So lately I've been seeing a bunch of posts about how Fungus attacked or hacked your server. I'm not saying he didn't, but I'd like to say that if he somehow got onto your computer via a RAT or other virus and did some uber leet console commands and made a face appear on your screen, then he hacked your computer, not Blockland. Blockland is unhackable, but easily exploitable. Think of hacking as freezing all the players of a football game and walking past them through some black magic, and think of exploiting as picking up the ball and walking around the field to the touchdown.
Add-on Exploits
Blockland has an add-on system that allows for anyone to use any add-on, and make them through a couple programs. This is fine and good, until someone makes a bad or exploitable add-on. Eval, for instance, is a mod that allows SAs and other trusted people to access the server's console easily. But, it can be easily edited to let anyone access the server's console; this does not end well. One instance were an add-on was abused was Cciamlazy adding a line of code into a CityRP mod he gave Nobot to give him SA powers. This allowed him to always be SA on Nobot's servers. Cciamlazy's key and all of his alt keys were revoked and he was banned from the forums.
Event Exploits
Introduced in v9, events became a base part of Blockland almost overnight. Suddenly, you didn't have to code a brick and release it to be able to say, make it flash when someone stepped on it. But with any sandbox game feature, it can be abused. One instance of this was Fungusamongus using Zone Bricks (a brick/event add-on) to make faces appear on people's screens. They way he did this was by displaying a bitmap image from a default directory (EI, addons/face_default/asciiterror.png) when a player enter a zone and changing his datablock to a Rowboat. Another example of
exploiting a default feature.
So please, don't make the millionth topic about how whoever hacked your Blockland server. They exploited it.
