Jump to content
Sign in to follow this  
Hud Dorph

Hacking is getting worse

Recommended Posts

Cheaters are one of the main reasons I dont play online in "pub servers" anymore. $able, You're definantly hard working and these hackers are really pushing BattlEye's limits now. Just thanks for keeping the work and holding these hackers at bay.

And as for the cheaters themselves, They deserve to have their GUID, IP, Username, everything we can get on them banned on all BIS games.

As others have said, Hackers are skilled, clever and generally, don't use thier own cheats. Cheaters are stupid, not very skilled and often ends up paying large ammounts of money in games they only get to play for a short period until they get banned. Very few "Cheaters" are clever enough to get around the bans properly.

Again, Thanks to $able and BIS for the game. And hopefully it wont be long until these cheaters disapear from the A2 network, for at least a while.

Share this post


Link to post
Share on other sites

Thx for the BE update tday - no problems all day :)

Edit:

didnt last long - same probs happening again.

Edited by [HUD]Dorph

Share this post


Link to post
Share on other sites

Beyond signature checks it's important you don't remain logged in as admin, as I understand it there's a limited amount they can achieve without hi-jacking an admin's permissions. I had one dufus join our server and announce that he'd been shutting down servers all day, I believe because he found there was no admin logged in and he wanted to goad us into trying to #kick him so he could jack our permissions. One of us had the GUI frontend for BE's RCon running in the tray and 10 seconds later he was GUID banned, tried to get back on but BE booted him. No drama, no exploits just one banned numpty.

Share this post


Link to post
Share on other sites

Good info thx. How about voting ? Would it be safer to set the voteThreshold to a negative value ?

Share this post


Link to post
Share on other sites
Beyond signature checks it's important you don't remain logged in as admin, as I understand it there's a limited amount they can achieve without hi-jacking an admin's permissions. I had one dufus join our server and announce that he'd been shutting down servers all day, I believe because he found there was no admin logged in and he wanted to goad us into trying to #kick him so he could jack our permissions. One of us had the GUI frontend for BE's RCon running in the tray and 10 seconds later he was GUID banned, tried to get back on but BE booted him. No drama, no exploits just one banned numpty.

As I said in the past, a logged-in admin isn't required for the hijacking hack to work. From what I have seen it simply works always, because of the actual admin command being executed on the server, which always has all permissions.

Also, are you sure your colleague was GUID-banned? Other than the in-game admin system, BE RCon cannot be hijacked. And the in-game #beserver admin command was disabled long ago.

Share this post


Link to post
Share on other sites

Not sure about the extent of the server as an implicit admin, I did wonder but then in my own anti-griefing script I found some # commands worked while others wouldn't.

For the other, my colleague wasn't banned, he used BE RCon to ban the unwelcome visitor.

---------- Post added at 04:57 PM ---------- Previous post was at 04:01 PM ----------

Just trialled this and you're absolutely right, doesn't require a logged-in admin which does rather beg the question, why on Earth haven't BI closed this hole? All they'd need to do is disable ServerCommand, anything we need it for can be enacted via BE RCon. Madness!

Here is my advice for dedicated server-ops...

Get yourself a hex editor (I use HxD, http://www.mh-nexus.de/), open up arma2oaserver.exe and replace every instance of the string serverCommand with another phrase of exactly the same length and which should remain known only to you. That's it, no more server shutdowns.

...I've tested this and it works (at least it's proof against the example hack I have). If you're careful not to include the new serverCommand alias in the mission download you could even re-enable it for most purposes.

Share this post


Link to post
Share on other sites
C5 said you were being watched for a couple weeks and observed spawning armor and if I remember right teleporting vehicles also.

The map being played didn't have armor and you were killed inside armor.

This makes my point exactly. Admins be careful of banning/slandering players, does even more damage to this community.

I went out of my way not to mention what server, not that it really matters; but the damage that this sort of thing can do. In all honesty I really dont care to much about this. Either playing online is fun or its not. I will continue to buy BIS products as I have for the past decade and even purchase extra copies like I did when I deployed to Iraq. Dont ask me how I forgot to pack that for the uber labtop I bought back then. :) Was forced to use DARWARS and was like, oh crap I didnt pack arma, silly me.

But BIS pls fix this exploit crap. There's the cheaters and then there's the folks their actions take a big poo on. In the end would I ever want to go back to "THAT" server after being slandered? NO not really.

And of course admins need to protect their servers as stated before. Use BE, enable signature checks, and be a proper stand up guy.

I was kicked after shooting the admin in the head with an rpk while perched atop a rock at 400 meters. This spawning vics crap is silly, and to be seen doing it!? Teleporting vics? hmmmm netcode perhaps. Well i must be the stupidest script kiddie ever, and to not change name and ID. oh and post on the game forum about just being careful about going crazy with kick/bans. You know, I think Im mildly pissed. Thank gawd i have a life or my one remaining feeling might get hurt.

Edited by flashburn
oops

Share this post


Link to post
Share on other sites
For the other, my colleague wasn't banned, he used BE RCon to ban the unwelcome visitor.

Oh, I got that wrong. ;)

Here is my advice for dedicated server-ops...

Get yourself a hex editor (I use HxD, http://www.mh-nexus.de/), open up arma2oaserver.exe and replace every instance of the string serverCommand with another phrase of exactly the same length and which should remain known only to you. That's it, no more server shutdowns.

...I've tested this and it works (at least it's proof against the example hack I have). If you're careful not to include the new serverCommand alias in the mission download you could even re-enable it for most purposes.

Good idea!

Share this post


Link to post
Share on other sites

Sorry to say, but this game is pretty much ruined as of Christmas. There are now multiple ways of bypassing sig checking and id bans. What Bohemia needs to do is change the way bi signs are used by the server, remove ingame admin,and remove the scripting command disableuserinput (unless this is a commonly used command inside of scripting missions/addons, but as far as I can tell, it isnt). Bisigns since have been cracked, and by utilizing a much more uncommonly used signed pbo, such as a music pbo or mparmory pbo, the hack pbo can be converted into a pbo that comes default with the game, signed by all servers. (I will not explain this method, as it might encourage others to do the same) Packet editing certain sendto and recieve packets can also be used to fool the game into thinking a pbo is signed, that your id is different, or lately, that your guid is different. Battleye is only looking for the dll and process names of a hack, and with a simple editor, any program can be made undetected. Battleye also only initializes when you load up into game, after slot selection, so any program can be used before you select a slot and load into game.

Hopefully my post here will enlighten anyone that the game needs to be fixed, and at this point, any server can be ruined. If I posted to much information about this topic please delete it then...

Share this post


Link to post
Share on other sites
That's an incredibly ingenious idea, Defunkt. :eek:

:wink:

Has occurred to me since that if you do the same to your client (i.e. arma2oa.exe) it should then be safe for you to remain logged-in as admin yourself. Would break your Server Control dialog limiting you to # commands entered in chat text but I can probably fix that with an addon. Might as well rename the disableUserInput command while you're at it.

Share this post


Link to post
Share on other sites

I've encountered 4 hackers tonight. Obvious things like all vehicles randomly blowing up, a million bombs dropping from the sky, or a rocket suddenly flying above my ATV.

Share this post


Link to post
Share on other sites

has anyone come across an AI plane blowing up team mates in domi?

happened tonight on our clan server

an F-35 would fly over the AO. drops a bomb on a player an flys off

anyon see anything like that before?

Share this post


Link to post
Share on other sites
this game is told to be over 18 , over 17 in countries, so ?

if alcohol, driving license, gun license is over 18 and someone who is 14 play it - he break rule

so if game is > 16, >18 and you have 14 y.o. trouble makers than you see it normal ?

in Polish scene there were few trouble makers , and you know what ? they were 13 , 14, 15 y.o.

underaged to limit prescribed on box of game (which is 16 in PL)

if this game is > 16, >18 , than thats why i don't want 12 y.o. kids who ask me to "give spec-ops black vest, cause it will look bad-ass" or other person"give Polish army tank T80, give HK36 to regular troops cause AK is boring" and flaming, bashing etc. cause person is 14 or 13 y.o.

limit on box is saying >16, >17 >18 and that's all we want , if person is reasonable and sane (even if 12 y.o.) than not cheats

ARMA 2 is already rated M for Mature, and this is actually a problem. I, (being a teenager myself) have noticed many of my peers think having/getting something intended for adults makes them cool, which is why you have issues with things like teens drinking, teens smoking, teens playing rated M games.

I personally have had no care over what the game is rated as long as its not AO, never have ever since the first video game I played. (Doom, at the age of 3) Its just, as I said, many teens want to seem 'mature' and such.

Also, it is not just Teens who are the problem, there are the occasional immature adults who cheat as well. I have played with a few of them, although they ones I have played with cheat on their OWN server and don't do stuff to wreck the base and/or team kill.

Share this post


Link to post
Share on other sites
has anyone come across an AI plane blowing up team mates in domi?

happened tonight on our clan server

an F-35 would fly over the AO. drops a bomb on a player an flys off

anyon see anything like that before?

Oh yes happened all evening here, only it was A10's blowing AO up.

Share this post


Link to post
Share on other sites
:wink:

Has occurred to me since that if you do the same to your client (i.e. arma2oa.exe) it should then be safe for you to remain logged-in as admin yourself. Would break your Server Control dialog limiting you to # commands entered in chat text but I can probably fix that with an addon. Might as well rename the disableUserInput command while you're at it.

Wouldnt you get kicked by BE yourself then? ;)

Share this post


Link to post
Share on other sites
This makes my point exactly. Admins be careful of banning/slandering players, does even more damage to this community.

This spawning vics crap is silly, and to be seen doing it!? Teleporting vics? hmmmm netcode perhaps.

I didn't see armor actually appear out of thin air on the C5 server but I did check my soundcard settings multiple times because armor would come rolling up on my position out of the blue even after doing a full 360 degree scan on virtually flat terrain.

I don't know about teleporting but I have seen speed hacks.

Share this post


Link to post
Share on other sites

A good way would be to suppress locality, and put all script and mechanic handling on the host.

Share this post


Link to post
Share on other sites
A good way would be to suppress locality, and put all script and mechanic handling on the host.

No!

there are things that needs\should be done local to client only. example particles and much more.

it would also rewriting the game engine alot more than example "remove admin functions, replace it with a ingame BE con. disable some script commands so on". also suppressing locality scripting would have the editor in problems.

Share this post


Link to post
Share on other sites

I got angry reading this because I have 15 years old and I am not a cheater , hacker or something like that , I love this game , I love multiplayer I love the editor I lover realism and I love this community.

so the people who ruins this game isn't young people . the ones who ruins this game is the people that don't care shit of nothing about gaming and doesn't have nothing to do than just make your day get bad.

the people that makes this game get inplayable isn't young people , is the people that doesn't know how to play a game and get fun of it without cheating.

Share this post


Link to post
Share on other sites
... the people that makes this game get inplayable isn't young people , is the people that doesn't know how to play a game and get fun of it without cheating.

Nice post zombo, and yes, your probably right, because the people who do like and want to play this game wouldn't be doing this school yard shit.

There are other people who are just "squad zombies", who decide another server should be a target and get their kiddie kicks from attacking "the opposition".

Share this post


Link to post
Share on other sites

The hackers are actually adults, and not kids like we all think.

Share this post


Link to post
Share on other sites
Well, until improvements are made, do you have signature check enabled on your server? BattlEye too, and banning BE GUIDs? You could also check for fake IDs which are synonymous with pirated copies, or people changing them because their IDs have been banned on certain servers. I believe you can tell they're fake if they're over 10 digits? Or has that since changed since the days of ArmA?

Man, where's Doolittle when you need him. :p

Unfortunately I'm not sure how much BIS can do with this. They most certainly aren't going to limit scripting in Arma 2, and they already have BattlEye. Really, all I could see them doing is switching to Punkbuster, but will that really have much of a gain?

Frankly, I don't know why hackers troll Arma 2 when newly released games like BFBC2: Vietnam are "ripe for the picking"...

Well signature check is not even worth having on vs hacks these days. Was possable to bypass for ages and now they can bypass it with no effect at all with a certain new tool.

As for dolittle id say his tool was good for catching hackers when it remained undected. Which wasnt very long sence his scripts from his ACS pbo could be captured and then they would know how they got caught and bypass it.

I used it alot back on arma 1 and it got to the point that we was detecting cheaters our own way that didnt get detected any longer by the doolittle acs. But such a tool could be good to catch cheaters for a few days then guid ban them. But aint really a long term solution

Doo ACS addon was made for arma scripting to catch hacks made from arma scripts. Best way to catch arma script hacks is to use a method which doesnt involve using arma scripts.

So you can view there script hacking methods but they cant view yours

Its really not hard at all to detect there scripts with a network sniffer. Been doing it sence the ofp days. An exsample is. We had a hacker on our ofp server few weeks ago who though he piss of 30 guys and keep shuting down server 30min into game

So benny from HS scaned the logs and found this

cheatpublictemp=this; cheatexec={private["_cheatscriptvar,_cheatscript"]; if (player == cheatplayerpb) then {[_cheatscriptvar,_cheatscript] exec "\cheat\commandmenu\script.sqs"};}; [60,10] exec {\cheat\Shutdown.sqs

I then scaned the ip where the script came from on netlog to get his name to let people know who it was then ip range banned him

this game is rated 17 (in my country) but i know 13, 14 y.o. making problems here in past

?

i agree

and we would not than had so much 13-15 y.o. who demand new DLC every day and f* free addons & realism and destroy all what made OFP great = mature military players , not CoD fat no-live kids

but if there are mature players , they not hack servers , right ?

I totally disagree with that. You think 13 year olds make these hacks? They made by mature people in the real world that have no respect for playing legit and dont share the same passion as others for online gaming. A certain guy who makes some of these hacks is meant to be a uni teacher apparently. Another who runs the the known site which which some code named KFC is meant to be in his 70's and malboeuf who was from roughnecks.org clan which is no longer around was known to them and he spoke to the guy himself a few times on ts and said he sounded quite old. I would say theres more mature players on the pc then a console. U need a good system rig which cost money to plays games these days and also u need money to buy a new game when u get banned on games like bc2. or black ops etc

Maybe these so called 13 to 15 year old hackers also own credit cards aswell... Because its rented hacks that own games like COD and BC2. So either they have credit cards. Or they ask there parents to buy the hacks for them which would make the parents just as bad as them or its actually people over the age of 17 that hack the game. Either way your theory that if no under age players = no hack, is just wrong.

Theres a certain cheat site that claims to be #1 know as FPS***** which has over 214427 activated users. Somehow i dout there all kids that pay to rent there crap.

As for punkbuster. It would be a waste of money sence it would only detect memory hacks and the real problem lies with the arma 2 scripting its self. Limit that and you limit the hacks but you also limit the game and all the mods and player missions. In a way its a bis problem sence there own scripting engine is being used against them to hack the game. But if they took that feature away from the community then this game wouldnt be what it is now and more people would whine about that more then hackers

Main reason people prob hack this game is because they can do more damage. Hacking in other games is just about using aimbot and esp. You would never see things like nukes going off or raining boats, Flying tanks or admin commands geting hijacked like you do on arma.

It absolutely does have to do with server admins. Just because you rent does not excuse you from securing your site to the best level you can. If the host site prevents you from doing that then they are guilty of aiding the hackers. Get your money back and find a better host.

Id really love how to know you would secure a server vs a hacker who plays on your server for the first time.

Only so much a server owner can do. We could ip ban. Guid ban. Detect there scripts. What we cant do is prevent someone from joining with a hack. You can only take action once they hacked. If they able to join a server successfully then its a bis problem, Not the server admin. And a server owner cant be around 24/7

And hackers are now able to sign there pbo hacks with a bis sign so now when they join server with there cheat.pbo, Server will see it as a offical bis addon and they bypass the signature check

Things i would like to see are

1. Remove player ids and have guid's only. Seems alot still id ban

2. Remove the server admin commands from ingame and use Rcon only

3. A console that logs all executed client scripts that get sent to server that can be viewed in logs. Mainly for those who dont have dedicated servers and unable to install 3rd party sniffers

4. A global ban system like punkbuster so if a memory hack is detected on 1 server then they banned from all

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×