Solved Hacker using rcon say?

I was watching The Walking Dead while having Rusty on my other monitor, when suddenly, another [Better Say Command]: [Playername] stop using hacks!

I went quite scared, thinking someone hacked into my rcon, turned off the server and changed my already secure-as-hell password, and restarted the server. Still, someone was using it! Im using the Better Say Plugin, and please help, I might even close my server if this thing continues. :/

 

sounds like your plugin doesnt have checks for admins / mods properly mabey upload the script to pastebin ill take a browse and tell you why

 

Not that I know of, checked the logs, seemingly they used F1 Console, because I dont see any other RCON logging in.

Code:

using System.Text.RegularExpressions;namespace Oxide.Plugins
{
    [Info("Better Say Command", "LaserHydra", "2.0.0", ResourceId = 998)]
    [Description("Customize the say console command output as you want")]
    class BetterSay : RustPlugin
    {
        void Loaded()
        {
            LoadConfig();
        }
       
        void LoadConfig()
        {
            SetConfig("Settings", "Formatting", "{Title}: {Message}");
            SetConfig("Settings", "Title", "Server");
            SetConfig("Settings", "Title Color", "cyan");
            SetConfig("Settings", "Message Color", "white");
        }
       
        void LoadDefaultConfig()
        {
            Puts("Generating new config file...");
            LoadConfig();
        }
       
        string RemoveFormatting(string old)
        {
            string _new = old;
           
            var matches = new Regex(@"(<color=.+?>)", RegexOptions.IgnoreCase).Matches(_new);
            foreach(Match match in matches)
            {
                if(match.Success) _new = _new.Replace(match.Groups[1].ToString(), "");
            }
           
            _new = _new.Replace("</color>", "");
           
            return _new;
        }
       
        object OnRunCommand(ConsoleSystem.Arg arg)
        {
            if(arg?.cmd?.namefull != null && arg?.cmd?.namefull == "global.say")
            {
                string output = Config["Settings", "Formatting"].ToString();
                string message = ArgToString(arg);
               
                if(message == null) return null;
               
                output = output.Replace("{Title}", $"<color={Config["Settings", "Title Color"].ToString()}>{Config["Settings", "Title"].ToString()}</color>").Replace("{Message}", $"<color={Config["Settings", "Message Color"].ToString()}>{message}</color>");
                BroadcastChat(output);
                Puts(RemoveFormatting(output));
                return true;
            }
            else return null;
        }
       
        #region UsefulMethods
        //---------------------------->   Formatting   <----------------------------//
       
        string ArgToString(ConsoleSystem.Arg arg)
        {
            string argString = "";
            for(int i = 0; i < 30; i++)
            {
                if(string.IsNullOrEmpty(arg.GetString(i, ""))) break;
                argString = argString + arg.GetString(i, "") + " ";
            }
           
            return argString;
        }
       
        //------------------------------>   Config   <------------------------------//        void SetConfig(string GroupName, string DataName, object Data)
        {
            Config[GroupName, DataName] = Config[GroupName, DataName] ?? Data;
        }        //---------------------------->   Chat Sending   <----------------------------//        void BroadcastChat(string prefix, string msg = null)
        {            if (msg != null)
            {
                PrintToChat("<color=#00FF8D>" + prefix + "</color>: " + msg);
            }
            else
            {
                msg = prefix;
                PrintToChat(msg);
            }
        }        void SendChatMessage(BasePlayer player, string prefix, string msg = null)
        {
            if(msg != null)
            {
                SendReply(player, "<color=#00FF8D>" + prefix + "</color>: " + msg);
            }
            else
            {
                msg = prefix;
                SendReply(player, msg);
            }
        }        //---------------------------------------------------------------------------//
        #endregion
    }
}

 

Thanks, I cried when I thought someone were hacking my server's rcon. You have no idea how long and hard the password is :/. Removed the plugin.

 

if(arg?.connection?.authLevel < 2) return null;


place that under (change the 2 to a 1 if you want mods to use it to)
object OnRunCommand(ConsoleSystem.Arg arg)
{

 

Thank you.

 

no problem mate maybe you should forward my response to the plugin developer, because i dont think he realises now he hooked OnRunCommand that none of the original auth checks will be checked on the certain commands hes adding unless he adds a auth check lol

 

People been telling me. Must have forgotten permission checks somehow or uploaded an unfinished version as I am sure I did that some time. Fix is incoming.