Thread: AcceptTrade gold scamming, catching hardware events
View Single Post
07-15-16, 10:40 AM   #10
SDPhantom
A Pyroguard Emberseer
 
SDPhantom's Avatar
AddOn Author - Click to view addons
Join Date: Jul 2006
Posts: 2,326
When it comes to the chat system, there are many attack vectors they can eventually move to with ease. One thing that can be done is completely nullify the RunScript() and DevTools_DumpCommand() functions while a chat event is being handled.

Lua Code:
  1. local FuncList={
  2.     "RunScript";
  3.     "DevTools_DumpCommand";
  4. };
  5.  
  6. local FuncCache={};
  7. for k,v in ipairs(FuncList) do FuncCache[v]=_G[v]; end
  8.  
  9. local function DummyFunc() end
  10. local OldHandler=ChatFrame_OnEvent;
  11. local InChatEvent=false;
  12.  
  13. local EventFrame=CreateFrame("Frame");
  14. EventFrame:RegisterEvent("ADDON_LOADED");
  15. EventFrame:SetScript("OnEvent",function()
  16.     for k,v in ipairs(FuncList) do
  17.         if not FuncCache[v] then
  18.             FuncCache[v]=_G[v];
  19.             if InChatEvent then _G[v]=DummyFunc; end
  20.         end
  21.     end
  22. end);
  23.  
  24. function ChatFrame_OnEvent(...)
  25.     for k,v in pairs(FuncCache) do _G[k]=DummyFunc; end
  26.     InChatEvent=true;
  27.     OldHandler(...);
  28.     InChatEvent=false;
  29.     for k,v in pairs(FuncCache) do _G[k]=v; end
  30. end

To protect more functions, add them to the FuncList table.
__________________
WoWInterface AddOns
"All I want is a pretty girl, a decent meal, and the right to shoot lightning at fools."
-Anders (Dragon Age: Origins - Awakening)
Last edited by SDPhantom : 07-15-16 at 10:55 AM.
  Reply With Quote