Anti-Hack System

I'm almost done developing my anti-hack system that's a spinoff of BurningFinger's. Any ideas for it people? Here's a copy of the txt file--

Quote:

---

PT Protector - v1.0

This program was created by DarkKnight to help enforce anti-hacking on private PristonTale servers.

So...What does this program do exactly? Well, it reads the server errors logs for errors commonly associated with hacking. Currently, this program exercises the energy bar error, as well as the defense/attack error. However, it also keeps in mine that other errors could popup more frequently in the future due to new methods/forms of hacking. Users can add these errors to what I labeled the "Error Library".

To use PT Protector, you must first configure it via the configuration toolbar button. You must set an interval that provides the bases of when PT Protector will check the error logs. It can be every 10-60 seconds. After it reads a log, it copies all the data over to a new file within the log folder (this allows the application to scan for hacking-induced errors more quickly). After providing the interval, you must also specify your SQL login information. This allows the program to connect to your SQL database so that it can ban the user that's hacking.

Also, this program conveniently has an "Exceptions" list as well. It will NOT ban any Username/IP in the exceptions list.



Thanks To--

BurningFinger -- for the entire idea of making this program.
Dark AvaThar -- for the idea of having an exceptions list.
Luistorres -- for mentioning the Client Attack/Defence error.
QuantumFusion -- for all his hardwork in the PT scene.
Sandurr -- for all his hardwork in the PT scene as well.
Thiel -- for posting an example log.
Ryder -- helped with his set of tools, ideas, and repacks.
Telatoro -- he's done a lot.

---

Here are some pics to demonstrate what it can do already--

http://notice.ravencrest.nl/dk/1.JPG

Basic "Home" page. Gotta have it!


http://notice.ravencrest.nl/dk/2.JPG

This is the program reading the day's error log. It later syphons through it looking for errors mentioned in the error library, then bans the user. When it's done searching through the log in question, it then moves it to another directory labeled LogFileDone.


http://notice.ravencrest.nl/dk/3.JPG

This is the Caught! screen as you can see. These users created errors that our error library made sure to look out for. Naturally, the users in there are fake since I generated my own error log, but you get the point.


http://notice.ravencrest.nl/dk/4.JPG

The infamous Error Library. This is where users can add errors that are likely caused from hacking. The two main errors included are two of the more popular ones that spring up. Energy + Defense/Attack. Add more as you see fit.

http://notice.ravencrest.nl/dk/5.JPG

There are times when you're messing around with your own server, possibly abusing some commands or something like that, or even testing hacks on it. This part of the program allows you to give accounts or even IPs immunity -- aka PT Protector will not ban you.


http://notice.ravencrest.nl/dk/6.JPG

This part allows the user to keep track of what happened and when it happened. If a user is caught, it will tell you. If a user on the exceptions list is caught, it will tell you as well.


http://notice.ravencrest.nl/dk/7.JPG

This is the configuration area. It allows you to set the interval (aka how often will the logs be checked by the program), as well as set your SQL data (this program uses your SQL so that it can ban the user via the BlockChk field. Also, a few options to alert users when a ban has occured are on here. Those who have dedi servers in god knows where and access them via remote desktop -- you guys probably won't bother using those features. But people with uber computers on uber internet connections that actually still use their computer while running the PT server -- you guys might consider it...Might.


http://notice.ravencrest.nl/dk/8.JPG

Remember those big lists in the above screenshots? You know, the ones that contained errors from the error log, as well as users that were caught? Well, my program is hip enough that it will actually allow you to copy segments of the list while displaying it in a messagebox. I don't think I'd actually use this feature really, but hey, it's available to those who need it at least!


There's some more stuff I'd actually like to add to this program. I have been considering adding a BlackUser function to it as well. In fact, this would have been a key component to banning users, but I decided to play it safe and use SQL, mainly because BlackUser is disabled by many people.

Any ideas/comments/concerns? I'll be posting this program here when it's out of its shell more.

up link download

Quote:

---

Any ideas/comments/concerns? I'll be posting this program here when it's out of its shell more.

---

When it's done I will be. Until then any suggestions would be nice.

sorry double post

Dark can i make you a sugestion?

Make an option to change default log to read. I mean logs are set by MONTH-DATE.LOG but i use ultimatedefence and it already output readed logs MONTH-DATA-SCANNED.LOG

I dont know if i already support but it might be useful for people who already has a protection tool.


There is an error which is 100% sure:

Weight Error ( 10003 ) or ( 2003xxsomething)

This mean char will have 10003 of weight limit. This is common used in PTAPO hacks. Must be a HIGH number to be 100% its a hack.

It

Item Position Error : (attached thumb)
Can u prog generate a txt file with all id that it ban? (mb daily file)

Quote:

---

Originally Posted by DarkKnightH20

When it's done I will be. Until then any suggestions would be nice.

---

Link to dawunload?

There is no download link yet stop asking.

And also no suggestions looks pretty good to me.

Seems pretty good to me. Very good job!! ^^
And Luistorres' idea is also good, i think you should do it =]

Quote:

---

Originally Posted by luistorres

Dark can i make you a sugestion?

Make an option to change default log to read. I mean logs are set by MONTH-DATE.LOG but i use ultimatedefence and it already output readed logs MONTH-DATA-SCANNED.LOG

I dont know if i already support but it might be useful for people who already has a protection tool.


There is an error which is 100% sure:

Weight Error ( 10003 ) or ( 2003xxsomething)

This mean char will have 10003 of weight limit. This is common used in PTAPO hacks. Must be a HIGH number to be 100% its a hack.

---

Is it only the Weight Error ( %d )? Or is it at all tied with the Character Weight Error ( %d )( %d ) as well? I wonder what # I should make it check for as the minimum...Hmm..

Now that I think about it, I might include a larger error library. It will have a list with checkboxes that can turn on/off certain errors to check for. We'll seem I guess.

Also, I'll make an option to have the program sift through other logs.

This gonna be a good sugestion.

Export banned user to a .TXT file using day for name it:

BANNEDID: dark CHAR: iamhack IP:100.0.0.0 TIME: 12:23 BANREASON: Client Attack/Defence Error

I am used to post banned accounts to people dont do it anymore because they will know what happen.


I gonna make sure if Character Weight Error is related to Weight Error post results in few hours.

Thanks :)

That is a good idea too. I'll have it export the banned users in a format like the one you posted. Looks like I'm gonna have to make my interface a bit bigger first.

I posted a big log of different error types in the Resources thread. I was thinking about having them built into the system, but while being turned off. Not sure if I'm going to actually bother doing that though since many of them could be false positives.

Code:

---

Hacking Alert ( %d ) - Absorption( %d ) Attack Damage( %d ) Defence( %d )
Hacking Alert ( %d )
DebugLog - LastMsg( %d ) LastUserID( %s ) LastUserName( %s ) DebugCount( %d )
logfile [ %d %d %d %d ]
Event High Score( %d )( %d )
Shutdown Service
%d:%d:%d - ID:( %s ) / IP ( %s ) Authentication Error ( %s%s )
Character Account Mismatch( %s )
%d:%d:%d - SaveBuffer Point Error /IP ( %s ) / ( %d )( %d )
Initial Save Memory Error ( %s )( %s )
Memory Save Error 5 ( %s )( %s )
Memory SaveName Error 4 ( %s )( %s )
Memory SaveName Error 3 ( %s )( %s )
Memory SaveName Error 2 ( %s )( %s )
Memory SaveName Error 1 ( %s )( %s )
Item Mixing Error ( %d )( %d )
Compare ClanCode Error : ClanCode( %d <> %d ) ClanMaster(%d)
Check PlayField Warning : Area([%d] X=%d Y=%d Z=%d) SubHeight(%d)
Skill Used Level Error( Lv:%d )( Code:%d )
*Server Money overflow( %d ) - ( %s ) (%d)(%d) = (%d)
Shop Buy a forgery Item (ItemCode: %d )(Price: %d )
LevelQuest Code Warning ( %d )( %d )
Server Potion Moving Error ( [%d]%d )/( %d )
Server Potion Error ( %d )( %d )( %d )
Character State Error ( %d )( %d )( %d )
Find Surprise Module ( %s )( %d )
Time Out [np GAMEGUARD] ( %d )( %d )
Disconnected by [np GAMEGUARD] ( %d )( %d )
Warning invincible Mode ( %d )( %d )
Client Damage Packet Error ( %d )( %d )
Too Many Updated [Character Infomation] ( %d %d )( %d )
Initial Character Level [ 32Bit EXP Error ] ( %d )( %d )
Client Warning [Skill Forgery - 2] ( %d )( %d )( %d )
Client Warning [Skill Forgery] ( %d )( %d )
Client Warning [Skill Attack] ( %d )
Client Warning [Motion Speed] ( %d )
Limit Damage Over ( %d )( %d %d %d )( %d %d %d )
Damage Packet Error( %d )( %d )( %d )
Checked Inventory Data [Disconnected]( %d )( %d )
Reconnect Server ( %d )
Aging Failed [Copied Item] ( %d )( %d / %d )( %d / %d )
Aging Failed [Copied Item - Sheltom] ( %d )( %d / %d )
Time Out [nSPRITE] ( %d )( %d )
Disconnected by [nSPRITE] ( %d )( %d )
Warning Avg.Damage( Attack ) ( %d )( %d )/( %d )
Warning Avg.Damage( Defence ) ( %d )( %d )/( %d )
Warning MacroMouse ( %d )( %d )( %d )
Warning AutoMouse ( %d )
Memory Buffer Saving Error ( %d )( %d )( %d )
Server Inventory Loading Found [Copied Item] ( %d ) - ( %s )( %d )( %d / %d )
Used Item Code Warning ( %d )( %d )( %d )
Server Inventory Used Full ( %d )( %d )( %d )
Item Position Error ( %d )( %d )( %d )
Wrong [Saving Charactor Name] ( %s )( %s )( %s )
Server To Server Moving Item Error ( %d ) - ( %d )( %d )
Server Inventory [Money] Error ( %d ) - ( %d )( %d )
Server Inventory [Item] Error ( %d ) - ( %s )( %d )( %d / %d )
[Money] Error from Inventory ( %d )( %d )( %d )
[Item] Error from Inventory ( %d )( %d )( %d )
%d:%d:%d - ID:( %s ) / IP ( %s ) Tried to Connect Disable IP
Copied Item from floor ( %s )( %d )( %d )
Recving Exp Error ( %d )( %d )( %d )
Client Energy Bar Error ( %d )( %d )( %d )
Client Attack/Defence Error ( %d )( %d )( %d )
Job Code Error ( %d )/( %d )( %d )
Charactor Model Error ( %d )( %s )( %s )
Inventory Item Error ( %d )( %d )
Client Process Time Out ( %d )( %d )
Character Weight Error ( %d )( %d )
Character SkillPoint Error ( %d )( %d )
Character State Error ( %d )( %d )
Item Temp Code Error ( %d )-( %d )( %d )
Item Code Error ( %d )-( %d )( %d )
Client EXP Error ( %d )/( %dk )( %dk )
SubExp Over 50% Error ( %d )( %d )
Server Money Error3 ( %d )( %d )
Server Money Error2 ( %d )( %d )
Server Money Error ( %d )( %d )
Server EXP Error ( %dk )( %dk )
Server and Client Moeny Error ( %d )( %d ) - %d
Server and Client Exp Error ( %d )( %d ) - %d
Level vs EXP Error ( %d )( %d )
Level Error ( %d )( %d )
Start Character Error( %d )( %d )
Game Server IP Error ( %d )( %s )
%d:%d:%d - Name:( %s %s ) / IP ( %s ) Too many packets ( %d )( %d )
%d:%d:%d - Multiple connections from same IP ( %d , %d )
Money Transfer Error ( %d ) ( %d )
Trade Authorization Error ( %d ) ( %d )
Account Character Error ( %d ) ( %d )
Continuous Save Failed Error ( %d ) ( %d )
Saved Item Error ( %d ) ( %d )
Saved Level Error ( %d ) ( %d )
Fast XP Increase / Lv( %d ) Xp( %d ) Mn( %d )
Rapid XP Increase ( %d ) ( %d )
Rapid Level Increase ( %d ) ( %d )
Forced Penalty Boot ( %d ) ( %d )
Copied Item Recall ( %d ) ( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) Item Error ( %d )
Weight Error ( %d )
Restricted Area Trespassed ( %d )( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) Skill Contunuous Attack Error ( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) Skill Attack Rating Error ( %d )
Continuous Attack Error ( %d )
Default Attack Size Error ( %d )
Default Attack Rating Error ( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) XP Gain Error ( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) Character Info Save Error ( %d )
Potion Count Error ( %d )( %d )
Potion Check Error ( %d )
Attack Ratio Error ( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) Time Mismatch ( %d )
Time Error - Speed Hack ( %d )( %d )
Speed Hack ( %d )
Gold Limit Exceeded, Potion Copy Attempt ( %d )( %d )
Client Function Checking Count Error ( %d )( %d )
Client Function Checking Error ( %d )( %d )
Memory Function Code Error2 ( %d )( %d )
Memory Function Code Error ( %d )( %d )
Process Checksum Error ( %d )( %s )
Client Checksum Error ( %d )
%d:%d:%d - Name:( %s ) / IP ( %s ) Focus Changed ( %s )
Crack/Hack Detected ( %s )
Warehouse Gold ( %d )
Copied Item in Warehouse ( %d )
Copied Item ( %d )
%d:%d:%d ( %d ) - ( %d , %d )
%d:%d:%d IP-( %s ) ID-( %s ) Name-( %s ) / ( %d ) - ( %d , %d )
ID( %s ) Name( %s ) IP( %s ) Func Check Out Message
Socket IP( %s ) TimeOut Message
ID( %s ) Name( %s ) IP( %s ) TimeOut Message

---

By chance exists some link for download? -. - :ala:

the max weight has a formula. its on Priston Tale Secret ...
if you can find a way to implicate the weight hack by running that formula it will make it fool-proof :)
very nice work dark!
well done :)

There Is No Download Link!

Wtf????????????????????????????????????????

Where This The Excrement Of Download? Already I Am Nervous!!!!!!!!!!!!!!!!

for the last time. there is no link. stop asking

Haven't had much time to work on it since the last posting, but I included two more errors in the error library, as well as added a checkbox function to the list. Take a look at the updated screenshot for the error library.

sent you a pm with some info might be useful

Link Download?

ok if i was a fucking mod i would ban each and everyone of you who asks for a link.

READ THE THREAD! EVERY POST and then next time you can think about replying

Quote:

---

Originally Posted by bbchamps2000

There Is No Download Link!

---

Quote:

---

Originally Posted by bbchamps2000

for the last time. there is no link. stop asking

---

Quote:

---

Originally Posted by bbchamps2000

ok if i was a fucking mod i would ban each and everyone of you who asks for a link.

READ THE THREAD! EVERY POST and then next time you can think about replying

---

i did you one better. i gathered the ones IIIIII made.

next time read people

give up champs. they read the start n skip to the bottom. they are idiots.

haha once i post this, they wont read yours. damn