feat: log failed g_password login/connect attempts
This commit is contained in:
parent
f6b19d6bc8
commit
960fd6ee89
@ -214,6 +214,7 @@ namespace Components
|
|||||||
|
|
||||||
if (Bans::IsBanned({guid, address.getIP()}))
|
if (Bans::IsBanned({guid, address.getIP()}))
|
||||||
{
|
{
|
||||||
|
Logger::PrintFail2Ban("Failed connect attempt from IP address: {}\n", Network::AdrToString(address));
|
||||||
Network::Send(address, "error\nEXE_ERR_BANNED_PERM");
|
Network::Send(address, "error\nEXE_ERR_BANNED_PERM");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@ -315,6 +316,12 @@ namespace Components
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void ClientConnectFailedStub(Game::netsrc_t sock, Game::netadr_t adr, const char* data)
|
||||||
|
{
|
||||||
|
Logger::PrintFail2Ban("Failed connect attempt from IP address: {}\n", Network::AdrToString(adr));
|
||||||
|
Game::NET_OutOfBandPrint(sock, adr, data);
|
||||||
|
}
|
||||||
|
|
||||||
unsigned __int64 Auth::GetKeyHash(const std::string& key)
|
unsigned __int64 Auth::GetKeyHash(const std::string& key)
|
||||||
{
|
{
|
||||||
std::string hash = Utils::Cryptography::SHA1::Compute(key);
|
std::string hash = Utils::Cryptography::SHA1::Compute(key);
|
||||||
@ -502,6 +509,9 @@ namespace Components
|
|||||||
|
|
||||||
Utils::Hook(0x41D3E3, SendConnectDataStub, HOOK_CALL).install()->quick();
|
Utils::Hook(0x41D3E3, SendConnectDataStub, HOOK_CALL).install()->quick();
|
||||||
|
|
||||||
|
// Hook for Fail2Ban (Hook near client connect to detect password brute forcing)
|
||||||
|
Utils::Hook(0x4611CA, ClientConnectFailedStub, HOOK_CALL).install()->quick(); // NET_OutOfBandPrint (Grab IP super easy)
|
||||||
|
|
||||||
// SteamIDs can only contain 31 bits of actual 'id' data.
|
// SteamIDs can only contain 31 bits of actual 'id' data.
|
||||||
// The other 33 bits are steam internal data like universe and so on.
|
// The other 33 bits are steam internal data like universe and so on.
|
||||||
// Using only 31 bits for fingerprints is pretty insecure.
|
// Using only 31 bits for fingerprints is pretty insecure.
|
||||||
|
Loading…
Reference in New Issue
Block a user