Jump to content
Bohemia Interactive Forums
Sign in to follow this  
Followers 0
Richie

Hacked by a player with no ID

By Richie, in ARMA 3 - SERVERS & ADMINISTRATION

Recommended Posts

pawelkpl    29

pawelkpl
Posted

My server with domination was attacked last night. I closed server, updated arma 3 alpha to dev mode, deleted: installscript.vdf and reload mission, so far I can play with passworded server.

Share this post

Link to post
Share on other sites

teacup    2

teacup
Posted
Hi,

we're aware of the issue and working on a fix which should prevent "hijacking" a function (like BIS_fnc_MP) for hacking purposes.

Now there's the good news right there.

[Pretentious Hacker Prick] 0 -- 1 [ArmA3]

Share this post

Link to post
Share on other sites

Dwarden    1125

Dwarden
Posted

we are working on multiple solutions to these issues (as it's not just one while it seems to be)

Share this post

Link to post
Share on other sites

Alo Keen    7

Alo Keen
Posted
It makes no sense to allow persistent variables to carry over from one mission to the other

Campaign?

Share this post

Link to post
Share on other sites

Mattar_Tharkari    10

Mattar_Tharkari
Posted

@Pawel That .vdf file is legit, it's part of the install. The simplest cure (and I just tested it on our server) is:

1. all players shutdown Arma3 and restart

2. restart the mission from the server lobby.

It works until another infected player joins so up to you to lock or not.

Share this post

Link to post
Share on other sites

Bozo97    1

Bozo97
Posted

does anyone no when this will be fixed, how many days or hours or weeks. I just want to play

Share this post

Link to post
Share on other sites

Guest   

Guest
Posted
Hi,

we're aware of the issue and working on a fix which should prevent "hijacking" a function (like BIS_fnc_MP) for hacking purposes.

does anyone no when this will be fixed, how many days or hours or weeks. I just want to play

Easy answer, when it is ready!

Until than play on passworded servers with your friends or play singleplayer.

Share this post

Link to post
Share on other sites

raggamafia    10

raggamafia
Posted

Thanks for the feedback BIS!

Im aware that there are several vectors to abuse these functions, however if this specific issue would be related to execution of BIS_fnc_MP it could help (for some time). It would certainly break missions that use BIS_fnc_MP in a regular, non-abusive way BUT if its not used overall in the mission it could work. Again however, if this remote execution is triggered by a PVEH that listens to BIS_fnc_MP_packet, and since there is no way to remove that PVEH, you could still execute code only by PVing this variable in the "right" way. So you are right, it needs low level checks - until then...

Enjoy

Share this post

Link to post
Share on other sites

rundll.exe    12

rundll.exe
Posted
Campaign?

We have a seperate persistent namespace for Campaigns I think. and it would make no sense, since you'd lose your campaign progress on a game restart...

Share this post

Link to post
Share on other sites

Predator.v2    10

Predator.v2
Posted

Haven't ever thought about it yet, but since even passworded servers aren't safe, is there a way to "hide" an online server from the Gamebrowser and lets you exclusively connect on it via "Join with IP"?

Share this post

Link to post
Share on other sites

Masharra    10

Masharra
Posted

im reasonably sure you simply tell your server to not to report to gamespy. Atlereast in a2 i had that option.

Share this post

Link to post
Share on other sites

Predator.v2    10

Predator.v2
Posted
Our Solution seems to work as for now. No follower hack executed yet.

How about you "share" your "solution"?

Share this post

Link to post
Share on other sites

TheHermit    1

TheHermit
Posted

Looks like its time for some friendly locked team coop between friends until this all blows over. Thanks for the info everyone. :)

Share this post

Link to post
Share on other sites

Twix    1

Twix
Posted
Haven't ever thought about it yet, but since even passworded servers aren't safe, is there a way to "hide" an online server from the Gamebrowser and lets you exclusively connect on it via "Join with IP"?

I suppose you could always remove the IP reporting done to gamespy. Not sure if that would work but seems like it.

You should have a reportingIP= "arma3pc.master.gamespy.com" somewhere in your config file, just comment it and restart the server.

Share this post

Link to post
Share on other sites

Mabe    1

Mabe
Posted

Wow I thought I was the only one having this problem on their server, prtty annoyimg ive restarted etc and still when I load any mission random people join and you start free fallin and get that message

Share this post

Link to post
Share on other sites

Lazylemon    10

Lazylemon
Posted
Haven't ever thought about it yet, but since even passworded servers aren't safe, is there a way to "hide" an online server from the Gamebrowser and lets you exclusively connect on it via "Join with IP"?

testing now will update if it works

Share this post

Link to post
Share on other sites

DnA    5143

DnA
Posted

Hi all, the problem of multiplayer being a target of those who wish to ruin the experience for others is certainly not something we are ignoring. It's also far from an easy thing to solve. Just like with other big topics (optimization :confused:) there are no magic bullets. I'll try to expand on the issue and our plans in the next SITREP - but I do not intend to promise specific solutions until they are fully confirmed.

Share this post

Link to post
Share on other sites

Hammerballz    10

Hammerballz
Posted (edited)

Update 1:

Worse Scenario, let´s see what´s going on

Edited by Hammerballz

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing ARMA 3 - SERVERS & ADMINISTRATION
×