How to hook "password failed" - Page 2

**Arkshine** · 09-10-2011 , 12:01 Re: How to hook "password failed"

Sure it's possible, Q_strcmp is a function like others.

kalash1k · *Last edited by kalash1k; 09-10-2011 at 12:15.*

Hmmm. I dont think that it is needed to replace sv_password arg. I thought there must be return something like PLUGIN_HANDLED or something to block exactly the moment client kicking. Without changing real sv_password. Then to do connection with SQL DB then check client "password" argument with similar field in DB, etc.
For example. If we will replace sv_password argument, so any other connecting client in the same moment will not be able to authenticate with forum DB. I.e. I think there can be some errors...

**Bugsy** · *Last edited by Bugsy; 09-10-2011 at 12:24.*

Then I understood wrong, you want to check sv_password first then if rejected block the pending handling, check forum password, if wrong issue your own punishment/kick or w/e? My above procedure coincides better with your OP and makes more sense, IMO.

When the user connects, you could have the server compare the typed password with the forum db password (instead of sv_password) even if multiple users are connecting. You can then supercede the server handling and issue a punishment of your own if password is wrong.

kalash1k · 09-10-2011 , 12:45 Re: How to hook "password failed"

Quote:

Originally Posted by Bugsy

Then I understood wrong, you want to check sv_password first then if rejected block the pending handling, check forum password, if wrong issue your own punishment/kick or w/e? My above procedure coincides better with your OP and makes more sense, IMO.

When the user connects, you could have the server compare the typed password with the forum db password (instead of sv_password) even if multiple users are connecting. You can then supercede the server handling and issue a punishment of your own if password is wrong.

Yep. This is exactly what I want. But I'm not so pro in orpheu. So this is the only reason why I ask your help.

hleV · 09-10-2011 , 12:55 Re: How to hook "password failed"

Would it be possible to check the password in the database, if the password entered is correct - quickly change it to the one in sv_password so it would allow the client to connect?

kalash1k · *Last edited by kalash1k; 09-10-2011 at 13:16.*

Quote:

Originally Posted by hleV

Would it be possible to check the password in the database, if the password entered is correct - quickly change it to the one in sv_password so it would allow the client to connect?

The only problem is to hook the moment when the server is kicking the client when his "password" is wrong and BLOCK it. So, there are many features to do. Also it would be possible to do what you want.

Arkshine, please help us

**Arkshine** · 09-10-2011 , 13:34 Re: How to hook "password failed"

Not sure to understand what you want exactly, here some code which should follow what said Bugsy.
sv_password value is changed on the fly by another string in the strcmp.

Code:

#include <amxmodx>
#include <orpheu>
#include <orpheu_advanced>
#include <fakemeta>

new OrpheuFunction:HandleFuncStrcmp;
new OrpheuHook:HandleHookStrcmp;

public plugin_init()
{
    register_plugin( "Dynamic Server Password", "1.1", "Arkshine" );

    // Get SV_CheckUserInfo orpheu handle.
    new OrpheuFunction:handleFuncCheckUserInfo = OrpheuGetFunction( "SV_CheckUserInfo" );

    // Get SV_CheckUserInfo Q_strcmp handle.
    HandleFuncStrcmp = OrpheuGetFunction( "Q_strcmp" );

    // We can hook SV_CheckUserInfo.
    OrpheuRegisterHook( handleFuncCheckUserInfo, "SV_CheckUserInfo_Pre" , OrpheuHookPre );
    OrpheuRegisterHook( handleFuncCheckUserInfo, "SV_CheckUserInfo_Post", OrpheuHookPost );
}

public SV_CheckUserInfo_Pre( const address, const userinfo[], a, b, c )
{
    HandleHookStrcmp = OrpheuRegisterHook( HandleFuncStrcmp, "Q_strcmp" );
}

public Q_strcmp( const string1[], const string2[] )
{
    static bool:passwordCheck;

    if( passwordCheck )
    {
        passwordCheck = false;

        // "string1" is the current sv_password value, what we want to modify.
        // "string2" is the password typed by the user.
        OrpheuSetParam( 1, "Your new password here" );
    }
    else if( equal( string2, "password" ) )
    {
        // Info_ValueForKey() is called before to search "password" string
        // through 'userinfo' and Q_strcmp is used there, so we ignore
        // until "password" is found and the next call will be the password check.
        passwordCheck = true;
    }
}

public SV_CheckUserInfo_Post( const address, userinfo[], a, b, c )
{
    OrpheuUnregisterHook( HandleHookStrcmp );

    new bool:wrongPassword = !OrpheuGetReturn();

    if( wrongPassword )
    {
        // Punish me !
        // To get the name you can parse userinfo.
    }
}

/orpheu/functions/SV_CheckUserInfo :

PHP Code:


			
{

    "name"       : "SV_CheckUserInfo",

    "library"    : "engine",

    "arguments"  :

    [

        {

            "type" : "int"

        },

        {

            "type" : "char *"

        },

        {

            "type" : "int"

        },

        {

            "type" : "int"

        },

        {

            "type" : "int"

        }

    ],

    "return" :

    {

        "type" : "bool"

    },

    "identifiers":

    [

        {

            "os"    : "windows",

            "value" : [0x55,0x8B,"*",0x83,"*","*",0x53,0x56,0x8B,"*","*",0x57,0x83,"*","*",0xB9,"*","*","*","*",0x8B],

            "info"  : "dedicated server"

        },

        {

            "os"    : "windows",

            "value" : [0x83,"*","*",0xB9,"*","*","*","*",0x53,0x55,0x56,0x8B,"*","*","*",0x57],

            "info"  : "listen server"

        },

        {

            "os"    : "linux",

            "value" : "SV_CheckUserInfo"

        }

    ]

}

orpheu/functions/Q_strcmp :

PHP Code:


			
{

    "name"       : "Q_strcmp",

    "library"    : "engine",

    "arguments"  :

    [

        {

            "type" : "char *"

        },

        {

            "type" : "char *"

        }

    ],

    "return" :

    {

        "type" : "int"

    },

    "identifiers" : 

    [

        {

            "os"    : "windows",

            "value" : [0x55,0x8B,"*",0x8B,0x55,"*",0x8B,0x4D,"*",0x53,0x8A,"*",0x8A],

            "info"  : "dedicated server"

        },

        {

            "os"    : "windows",

            "value" : [0x8B,0x54,"*","*",0x8B,0x4C,"*","*",0x53,0x8A,"*",0x8A],

            "info"  : "listen server"

        },

        {

            "os"    : "linux",

            "value" : "Q_strcmp"

        }

    ]

}

**Bugsy** · 09-10-2011 , 13:48 Re: How to hook "password failed"

Nice work buddy, I am excited to learn more about Orpheu and this plugin is a good demonstration for doing many other things. Ive had others ask for similar plugins that use a forum login as a credential for using a server, if this works you should do a formal release.

**Arkshine** · 09-10-2011 , 14:08 Re: How to hook "password failed"

It's just a basic template. For sure it could be used as exemple. Orpheu needs a solid documentation.

kalash1k · *Last edited by kalash1k; 09-12-2011 at 19:11.*

Arkshine, big thanks. But:

Quote:

OrpheuSetParam( 1, "123" )

I did set up sv_password to "456".
Then I connect to the server, type "123" and then server is crashing down with no faults. Just "Segmentation fault" and bla bla bla.
May be it is because I use hlbeta linux engine (5006 build)?

Quote:

Originally Posted by Arkshine

Orpheu needs a solid documentation.

You are so right!