How to stop this CHEAT - HACKED DEDI SERVER

159th_Viper · January 16, 2012

After reading through this thread I'm pretty sure I know how that person is doing it. It's probably so simple...Should be really easy for ED to fix. I'll say no more because if I'm right it would spread like a wildfire.

PM me with your thoughts and I'll forward it to the powers-that-be. Can never have too much information :)

Falcon_S · January 16, 2012

@Slayer - with respect

You guess or you're tested and disable this security hole? Can server admins to try on your way to stop the problem?

I ask because we have no time to wait next ED patch - all popular servers are down or locked and no multiplayer fun.

Regards.

Serg23 · January 16, 2012

On Russian community forum people concern about DOS attacking...

Some people asking to bring back HAMACHY...

Sorry, if Im wrong with my english.. :book:

Case · January 16, 2012

On Russian community forum people concern about DOS attacking...

The 51st server has experienced this as well. We have some ideas on how this is done, but no definite proof yet.

104th_Crunch · January 16, 2012

DOS! Wow. That is horrible news. A this rate FC2 will be dead in MP, it was already slowing down.

Sanch0 · January 16, 2012

I don't know how he is making DOS attack but maybe Cloud Flare can help in some way.

https://www.cloudflare.com/

BTW. Are there any chances to see a step from ED?

Cali · January 16, 2012

DOS! Wow. That is horrible news. A this rate FC2 will be dead in MP, it was already slowing down.

I agree, it has slowed down big time at the time I use to fly. Before I could always expect about 10-15 guys flying and the last few times I flew at that time........3-5 people. Hopefully FC3 will breathe some life back into mp. Glad i found a group of BMS guys I fly with at my normal time. At least I know they are always there.

124SqZeljava · January 17, 2012

Who ever is trying, if he is trying to kill the game, he is doing good. That`s for sure:huh::noexpression::helpsmilie::pilotfly: :book:

Joe Kurr · January 17, 2012

Yesterday evening we were able to fly online on several public servers for a few hours and had no problems.

Although I did spot someone joining the server in all aircraft in the list, before joining as spectator again and leaving, all within one or two seconds.

Don't know if it's the same issue though.

Falcon_S · January 17, 2012

Seeking to resolve the problem I found this as a possible option for the some cheats:

I found a dangerous flaw in some servers. Some servers do not integrity check db_main.lua file. That file can make to many problems if you see what is there. db_main.lua must be checked or ED must hide all important things.

I join in some servers with edited db_main.lua and pass IC. I know this is a not great discovery, but this file should definitely be checked.

Hacker maybe do something like that and avoid normal procedure.

Cali · January 18, 2012

Yesterday evening we were able to fly online on several public servers for a few hours and had no problems.
Although I did spot someone joining the server in all aircraft in the list, before joining as spectator again and leaving, all within one or two seconds.
Don't know if it's the same issue though.

That's just a person joining a server and switching aircraft a bunch of times. I see people switching all the time, that is not the same as what this person is doing.

USSR_Rik · January 18, 2012

Seeking to resolve the problem I found this as a possible option for the some cheats:

I found a dangerous flaw in some servers. Some servers do not integrity check db_main.lua file. That file can make to many problems if you see what is there. db_main.lua must be checked or ED must hide all important things.

I join in some servers with edited db_main.lua and pass IC. I know this is a not great discovery, but this file should definitely be checked.

Hacker maybe do something like that and avoid normal procedure.

Yes, you right 100%. Moreover, the whole folder \Scripts should be included into the IC.

Sanch0 · January 18, 2012

So that's mean no servman or server side scripts anymore... maybe it's time to include basic functions similar to servman in FC3/DCS?

PoleCat · January 18, 2012

No servman?....Let me be the first to say it then.........CRAP!

Out

Heli Shed · January 18, 2012

No servman?....Let me be the first to say it then.........CRAP!

Out

"You need to spread some reputation around before giving to polecat again."

+1

:thumbup:

124SqZeljava · January 19, 2012

Well i just install again Falcon 4 but now BMS and all i can say it rocks, FC laters:lol:

Speed · January 19, 2012

Yes, you right 100%. Moreover, the whole folder \Scripts should be included into the IC.

I doubt that doing an integrity check on \Scripts would be enough. If your goal is to lock players out from being able to make custom edits to the main simulation Lua environment, you'll have to IC a whole ton of folders. Either people will end up disabling the IC or you'll kill the modding community.

Perhaps it would be better to overhaul how the integrity checker works? You open up an IC-checked Lua file, add a space, and it fails integrity check. Instead, might there be some way of identifying the dangerous variables and integrity checking them through their values in memory? An interim solution might be to have folks do dual installs, one clean vanilla for joining public servers, and another, "dirty" install for single player and non-dedicated server flying.

Edited January 19, 2012 by Speed

4c Hajduk Veljko · January 19, 2012

So that's mean no servman or server side scripts anymore... maybe it's time to include basic functions similar to servman in FC3/DCS?

That is long overdue indeed.

USSR_Rik · January 19, 2012

Instead, might there be some way of identifying the dangerous variables and integrity checking them through their values in memory?

No way to do it right now, it means to make absolutely different software structure. Our programmers are considering another path (more common), but I can't say what, when and in which product is can be realized.

Speed · January 19, 2012

No way to do it right now, it means to make absolutely different software structure. Our programmers are considering another path (more common), but I can't say what, when and in which product is can be realized.

Ok, yea, I was afraid it might not be possible. Is there currently any way to tell the integrity checker to exclude specific files or folders from the integrity check? Like, is there a way to tell it to integrity check all files in “.\Scripts” except for certain files like .\Scripts\net\server.lua or .\Scripts\MissionScripting.lua? Some of these files (such as MissionScripting.lua) couldn't be used for hacking dedicated servers, and skipping the IC on .\Scripts\net\server.lua would allow server mods but still make life more difficult on cheaters (especially if they are as dumb as claimed in this thread).

Another idea- perhaps we could specify the server source and client destination for integrity checks, so that clients weren't forced to be the same as the server? For example, the server could make a copy of the default .\Scripts, and tell the integrity checker to make sure that the server's copy of .\Scripts was the same as the client's actual .\Scripts. Combining the two above ideas, perhaps something like this:

--The function Integrity_Check is conceptual only
-- First variable: the server-side source folder for the files for the integrity check 
-- Second variable is the client side destination folder to check against

Integrity_Check(".\Copy of Scripts", ".\Scripts")

--Tells the integrity checker to compare the contents of the server's ".\Copy of Scripts" folder to the client's ".\Scripts" folder.

On the server side, you could just remove any files you didn't want integrity checked from the ".\Copy of Scripts" folder. So in summary, the major benefit to this approach is that the server can have any mods installed that they wish, and it won't interfere with integrity check, but it also adds additional flexibility beyond that to allow clients to have certain mods too.

One more thought… maybe, if we stick around with an integrity check system similar to what we have now, maybe eventually we could get an “Advanced” tab when we make a multiplayer server that lets us select the level of integrity checking we want.

Anyway, quite likely you guys have already thought through some of these options, and/or have already thought of what I suggest and either are considering or dismissed it. But I just wanted to throw these ideas out there just in case.

BTW, thanks for listening to us, Rik!

Edited January 19, 2012 by Speed

leafer · January 20, 2012

No I meant expose him to the forum members. Get a flight of A-10 over there asap. pew pew

USSR_Rik · January 20, 2012

Is there currently any way to tell the integrity checker to exclude specific files or folders from the integrity check?

I understand (and agree with) your wish, in current realization it's impossible. This feature is assigned in our internal bugtracker, we will see.

gmt2001 · January 20, 2012

I think you are a little "off the track". Multiplayer mode of LO/DCS (and actually most of online/network-games) is a little different from common client-server software model. In this case, "intermediary-client" model is probably more suitable name.

Server does not take input from clients (key/joy/mouse) to run simulation for them. Clients run application locally, and send to server only "results" of their user-inputs (i.e. motion-vector of player controlled aircraft). Server then feed those "results" to other clients. I suppose server does not check in detail how a client calculated that motion-vector. And it is quite obvious why: you'd need 20x more powerfull server if it had to check/recalculate results of 20 clients being sent to it. The same for respawning: it is determined by locally running application (on client-side), not by server. That is why server can not be "ultimate authority". Server can only check some critical client-files (i.e. request checksum) and compare them with its own. But this can (of course) be deceived...

Yes i realize the problem but i think the server can still handle at least basic checks that would prevent ai plane and weapon spawning and maybe a position check. Shouldnt take much for the server, even if it is a client, to say "wait a minute, its impossible for you to be at that position" with even a basic speed vs distance check. And it definately isnt hard for the server to reject new ai planes when the server would be spawning and controlling most of them anyway

Speed · January 20, 2012

Yes i realize the problem but i think the server can still handle at least basic checks that would prevent ai plane and weapon spawning and maybe a position check. Shouldnt take much for the server, even if it is a client, to say "wait a minute, its impossible for you to be at that position" with even a basic speed vs distance check. And it definately isnt hard for the server to reject new ai planes when the server would be spawning and controlling most of them anyway

Pretty much. Just because the client is telling the server where the client is, and the client is helping dictate what 3D objects spawn in the world and where (apparently they are, by the looks of it!!!), that doesn't mean that the server can't stop and ask "Hey, does this make sense?" and then take action such as deleting the extra aircraft and kicking clients if it looks like they are doing stuff they shouldn't.

In fact, I think I already know how to detect and stop all the cheats mentioned in this thread except for the "nuclear" bombs, but it will take a server mod.

Completely stopping these cheats from occurring may require significant changes to the integrity checker on ED's end. Honestly, I don't think you will be able to stop these cheats with the current integrity checker. Testing tonight will confirm this, but last night, for example, I got through the integrity check on a public server with modifications to make my bombs and bullets explode with nuclear force, and no amount of integrity checking with the current IC would have stopped me, either. That said, I didn't test it out, I didn't want to possibly crash the server (I would have let everyone know I what I was testing, and why, and asked if it was ok, but server stability in A-10C is shakey enough as is, they don't need dozens of "nukes" going off in a less than 1 second).

Edited January 20, 2012 by Speed

StarHopper · January 21, 2012

Hmm, I was just reading through some of this post. 1) This guy is a REAL hacker. Good luck getting rid of him. My first suspect would be other server owners. I've played a lot of FPS and have seen people like this before. They are usually competing server owners who want people to come play on THEIR servers. Happened a lot in Crysis Wars. 2) One thing you might want to do is look through the logs on this forum server. These people are like Pyro's. They love to watch things burn and listen to people fight and talk about it. Anyone here who has watched this page intensely and not participated in the discussion? Big Red Flag. Good luck.

Edit: I was just thinking, and also you should keep an eye out on the net for someone trying to sell this as a private hack. We had a really bad guy ( who was a genius at programming ) in Crysis Wars who did just that. His name was LongPoke. He about single handedly destroyed Crysis Wars online.

Just my two cents.

Edited January 21, 2012 by StarHopper

Sign In

How to stop this CHEAT - HACKED DEDI SERVER

Recommended Posts

159th_Viper

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Falcon_S

Serg23

Case

104th_Crunch

Sanch0

Cali

124SqZeljava

Joe Kurr

Falcon_S

Cali

USSR_Rik

Sanch0

PoleCat

Heli Shed

124SqZeljava

Speed

4c Hajduk Veljko

USSR_Rik

Speed

leafer

USSR_Rik

gmt2001

Speed

StarHopper

Recently Browsing 0 members