你是否担心服务器被恶意后门入侵?本文将教你如何编写一个防后门的安全脚本,确保你的FiveM服务器安全无忧。
在FiveM服务器运营中,安全性始终是开发者关注的重点。随着越来越多的恶意脚本和后门程序的出现,如何保护服务器免受侵害成为了一个亟待解决的问题。今天,我们将通过一个名为 loader.lua
的脚本,详细讲解如何实现防后门功能,确保服务器的安全运行。
防后门脚本的核心功能
loader.lua
脚本的核心功能是通过扫描服务器中所有资源的脚本文件,检测是否存在潜在的后门代码。脚本会搜索特定的关键词,如 https://
、PerformHttpRequest
等,这些关键词通常与远程代码执行或数据传输相关,是后门程序的常见特征。
代码解析与功能说明
local targetWords = {"https://", "PerformHttpRequest", "GetConvar", "print", "execute", "command", "txAdmin"}local foundScripts = {}local targetWords = {"https://", "PerformHttpRequest", "GetConvar", "print", "execute", "command", "txAdmin"} local foundScripts = {}local targetWords = {"https://", "PerformHttpRequest", "GetConvar", "print", "execute", "command", "txAdmin"} local foundScripts = {}
targetWords
定义了需要检测的关键词列表,这些关键词通常与后门行为相关。 foundScripts
用于记录已检测到的文件路径,避免重复扫描。
function scanScriptsForResource(resourceName)local numFiles = GetNumResourceMetadata(resourceName, "server_script") or 0for j = 0, numFiles - 1 dolocal luaFilePath = GetResourceMetadata(resourceName, "server_script", j)if luaFilePath and not foundScripts[luaFilePath] thenlocal fileContent = LoadResourceFile(resourceName, luaFilePath)if not fileContent then return endlocal lines = split(fileContent, "\n")for lineNum, line in ipairs(lines) dofor _, targetWord in ipairs(targetWords) doif line:find(targetWord) thenfoundScripts[luaFilePath] = trueprintColored("[script:" .. resourceName .. "] Found Word: " .. targetWord, "yellow")local encodedSnippet = json.encode(line)printColored("Code Snippet (JSON): " .. encodedSnippet, "lightblue")endendendendendendfunction scanScriptsForResource(resourceName) local numFiles = GetNumResourceMetadata(resourceName, "server_script") or 0 for j = 0, numFiles - 1 do local luaFilePath = GetResourceMetadata(resourceName, "server_script", j) if luaFilePath and not foundScripts[luaFilePath] then local fileContent = LoadResourceFile(resourceName, luaFilePath) if not fileContent then return end local lines = split(fileContent, "\n") for lineNum, line in ipairs(lines) do for _, targetWord in ipairs(targetWords) do if line:find(targetWord) then foundScripts[luaFilePath] = true printColored("[script:" .. resourceName .. "] Found Word: " .. targetWord, "yellow") local encodedSnippet = json.encode(line) printColored("Code Snippet (JSON): " .. encodedSnippet, "lightblue") end end end end end endfunction scanScriptsForResource(resourceName) local numFiles = GetNumResourceMetadata(resourceName, "server_script") or 0 for j = 0, numFiles - 1 do local luaFilePath = GetResourceMetadata(resourceName, "server_script", j) if luaFilePath and not foundScripts[luaFilePath] then local fileContent = LoadResourceFile(resourceName, luaFilePath) if not fileContent then return end local lines = split(fileContent, "\n") for lineNum, line in ipairs(lines) do for _, targetWord in ipairs(targetWords) do if line:find(targetWord) then foundScripts[luaFilePath] = true printColored("[script:" .. resourceName .. "] Found Word: " .. targetWord, "yellow") local encodedSnippet = json.encode(line) printColored("Code Snippet (JSON): " .. encodedSnippet, "lightblue") end end end end end end
scanScriptsForResource
函数用于扫描指定资源中的所有脚本文件。它会逐行检查文件内容,匹配 targetWords
中的关键词。 如果检测到关键词,脚本会输出相关信息,并将文件路径记录到 foundScripts
中。
local Shared = {Enable = true,DiscordAnnounceDetection = true,DiscordWebhook = "", -- webhook addConsolePrint = true,StopServer = true,BackdoorStrings = {"cipher-panel","Enchanced_Tabs","helperServer","ketamin.cc","\x63\x69\70\x68\x65\x72\x2d\x70\x61\x6e\x65\x6c\x2e\x6d\x65","\x6b\x65\x74\x61\x6d\x69\x6e\x2e\x63\x63","MpWxwQeLMRJaDFLKmxVIFNeVfzVKaTBiVRvjBoePYciqfpJzxjNPIXedbOtvIbpDxqdoJR"}}local Shared = { Enable = true, DiscordAnnounceDetection = true, DiscordWebhook = "", -- webhook add ConsolePrint = true, StopServer = true, BackdoorStrings = { "cipher-panel", "Enchanced_Tabs", "helperServer", "ketamin.cc", "\x63\x69\70\x68\x65\x72\x2d\x70\x61\x6e\x65\x6c\x2e\x6d\x65", "\x6b\x65\x74\x61\x6d\x69\x6e\x2e\x63\x63", "MpWxwQeLMRJaDFLKmxVIFNeVfzVKaTBiVRvjBoePYciqfpJzxjNPIXedbOtvIbpDxqdoJR" } }local Shared = { Enable = true, DiscordAnnounceDetection = true, DiscordWebhook = "", -- webhook add ConsolePrint = true, StopServer = true, BackdoorStrings = { "cipher-panel", "Enchanced_Tabs", "helperServer", "ketamin.cc", "\x63\x69\70\x68\x65\x72\x2d\x70\x61\x6e\x65\x6c\x2e\x6d\x65", "\x6b\x65\x74\x61\x6d\x69\x6e\x2e\x63\x63", "MpWxwQeLMRJaDFLKmxVIFNeVfzVKaTBiVRvjBoePYciqfpJzxjNPIXedbOtvIbpDxqdoJR" } }
Shared
表定义了脚本的配置选项,包括是否启用检测、是否向Discord发送通知、是否在控制台打印检测结果等。 BackdoorStrings
是自定义的后门特征字符串,用于进一步增强检测效果。
事件监听与后门检测
脚本通过监听 onResourceStart
事件,在服务器启动时自动扫描所有资源,检测是否存在后门代码。如果检测到后门,脚本会根据配置选项执行相应的操作,如在控制台打印检测结果、向Discord发送通知,甚至直接停止服务器。
AddEventHandler('onResourceStart', function(res)if GetCurrentResourceName() ~= res or not Shared.Enable then return endlocal detectedResources = scanForBackdoors()if #detectedResources > 0 thenif Shared.ConsolePrint thenprint("^1[DEBUG]^0 Found Backdoor in: ")for _, v in pairs(detectedResources) doprint("^1[DEBUG]^0 Resource: " .. v.resource .. ", Detected String: " .. v.stringFound)endendif Shared.DiscordAnnounceDetection and Shared.DiscordWebhook ~= "" thensendToDiscord(detectedResources)endif Shared.StopServer thenCitizen.Wait(2000)os.exit()endendend)AddEventHandler('onResourceStart', function(res) if GetCurrentResourceName() ~= res or not Shared.Enable then return end local detectedResources = scanForBackdoors() if #detectedResources > 0 then if Shared.ConsolePrint then print("^1[DEBUG]^0 Found Backdoor in: ") for _, v in pairs(detectedResources) do print("^1[DEBUG]^0 Resource: " .. v.resource .. ", Detected String: " .. v.stringFound) end end if Shared.DiscordAnnounceDetection and Shared.DiscordWebhook ~= "" then sendToDiscord(detectedResources) end if Shared.StopServer then Citizen.Wait(2000) os.exit() end end end)AddEventHandler('onResourceStart', function(res) if GetCurrentResourceName() ~= res or not Shared.Enable then return end local detectedResources = scanForBackdoors() if #detectedResources > 0 then if Shared.ConsolePrint then print("^1[DEBUG]^0 Found Backdoor in: ") for _, v in pairs(detectedResources) do print("^1[DEBUG]^0 Resource: " .. v.resource .. ", Detected String: " .. v.stringFound) end end if Shared.DiscordAnnounceDetection and Shared.DiscordWebhook ~= "" then sendToDiscord(detectedResources) end if Shared.StopServer then Citizen.Wait(2000) os.exit() end end end)
事件监听器会在资源启动时触发,调用 scanForBackdoors
函数进行后门检测。 如果检测到后门,脚本会根据配置选项执行相应的操作,包括在控制台打印检测结果、向Discord发送通知,甚至停止服务器。
总结
通过 loader.lua
脚本,你可以有效保护FiveM服务器免受恶意后门的侵害。脚本的核心功能是扫描所有资源文件,检测是否存在与后门相关的关键词或特征字符串。根据检测结果,你可以选择在控制台输出信息、向Discord发送通知,甚至直接停止服务器。
- 最新
- 最热
只看作者