[Fix]Bank System's Exploit

[Emrys]

As I see , the 80% of the servers that are using .bank, are exploitable....

Here It is the Fix.... I believe that everybody knows that but Noone has fixed it LoL... here it is:

Index: java/net/sf/l2j/gameserver/util/FloodProtectors.java
===================================================================
--- java/net/sf/l2j/gameserver/util/FloodProtectors.java	(revision 3541)
+++ java/net/sf/l2j/gameserver/util/FloodProtectors.java	(working copy)
@@ -65,6 +65,13 @@
	private final FloodProtectorAction _multiSell;

	/**
+	 * Banking system by TheEnd
+	*/
+		
+		private final FloodProtectorAction _BankingSystem;
+
+	
+	/**
	 * Creates new instance of FloodProtectors.
	 * 
	 * @param player
@@ -83,6 +90,8 @@
		_dropItem = new FloodProtectorAction(player, Config.FLOOD_PROTECTOR_DROP_ITEM);
		_serverBypass = new FloodProtectorAction(player, Config.FLOOD_PROTECTOR_SERVER_BYPASS);
		_multiSell = new FloodProtectorAction(player, Config.FLOOD_PROTECTOR_MULTISELL);
+		_BankingSystem = new FloodProtectorAction(player, Config.FLOOD_PROTECTOR_BANKING_SYSTEM);
	}

	/**
@@ -185,4 +194,9 @@
		return _multiSell;
	}

+		public FloodProtectorAction getBankingSystem() 
+		{
+			return _BankingSystem;
+		}
+
}
Index: java/net/sf/l2j/Config.java
===================================================================
--- java/net/sf/l2j/Config.java	(revision 3541)
+++ java/net/sf/l2j/Config.java	(working copy)
@@ -530,6 +530,8 @@
		new FloodProtectorConfig("ServerBypassFloodProtector");
	public static final FloodProtectorConfig FLOOD_PROTECTOR_MULTISELL =
		new FloodProtectorConfig("MultiSellFloodProtector");
+	public static final FloodProtectorConfig FLOOD_PROTECTOR_BANKING_SYSTEM = new FloodProtectorConfig("BankingSystemFloodProtector");
+


	//--------------------------------------------------
@@ -2403,6 +2471,7 @@

		else if (pName.equalsIgnoreCase("EnableManaPotionSupport")) L2JMOD_ENABLE_MANA_POTIONS_SUPPORT = Boolean.parseBoolean(pValue);

+
		else if (pName.equalsIgnoreCase("MinKarma")) KARMA_MIN_KARMA = Integer.parseInt(pValue);
		else if (pName.equalsIgnoreCase("MaxKarma")) KARMA_MAX_KARMA = Integer.parseInt(pValue);
		else if (pName.equalsIgnoreCase("XPDivider")) KARMA_XP_DIVIDER = Integer.parseInt(pValue);
Index: java/config/floodprotector.properties
===================================================================
--- java/config/floodprotector.properties	(revision 3541)
+++ java/config/floodprotector.properties	(working copy)
@@ -77,3 +77,10 @@
FloodProtectorMultiSellPunishmentLimit = 0
FloodProtectorMultiSellPunishmentType = none
FloodProtectorMultiSellPunishmentTime = 0
+
+FloodProtectorBankingSystemInterval = 1
+FloodProtectorBankingSystemLogFlooding = False
+FloodProtectorBankingSystemPunishmentLimit = 0
+FloodProtectorBankingSystemPunishmentType = none
+FloodProtectorBankingSystemPunishmentTime = 0
+
Index: data/scripts/handlers/voicedcommandhandlers/Banking.java
===================================================================
--- data/scripts/handlers/voicedcommandhandlers/Banking.java	(revision 6647)
+++ data/scripts/handlers/voicedcommandhandlers/Banking.java	(working copy)
@@ -39,6 +39,11 @@
	 */
	public boolean useVoicedCommand(String command, L2PcInstance activeChar, String target)
	{
+		if (!activeChar.getFloodProtectors().getBankingSystem().tryPerformAction("BankingSystem"))
+			        {
+			        	activeChar.sendMessage("You Cannot Use The Banking System So Fast!");
+			        }
+
		if (command.equalsIgnoreCase("bank"))
		{
			activeChar.sendMessage(".deposit (" + Config.BANKING_SYSTEM_ADENA + " Adena = " + Config.BANKING_SYSTEM_GOLDBARS + " Goldbar) / .withdraw (" + Config.BANKING_SYSTEM_GOLDBARS + " Goldbar = " + Config.BANKING_SYSTEM_ADENA + " Adena)");

TheEnd !

[Łighto™]

Really i don't know why you put credits to yourself since it is already implemented in interlude projects (equal, archid dunno in which) and i'm sure that you took it from there. It's just rediculous. Tell me honestly, with this way, you convince yourself that you know java?

 

Don't take it for flame b/c it's just my opinion!!

[mg13gr]

Really i don't know why you put credits to yourself since it is already implemented in interlude projects (equal, archid dunno in which) and i'm sure that you took it from there. It's just rediculous. Tell me honestly, with this way, you convince yourself that you know java?

 

Don't take it for flame b/c it's just my opinion!!

Where he gave credits to himself? :S

 

[Łighto™]

TheEnd !

 

And i saw that he watched the topic and he didn't replied so i haven't done any mistake.

He gaved credits to himself indeed. And if you take a look at the code you'll understand it too.

[Commodus]

And i saw that he watched the topic and he didn't replied so i haven't done any mistake.

He gaved credits to himself indeed. And if you take a look at the code you'll understand it too.

 

Puting your name in the end of your post doesn't mean that these are the credits.

 

Maybe this is his signature as many users put their name in the end of their posts.

 

Btw,the most important thing is that he SHARED this code as noone do it since now.

 

On Topic : Ty for sharing the code,TheEnd.

[mg13gr]

And i saw that he watched the topic and he didn't replied so i haven't done any mistake.

He gaved credits to himself indeed. And if you take a look at the code you'll understand it too.

I can call it "λογοπαίγνιο". His name is "TheEnd" and he added it in THE END. The end of the psot...

 

Anyway, ty for sharing dude.

[Emrys]

Really i don't know why you put credits to yourself since it is already implemented in interlude projects (equal, archid dunno in which) and i'm sure that you took it from there. It's just rediculous. Tell me honestly, with this way, you convince yourself that you know java?

 

Don't take it for flame b/c it's just my opinion!!

In l2j isnt Fixed.....

what i Said:

I believe that everybody knows that but Noone has fixed it LoL... here it is:

:O

 

-TheEnd

[Nik]

i think making the banking voice command synchronized will do quite the same job... but im not rly sure about that, gotta test it imo... if it works, it will be way better than this hardcodded custom flood protector >.>

 

[HammerV2]

thx mate, am using it, its usefull i was having problems whit this, not anymore :D, i changed the msj too :P

[SySt3MGaM3RFr3aKs]

thx mate, am using it, its usefull i was having problems whit this, not anymore :D, i changed the msj too :P

Old topic mate.. :D This is the most Well-Known Code :P

[papagei]

I think in the newest revisions of L2j this is history or do they still not have fixed that yet?

[browser]

what exactly does this script?

[azartik]

for some reason I was originally fixed, but still useful.