av8rbra 10 Posted October 26, 2014 Today we had a hacker ruining our PvP server and I banned him... So I was checking Battleye folder and I found a suspicious file! I searched a lot about remoteexec.txt but couldn't find much, I know it's a BE filter. So I had that file in my folder, with this: 25.10.2014 14:37:19: nExUs (187.22.142.253:2304) 0e0e9c846b913d470e1a634700337625 - Compile Block "if(isServer)then{call compile("_l22=create"+"Vehicle['B_MRAP_01_F',[21700.3,19253.1,0],[],0,'CAN_COLLIDE'];_l7=_l22 call objectUID;_l22 setVariable['ObjectID',83059.1,true];_l22 setVariable['ObjectUID',_l7,true];_l22 setVariable['OwnerID',0,true];_l22 setDir 359.641;serverObjectMonitor set[count serverObjectMonitor,_l22];");};" 25.10.2014 14:44:46: nExUs (187.22.142.253:2304) 0e0e9c846b913d470e1a634700337625 - Compile Block "if(isServer)then{call compile("_l22=create"+"Vehicle['B_Heli_Transport_01_camo_F',[21822.9,19359.6,0],[],0,'CAN_COLLIDE'];_l7=_l22 call objectUID;_l22 setVariable['ObjectID',81902.5,true];_l22 setVariable['ObjectUID',_l7,true];_l22 setVariable['OwnerID',0,true];_l22 setDir 150.845;serverObjectMonitor set[count serverObjectMonitor,_l22];");};" 25.10.2014 14:46:19: nExUs (187.22.142.253:2304) 0e0e9c846b913d470e1a634700337625 - Compile Block "if(isServer)then{call compile("_l22=create"+"Vehicle['B_APC_Tracked_01_rcws_F',[21882.3,19261.5,0],[],0,'CAN_COLLIDE'];_l7=_l22 call objectUID;_l22 setVariable['ObjectID',32488.7,true];_l22 setVariable['ObjectUID',_l7,true];_l22 setVariable['OwnerID',0,true];_l22 setDir 243.491;serverObjectMonitor set[count serverObjectMonitor,_l22];");};" 25.10.2014 15:18:53: nExUs (2) (187.22.142.253:2304) 0e0e9c846b913d470e1a634700337625 - Compile Block "if(isServer)then{call compile("_l22=create"+"Vehicle['O_APC_Tracked_02_AA_F',[4291.99,16527.4,0],[],0,'CAN_COLLIDE'];_l7=_l22 call objectUID;_l22 setVariable['ObjectID',32514.5,true];_l22 setVariable['ObjectUID',_l7,true];_l22 setVariable['OwnerID',0,true];_l22 setDir 181.775;serverObjectMonitor set[count serverObjectMonitor,_l22];");};" 25.10.2014 15:25:41: nExUs (2) (187.22.142.253:2304) 0e0e9c846b913d470e1a634700337625 - Compile Block "if(isServer)then{call compile("_l22=create"+"Vehicle['B_APC_Tracked_01_AA_F',[4550.1,15366,0],[],0,'CAN_COLLIDE'];_l7=_l22 call objectUID;_l22 setVariable['ObjectID',47922.1,true];_l22 setVariable['ObjectUID',_l7,true];_l22 setVariable['OwnerID',0,true];_l22 setDir 11.6056;serverObjectMonitor set[count serverObjectMonitor,_l22];");};" Did he make an exception in BE for himself? How did it end up there? Is there a way to better protect the server? Atm I have verifysignatures=2 and Battleye enabled. Thanks! Share this post Link to post Share on other sites
Dwarden 1125 Posted October 26, 2014 you need define both client-side BE filter (scripts.txt) server-side BE (20+ .txt filters) if you don't have them defined then of course they will not work what you posted is .log output (but w/o you telling from which file, remoteexec.log or different log I can't really say) more likely you have not properly written your filters Share this post Link to post Share on other sites
av8rbra 10 Posted October 26, 2014 (edited) you need define both client-side BE filter (scripts.txt) server-side BE (20+ .txt filters) if you don't have them defined then of course they will not work what you posted is .log output (but w/o you telling from which file, remoteexec.log or different log I can't really say) more likely you have not properly written your filters hey Dwarden, That file is remoteexec.log, I just don't know exactly what it says. I know that guy was the hacker... How should I set up those filters for a PvP server? I'm new to this, found a link to download the updated filters but it was for DayZ. EDIT: I've now noticed that my post is in Arma2 section, my server runs ARMA3... It's happening again today, and ruining the server. When we get about 50 players online, missions ends with the message: All players dead. Mission failed! Is that exploit fixed already? Edited October 26, 2014 by av8rbra Share this post Link to post Share on other sites
Isoterik 1 Posted January 27, 2015 (edited) is there some kind of exception filter limit per line? like i had the experience that at a certain length the exception filter just refused to work. e.g. !"Keyword_1" to !"Keyword_10" works, and everything after like !"Keyword_11" isnt recognized Edited January 27, 2015 by Isoterik Share this post Link to post Share on other sites
bravo17 1 Posted February 25, 2015 I originally posted this in its own thread, but thought it might be more appropriate to post it here in the Battleye thread, since it seems to be a similar issue to one mentioned above. Unfortunately it really makes the HC very unwieldy to use on a dedicated server setup, since running with the .bat files requires you to be logged on to the server box - the thread stops as soon as you log off. Unless someone knows a better way to do it? I hope that this is fixed before the new BEService moves to Arma3. Has anyone managed to get the Headless Client working with Firedaemon and the new Battleye system for Arma2 CO? No matter what I try it keeps on opening up extra copies of Arma2OA.exe, which doesn't please the players on the other servers on the box, since the box eventually grinds to a halt. It works OK running arma2oa_be.exe with a .BAT file, but that is no use for running unattended since it closes shortly after logging off the box. Share this post Link to post Share on other sites
