Jump to content
MaxCheaters Official Group on X
MaxCheaters Official Group on Discord
--> Place your ad text here <--
  • 0

Automatic verify and ban unauthorized skills - L2JFrozen

dextroy

Asked by dextroy,

 Share

Question

dextroy Contributor

dextroy

Posted
Posted

Hello, i need some help if anyone know:

 

I have a multiskill server (L2JFrozen rev) and I've recently had some hacker enter my server and he was able to learn monster passive skills/active skills and some skills that aren't in any character skill tree, like valakas buff, super haste, etc.

 

Since it happened i activated the AllowedSkills function (plus also activating it on the Protected folder CheckSkillsOnEnter), and added on the list only the character skills on the list (1-500 and 1000-1500), however, the function doesn't seem to be working.

 

Is there a way a can put a verification on L2PcInstance or some other java instance to automatically ban player/delete skills between 3000-7000 or something like that? My source code already has something like this (i'll be posting below), but it doesn't seem to be working (i tested with another character and nothing happened to it).

  

	/**
	 * check player skills and remove unlegit ones (excludes hero, noblesse and cursed weapon skills).
	 */
	public void checkAllowedSkills()
	{
		boolean foundskill = false;
		if (!isGM())
		{
			Collection<L2SkillLearn> skillTree = SkillTreeTable.getInstance().getAllowedSkills(getClassId());
			// loop through all skills of player
			for (final L2Skill skill : getAllSkills())
			{
				final int skillid = skill.getId();
				// int skilllevel = skill.getLevel();
				
				foundskill = false;
				// loop through all skills in players skilltree
				for (final L2SkillLearn temp : skillTree)
				{
					// if the skill was found and the level is possible to obtain for his class everything is ok
					if (temp.getId() == skillid)
					{
						foundskill = true;
					}
				}
				
				// exclude noble skills
				if (isNoble() && skillid >= 325 && skillid <= 397)
				{
					foundskill = true;
				}
				
				if (isNoble() && skillid >= 1323 && skillid <= 1327)
				{
					foundskill = true;
				}
				
				// exclude hero skills
				if (isHero() && skillid >= 395 && skillid <= 396)
				{
					foundskill = true;
				}
				
				if (isHero() && skillid >= 1374 && skillid <= 1376)
				{
					foundskill = true;
				}
				
				// exclude cursed weapon skills
				if (isCursedWeaponEquiped() && skillid == CursedWeaponsManager.getInstance().getCursedWeapon(_cursedWeaponEquipedId).getSkillId())
				{
					foundskill = true;
				}
				
				// exclude clan skills
				if (getClan() != null && skillid >= 370 && skillid <= 391)
				{
					foundskill = true;
				}
				
				// exclude seal of ruler / build siege hq
				if (getClan() != null && (skillid == 246 || skillid == 247))
					if (getClan().getLeaderId() == getObjectId())
					{
						foundskill = true;
					}
				
				// exclude fishing skills and common skills + dwarfen craft
				if (skillid >= 1312 && skillid <= 1322)
				{
					foundskill = true;
				}
				
				if (skillid >= 1368 && skillid <= 1373)
				{
					foundskill = true;
				}
				
				// exclude sa / enchant bonus / penality etc. skills
				if (skillid >= 3000 && skillid < 7000)
				{
					foundskill = true;
				}
				
				// exclude Skills from AllowedSkills in options.properties
				if (Config.ALLOWED_SKILLS_LIST.contains(skillid))
				{
					foundskill = true;
				}
				
				// exclude Donator character
				if (isDonator())
				{
					foundskill = true;
				}
				
				// exclude Aio character
				if (isAio())
				{
					foundskill = true;
				}
				
				// remove skill and do a lil LOGGER message
				if (!foundskill)
				{
					removeSkill(skill);
					
					if (Config.DEBUG)
					{
						// sendMessage("Skill " + skill.getName() + " removed and gm informed!");
						LOGGER.warn("Character " + getName() + " of Account " + getAccountName() + " got skill " + skill.getName() + ".. Removed!"/* + IllegalPlayerAction.PUNISH_KICK */);
						
					}
				}
			}
			
			// Update skill list
			sendSkillList();
			
			skillTree = null;
		}
	}

 

 

50 answers to this question

Recommended Posts

  • 0
HyperBlown Proficient

HyperBlown

Posted
Posted (edited)
7 minutes ago, dextroy said:

Alright, in the meantime i was testing l2phx with my previous code. And it also seems like my protection worked. I used it's injection to learn Super Haste and got this:

image.png.1cb5a730babc51c9475260f18d17a7ec.png

So i'll use your code that fits plus the one i added previously. I guess this should fix this particular issue.

 

Additionally, would you know how i could make it create a simple log file, or add it's messages to the server log? This way i can keep up with players that are trying to exploit the server easily, because as of it is, there's no logs being generated, just kicking out.

You can check how other logs are made. 
If your issue has been resolved, please lock the topic or will assume it is and close it later.

Edited by HyperBlown
  • 0
dextroy Contributor

dextroy

Posted
  • Author
Posted

Ok fine, thanks for the support, with all the information i think i can make a plausible solution.

 

@melron I did read all of your post, i appreciate the information and the lesson. But about what you said in the beginning: the code may have breaches? Yeah, it might, but it's still essentially a 3rd party programming sending information it's NOT supposed to be sent to the server, so it is hacking, you just prefer to interprete as codes and lines, which is essentially what everything on the internet is.

 

As for paying, then what's the point of having a "Free" Forum with a Help section if you lot don't wanna help whatsoever?

 

Why the heck are you "mods" or whatever role you have are so dissatisfied having to reply what's supposed to be a "Free" forum?

 

I get not wanting to help, maybe thinking the question is simple for you, but if you don't want to, then skip. If you want to be paid, then talk to the Forum owners to make this a paid section. 

 

But why do you lot feel the need to come here to say "you're wrong, you know nothing, what you use is shit, i'm superior, bla bla"?

 

Ya'll need to chill, so much arrogance from you lot over a question.

 

For whoever it fits: If you're so dissatisfied with a question but still feel the need to come out and say things like that, here's a tip: the problem ain't with me.

 

Feel free to close the thread. Peace 🖐️

  • 0
melron Community Regular

melron

Posted
Posted
2 minutes ago, dextroy said:

Ok fine, thanks for the support, with all the information i think i can make a plausible solution.

 

@melron I did read all of your post, i appreciate the information and the lesson. But about what you said in the beginning: the code may have breaches? Yeah, it might, but it's still essentially a 3rd party programming sending information it's NOT supposed to be sent to the server, so it is hacking, you just prefer to interprete as codes and lines, which is essentially what everything on the internet is.

 

As for paying, then what's the point of having a "Free" Forum with a Help section if you lot don't wanna help whatsoever?

 

Why the heck are you "mods" or whatever role you have are so dissatisfied having to reply what's supposed to be a "Free" forum?

 

I get not wanting to help, maybe thinking the question is simple for you, but if you don't want to, then skip. If you want to be paid, then talk to the Forum owners to make this a paid section. 

 

But why do you lot feel the need to come here to say "you're wrong, you know nothing, what you use is shit, i'm superior, bla bla"?

 

Ya'll need to chill, so much arrogance from you lot over a question.

 

For whoever it fits: If you're so dissatisfied with a question but still feel the need to come out and say things like that, here's a tip: the problem ain't with me.

 

Feel free to close the thread. Peace 🖐️

 

From all the things i said, thats your final answer?

Quote

I get not wanting to help, maybe thinking the question is simple for you, but if you don't want to, then skip. If you want to be paid, then talk to the Forum owners to make this a paid section. 

Why so much hate mate?

 

I didn't want to offend you but i'll answer your questions.

 

The forum doesn't have any "Free codes" section but instead, a help section. When ever you receiving a help by a hint or by a single line of code and then you have to complete by your own, you writing im not dev. So what? You are just want the rest of the code! So what? You are just want the full code. I don't really care, i always providing codes here and there, but i can't see someone who asking for help in a help section and not on FREE CODE SECTION and saying give me the solution.

 

 

As for paying, what's wrong with that? What's wrong to give some bucks (probably 2 euro was that) and clean your head with all these shits? What's wrong to prove your self that you respect some people who knows better a few things that you don't? Ok now, you got what you want TWICE. 

  • 0
BruT Rising Star

BruT

Posted
Posted (edited)

@melron is the last guy in this forum who would need your silly 5 usds which u cant even afford, this bug will probly take him seconds to figure out and max 5 mins to fix

 

actually you arent asking for a help because u have no idea what to do with the info you get, but u are asking someone to fix it for you for free.

Edited by BruT
  • 0
HyperBlown Proficient

HyperBlown

Posted
Posted

Taking in consideration that the post question has been answered I will be closing the topic. If the owner wants to unlock, he can do it so.

Guest
This topic is now closed to further replies.
 Share
Go to question listing


×
×
  • Create New...