1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Guest, PO has ceased our separate tiering and adopted Smogon tiers for SM. More information and updates here.

    Dismiss Notice

Use caution with scripts!

Discussion in 'Server and Client Scripting' started by zeroality, Jun 24, 2011.

  1. zeroality

    zeroality Artificial Insanity

    Joined:
    Apr 22, 2010
    Messages:
    1,375
    Likes Received:
    1
    There have been incidents of servers getting "hacked" and taken over. Nothing is getting hacked here. People are accepting and using scripts with obvious security flaws; deliberately planted by malicious users under the facade of helping with scripting.

    If you are a novice and are unable to check your scripts to ensure that nothing malicious has been placed in them, then it would be wise to stick with the official PO server scripts which are open source.

    Please understand that we are not and cannot be responsible for other servers. If you have a problem then feel free to post on our Help or Scripting forums. Beyond that, there is nothing we can do for you.

    Feel free to post questions or meaningful information but let's try to keep the clutter out of this thread.

    Edit: Oh, I thought it'd be relevant to mention that we recently deleted a thread because an user inadvertently posted a compromised script. It had a command, open to everybody, that would grant owner status to whoever used it then post a huge HTML message in the server declaring the new owner.
     
    Last edited by a moderator: Jul 26, 2012
  2. Donkey

    Donkey Banned

    Joined:
    Jun 30, 2011
    Messages:
    251
    Likes Received:
    0
    Thats kind of funny how a command implemented like that could go unnoticed, but hey, people troll. (and hack)
     
  3. Mystra

    Mystra Active Member

    Joined:
    Jul 12, 2010
    Messages:
    1,389
    Likes Received:
    4
    This is not hacking as stated above.
     
  4. Donkey

    Donkey Banned

    Joined:
    Jun 30, 2011
    Messages:
    251
    Likes Received:
    0
    Well you know what i meant. Attemptingnto take control of servers doesnt have a large distinction from hacking - i know hackIng is finding security holes to insert malicious code or gain control of a system, so the i think its interchangeable to a degree
     
  5. Mystra

    Mystra Active Member

    Joined:
    Jul 12, 2010
    Messages:
    1,389
    Likes Received:
    4
    It does. Why this thread is even opened again…
     
  6. Stoled_my_nick

    Stoled_my_nick New Member

    Joined:
    Jul 7, 2011
    Messages:
    20
    Likes Received:
    0
    i'm sure you know that but when skarmpiss guys make servers crash, the server with 1.0.30 version aren't crashed, the ones with the new one are crashed.
    so control if you made some hole in servers security...(that probably happend cause anti-ddos wasn't going right)
     
  7. [ƦЄ]Blade

    [ƦЄ]Blade Not sure.

    Joined:
    Mar 6, 2011
    Messages:
    75
    Likes Received:
    0
    You can easily script something to prevent that.
    They use the Beat Up bug, however, this isn't the thread to go into detail about it.
     
  8. Aerith

    Aerith Banned

    Joined:
    Jan 6, 2011
    Messages:
    354
    Likes Received:
    1
    The Beat Up bug was fixed in the latest server download actually.
     
  9. [ƦЄ]Blade

    [ƦЄ]Blade Not sure.

    Joined:
    Mar 6, 2011
    Messages:
    75
    Likes Received:
    0
    However, the latest server crashes alot.
     
  10. DarthKnight_54

    DarthKnight_54 youMad?

    Joined:
    Apr 15, 2012
    Messages:
    2
    Likes Received:
    0
    Probably due to Internet problems maybe or just hosting problems for the user(s).
     
  11. TheUnknownOne

    TheUnknownOne Member

    Joined:
    Mar 28, 2011
    Messages:
    988
    Likes Received:
    3
    The link in the OP are the PO legacy scripts..