7.7.2010 02:53
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
7.7.2010 06:29
The server log read script works.
But it is just your screenshot script.
If you want I can send it to you Ashus but I don't think you will find it useful.
I have a question.
Is it possible to send the same command to server 1 , 3 and 6 with one click?
But it is just your screenshot script.
If you want I can send it to you Ashus but I don't think you will find it useful.
I have a question.
Is it possible to send the same command to server 1 , 3 and 6 with one click?
7.7.2010 07:51
No, and it's not planned in the future. You could modify the script to open action.php with different server ids, but that would be fixed to those three servers.
8.7.2010 03:30
K. I will give it a try
I do have another suggestion :oops:
Can you make the security better?
Because I think it is now rather easy to brute force the password because there is no check on the amount of wrong password.
Or am I wrong?
I do have another suggestion :oops:
Can you make the security better?
Because I think it is now rather easy to brute force the password because there is no check on the amount of wrong password.
Or am I wrong?
9.7.2010 10:34
You should always choose a password long and complex enough to prevent this. Even if I'd write something to block the same IP, there is nothing that would prevent robots to change their IPs by using proxy servers. On the other side, what would prevent people from trying to "brute-force guess" the gameserver's RCON password directly? There is no protection against this as well AFAIK.
9.7.2010 11:44
Ashus Wrote:You should always choose a password long and complex enough to prevent this. Even if I'd write something to block the same IP, there is nothing that would prevent robots to change their IPs by using proxy servers. On the other side, what would prevent people from trying to "brute-force guess" the gameserver's RCON password directly? There is no protection against this as well AFAIK.Maybe a captcha security?
The cod engine does not respond back when you have the right or wrong password. And it is harder to brute force a rcon from a game then to brute force a password from a php script.
9.7.2010 12:03
How do you think PHP Rcon works? PHP script sends plaintext UDP packet containing rcon password and command to the gameserver and reads the immediate reply. Anyone could alter PHP Rcon to check for different answer - detect working password.
9.7.2010 06:23
Ashus Wrote:How do you think PHP Rcon works? PHP script sends plaintext UDP packet containing rcon password and command to the gameserver and reads the immediate reply. Anyone could alter PHP Rcon to check for different answer - detect working password.True, but then you need to have some php skills.
And there are enough of brute force tools on the web to attack a site.
21.7.2010 08:55
Hi Ashus.
Nice tool.
Potreboval by som pomoc.
Chcel by som pridat custom commands na zmenu time alebo score limitu, a to tak ze do okienka by uzivatel dopisal cislo a potvrdil. Teraz mam fixne nastavene na 10 alebo 20 minutove a uzivatel si vyberie.
pls. porad, nie som expert na php
Dakujem
Nice tool.
Potreboval by som pomoc.
Chcel by som pridat custom commands na zmenu time alebo score limitu, a to tak ze do okienka by uzivatel dopisal cislo a potvrdil. Teraz mam fixne nastavene na 10 alebo 20 minutove a uzivatel si vyberie.
pls. porad, nie som expert na php
Dakujem
21.7.2010 01:26
Cau, pridal jsem ti novou featuru, uz muzes %m lehce pouzit jako u custom_cmds, sosni novou verzi:
http://ashus.ashus.net/viewtopic.php?f=4&t=27&p=27
http://ashus.ashus.net/viewtopic.php?f=4&t=27&p=27
Code:
$custom_cmd[] = 'Zmenit time limit TDM [min]/scr_tdm_timelimit %m';