Jump to content

RozekPoland

Member
  • Content Count

    481
  • Joined

  • Last visited

  • Medals

  • Medals

Community Reputation

493 Excellent

6 Followers

About RozekPoland

  • Rank
    Gunnery Sergeant

Contact Methods

  • Website URL
    http://www.silentwar.pl
  • Skype
    rozekpoland
  • Twitter
    rozekpoland
  • Youtube
    rozekpoland1
  • Steam url id
    rozekpoland
  • Reddit
    rozekpoland
  • Twitch.Tv
    RozekPoland

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

2611 profile views
  1. (Usage of black texture for ignoring FireGeometry components) A practical usage of it can be noticed in stodola.p3d, an original O.pbo model. The components that correspond to all of the four sides of the building (excluding pillars), the doors and the hay located inside, are textured with black.pac. A view of FireGeometry of stodola.p3d with selected components that are textured black. As an effect these components are not obstacles and they let bullets through (are penetrable).
  2. *SILENT WAR project addOns: OFPL, VILAS
  3. *SILENT WAR project addOns: OFPL, VILAS
  4. RozekPoland

    [EC] Elite Corps - 15th anniversary!

    On 8th of November, [EC] Elite Corps, the oldest polish OFP/ARMA clan, turned 15.
  5. RozekPoland

    OFP.info 2.0

    Hi The links attached in that post point to an external server that is not related to OFP.INFO. Those files were never hosted on OFP.INFO server. The link in that post has been fixed.
  6. As recently OFP/ACWA turned 18, the game is mature and far beyond EOL (End-Of-Life), I decided to reveal the ways which hackers/cheaters have been using in OFP/ACWA. Such a decision may be doubtful, especially in context of morality, because the reveal can be used against players & communities that still play the game. To avoid any unnecessary collateral damage the revealed knowledge may cause, this post is limited to the very basics that are crucial to understand the entries hackers/cheaters have been using. I would like to emphasize that my post exposes the modus operandi of hacks/cheats that have been in practical use since the golden age of OFP. It is the OFP/ACWA community that can finally understand the way those hacks/cheats were being injected into the game. This post, as the whole thread, is strictly technical, and this is how I would like to keep it. Due to complexity of the idea behind CPP Hijacking, it can be executed in two ways. WAY 1 - Folder Disguise kozl.pbo is an official addon that introduces famous Kozlice gun The pbo file of the addon includes config.cpp Due to that fact, the addon is vulnerable to be CPP-Hijacked All that has to be done is: Create a folder named kozl in the main OFP/ACWA directory Copy the original config.cpp of the addon (or create a new one) and paste it in kozl folder That config.cpp file will be used by the game instead of the original one from the addon pbo file The serious issue is when it comes to detect such a hack/cheat in multiplayer on a dedicated server. For this purpose let's make a use of the checkfiles template I shared in my previous post. It turns out that it is IMPOSSIBLE to detect such a hack/cheat via Checkfiles array due to technical limitations It is because checkfiles method focuses on: in the first two entries of the template server compares its pbo file with client's one in the two last entries of the template server compares config.bin & config.cpp from its pbo file with client's one(s) The checking process will not come across any problems as the addon pbo file was not modified in any way It is the game engine that loads config.cpp from a separate location into memory As the outcome, no modified data message shows up and a modified config.cpp located in a folder named the same way as an addon STAYS UNDETECTED Content which is WAY-1 CPP Hijacking vulnerable original addons: ch47.pbo humr.pbo kozl.pbo su25.pbo trab.pbo community-made addons: all pbo files that feature config.cpp WAY 2 - Addon Disguise bizon.pbo is an official addon that introduces well-known Bizon weapon class and Spetsnaz Bizon Operator class The addon, as well as 26 other official addons, is vulnerable to WAY-2 CPP Hijacking All that has to be done is: Create a new addon that will modify the Bizon addon the name of the new addon does not matter Prepare CfgPatches section in the config of the new addon requiredAddons token allows to make "a reference" to any addon by using or modifying its content Use of requiredAddons[]={"Bizon"}; allows to make a reference to the addon that is meant to be modified The new addon is hooked to the Bizon addon, so is the Bizon addon's content which can be modified Let's see how does the situation with the modifying addon look like in multiplayer. Again, let's use the template shared in my previous post. As it is impossible to determine a name of the modifying addon, it is NOT POSSIBLE to detect its usage in multiplayer The original Bizon addon was not modified in anyway so there will be no "modified data" detection It is the new modifying addon that introduces changes to the Bizon addon's content but the game engine differentiates them as separate Similarly to WAY-1 CPP Hijacking, checkfiles mechanism is helpless in such circumstances
  7. Due to my recent study focused on security measure of OFP/ACWA Dedicated Server I have done some research on checkfiles[]={}; array and its practical use. Thanks to checkfiles, it is possible to make sure that each player that connects to a server is compatible with it in terms of content of the game. There are two ways of "checking" files via checkfiles. It is possible to checkfile any pbo file (and its content) as well as any other file that is located in OFP/ACWA game folder. Keep in mind that including such a list in server.cfg will make connecting to a server extremely long and unstable. It is meant for testing purpose only. To make it more performance-friendly and robust at the same time, I have prepared a basic list for checking the crucial content of OFP/ACWA. It is a good starting point for a vanilla (no-addons) server. According to my latest discovery from the previous post, it is highly recommended to add these lines to checkfiles array. If server uses custom addons/mods then it is recommended to include them in checkfiles array. It is worth the effort not only because of security issues but also for keeping 100% of synchronization between clients and server. It is worth mentioning that It is also possible to do checkfile ON-DEMAND on server by server admin.
  8. Recently I discovered a security flaw in OFP/ACWA that can be exploited by hackers/cheaters to use modified versions of original game files without being detected at any point by any available measure. I would like to provide you details how to prevent usage of the hack. The hack is oriented around the files listed below: A hacker/cheater can use modified version of the aforementioned files with them NOT being detected as modified by checkfiles server mechanism. To make the hack unable to work, each mission has to have all the listed files in its mission folder. The files can be even empty inside but they have to be present there with the exact names. Keep in mind that depending on type of respawn in a mission, such files as: onPlayerKilled.sqs onPlayerRespawnAsSeagull.sqs onPlayerRespawnOtherUnit.sqs can influence the way respawn works in a mission. It is recommended to copy the three files listed above from original DTA/scripts.pbo and paste them in a mission folder.
  9. RozekPoland

    Bn880's Tracers V1.0

    With permission and approval of @bn880, 14 years since the last update, I have decided to release a fixed version of bn880's Tracers addon which is compatible with ACWA (1.99 version). Link: ftp://ftp.armedassault.info/ofpd/unofaddons4/BN_tracers1_25.zip
  10. RozekPoland

    OFP videography

    Part 3 and part 4 are ready!
  11. RozekPoland

    OFP videography

  12. RozekPoland

    OFP.info 2.0

    Hi! BWMOD_BasicPack_v1.2.rar - the file was not available in the backup of the website I was provided bwmod_wiesel_v2.0.rar - the link to the file was fixed BWMOD_EF_beta.rar - the link to the file was fixed Thank you for the information. Please, provide any other dead links you will find.
  13. RozekPoland

    OFP videography

  14. RozekPoland

    OFP videography

    Part 5 and Part 6 (the finale) are available!
  15. RozekPoland

    OFP videography

    Part 4 is available!
×