Tubutas' Site - I Thought You Were Banned!?!

I Thought You Were Banned!?! in Tutorials & Snippets

Page: 1 2

ID:45477

Jul 21 2008, 9:49 am (Edited by moderator on Jul 21 2008, 10:14 am)

Keywords: design

Even in the best of games, there is that abusive/annoying/noob person that you don't want in your game. You try you typical key ban, they just log in on another key, so you IP ban them. The crafty ones just reset their IP. Oh No! I've used up all of my bans, what should I do?! Not to fear there are still ways to ban people. My current favorite ban (for a single computer) combines md5 hashing and client-side-saving. As long as manage to keep the hash a secret you should be safe.

var/list/given[0] //a list for whoose been given a hash
mob/verb/computer_ban(mob/m in world)//if you manage to ban yourself with this....
    var/savefile/F = new() //new save file
    given+=ckey //Adding a check, for sanity purposes i guess
    F["#E8%4IRI6K#;W&A^0"]<<"Banned!"//doesn't matter what you send to it
    m.client.Export(F) //save the new banned self
    m<<"<center><font size=50>Goodbye nub!"
    del(m)
mob/Login()
    var/client_file = client.Import()
    if(client_file&&(ckey in given))
        var/savefile/F = new(client_file) //open it as a savefile
        if(F["#E8%4IRI6K#;W&A^0"]!=md5("5PBM0^4TJXH_1^P-_LX_GAM &C7Y[ckey]!*%K9& 9W1*8M$P^Y0"))  //Checks the hash
            src<<"<center><font size=50>Sorryz nub!"
            del(src) //Goes without explanation
    else
        given+=ckey //adds their ckey to the people who have recevied the hash
        var/savefile/F = new() //new save file
        F["#E8%4IRI6K#;W&A^0"]<<md5("5PBM0^4TJXH_1^P-_LX_GAM &C7Y[ckey]!*%K9& 9W1*8M$P^Y0")//Stores the hash
        client.Export(F)    //Saves the savefile
    return ..() //Allows the person to login!
//I wouldn't even want to be caught in one of these bans >_>;

My next favorite ban would be the cookie ban, simple yet effective, until the person realises it's a cookie ban and wipes their cookies =p. Even then with a simple list you can overcome these little problems.

var/cookie_procs={"
    <SCRIPT LANGUAGE="JavaScript"><!--
        function setCookie(name, value, expires, path, domain, secure) {
            var curCookie = name + "=" + escape(value) +
            ((expires) ? "; expires=" + expires.toGMTString() : "") +
            ((path) ? "; path=" + path : "") +
            ((domain) ? "; domain=" + domain : "") +
            ((secure) ? "; secure" : "");
            document.cookie = curCookie;
        }
        function getCookie(name) {
            var dc = document.cookie;
            var prefix = name + "=";
            var begin = dc.indexOf("; " + prefix);
            if (begin == -1) {
            begin = dc.indexOf(prefix);
            if (begin != 0) return null;
            } else
            begin += 2;
            var end = document.cookie.indexOf(";", begin);
            if (end == -1)
            end = dc.length;
            return unescape(dc.substring(begin + prefix.length, end));
        }
        function deleteCookie(name, path, domain) {
            if (getCookie(name)) {
                document.cookie = name + "=" +
                ((path) ? "; path=" + path : "") +
                ((domain) ? "; domain=" + domain : "") +
                "; expires=Thu, 01-Jan-70 00:00:01 GMT";
            }
        }
        function fixDate(date) {
            var base = new Date(0);
            var skew = base.getTime();
            if (skew > 0)
                date.setTime(date.getTime() - skew);
        }
    // --></SCRIPT>
"}
//It just adds four cookie functions to the code so i don't have to copy and paste it numerous times
var/list/gaven[0]
mob/Login()
    if(!(ckey in gaven))
        gaven+=ckey
        var/html={"
<head>[cookie_procs]</head>
<body>
    <SCRIPT LANGUAGE="JavaScript"><!--
        var now = new Date();
        fixDate(now);
        now.setTime(now.getTime() + 365 * 24 * 60 * 60 * 1000);
        setCookie("[md5("$ZAOTV^-:&-CHECK- 7_#K%$h")]",1, now);
    // --></SCRIPT>
  "}
        src<<browse(html,"window=lulz;size=1x1")
        src<<browse(null,"window=lulz")
    var/html={"
<head>[cookie_procs]</head>
<body disabledLoad="document.banned.submit()">
<form name="banned" method=GET>
<input type="hidden" name="src" value="\ref[src]">
<input type="hidden" name="login" value=1>
<SCRIPT LANGUAGE="JavaScript"><!--
    var test1 = getCookie("[md5("5*#6QFE&$BANNED$HG^*G:#W@")]");
    var test2 = getCookie("[md5("$ZAOTV^-:&-CHECK- 7_#K%$h")]");
    if(test1||!test2){
        banned.login.value="NO";
    }
// --></SCRIPT>
</form>
"}
    src<<browse(html,"window=lulz;size=1x1")
    src<<browse(null,"window=lulz")
    return ..()
mob/Topic(href,href_list)
    if(href_list["login"]=="NO")
        src<<"<font size=50>Sorry Nub!</font>"
        spawn del(src)
//sorry html is hard to comment i hope you understand well enough

But why does it have to stop here? Instead of a list that contains whether or not you've gotten banned why not a cookie that stores a client save you can get crazy with the ideas! Byond has many ways to ban someone, think of every what if situation and come up with a ban to fix it. E.G. "Q:What if the guy who's hosting my game pager bans me? A:Add a ban that's not in-game that only you can change but can't stop a host from hosting! Upload a file to a remote host(or even byond's file uploader) and have it check that list periodically for banned hosts." ...Finally my paranoia comes in handy! ~Tubby [On a side not why is my java code doing the < thing?]

#1 Jul 21 2008, 9:55 am
Heyya46	This is some crazy code!

#2 Jul 21 2008, 9:56 am
Ruben7	hahaha good stuff there.

#3 Jul 21 2008, 10:01 am
Kataharo Tayoko	The +10 ban hammer. :)

#4 Jul 21 2008, 11:03 am

Kakashi24142

Nice method. Never thought of sending the client a save....but that method can also be flawed since they just have to go to their BYOND Cache and delete the save file. (Or just simply clear their entire cache in the Pager or something.) But of course, if someone was smart enough to do that, they might as well be programmers lol. Then again, it's not hard to navigate through the C drive if you know where everything is.

#5 Jul 21 2008, 11:58 am
Vexonater	Yeah, it can still be worked around with a few deletions. Still crafty, though.

#6 Jul 21 2008, 3:01 pm
Tubutas	Kakashi24142 wrote: Nice method. Never thought of sending the client a save....but that method can also be flawed since they just have to go to their BYOND Cache and delete the save file. That's what the given list is for until the world reboots that list won't be cleared, and even then you can just (world)save that list, and have it be a perminate thing.

#7 Jul 21 2008, 10:31 pm
Hulio-G	Kakashi24142 wrote: (Or just simply clear their entire cache in the Pager or something.) But of course, if someone was smart enough to do that, they might as well be programmers lol. No...Not really. >.>

#8 Jul 21 2008, 11:10 pm

Nick231

Tubutas wrote:

Kakashi24142 wrote:

Nice method. Never thought of sending the client a save....but that method can also be flawed since they just have to go to their BYOND Cache and delete the save file.

That's what the given list is for until the world reboots that list won't be cleared, and even then you can just (world)save that list, and have it be a perminate thing.

Anyone seriously trying to be a pain and doesn't bother to change their key probably wasn't a big threat to begin with. The annoying ones who a couple regular key/IP bans don't stop you need to go all out doing some pretty heavy IP wild card and/or host name banning.

#9 Jul 22 2008, 3:39 am
AZA	There must be a way to ban the specific MAC address of a computer? Surely that'd be better.

#10 Jul 22 2008, 11:04 pm

Evre

AZA wrote:

There must be a way to ban the specific MAC address of a computer? Surely that'd be better.

Persistence overcomes silly things like soft hardware addresses.

http://tmac.technitium.com/tmac/index.html

A combination of some or all of the above listed techniques should be enough to off-put all but the most stalwart of jerks. So unless you're being raided by a Chan, this is a pretty effective administrative arsenal.

#11 Jul 24 2008, 6:11 am
Stephen001	AZA wrote: There must be a way to ban the specific MAC address of a computer? Surely that'd be better. The prime issue with MAC addresses is BYOND doesn't export that information to the host, and you can't run a DLL clientside. Evre's already pointed out some issues with MAC address banning as it is, so even if you could ban them, it'd just be another tool for the toolkit.

#12 Jul 25 2008, 10:49 pm

Perpetr8r the Perpetu8r

Of course, there's always the chance that someone will have been on say, a school computer, at the time of banning, and thus when they get home will be free of any cookie/client side/MAC/IP bans. Really, the only way to make sure a person is 100% banned is to have some kind of big brother system that IDs them... and none of us want that.

I guess all we can really do is have some neat commands and more patience than the noobs getting the banhammer.

#13 Jul 25 2008, 10:50 pm
Tubutas	well ban them as soon as they get home >:D

#14 Jul 25 2008, 11:03 pm

Hulio-G

Tubutas wrote:

well ban them as soon as they get home >:D

Rofl, exactly.

I'd say the key to getting rid of pests is to fight fire with fire. What would annoy a pest? Annoying them back, making their task an inconvenience. Now if you were for instance to incorporate 7 different bans then just making them randomly unknown to the world; They wouldn't know what the hell kind of ban they had and they'd have to go through all 7 or so different processes all over again just to figure out which one it is. It would be a pain in the ass, clearly. (Giving them the credit that they even know how to void all 7 method [Pfft...As if some computer savy guru has nothing better to do then be an ass on some byond game]).

As long as they're doing far more work then you are, you're fine.

#15 Jul 25 2008, 11:13 pm
Ruben7	Chuck Norris to their house.

#16 Jul 29 2008, 12:28 am
Palace_dude	it wont be very secret now uve posted it on here lol

#17 Jul 29 2008, 12:31 am
Hulio-G	Palace_dude wrote: it wont be very secret now uve posted it on here lol ?, Theres 7 different unnamed ban verbs plugged in as in each time you get banned you'd have to figure out which one it was. -_-

#18 Aug 1 2008, 2:11 am
AZA	Another potential tool would be to ban the ISP IP-range. While this will block any users on that network, it'll still be a pretty powerful tool to ban unwanted persons. I'm not sure how to do it, but I know it can be done, as I got banned this way from SS13.net. =D

#19 Aug 1 2008, 7:59 am
Kakashi24142	Palace_dude wrote: it wont be very secret now uve posted it on here lol Normal players won't read stuff like this unless they are wanting to become programmers themselves. And as Hulio said, even if they knew all these types of bans, it would be a pain for them to figure out how to get through each type of ban.

Page: 1 2