Jump to content
  • 0
Sign in to follow this  
Followers 0
latheesan

How to prevent multiple spaces in chat room? Scammers are using this to impersonate GMs.

Asked by latheesan

Question

latheesan    15

latheesan
Posted (edited)

Hi All,

 

I just found out about an interesting way scammers are scamming my players.

 

If they used multiple spaces, they can pretend to be anyone (especially GM/Admin) and trick users to give their account details away or in worst case get them to install TeamViewer etc...

 

Let me show you what I mean.

 

If I am logged in user Adam for example and I want to impersonate gm Latheesan, as "Adam", this is what I would type in a chat room:

 

Hi                                                                                          Latheesan : Hi, can you install TeamViewer and give me id/pass?

In the game, here's a demo showing how this looks and renders:

 

LH2vTCL.png

 

5BPpUYQ.png

 

So, in a busy chat room, players can be easily tricked into thinking a GM/Admin is talking to them and they do what they are told (even tho there's an ad/warning plastered all over the game not to give out account details >.>)

 

Anyway, now you know how it's done, is there a way to prevent this? 

 

The easiest solution I can think of is to prevent multiple spaces in chat.

 

If this was in PHP, I would have used regex to replace multiple occurrences of spaces into one like this example:

 

$input  = 'Hi                                         Latheesan : Hi, can you install TeamViewer and give me id/pass?';
$output = preg_replace('!\s+!', ' ', $input);

Could effectively do something similar in Hercules as a plugin? Can someone help me out?

 

I am pretty sure this should be standard in Hercules, i.e. not being able to use multiple spaces (atleast a config for it or something...)

Edited by latheesan

Share this post

Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0

latheesan    15

latheesan
Posted (edited)

Thanks for that, I manage to salvage the code Annie posted and tried to compile and found out that "colormes" has an error:

 

 

struct "clif_interface" has no field "colormes"    gmimpersonate

 

So, I replaced it with: messagecolor_self

 

Now, I have a different error:

 

 

'session': undeclared identifier

 

This is what I have so far: http://pastebin.com/N0EMkui3

 

If I try to remove this line "session = GET_SYMBOL("session");

the plugin doesn't compile, I get this error:

 

8DDG8bL.jpg

 

Any ideas? I am trying to compile in Visual Studio Community Edition 2015.

 

Thanks.


--------

 

UPDATE

 

After many hours of tinkering, I finally got it to compile after realising the plugin system was updated. The code Annie posted was for old HPM system.

 

So, I managed to update it like this (not sure if i am using the right hook):

 

#include "common/hercules.h" /* Should always be the first Hercules file included! (if you don't make it first, you won't be able to use interfaces) */
#include "common/memmgr.h"
#include "common/mmo.h"
#include "common/socket.h"
#include "common/strlib.h"
#include "map/clif.h"
#include "map/pc.h"

#include "plugins/HPMHooking.h"
#include "common/HPMDataCheck.h" /* should always be the last Hercules file included! (if you don't make it last, it'll intentionally break compile time) */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

HPExport struct hplugin_info pinfo = {
	"gmimpersonate",	// Plugin name	
	SERVER_TYPE_MAP,	// Which server types this plugin works with?
	"0.1",				// Plugin version
	HPM_VERSION,		// HPM Version (don't change, macro is automatically updated)
};

bool my_clif_process_chat_message(const char* retVal___, struct map_session_data *sd, const struct packet_chat_message *packet, char *out_buf, int out_buflen)
{
	if (retVal___ == true) {
		char* message = (char*)RFIFOP(sd->fd, 4) + strnlen(sd->status.name, NAME_LENGTH - 1) + 3;
		int i, l = strlen(message);
		for (i = 0; i <= l; i++)
			if (message[i] == 'xA0')
				message[i] = 'x20'; // replace Alt+0160 into [space]
		if (stristr(message, "    ")) {
			clif->messagecolor_self(sd->fd, COLOR_RED, "You are only allowed to type maximum of 3 spaces in a dialog.");
			return false;
		}
		if (stristr(message, "x20x3Ax20") || stristr(message, "x20x3Bx20")) { // type " : " OR " ; " will be blocked
			clif->messagecolor_self(sd->fd, COLOR_RED, "You can't impersonate other players !");
			return false;
		}
	}
	return true;
}

HPExport void plugin_init(void) {
	addHookPost(clif, process_chat_message, my_clif_process_chat_message);
}

 

Now, this plugin compiles. I've enabled it (gmimpersonate) in conf/plugins.conf and went in game to test it, does not appear to be working.

 

Any idea what might be wrong? is "process_chat_message" wrong method to hook? I tried looking for "process_message" but it appears there is no hook for it.

Edited by latheesan

Share this post

Link to post
Share on other sites
  • 0

latheesan    15

latheesan
Posted (edited)

Update #2 :-

 

Okay, after a bit of tinkering around - I think I managed to solve it, but I feel like I may have hooked into the wrong function.

 

Here's the working version:

 

#include "common/hercules.h"
#include "common/memmgr.h"
#include "common/mmo.h"
#include "common/socket.h"
#include "common/strlib.h"
#include "map/clif.h"
#include "map/pc.h"

#include "plugins/HPMHooking.h"
#include "common/HPMDataCheck.h"

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

HPExport struct hplugin_info pinfo = {
	"GM Impersonate",	// Plugin name	
	SERVER_TYPE_MAP,	// Which server types this plugin works with?
	"1.0",				// Plugin version
	HPM_VERSION,		// HPM Version (don't change, macro is automatically updated)
};

bool my_pc_process_chat_message(bool retVal___, struct map_session_data *sd, const char *message) {
	if (retVal___ == true) {
		if (stristr(message, "    ")) {
			clif->messagecolor_self(sd->fd, COLOR_RED, "Possible GM Impersonation Detected - you cannot use more than 3 spaces in chat.");
			return false;
		}
		if (stristr(message, " : ") || stristr(message, " ; ")) {
			clif->messagecolor_self(sd->fd, COLOR_RED, "Possible GM Impersonation Detected - you cannot use : or ; in chat.");
			return false;
		}
	}
	return true;
}

HPExport void plugin_init(void) {
	if (SERVER_TYPE == SERVER_TYPE_MAP) {
		addHookPost(pc, process_chat_message, my_pc_process_chat_message);
	}
}

 

This version appears to be working everywhere, not just chat rooms. Here's a demo of the detection working:

 

HfGVuAD.jpg

 

But this appears to have created a side effect. When ever you use a at-command, it appears to executes the command and then show the at-command you typed.

 

Here's what I mean. I used the command @who2 - it shows the output and then shows the command i typed  :wacko:

 

t1k1hqy.jpg

 

Is pc->process_chat_message the wrong hook? If not, am I implementing the hook incorrectly?


Update #3 - I've fixed the wierd side effect

 

It was caused by me always returning true. The fix is this:

 

bool my_pc_process_chat_message(bool retVal___, struct map_session_data *sd, const char *message) {
	if (retVal___ == true) {
		if (stristr(message, "    ")) {
			clif->messagecolor_self(sd->fd, COLOR_RED, "Possible GM Impersonation Detected - you cannot use more than 3 spaces in chat.");
			return false;
		}
		if (stristr(message, " : ") || stristr(message, " ; ")) {
			clif->messagecolor_self(sd->fd, COLOR_RED, "Possible GM Impersonation Detected - you cannot use : or ; in chat.");
			return false;
		}
	}
	return retVal___;
}

:( silly typo. 

Edited by latheesan

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Question Listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept