Arma2 Network Protocol

[nomad_man 10]

Has anyone poked around arma2 network protocol at all?

I want to log chat and some other stuff. Could someone share some details? I really don't want to RCE it.

[Overlord 0]

Wireshark?

[nomad_man 10]

erm.. reversing a protocol involves a lot more than just sniffing for packets. Besides our server collect about 3TB of traffic a month.. I want to log selectively.

[nobrainer 0]

if you "brake" it, then you will reveals all other stuff as well.

Admin passwords etc.

I also would like that kind of functionality, but I want BIS to make it.

It could just be put in the console log for the server.

[nomad_man 10]

obviously BIS is busy addressing other bugs and issues, so it's up to us.

[nuxil 2]

you need to get your hands dirty and do some sniffing in WS.

RCE is the only way you will get a chatlogger.

i have a working Chatlogger but. im not to share it atm. maybe at some later time.

but i can give you some tips on what you need to look for in the network frames if your working on your own.

Benny is also working on a Chatlogger. but i dont know if he did finish it.

maybe he is willing to share his.

snippet of a chatlog :)

19:50:07 : USA : Global : windi : :)

19:50:19 : RUS : Global : Perksy : working again then :0

19:50:58 : USA : Global : windi : never seen a worser commander then on HH-server :)

19:51:16 : RUS : Global : Perksy : that was some funky base building

19:51:57 : USA : Global : windi : hope, more guys will join this here

19:52:07 : RUS : Global : Perksy : indeed

19:52:13 : RUS : Global : Perksy : this a uk based server ?w

19:58:37 : USA : Global : Bansku : guess what happened at HH server :D

19:58:51 : RUS : Global : Perksy : crashed ? :Pdw

19:58:56 : USA : Global : Bansku : nope...

19:59:04 : USA : Global : Bansku : someone asshole at opfor wanted to be a comm...

19:59:16 : USA : Global : Bansku : and guess where he drove our mhq as a first assignment :D

19:59:22 : RUS : Global : Perksy : off the map

19:59:26 : USA : Global : Bansku : ofcourse fast to red zone :D

[nomad_man 10]

duh.... that's what i've been saying.

I've been asking if someone did any RCE and it appears yes.

So care to share the packet opcodes and format?

Otherwise what's the point of posting this.... Look i'm so smart and i did it, but i'm not going to tell you how.

I'm not asking for the source.

[kremator 1065]

Can your work also be used to store other things nuxil? Is that why you don't want to share the wealth yet ?

[nuxil 2]

Can your work also be used to store other things nuxil? Is that why you don't want to share the wealth yet ?

because its still in beta stage. i dont want to release some beta software. and get tonz of questions and feedback about bugs im fully aware of.

and yes. its possible to log alot of other things.

[nomad_man 10]

I will repeat my question, since it looks like you decided to ignore it:

Could you share the details about packets? again, i';m not asking about beta/alpha/release version of your software.

[drivetheory 10]

I'm 100% for some packet info please.

Know what packets to specifically search a capture for would be very helpful.

[zyklone 1]

It'd be a very bad idea to make the protocol public.

Please don't.

[nuxil 2]

It'd be a very bad idea to make the protocol public.

Please don't.

my thoughts aswell. thats why i am not going to release my findings to the public. call me an asshole. but thats the way its going to be. or get your hands dirty and do the dirty job yourself ;)

[nomad_man 10]

already working on it, just figured i'd save myself some time, anyhow good talking to you on the server.

[sickboy 13]

At least provide cheat/hack findings to BIS so they could fix/improve things where possible, incl BattlEye perhaps.

[nomad_man 10]

Sickboy, i'm pretty sure BIS is in the loop with all typical hacks out there. What would you like me to provide to them? :)

[jedra 11]

Sickboy, i'm pretty sure BIS is in the loop with all typical hacks out there. What would you like me to provide to them? :)

Pretty sure isn't totally sure and I would expect they would be grateful of any information they receive. There's a chance you might find something they don't know. This is why they bring us in on the beta testing after all!

[sickboy 13]

Any information regarding hacks and issues with the network protocol etc is helpful.

They are not all-knowing, and they also have no idea about the frequency and size of the attacks/problems, unless they are told by the community.

Packets with malicious content etc, and where possible sources of the hacks could help even more.

[nomad_man 10]

it's all regular stuff, we used to keep all the packets for the duration of 1 month, but there is nothing really of value aside of the mainstream: set fog, set fuel, set damage, teleport, attach gbu's and smokes, and disableinput, along with gbu spam, playmoves, and play music.

Tehy stopped for about a month and just last week i had to ban 6 people.

[Kochleffel 10]

it's all regular stuff, we used to keep all the packets for the duration of 1 month, but there is nothing really of value aside of the mainstream: set fog, set fuel, set damage, teleport, attach gbu's and smokes, and disableinput, along with gbu spam, playmoves, and play music.

Tehy stopped for about a month and just last week i had to ban 6 people.

thats not what he means...

u have to begin way earlier for example the signatures he used etc.