search

rebel1324 / NutScript

A free role-play framework for Garry's Mod.
http://nutscript.net
MIT License
66 stars 32 forks source link

Fixed container exploit #346

Closed raecyst closed 3 years ago

raecyst commented 3 years ago

Fixed a container exploit that allowed you to brute force using scripts.

Also adds a config that allows a developer to choose how long they want a user to have to wait.

TovarischPootis commented 3 years ago

Confirming. A lua injector that spams net messages for password attempts can bruteforce containers and unlock them within minutes. Adding even a 1 second delay extends that process by such a long time that it stops being viable. More info/context here: http://blackblog.community85.com/index.php/2020/12/28/storages-arent-safe/

347 is the same thing, just for 1.1

raecyst commented 3 years ago

348 Is the same thing, but for the legacy branch of NutScript.

Might seem unnecessary, but just making sure it's patched on all versions of NutScript (including Helix)

its-johnny commented 3 years ago

Thanks, very appreciate