Jump to content
Frequently Asked Questions
  • Are you not able to open the client? Try following our getting started guide
  • Still not working? Try downloading and running JarFix
  • Help! My bot doesn't do anything! Enable fresh start in client settings and restart the client
  • How to purchase with PayPal/OSRS/Crypto gold? You can purchase vouchers from other users
  • BotBuddy GPSeller [Fast, Secure, Easy Unattended Auto Gold Sales] [Free Sellix Storefront Required]


    Recommended Posts

    Posted (edited)

    spacer.png

    BotBuddy.net

    BotBuddy GPSeller is a script designed to automate gold sales. It manages real-time order processing through Sellix webhooks to allow fast, secure, unattended gold sale transactions.

    Make money while you sleep! Click here to add the script

    Any questions or further setup assistance needed? Post below or join our discord!

    Features:

    • Webhook endpoint server able to receive POST requests from remote servers
    • Signature verification to ensure POST requests are processed only from your intended remote server
    • Order queue with concurrent trade support (A bought GP 5 minutes ago but hasn't shown up yet. This won't prevent B from receiving the GP they purchased after A.)
    • Cubic Bezier curve mouse algorithm for anti-pattern
    • Anti-pull to prevent users from pulling your bot too far from its starting tile
    • Any starting location supported, wherever the script starts is where it will stay; Provide the world and location to your customers in their invoice so they will know where to meet
    • Configurable webhook endpoint port and trade world via config.json
    • Order expiry after 10 minutes

    Requirements:

    • Free Sellix storefront and API key from Sellix Settings > General > "Webhook Secret"
    • You must always ensure your inventory contains your current stock of GP (Adjust stock on Sellix product listing, multiply by 1,000,000 so 100M GP in stock is 100 on Sellix). The script will never open your bank.
    • Open port for webhook endpoint

    Instructions:

    • Start script initially to generate config file, the GUI will only appear if the config file does not exist in /DreamBot/Scripts/BBGPSeller/. Modify as needed to contain your desired port, trade world, and Sellix API key.
      image.png.7c30a77669ccce9dbed5e055fbe8d56e.png
    • Ensure the port specified in your config is open on both your OS firewall and your router. To test, run the script and check the port with https://canyouseeme.org to confirm the port is open. The script must be running for this site to see the port.
    • Configure your listing in Sellix with the below information in the "Additional Details" and "Webhooks Endpoints" section at the bottom of the product info. (http://YOURPUBLICIP:420/webhook needs to be changed to match your own public IP and your own opened port)

    image.png.ff3dc203986d0c252a043f60fa4c1395.png

    BJnyGRR.png

    Future Plans:

    • Script paint containing GP sold, sales count, avg GP per sale, etc.
    • Auto-muling to prevent "master mule" from being customer facing
    • Support for other storefronts
    • Integration with CloudFlare Tunnel to remove the need to portforward
    • Support for specific items (not just GP) ?

    US0aGJW.png

     

    https://developers.sellix.io/#webhooks

    Sellix claims to only send production webhooks to SSL hosts, but this isn't true at the moment. I will update this post whenever this stops being the case. @camalCase

    Safety Warning:

    Opening ports to the public network can expose your computer to potential security risks. It's vital to proceed with caution and understand the implications of making your services accessible over the internet. When you open a port, you create a pathway for external traffic to enter your network, which could be exploited by malicious actors to gain unauthorized access or carry out attacks against your system. To mitigate these risks, ensure you:

    • Use strong, unique passwords for all services and devices.
    • Regularly update your software to patch any known vulnerabilities.
    • Limit port exposure by only opening the ports necessary for your bot to function and closing them when not in use.
    • Consider implementing additional security measures, such as firewalls and intrusion detection systems, to monitor and control incoming traffic.

    Understanding Port Ranges and Safe Practices for Port Forwarding:

    When configuring port forwarding for the GPSeller script, it's essential to choose an appropriate port number that minimizes security risks while ensuring reliable functionality. Ports are divided into three ranges: Well-Known Ports (0-1023), Registered Ports (1024-49151), and Dynamic/Private Ports (49152-65535).

    • Well-Known Ports (0-1023): Reserved for system or well-known services (e.g., HTTP on port 80). Avoid using these ports to prevent conflicts with standard services.
    • Registered Ports (1024-49151): Typically used by user applications or non-privileged services. It's safer and more common to use a port within this range for your script.
    • Dynamic/Private Ports (49152-65535): Generally used for client-side communications or ephemeral ports that applications use for temporary communications. These can be used but are less common for services that need a consistent port.

    When choosing a port for the GPSeller script, select one within the Registered Ports range (1024-49151) that does not conflict with any known services you run. This reduces the chance of security risks and service conflicts.

    Port Forwarding Guide:

    Port forwarding is a process that allows remote computers on the internet to connect to a specific computer or service within a private local-area network (LAN). Here's a simplified guide on how to open ports, but keep in mind that the exact steps may vary depending on your router's make and model:

    1. Access Your Router: Open your web browser and enter your router's IP address (commonly 192.168.1.1 or 192.168.0.1) in the address bar. You'll need to log in with your router's credentials (often found on the router itself or in its manual).

    2. Find Port Forwarding Settings: Look for a section labeled "Port Forwarding," "Apps and Gaming," or something similar. This can usually be found under the "Advanced" or "Network" settings.

    3. Create a New Port Forwarding Rule: Enter the necessary information for your script:

      • Service Name: Give your rule a name, like GPSeller.
      • Port Range: Enter the port number you want to open (specified in your config.json). If required, enter the same number for both the starting and ending points.
      • Local IP: Enter the IP address of the computer running the GPSeller script. You can find this by running ipconfig (Windows) or ifconfig (Linux/Mac) in the command line.
      • Protocol: Choose TCP, as it is typically used for web server communications.
      • Enable the Rule: Make sure your new rule is enabled, then save or apply your changes.
    4. Test Your Setup: Use a service like https://canyouseeme.org to confirm that your port is open and reachable from the external internet. Remember, the GPSeller script needs to be running for the port to appear open.

    For a more tailored guide, including illustrations and router-specific instructions, you might refer to resources like PortForward's Router Guide. This website provides step-by-step instructions for a wide range of router models and services.

    Edited by riboflavin
    formatting
    Posted
    BotBuddy GPSeller has been approved and is now live on the SDN!

    Thanks!
    Posted
    On 2/7/2024 at 1:40 AM, riboflavin said:

    http://YOURPUBLICIP:420/webhook needs to be changed to match your own public IP and your own opened port

    sellix webhooks only send *actual* payment webhooks (iirc the webhook tester will send tests to http) to https urls, https://developers.sellix.io/#webhooks

    looks to me like this script just starts a http server, no inputs for ssl keystore files, no guide on how to get a domain and an ssl cert, if someone uses this bot and receives payment sellix wont send the webhook, the bot will do nothing, they will have scammed

    @Hashtag / @Pandemic can you check im not missing anything here and consider hiding this until thats resolved before some user unintentionally starts a gold scamming operation

     

    Posted
    2 minutes ago, riboflavin said:

    I will not stand for this slander. Someone please think of the children!

    what?

    Posted (edited)
    On 2/7/2024 at 1:40 AM, riboflavin said:

    Sellix claims to only send production webhooks to SSL hosts, but this isn't true at the moment. I will update this post whenever this stops being the case. @camalCase

    cosigned and tested i guess they stopped checking that.

    those webhooks do contain a lot of PII and sending them over http is irresponsible (which is why sellix was and probably is still meant to ensure https) but works, GLHF

    Edited by camalCase
    https*

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
    ×
    ×
    • Create New...

    Important Information

    We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.