Murcielago_ESP 3 Posted September 20, 2012 Hi! I was testing my new team death match mission one week ago when I had a bad experience... a "hacker" was messing around in my server. I did not enjoy it at all so I decided to do something about it... So I created a system that blocks players when they hack my mission. The current code checks: . If you have more magazines than normal. . If you are using a weapon that is not in a defined list. . If you are using an item from a specific list. By default it checks if you have explosives satchels because you can not carry them in this mission. . If you have no recoil. . It will disable any code attached to single click on the map. . It removes the god mode. . It removes every vehicle capable to fire. You don't need vehicles with weapons in this mission. . It removes al AI near to the action area. These are the original trigger conditions but it could be modify to work for in other missions. The code is tiny and it does what it says on the tin. I know hackers they will find a way to stop it, but, I will be able to modify it too. The Anti-Hacker system locks the "hacker" computer and stores his game ID on the server and sends it to the clients. Then the system will lock the computer with this game id until the mission is restarted or changed. Once a hacker is detected everyone will see a message "HackerName (ID: GameID) has been lock for hacking" and every one will be capable to printout a list (Using CTRL+V in Notepad) with all the ID games of people that hacked until then. Now you will be able to take a screenshot of this message and use it to report this player. I have some questions about this project: 1. Does anyone think that sharing "hackers" (A hacker is someone who find out something interesting. The people who use this finding has another name...) ID games could be a problem? 2. Do these codes will affect to game performance? . Code to disable OnMapSingleClick: While {True} Do { OnMapSingleClick ""; Sleep 0.01 }; . Code to remove God mode: While {True} Do { (Vehicle Player) RemoveAllEventHandlers "HandleDamage"; Sleep 0.5; }; 3. How I can create a reliable "easy" way to save and read these ID games from an external file... like a addon or similar! Think about been capable to share this ID games and put them in a addon... Like a web page filter in a anti-virus software. Now Arma players will be able to report "hackers" displaying their ID games in a YouTube video! The "hackers" have an impact on the life of a game. I will release soon a mission pack using this Anti-Hacker system and I will love to have some comments from you guys in order to improve it. Be aware that "hackers" have an impact on game's popularity. The more "hackers" playing a game, the more password protected servers will be and the less players will be playing that game... Thanks for your time. Murcielgo (mgllgm@hotmail.com) Share this post Link to post Share on other sites
.kju 3244 Posted September 20, 2012 Probably better to get this thread moved to the MP forum. Share this post Link to post Share on other sites
kremator 1065 Posted September 21, 2012 Some great ideas there ... looking forward to seeing what it can do :) Share this post Link to post Share on other sites
jedra 11 Posted September 21, 2012 This is an excellent approach. In some respects I think that given the architecture of Arma, this kind of thing is better done at mission level. Potentially, some of the fixes that can be made at the engine level have the effect of reducing the flexibility of Arma. It would be a sad day when the potential of the Real Virtuality engine is reduced to prevent script-kiddies doing what they do. Rather than a 'system' at global level trying to decide what scripts are legal and which are not, it is probably much better for the mission to define this. Of course you have the problem of addons to deal with, but maybe this can be overcome. I think that any system produced at mission level would need to be modular and easily adaptable for many different types of mission. This would then encourage mission makers to use it. I would say that most mission makers make missions for private servers (absolutely no research done here, just my guess!) so anything complex may not be picked up. Something along the lines of the F2 Framework perhaps where it is somewhat plug-in/plug-out. I am thinking aloud, so there is probably a lot of rubbish in what I say ;-) Share this post Link to post Share on other sites
Psychobastard 136 Posted September 21, 2012 DooACS did nearly the same since Arma1. Duno, both, these scripts and DooACS are nearly useless but a little stone more in the way of hackers. regards Share this post Link to post Share on other sites
eddieck 10 Posted September 21, 2012 Writing secure missions is definitely a good idea. In addition to measures like these, I like the idea of preventing the client from really doing anything (use the BE filters to prevent the client from spawning any vehicles or units, or remotely executing code) and instead requiring all of that to be done by the server. Share this post Link to post Share on other sites
BasileyOne 10 Posted September 21, 2012 (edited) not bad idea, but: 1. it need to be built commonly-agreed/accepted modders/mission-makers ideas/concepts/requirements. 2. would b modular for both reasons. 3. wouldn't work[reliably enough nor properly]without appropriate add-on, implementing related underlying routines, on which this thing would rely on. 4. copy-past things all-over again and again in missions wouldn't best idea too. thats why[aside secuirty benefits] instead of proposed approach, to had something server-wide, working similarly[ie detecting anything "that wouldn't be/exist/happen "by definition" nor anomalies in behaviour, quite obvious and disturbing ones" p.s. mission-side only anti-cheating stuff was easily tampered :[ just how today cheaters stuff usually start working from blinding/fooling BE, for example. to once they "unseen and God-like", appz can do virtually ANYTHING on client-side, without traces. need to be layered 4 result. beyond/under appz level or had more stuff hardcoed on engine-level :[ Edited September 22, 2012 by BasileyOne Share this post Link to post Share on other sites
Murcielago_ESP 3 Posted September 24, 2012 Thanks comments. The idea behind this anti-hacker system is to use a group of scripts system to "define player's freedom". The code will run in every machine clients and server. The server runs three tiny scripts. 1st script stores the name and game ID when players join to the server. If the game ID of a player is on the "Black List" his game will be locked. 2nd script will broadcast the cheater game ID once a cheater is detected by the client main script. 3rd script deletes all non-players units and vehicles with weapons at the area. Bear in mind that we are setting up the rules for a death match mission. With this anti-hacker system we are trying to "define players freedom". _Vehicles = []; _n = 0; While {True} Do { _Vehicles = NearestObjects [Vehicle Centre,["AllVehicles"],3000]; _Vehicles = _Vehicles - (NearestObjects [Vehicle Centre,["Man"],3000]); _n = 0; While {Count _Vehicles > _n} Do { If (CanFire(_Vehicles Select _n)) Then {DeleteVehicle (_Vehicles Select _n);}; _n = _n + 1; Sleep 0.001; }; _n = 0; _Vehicles = Centre NearEntities [["Man"],3000]; While {Count _Vehicles > _n} Do { If (!IsPlayer (_Vehicles Select _n)) Then {DeleteVehicle (_Vehicles Select _n);}; _n = _n + 1; Sleep 0.001; }; Sleep 0.5; }; Are there a way to stop the above script when it is called from "Init.sqf" file? On the client side we have four tiny scripts. Two of them are always running: 1st script will lock the OnMapSingleClick so people will not be capable to use teleport or create units/vehicles by clicking on the map. 2nd script is the most important one. I called "MANAGER.sqf". This tiny script will check what the player is doing. This is the script that editors will need to modify to remove or add conditions to "define players freedom". // [NoWeapons,"Binocular_Vector", "NVGoggles",DefaultWestWeapon,DefaultEastWeapon] _DefaultWeapons = ["", "Binocular_Vector", "NVGoggles", "SCAR_L_STD_HOLO", "AK_107_kobra"]; // Define the weapons that players can carry. _AllowedWeapons = _DefaultWeapons + ["Colt1911", "Makarov", "MakarovSD", "M9", "M9SD", "glock17_EP1", "revolver_EP1", "Sa61_EP1", "UZI_EP1", "UZI_SD_EP1", "bizon", "bizon_silenced", "MP5A5", "MP5SD", "M1014", "Saiga12K", "AA12_PMC", "FN_FAL", "M14_EP1", "LeeEnfield", "M16A2", "M4A1", "m8_compact", "AK_74", "M4A3_CCO_EP1", "AKS_GOLD", "SCAR_L_CQC_Holo", "AKS_74_UN_kobra", "M4A1_AIM_SD_camo", "M4A1_HWS_GL_SD_Camo", "AK_107_pso", "G36K", "Sa58V_RCO_EP1", "SCAR_H_CQC_CCO", "AK_107_GL_kobra", "m8_carbineGL", "BAF_L85A2_UGL_ACOG", "RPK_74", "BAF_L110A1_Aim", "MG36_camo", "M249_EP1", "PK", "M240", "BAF_L7A2_GPMG", "M60A4_EP1", "m240_scoped_EP1", "Pecheneg", "VSS_vintorez", "M24_des_EP1", "SCAR_H_LNG_Sniper_SD", "SVD_des_EP1", "SCAR_H_LNG_Sniper"]; _Bucle = True; While {_Bucle} Do { (Vehicle Player) RemoveAllEventHandlers "HandleDamage"; If (UnitRecoilCoefficient player == 0) Then {_Bucle = False;}; If ("PipeBomb" In (Magazines Player)) Then {_Bucle = False;}; If (Count (Magazines Player) > 20) Then {_Bucle = False;}; If (Name Player == HackerName) Then {_Bucle = False;}; If (Damage Anti_Hacker_System_Obj == 1) Then {Player CommandChat Format [Localize "STR_HackerSGS",HackerName,Hacker_ID];}; If (PintoutHackersList == "YES") Then {CopyToClipboard ("HACKERS ID LIST: "+STR(Hacker_ID_List)); PintoutHackersList = "";}; Sleep 0.5; }; Null = [] ExecVM "Anti_Hacker_System\Pre_Lock.sqf"; 3rd script will be triggered when the MANAGER.sqf script detects that a player is cheating (No recoil, unlimited ammo, illegal weapon...) this script will send the cheater name to every machine. Then the 2nd server script will store his game ID on the "black list". 4th script is the locking script. This scripts is a loop locking the cheater's game. Please let me know if you found any weak points on those scripts or if you have any good idea to improve this scripts please share it! By the way: 1) Are there any way to know how many actions a unit has? Hackers uses to many actions to hack. Normal players have a few actions... So it will be another way to find out who is cheating. 2) Is it possible to "destroy"/stop/lock... a script like this one? While {True} Do { OnMapSingleClick ""; Sleep 0.01 }; 3) is it possible to know if a unit is already using a EventHandler like "HandleDamage"? The EventHandler "HandleDamage" is what hackers use to do the God mode. The idea is to create an unstoppable system to check if player is breaking the rules: Unlimited ammo, illegal weapon, no recoil... Looks like they hackers are capable to fake some things but, can you fake that you have more magazines than normal? Or, That you are using a weapon that is not in a list created by the mission editor? DON'T SAY YES! ;) Murcielago (mgllgm@hotmail.com) Share this post Link to post Share on other sites
Zatan13th 10 Posted October 1, 2012 (edited) About the recoil: you don't need to detect whenever the recoilcoef is equal to 0, just create the variable to receive the default recoil value at start then apply the recoilcoef to that variable every 3 sec (or whatever you want). just like: init.sqf recoilZ = (unitRecoilCoefficient player); player spawn { while (alive _this) do { _this setUnitRecoilCoefficient recoilZ; sleep 3.0; }; }; whatever... Edited October 1, 2012 by Zatan13th Share this post Link to post Share on other sites
Guderian 10 Posted October 1, 2012 If you can fit it in a nice include file, we can include it in out init and use it on a mission in where and when we want. Good idea! Share this post Link to post Share on other sites
