 03:51:04 »
Thx m8
Now the only q is the compiling, writing etc tools for lua.
Everything could have been anything else and it would have just as much meaning.

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #4 on: 02 June, 2004, 03:54:07 »
hey bastya_elvtars,... not sure what u ment, but for ptokax lua is simply writin in notepad
 and saved with the extension .lua. The best thing to do, is set windows to automaticly
open .lua files with notepad...

neways...here is more usefull info, ...

The basic functions ptokax uses and the main protocol commands that can be handled...

Code: [Select]
function Main()
frmHub:EnableSearchData(1)
frmHub:EnableFullData(1)
end

function DataArrival(user, data)
if strsub(data, 1, 4) == "$Key" then

elseif strsub(data, 1, 13) == "$ValidateNick" then

elseif strsub(data, 1, 7) == "$MyPass"

elseif strsub(data, 1, 12) == "$GetNickList" then

elseif strsub(data, 1, 7) == "$MyINFO" then

elseif strsub(data, 1, 8) == "$GetINFO" then

elseif strsub(data, 1, 8) == "$Version" then

elseif strsub(data, 1, 12) == "$ConnectToMe" then

elseif strsub(data, 1, 15) == "$RevConnectToMe" then

elseif strsub(data, 1, 7) == "$Search" then

elseif strsub(data, 1, 3) == "$SR" then

elseif strsub(data, 1, 4) == "$To:" then

elseif strsub(data, 1, 5) == "$Kick" then

elseif strsub(data, 1, 12) == "$OpForceMove" then

elseif strsub(data, 1, 5) == "$Quit" then

end
end

function OpConnected(user)
end

function OpDisconnected(user)
end

function NewUserConnected(user)
end

function UserDisconnected(user)
end

function OnExit()
end

*** Edited

the best way to learn is by looking at other scripts that can do something u wanna do, and tri
to write it into ur own scripts...

one of the most important things is ur script layout and how you name your variables, because
if this is poor, ur script becomes very hard to read and maintain when debugin.

more to come on this very soon, have to run home for a miny =]
« Last Edit: 05 June, 2004, 07:16:15 by Corayzon »

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
more good help
« Reply #5 on: 05 June, 2004, 07:14:03 »
hey guys, had some more spare time =]...

before i showed you guys all the main p2p protocol and how to handle it on ptokax servers,
now im gonna show you how load all the variables from the protocol commands using the strfind method in lua...

in this example the server script will listen for all p2p commands and then break down the variables in the
commands, to then send back the variable names and settings that were in the command.

:: note :: $OpForceMove

Code: [Select]
function Main()
frmHub:EnableSearchData(1)
frmHub:EnableFullData(1)
end

function DataArrival(tUser, sData)
if strsub(sData, 1, 4) == "$Key" then
-- :: $Key |
local _,_, sLock = strfind(sData, "%$Key (.*)|")
tUser:SendData("Key -> sLock: " .. sLock)

elseif strsub(sData, 1, 13) == "$ValidateNick" then
-- :: $ValidateNick |
local _,_, sNick = strfind(sData, "%$ValidateNick (%S+)|")
tUser:SendData("ValidateNick -> sNick: " .. sNick)

elseif strsub(sData, 1, 7) == "$MyPass" then
-- :: $MyPass |
local _,_, sPassword = strfind(sData, "%$MyPass (.*)|")
tUser:SendData("MyPass -> sPassword: " .. sPassword)

elseif strsub(sData, 1, 8) == "$Version" then
-- :: $Version |
local _,_, iVersion = strfind(sData, "%$Version (%S+)|")
tUser:SendData("Version -> iVersion: " .. iVersion)

elseif strsub(sData, 1, 12) == "$GetNickList" then
-- :: $GetNickList|

elseif strsub(sData, 1, 7) == "$MyINFO" then
-- :: $MyINFO $ALL <>$ $$$$|
local _,_, sUsername, sDescription, sSpeed, sEmail, iShareSize = strfind(sData, "^%$MyINFO %$ALL ([^ ]+) ([^$]*)%$ $([^$]+)[^$]%$([^$]*)%$%s*(%d+)%$")
local _,_, sTag = strfind(sDescription, "<(.*)>")
tUser:SendData("MyINFO -> sUsername: " .. (sUsername or "none") .. " -> sDescription: " .. (sDescription or "none") .. " -> sSpeed: " .. (sSpeed or "none") .. " -> sEmail: " .. (sEmail or "none") .. " -> iShareSize: " .. (iShareSize or "none"))

elseif strsub(sData, 1, 8) == "$GetINFO" then
-- :: $GetINFO |
local _,_, sToGet, sUsername = strfind(sData, "%$GetINFO (%S+) (.*)|")
tUser:SendData("GetINFO -> sToGet: " .. sToGet .. ", sUsername: " .. sUsername)

elseif strsub(sData, 1, 12) == "$ConnectToMe" then
-- :: $ConnectToMe :|
local _,_, sToGet, sIP, sPort = strfind(sData, "%$ConnectToMe (%S+) (%d+):(%d+)|")
tUser:SendData("ConnectToMe -> sToGet: " .. sToGet .. ", sIP: " .. sIP .. ", sPort: " .. sPort)

elseif strsub(sData, 1, 15) == "$RevConnectToMe" then
-- :: $RevConnectToMe |
local _,_, sUsername, sToGet = strfind(sData, "%$RevConnectToMe (%S+)%s+(.*)|")
tUser:SendData("RevConnectToMe -> sUsername: " .. sUsername .. ", sToGet: " .. sToGet)

elseif strsub(sData, 1, 17) == "$MultiConnectToMe" then
-- :: $MultiConnectToMe : :|
local _,_, sUsername, sIP, sPort, sServerIP, sServerPort = strfind(sData, "%$MultiConnectToMe (%S+)%s+(%d+):(%d+)%s+(%d+):(%d+)|")
tUser:SendData("MultiConnectToMe -> sUsername: " .. sUsername .. ", sIP: " .. sIP .. ", sPort: " .. sPort .. ", sServerIP: " .. sServerIP .. ", sServerPort: " .. sServerPort)

elseif strsub(sData, 1, 12) == "$Search Hub:" then -- Pasive Searchs
-- :: $Search Hub: |
local _,_, sUsername, sSearch = strfind(sData, "$Search Hub:(%S+)%s+(.*)|")
tUser:SendData("Search Hub: -> sUsername: " .. sUsername .. ", sSearch: " .. sSearch)

elseif strsub(sData, 1, 7) == "$Search" then -- Active Searchs
-- :: $Search : |
local _,_, sIP, sPort, sSearch = strfind(sData, "%$Search (%d+):(%d+)%s+(.*)|")
tUser:SendData("Search -> sIP: " .. sIP .. ", sPort: " .. sPort .. ", sSearch: " .. sSearch)

elseif strsub(sData, 1, 3) == "$SR" then -- Passive Search Returns
-- :: $SR  / ([:])|
local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)(%d+) (%d+)/(%d+)(.*)(.*)|")

elseif strsub(sData, 1, 4) == "$To:" then
-- :: $To: From: $<> |
local _,_, sTo, sFrom, sUsername, sMessage = strfind(sData, "%$To: (%S+)%s+%From:%s+(%S+)%s+%$<(.*)>%s+(.*)|")
tUser:SendData("To: -> sTo: " .. sTo .. ", sFrom: " .. sFrom .. ", sUsername: " .. sUsername .. ", sMessage: " .. sMessage)

elseif strsub(sData, 1, 5) == "$Kick" then
-- :: $Kick |
local _,_, sToGet = strfind(sData, "%$Kick (.*)|")
tUser:SendData("Kick -> sToGet: " .. sToGet)

elseif strsub(sData, 1, 12) == "$OpForceMove" then
-- :: $OpForceMove $Who:$Where:$Msg:|
--local _,_, s = strfind(sData, "")

elseif strsub(sData, 1, 5) == "$Quit" then
-- :: $Quit |
local _,_, sUsername = strfind(sData, "%$Quit (.*)|")
tUser:SendData("Quit -> sUsername: " .. sUsername)
end
end

function OpConnected(user)
end

function OpDisconnected(user)
end

function NewUserConnected(user)
end

function UserDisconnected(user)
end

function OnExit()
end

now, one thing to notice is how most of the commands actually contain a username variable. This
makes the system open to hackers unless these gates are closed by scripts.

An example of how to find a '$GetINFO' hack
Code: [Select]
elseif strsub(sData, 1, 8) == "$GetINFO" then
-- :: $GetINFO |
local _,_, sToGet, sUsername = strfind(sData, "%$GetINFO (%S+) (.*)|")
tUser:SendData("GetINFO -> sToGet: " .. sToGet .. ", sUsername: " .. sUsername)

if sUsername ~= tUser.sName then
tUser:SendData("*** We dont like hackers in our hubs!")
tUser:Ban()
tUser:Disconnect()
return 1
end
Here the sUsername variables should be the same as tUser.sName, and if its not, then the client sending
the getinfo command is faking its name, and should be banned from the server.

:: A list of commands that can be hacked! ::
:: note :: important hack detectors that should be added to p2p commands ive places ! infront of ::

!$MyINFO -- Fake user
$GetINFO -- Fake user
$ConnectToMe -- Fake ip\port
$RevConnectToMe -- Fake user
$MultiConnectToMe -- Fake user
$Search Hub: -- Fake user
$Search -- Fake ip\port
!$SR -- Fake user
!$To: -- Fake user
!$Quit -- Fake user

With a hacked MyINFO string, clients can pass invalid usernames to the server, and have
the server resend the new nicks to clients. besides this they can used make fake shares, fake
open slots, fake bandwidth and a whole bunch more.

SR hacks can stop users from being kicked by bots when banned expressions are found in
the passive search returns.

To: hacks enable clients to send pms to any user with a fake nick. It can even allow operator
names to be used to advertise and beat anti adversting shields.

and Quit hacks can remove every user from the userlist while still leaving the connections open,
meaning it can hide clients, and inturn these clients can spam the server, while the admin doesnt
have a clue whats going on

hope this teaches someone something new =]
« Last Edit: 19 June, 2004, 01:42:04 by Corayzon »

Offline VidFamne

  • Triple Ace
  • **
  • Posts: 173
  • Karma: +2/-0
(No subject)
« Reply #6 on: 05 June, 2004, 07:33:37 »
Isnt there a way to close socket in Ptokax, when $Quit are sent, by client?

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #7 on: 05 June, 2004, 07:40:45 »
yea there is VidFamne ...

to close a socket simply use, ...

user table : Disconnect()

eg, ...

tUser:Disconnect()

noza

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #8 on: 19 June, 2004, 01:39:55 »
just realised that $SL had no handle above:-

Code: [Select]
elseif strsub(sData, 1, 3) == "$SR" then -- Passive Search Returns
-- :: $SR  / ([:])|
local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)(%d+) (%d+)/(%d+)(.*)(.*)|")

*** last post updated for this topic

Herodes

  • Guest
(No subject)
« Reply #9 on: 29 June, 2004, 20:48:16 »
Corayzon man ...

Really amazing jumpstart script for capturing Protocol data in this DataArrival of yours,

 ! ! Appreciated ! !

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #10 on: 30 June, 2004, 01:28:43 »
just to point out, ...

local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)(%d+) (%d+)/(%d+)(.*)(.*)|")

has some problems, ...

local _,_, sFromNick, sSearchReturn, iFileSize, iOpenSlots, iTotalSlots, sHubInfo, sToNick = strfind(sArgs, "(%S+) (.*)%(%d+) (%d+)/(%d+)%(.*)%(.*)|")

the  chars are not escaped. this can cause all the locals to nil out, therefor fuking up entire handle.

This was found in cslave after i had bout 50 $SR hacker disconnections on a small test hub awhile ago :P

n0za
« Last Edit: 26 July, 2004, 10:12:59 by Corayzon »

Offline Snooze

  • Scripter
  • Viking
  • ******
  • Posts: 606
  • Karma: +54/-3
    • DiXBoT Website
(No subject)
« Reply #11 on: 26 July, 2004, 10:47:30 »
Quote
This was found in cslave after i had bout 50 $SR hacker disconnections on a small test hub awhile ago :P


hehe

Still damn good code ;)

Thanks for sharing :)

PtokaX forum

(No subject)
« Reply #11 on: 26 July, 2004, 10:47:30 »