AlliedModders

AlliedModders (https://forums.alliedmods.net/index.php)
-   Off-Topic (https://forums.alliedmods.net/forumdisplay.php?f=15)
-   -   Problems with Slowhackers / Config screwers Fix . . . (https://forums.alliedmods.net/showthread.php?t=25530)

techwg 03-15-2006 18:06

Problems with Slowhackers / Config screwers Fix . . .
 
after reviewing some of my own techniques of doing commands in cs, i found that you can "alias" a CVAR and maybe some small commands so that when they are attempted to be changed, they can not be changed. For example this is my file i personally use


alias cl_cmdrate ""
alias fps_modem ""
alias model ""
alias name ""
alias cl_backspeed ""
alias fps_max ""
alias cl_frontspeed ""
alias rate ""
alias cl_sidespeed ""
alias m_pitch ""
alias m_side ""
alias m_yaw ""
alias GL_TEXTUREMODE ""
alias bind ""
alias volume ""
alias cl_updaterate ""
alias sensitivity ""
alias fakelag ""
alias unbind ""
alias cl_cmdrate ""
alias cl_lb ""
alias cl_lc ""
alias cl_lw ""
alias fakeloss ""
alias cl_timeout ""
alias kill ""
alias "disconnect" ""
alias "quit" ""
alias cl_timeout ""
alias developer ""
alias "cd eject" ""
alias voice_enable ""


This prevents people from altering your own settings - NOTE . .

making your config read only is not protection enough. since malicious plugins turn developer 1 on, change your settings and make you quit - Developer 1 saves over a read only config. dont believe me? try it.

i have written a little system ages ago to protect from the after affects of bad plugins but it was BAT file based and you had to run an ok computer to not lag. THis little technique above will hopefully make you guys more save in servers using bad config "tweaks . ."

Put that in a file and call the file userconfig.cfg

Please feel free to alter is and post your aditions here for all to see - You may want to omit some like name incase you want to change your name ingame.

Your thoughts please . .


best regards

WG

eFrigid 03-15-2006 18:08

Or just make your config files read only. But good idea.

techwg 03-15-2006 18:20

unfortunatly, as i said in my last post, :

If you make your config.cfg read only, it can still be "screwed" by them turning developer 1 on then making you quit. Try it.

make your config.cfg readonly, then go into a server and type

bind mouse1 "say testing";quit

then go into your config.cfg and you will see it has been changed..

Just (as you may already know!) to fix it type

bind mouse1 "+attack"


My method in my first post will prevent people in real time from messing up CVARS and some commands maybe too. they "if they really want" can mess up binds because i cant find any way to stop them. but people changing their buttons is easy from the menu and anyone should know how to do that anyway. as for CVAR's normal average users would be very stuck if they god messed with. That method will protect them --

please if you know of any bad cvar i missed please add them in the same format as i did so they can be coppied into other peoples config files if they decide to use this protection method..

regards

WG

v3x 03-15-2006 18:24

Interesting.

techwg 03-15-2006 18:27

yes it is indeed. I dont know why but it does work. i found this out when i was searching in a plugins source called "amx fuckoff" that jsauce makes and he had a note in there in the version log that he added developer 1 to bypass readonly cfg files. now i know how basically the system works i can prevent it from happening. I think that if someone wants to have a malicious plugin or system, they should make it their self and not publish it because in the hands of bad people, innocent people get hurt and its WRONG . . just as in the post about why slowhacking is bad. I am hopefully giving some people a chance at some protection from these foolish individuals that run these plugins.
V3x did you not know that developer 1 read only thing ?

Twilight Suzuka 03-15-2006 21:46

This knowledge has been around for...um...since before AMX and AMXx even existed.

commands are checked, than alias's, than CVAR's. However, your method will only work with SOME CVAR's. Which means you won't really be protected from that much stuff.

techwg 03-15-2006 22:14

well all the cvars on my list are protected. Most commands i have seen are not protected

This does protect even against someone enabling developer modes . .

So in this case it is very very useful

Twilight Suzuka 03-15-2006 22:31

Say that when all of your keys are bound to kill or quit! FACE!

techwg 03-15-2006 22:35

Err sorry ? Since when was BIND a CVAR ?
i said most commands dont ork. Bind does not work from my testing. if its still in the config, its because i have not deleted it since its not harming anything being there. As i said since developer 1 is protected they cant overwrite my binds since they cant obtain access. When the protram closes my config is intact inface all i would need is my config.cfg write protected, and 1 line in it saying alias developer "" thats it. This will protect all my values, and stop them obtaining rights to overwrite the cfg file. . . . There is madness in my method, and method in my madness . .

:D

Xanimos 03-15-2006 22:47

Best way to protect yourself is to make copy your config file to a file called lets say for example "cant_touch_this_haha_bitch.cfg" then make it read-only(this part is unnecesary) then add in your config.cfg (or autoexec.cfg <- is better) a line 'exec cant_touch_this_haha_bitch.cfg' then save it (make it read-only for save keeping)

That way if they use developer 1 and then over-write your configs you will still save all your settings nice and neatly in a file they will never know about and can't get ahold of.


All times are GMT -4. The time now is 02:09.

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.