BotBuddy GPSeller [Fast, Secure, Easy Unattended Auto Gold Sales] [Free Sellix Storefront Required]

[riboflavin 11]

BotBuddy.net

BotBuddy GPSeller is a script designed to automate gold sales. It manages real-time order processing through Sellix webhooks to allow fast, secure, unattended gold sale transactions.

Make money while you sleep! Click here to add the script

Any questions or further setup assistance needed? Post below or join our discord!

Features:

• Webhook endpoint server able to receive POST requests from remote servers
• Signature verification to ensure POST requests are processed only from your intended remote server
• Order queue with concurrent trade support (A bought GP 5 minutes ago but hasn't shown up yet. This won't prevent B from receiving the GP they purchased after A.)
• Cubic Bezier curve mouse algorithm for anti-pattern
• Anti-pull to prevent users from pulling your bot too far from its starting tile
• Any starting location supported, wherever the script starts is where it will stay; Provide the world and location to your customers in their invoice so they will know where to meet
• Configurable webhook endpoint port and trade world via config.json
• Order expiry after 10 minutes

Requirements:

• Free Sellix storefront and API key from Sellix Settings > General > "Webhook Secret"
• You must always ensure your inventory contains your current stock of GP (Adjust stock on Sellix product listing, multiply by 1,000,000 so 100M GP in stock is 100 on Sellix). The script will never open your bank.
• Open port for webhook endpoint

Instructions:

• Start script initially to generate config file, the GUI will only appear if the config file does not exist in /DreamBot/Scripts/BBGPSeller/. Modify as needed to contain your desired port, trade world, and Sellix API key.
  
• Ensure the port specified in your config is open on both your OS firewall and your router. To test, run the script and check the port with https://canyouseeme.org to confirm the port is open. The script must be running for this site to see the port.
• Configure your listing in Sellix with the below information in the "Additional Details" and "Webhooks Endpoints" section at the bottom of the product info. (http://YOURPUBLICIP:420/webhook needs to be changed to match your own public IP and your own opened port)

Future Plans:

• Script paint containing GP sold, sales count, avg GP per sale, etc.
• Auto-muling to prevent "master mule" from being customer facing
• Support for other storefronts
• Integration with CloudFlare Tunnel to remove the need to portforward
• Support for specific items (not just GP) ?

 

https://developers.sellix.io/#webhooks

Sellix claims to only send production webhooks to SSL hosts, but this isn't true at the moment. I will update this post whenever this stops being the case. @camalCase

Safety Warning:

Opening ports to the public network can expose your computer to potential security risks. It's vital to proceed with caution and understand the implications of making your services accessible over the internet. When you open a port, you create a pathway for external traffic to enter your network, which could be exploited by malicious actors to gain unauthorized access or carry out attacks against your system. To mitigate these risks, ensure you:

• Use strong, unique passwords for all services and devices.
• Regularly update your software to patch any known vulnerabilities.
• Limit port exposure by only opening the ports necessary for your bot to function and closing them when not in use.
• Consider implementing additional security measures, such as firewalls and intrusion detection systems, to monitor and control incoming traffic.

Understanding Port Ranges and Safe Practices for Port Forwarding:

When configuring port forwarding for the GPSeller script, it's essential to choose an appropriate port number that minimizes security risks while ensuring reliable functionality. Ports are divided into three ranges: Well-Known Ports (0-1023), Registered Ports (1024-49151), and Dynamic/Private Ports (49152-65535).

• Well-Known Ports (0-1023): Reserved for system or well-known services (e.g., HTTP on port 80). Avoid using these ports to prevent conflicts with standard services.
• Registered Ports (1024-49151): Typically used by user applications or non-privileged services. It's safer and more common to use a port within this range for your script.
• Dynamic/Private Ports (49152-65535): Generally used for client-side communications or ephemeral ports that applications use for temporary communications. These can be used but are less common for services that need a consistent port.

When choosing a port for the GPSeller script, select one within the Registered Ports range (1024-49151) that does not conflict with any known services you run. This reduces the chance of security risks and service conflicts.

Port Forwarding Guide:

Port forwarding is a process that allows remote computers on the internet to connect to a specific computer or service within a private local-area network (LAN). Here's a simplified guide on how to open ports, but keep in mind that the exact steps may vary depending on your router's make and model:

1. Access Your Router: Open your web browser and enter your router's IP address (commonly 192.168.1.1 or 192.168.0.1) in the address bar. You'll need to log in with your router's credentials (often found on the router itself or in its manual).

2. Find Port Forwarding Settings: Look for a section labeled "Port Forwarding," "Apps and Gaming," or something similar. This can usually be found under the "Advanced" or "Network" settings.

3. Create a New Port Forwarding Rule: Enter the necessary information for your script:

   • Service Name: Give your rule a name, like GPSeller.
   • Port Range: Enter the port number you want to open (specified in your config.json). If required, enter the same number for both the starting and ending points.
   • Local IP: Enter the IP address of the computer running the GPSeller script. You can find this by running ipconfig (Windows) or ifconfig (Linux/Mac) in the command line.
   • Protocol: Choose TCP, as it is typically used for web server communications.
   • Enable the Rule: Make sure your new rule is enabled, then save or apply your changes.

4. Test Your Setup: Use a service like https://canyouseeme.org to confirm that your port is open and reachable from the external internet. Remember, the GPSeller script needs to be running for the port to appear open.

For a more tailored guide, including illustrations and router-specific instructions, you might refer to resources like PortForward's Router Guide. This website provides step-by-step instructions for a wide range of router models and services.

Edited February 19 by riboflavin
formatting

[Hashtag 8698]

Released and promoted. Congratulations!

[SDN Bot 167]

BotBuddy GPSeller has been approved and is now live on the SDN!

Thanks!

[camelCase 236]

On 2/7/2024 at 1:40 AM, riboflavin said:

http://YOURPUBLICIP:420/webhook needs to be changed to match your own public IP and your own opened port

sellix webhooks only send *actual* payment webhooks (iirc the webhook tester will send tests to http) to https urls, https://developers.sellix.io/#webhooks

looks to me like this script just starts a http server, no inputs for ssl keystore files, no guide on how to get a domain and an ssl cert, if someone uses this bot and receives payment sellix wont send the webhook, the bot will do nothing, they will have scammed

@Hashtag / @Pandemic can you check im not missing anything here and consider hiding this until thats resolved before some user unintentionally starts a gold scamming operation

 

[riboflavin 11]

I will not stand for this slander. Someone please think of the children!

[camelCase 236]

2 minutes ago, riboflavin said:

I will not stand for this slander. Someone please think of the children!

what?

[camelCase 236]

On 2/7/2024 at 1:40 AM, riboflavin said:

Sellix claims to only send production webhooks to SSL hosts, but this isn't true at the moment. I will update this post whenever this stops being the case. @camalCase

cosigned and tested i guess they stopped checking that.

those webhooks do contain a lot of PII and sending them over http is irresponsible (which is why sellix was and probably is still meant to ensure https) but works, GLHF

Edited February 17 by camalCase
https*

[riboflavin 11]

Edited April 2 by riboflavin
fixed images for cT

[BotterDream 3]

Wow

[xyz111 83]

E🅱️ic