Introducing Server-side Event Logging/Blocking

[eddieck 10]

Maybe it would be of use to fix the current bypass methods for bypassing script detection then adding another detection pattern for them to bypass?

This is server-side and cannot be bypassed (unlike the client-side script detection).

[brit~XR 0]

This new logging works well to the point i no longer need to use wireshark after all these years :)

But its abit of a joke that something like this only just gets made, Mainly because of dayz when alot of us have been putting up with script hackers for years.

Edited August 15, 2012 by brit~XR

[noubernou 77]

I assume createVehicleLocal still works?

[eddieck 10]

This new logging works well to the point i no longer need to use wireshark after all these years :)

But its abit of a joke that something like this only just gets made, Mainly because of dayz when alot of us have been putting up with script hackers for years.

Agreed, and same here.

[imago 1]

... This new logging works well to the point i no longer need to use wireshark after all these years ...

Wireshark/tcpdump is useless in 1.62 unless you could share how you are decoding the packets please.

... The filters look exactly the same as in the scripts.txt file ...

If i make a scripts.txt with 1 "" in it, it does not work. If i make the new .txt files with 1 "" in it, it works.

How can i make a scripts.txt that logs everything?

[tonic-_- 53]

This is server-side and cannot be bypassed (unlike the client-side script detection).

Without actually knowing exactly how it works I would assume the client still reports something weather it's Engine side or Battleye side so to say it can't be bypassed is quite wrong... Anything can be bypassed but as I said without actually knowing how it works I would just assume the client is reporting and if so people will destruct that part soon enough.

[eddieck 10]

Without actually knowing exactly how it works I would assume the client still reports something weather it's Engine side or Battleye side so to say it can't be bypassed is quite wrong... Anything can be bypassed but as I said without actually knowing how it works I would just assume the client is reporting and if so people will destruct that part soon enough.

It's definitely server-side:

Ok, that's all for now. As a final note, these features cannot be circumvented with a client-side hack. ;)

Keep in mind that the logging of vehicle spawns and SVI scripts was possible before using a packet sniffer. This is just a BE implementation of that, with the added bonus of being able to block malicious scripts or vehicle spawns. Pretty awesome.

[cm. 10]

Without actually knowing exactly how it works I would assume the client still reports something weather it's Engine side or Battleye side so to say it can't be bypassed is quite wrong... Anything can be bypassed but as I said without actually knowing how it works I would just assume the client is reporting and if so people will destruct that part soon enough.

Apart from a hacked server there is no way to bypass this on the client.

[Entoc 1]

hello all got a few questions about some lines in my remoteexec.log the first is

14.08.2012 11:37:14: Darwin (68.186.11.170:2304) 1d132b6ac0219ad156ff6856d4b239fb - #0 "

[] spawn hacker_check;

the second one is

14.08.2012 13:34:50: Nick (67.128.168.251:2364) ddb1d4a14f8ef0f46efdb10a7f17aeef - #6 "{ if((getPlayerUID _x) == '34775814') then { _x hideObject true; }; } forEach playableUnits;"

sorry if its a noob questions but i am new to playing this and want to keep my server good and clean this is a DayZ server of course also is there any file or list of known scripts that i can download or reference so i am not asking stupid questions like these

[.kju 3239]

You can check what scripting commands do here:

http://community.bistudio.com/wiki/Category:Scripting_Commands_ArmA2

Both look like cheats to me.

You can always extract the dayZ mission and addons,

and check if it uses any of the seen scripts.

http://community.bistudio.com/wiki/ArmA:_Community_Tools#PBO_Files

If not, it can only be from BI/Arma scripts itself or cheats.

Edited August 15, 2012 by .kju [PvPscene]

[Wulvgar 1]

Does this work with Linux Arma2oa1.62 alpha ?

I saw line "BE Server v1.156 in combination with the latest OA 1.62 beta server."

:( guessing no which stinks

[Entoc 1]

You can check what scripting commands do here:

http://community.bistudio.com/wiki/Category:Scripting_Commands_ArmA2

Both look like cheats to me.

You can always extract the dayZ mission and addons,

and check if it uses any of the seen scripts.

http://community.bistudio.com/wiki/ArmA:_Community_Tools#PBO_Files

If not, it can only be from BI/Arma scripts itself or cheats.

ty for that it will help me alot

[Taltunran 1]

#25 "ode\init\publicEH.sqf" , i have no clue what that meand bu i have never hacked any game and refrain from doing so, i wonder are they just beeing aseholse banning me cause i killed one of the clan members in electro thunderdoming or is there a bug somewhere , this is the only thread i found anythin about this?

[Dwarden 1124]

the files You can use for dayz are here

http://code.google.com/p/dayz-community-banlist/source/browse/#git%2Ffilters

incase not sure look for last commit from me ... anyway it's proof of concept so nothing perfect but used by quite a lot of dayz admins

[imf2000 1]

the files You can use for dayz are here

http://code.google.com/p/dayz-community-banlist/source/browse/#git%2Ffilters

incase not sure look for last commit from me ... anyway it's proof of concept so nothing perfect but used by quite a lot of dayz admins

This is great news for the community, and no reason this couldn't be done for Project Reality or other game modes, for example.

Nuxil, would you consider adding this resource to BEC as a user selectable toggle? IE, do not compromise your existing ban database, but allow a second option to check against this community ban list automagically?

[bastabro 1]

whether will work these battleye functions at the pirate server? If to buy the license version on the server and to block ports 29910, whether people at which piracy version come on the server can?!

sorry for bad english)

[Dwarden 1124]

whether will work these battleye functions at the pirate server? If to buy the license version on the server and to block ports 29910, whether people at which piracy version come on the server can?!

sorry for bad english)

it's sort of impossible to prevent cracked servers (of any type) if the server binaries are publicly available ...

anyway such actions break several license etc. entries and we MAY take actions against these who create, host, distribue such binaries or run such servers ...

---------- Post added at 15:43 ---------- Previous post was at 15:42 ----------

This is great news for the community, and no reason this couldn't be done for Project Reality or other game modes, for example.

Nuxil, would you consider adding this resource to BEC as a user selectable toggle? IE, do not compromise your existing ban database, but allow a second option to check against this community ban list automagically?

yes You can adopt the filters against any modification / mission / game if common sense and logic is used ;)

[umandez 1]

What does this mean?

"if (name vehicle player == TTT5NamePl) then {_xcompiled = compile TTT5derCode;call _xcompiled;};"

I caught some guy after teleporting based on this.

[kremator 1064]

All logs need to be evaluated and then send to $able for banning. :) Enjoy hackers ... your time is at an end.

[Dwarden 1124]

What does this mean?

"if (name vehicle player == TTT5NamePl) then {_xcompiled = compile TTT5derCode;call _xcompiled;};"

I caught some guy after teleporting based on this.

if it's in remoteexec.log then ban him, it's cheater (99.99%)

and no not need send anything to $able ... this is your server and your decision

[umandez 1]

if it's in remoteexec.log then ban him, it's cheater (99.99%)

and no not need send anything to $able ... this is your server and your decision

Thanks for the reply. Yeah that's I thought but was just making sure.

[byteslam 10]

...

BTW.

I know its dayz but, as you posted the tool here I wanted to ask you here.

Hi, the new BE features are working pretty well, cheater amount has dropped almost to zero for now...only two things are looking not normal to me in our my remotexec.log, can someone tell me if it is legal before I put a BAN on this guys?

16.08.2012 19:52:00: Jason (95.32.5.143:19525) UIDremoved0000000000000000000000 - #0 "if (isnil ("trtrtrtrtr0n")) then {MYplayersobj hideObject true;};"

16.08.2012 19:52:00: Jason (95.32.5.143:19525) UIDremoved0000000000000000000000 - #6 "if (isnil ("trtrtrtrtr0n")) then {MYplayersobj hideObject true;};"

16.08.2012 21:00:42: Stein (195.1.208.26:41183) UIDremoved0000000000000000000000 - #0 "

if (isServer) then {

_dsasadsa = createVehicle ['UH1H_DZ', [3273.27, 13862.2, 0], [], 0, 'CAN_COLLIDE'];

_dsasadsa setVariable ['ObjectID', 2044.89, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsasadsa cal"

16.08.2012 21:00:42: Stein (195.1.208.26:41183) UIDremoved0000000000000000000000 - #35 "ble ['ObjectID', 2044.89, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsasadsa call dayz_objectUID;

_dsasadsa setVariable ['ObjectUID', _uid, true];

_dsasadsa setVariable ['OwnerID', 0, true];

}"

16.08.2012 21:45:00: thebos (86.0.231.244:2304) UIDremoved0000000000000000000000 - #0 "

if (isServer) then {

_dsasadsa = createVehicle ['TT650_TK_CIV_EP1', [3043.74, 1972.36, 0], [], 0, 'CAN_COLLIDE'];

_dsasadsa setVariable ['ObjectID', 7879.53, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsa"

16.08.2012 21:45:00: thebos (86.0.231.244:2304) UIDremoved0000000000000000000000 - #35 "ble ['ObjectID', 7879.53, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsasadsa call dayz_objectUID;

_dsasadsa setVariable ['ObjectUID', _uid, true];

_dsasadsa setVariable ['OwnerID', 0, true];

And scripts.log

16.08.2012 21:00:23: greyson (75.139.183.14:2304) UIDremoved0000000000000000000000 - #121 "['BIS_RscMiniMap',_this select 0]; _this call compile preprocessfilelinenumbers 'ca\ui\scripts\MiniM"

Edited August 17, 2012 by byteslam

[cm. 10]

Hi, the new BE features are working pretty well, cheater amount has dropped almost to zero for now...only two things are looking not normal to me in our my remotexec.log, can someone tell me if it is legal before I put a BAN on this guys?[/b]

16.08.2012 19:52:00: Jason (95.32.5.143:19525) UIDremoved0000000000000000000000 - #0 "if (isnil ("trtrtrtrtr0n")) then {MYplayersobj hideObject true;};"

16.08.2012 19:52:00: Jason (95.32.5.143:19525) UIDremoved0000000000000000000000 - #6 "if (isnil ("trtrtrtrtr0n")) then {MYplayersobj hideObject true;};"

16.08.2012 21:00:42: Stein (195.1.208.26:41183) UIDremoved0000000000000000000000 - #0 "

if (isServer) then {

_dsasadsa = createVehicle ['UH1H_DZ', [3273.27, 13862.2, 0], [], 0, 'CAN_COLLIDE'];

_dsasadsa setVariable ['ObjectID', 2044.89, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsasadsa cal"

16.08.2012 21:00:42: Stein (195.1.208.26:41183) UIDremoved0000000000000000000000 - #35 "ble ['ObjectID', 2044.89, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsasadsa call dayz_objectUID;

_dsasadsa setVariable ['ObjectUID', _uid, true];

_dsasadsa setVariable ['OwnerID', 0, true];

}"

16.08.2012 21:45:00: thebos (86.0.231.244:2304) UIDremoved0000000000000000000000 - #0 "

if (isServer) then {

_dsasadsa = createVehicle ['TT650_TK_CIV_EP1', [3043.74, 1972.36, 0], [], 0, 'CAN_COLLIDE'];

_dsasadsa setVariable ['ObjectID', 7879.53, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsa"

16.08.2012 21:45:00: thebos (86.0.231.244:2304) UIDremoved0000000000000000000000 - #35 "ble ['ObjectID', 7879.53, true];

dayz_serverObjectMonitor set [count dayz_serverObjectMonitor, _dsasadsa];

_uid = _dsasadsa call dayz_objectUID;

_dsasadsa setVariable ['ObjectUID', _uid, true];

_dsasadsa setVariable ['OwnerID', 0, true];

And scripts.log

16.08.2012 21:00:23: greyson (75.139.183.14:2304) UIDremoved0000000000000000000000 - #121 "['BIS_RscMiniMap',_this select 0]; _this call compile preprocessfilelinenumbers 'ca\ui\scripts\MiniM"

I know the answer but this is not the place to ask those questions. Go to the Dayz forums for that.

[bastabro 1]

it's sort of impossible to prevent cracked servers (of any type) if the server binaries are publicly available ...

anyway such actions break several license etc. entries and we MAY take actions against these who create, host, distribue such binaries or run such servers ...

---------- Post added at 15:43 ---------- Previous post was at 15:42 ----------

thx, but i asking about two new futures of BE (createvihcle.txt, remoteexec.txt). why these log files is empty? it cuz i use not license arma2, arma2oa?

or something else? ^^

ps: i used piracy arma for my self not for all (not hoster) :D

[Placebo 28]

ps: i used piracy arma for my self not for all (not hoster) :D

Suspended until proof of purchase provided.