Zumbi 1 Posted August 8, 2012 (edited) I have been trying to use scripts.txt to catch hackers, who have made my server (Takistan Life: Revolution) unplayable half the time. I used to catch 99% of hackers using packet logs but that is impossible since 1.62. Please forgive me if I sound frustrated here, I'm not trying to "rage" or "rant," I understand the hard work done by BIS and BE, and realize that scripts.txt helps people on rented VM servers, I am not looking for an infraction or ban, etc. I just want to be able to catch and ban hackers as quickly as I previously could using a packet sniffer. My scripts.txt was recognized and renamed scripts_old.txt, with a number of restrictions set to "3" (report to console and log). However, 24 hours later, not a single restricted script was detected, despite hackers having a field day on the server. Hundreds of A-10's and M1A1's were spawned, raining from the sky, but nothing was logged or reported, despite the classnames for these vehicles (A2 and OA versions) being restricted. All players were being remotely killed with "setdamage 1" over and over again, but this was not being logged. Finally I put "3 call compile" in there, because I know they try to hide their scripts with that. Suddenly I got a 300mb scripts.log file, full of false positives. It's basically like a very primitive and incomplete packet log. "setDamage 1" came up a bunch of times,which made me wonder if the upper-case D was the problem. So here is my question: is it true that the restrictions in scripts.txt are case-sensitive? And can this be changed? Because I have seen hack scripts in aLterNaTiNg cApS while searching packet logs before, I am afraid they may be sailing past the restriction but still getting recognized by the server and broadcast to all players. and is it possible in the next update for server owners to toggle packet encryption on/off? Maybe it is my own failure to master scripts.txt with the documentation available (and server owners' understandable reluctance to give out their scripts.txt files), but I find the new script restriction method to be a huge step backwards. The only way it is actually useful is if I restrict "Call compile" or "call broadcast" to create a giant virtual packet log, and search that. I would much prefer to go back to logging packets with a packet sniffer like I used to - it was easy to catch hackers this way, easy to manage the log file, and I didn't have to think of every possible thing they could do beforehand. Edited August 8, 2012 by Zumbi Share this post Link to post Share on other sites
Prodavec 10 Posted August 9, 2012 If you got scripts_old.txt, your scripts.txt is incorrect. //new 1 "some string" ["some string 2"] ["some \"string 3\""] [!"some string 4"] and use CP-1251 For example //new 1 "setDamage 1" 1 "createVehicle" !"\"M1A1\" createVehicle" Share this post Link to post Share on other sites
Zumbi 1 Posted August 11, 2012 (edited) Thank you, Prodavec! I can confirm that scripts.txt restrictions are not case-sensitive. Can anyone help me with this possible false positive? This keeps coming up for 1 "setdamage 1": 11.08.2012 10:07:50: ***** (*.*.*.*:*) ************************ - #0 "if (alive player) then { player SetDamage 1;};" It happens so often, to so many people, I doubt they're all hackers. That line does not appear anywhere in the mission file. Does anyone know if this is some in-game code? Or maybe it is a hack but it's only showing up for the victims. Edited August 11, 2012 by Zumbi Share this post Link to post Share on other sites
.kju 3244 Posted August 11, 2012 This is from the ESC respawn button. :) Share this post Link to post Share on other sites
rstratton 0 Posted August 11, 2012 could somebody explain what scripts.txt is and how to use it in a little more detail please? Share this post Link to post Share on other sites
.kju 3244 Posted August 11, 2012 http://forums.bistudio.com/showthread.php?131759-New-BattlEye-features-for-server-admins Share this post Link to post Share on other sites