Anti-Cheat Measures

Sabre

New Adventurer
MSC Developer
RiP
Joined
Aug 24, 2004
Messages
4,545
Reaction score
1
Age
35
Location
SoCal
Nothing says ownage like a think tank, I always say. Post your feasible ideas about how to improve [FN] security here.
Do NOT post any exploits, if you have an exploit report, please send it to Thothie or Blasto ASAP.

I came up with a simple idea while in class earlier this evening.
I propose a new cvar called ms_status, which, when enabled, will use the status command in the console and then immediately condump it when;
-You join a server
-Another character joins a server

The condumps could be lumped into a new folder in the msc directory.
This is not a direct solution; however, with it we can have available without much effort the steamID of any suspected cheater, and then we could subsequently run an investigation; much more streamlined than "Dude, if you find this guy, grab his steamID." ;)
 

Slaytanic_pb

New Adventurer
The True Followers of the Lost
Joined
Feb 1, 2007
Messages
139
Reaction score
0
Location
Taipei
It's not the .dll's

I doubt anyone has really hacked the .dlls. I think it would be more wise to have any server do a hash check on the MAPS vs the maps officially released when the map changes. So long as this doesn't put a huge overhead on FN or the server, make map changed take a considerably longer time to change, or increase the chance of being dropped by the server. I know this would really suck if it started to make the cost of running FN 2-3x more a month, make map changes take twice as long, or if you get dropped on almost every map change if you play on a server that is far from you.
 

PBarnum

New Adventurer
MSS Developer
MSC Developer
RiP
Joined
Jun 14, 2006
Messages
3,031
Reaction score
4
How about we make a way where all servers open up their own "surveillance" system.

Each map session would be recorded so the admin could review to find any suspicious behavior.

Though, how much space would it take up?
 

J-M v2.5.5

BANNED
BANNED
Joined
Feb 26, 2005
Messages
5,675
Reaction score
1
Age
35
Location
Nijmegen, the Netherlands.
Re: It's not the .dll's

Slaytanic_pb said:
I doubt anyone has really hacked the .dlls.
I don't know crap about coding, but I'm guessing Adventurer actually did hack the MS: C DLL, because in some topic in here I read that rats gave like 99 999 XP on his (hacked) server.
 

WeissberV

New Adventurer
Crusaders
Joined
Jan 21, 2007
Messages
1,053
Reaction score
0
Age
31
Location
England
oedipus said this ages ago but he said something along the lines of :

a admin spectate mode so you can look at their screen whiel they are in ur server without them knowing
 

Sabre

New Adventurer
MSC Developer
RiP
Joined
Aug 24, 2004
Messages
4,545
Reaction score
1
Age
35
Location
SoCal
P|Barnum said:
How about we make a way where all servers open up their own "surveillance" system.

Each map session would be recorded so the admin could review to find any suspicious behavior.

Though, how much space would it take up?
That could take massive amounts of space if it were of usable quality; however, you could sacrifice quality if you are using chatlogs.

Is my idea possible?
 

villager

New Adventurer
RiP
Joined
Nov 21, 2006
Messages
1,272
Reaction score
0
Age
34
You know those servers on those mods similar to Fire Arms that records everything, like how many shots you've fired with an AK47, headshots and how many kills/deaths you have? I was thinking a similar system but instead with the FN, were it always displays everyones character status, like their skill level, health, mana and what items they currently carry. It could be updated everytime your character is "saved" on FN and displayed on the msremake website.

Just a thought :S
 

Tentadrilus

New Adventurer
Blades of Urdual
Joined
Dec 31, 2004
Messages
1,022
Reaction score
0
Make something that checks new saves against the last one. If the new save has gained huge amounts of XP or has suddenly gained a load of high-level items, it phones up Blasto while he's sleeping and screams about it in his ear.
 

Sabre

New Adventurer
MSC Developer
RiP
Joined
Aug 24, 2004
Messages
4,545
Reaction score
1
Age
35
Location
SoCal
villager said:
You know those servers on those mods similar to Fire Arms that records everything, like how many shots you've fired with an AK47, headshots and how many kills/deaths you have? I was thinking a similar system but instead with the FN, were it always displays everyones character status, like their skill level, health, mana and what items they currently carry. It could be updated everytime your character is "saved" on FN and displayed on the msremake website.

Just a thought :S
And make a database for the [FN] police to log in and check previous histories, as opposed to grabbing rollbacks and dealing with that.
If we want to apprehend cheaters fast, we need to have faster streamlined processes.
This database could be an Excel spreadsheet for all I care; hell, that might be better because you can chart progress and such.
 

Blasto121

New Adventurer
MSC Developer
The Pirates of Dreadwind
Joined
May 24, 2006
Messages
1,967
Reaction score
0
Age
37
Location
Eugene, OR
Sabre said:
Nothing says ownage like a think tank, I always say. Post your feasible ideas about how to improve [FN] security here.
Do NOT post any exploits, if you have an exploit report, please send it to Thothie or Blasto ASAP.

I came up with a simple idea while in class earlier this evening.
I propose a new cvar called ms_status, which, when enabled, will use the status command in the console and then immediately condump it when;
-You join a server
-Another character joins a server

The condumps could be lumped into a new folder in the msc directory.
This is not a direct solution; however, with it we can have available without much effort the steamID of any suspected cheater, and then we could subsequently run an investigation; much more streamlined than "Dude, if you find this guy, grab his steamID." ;)

there is already a system that works like that, its called the chat logs. If you have ever noted I don't normally ask for steam ID's. I already have most everyones ID logged in the msc chat logs. It stores not only there name and what they say but there steam ID as well. So anyone who runs a dedicated server should turn on there MSC chat logs.

Jelly said:
A method of checking the dll files' hash.
this is needed the most, it can prevent the modification of the dll files be it through dll replacement or hex editing.

Slaytanic_pb said:
I doubt anyone has really hacked the .dlls. I think it would be more wise to have any server do a hash check on the MAPS vs the maps officially released when the map changes. So long as this doesn't put a huge overhead on FN or the server, make map changed take a considerably longer time to change, or increase the chance of being dropped by the server. I know this would really suck if it started to make the cost of running FN 2-3x more a month, make map changes take twice as long, or if you get dropped on almost every map change if you play on a server that is far from you.

we are dealing with hacked dlls not in the normal sense though, its done through hex editing. Its actually a rather complex way of cheating but it would give you the things we have been hearing.

villager said:
You know those servers on those mods similar to Fire Arms that records everything, like how many shots you've fired with an AK47, headshots and how many kills/deaths you have? I was thinking a similar system but instead with the FN, were it always displays everyones character status, like their skill level, health, mana and what items they currently carry. It could be updated everytime your character is "saved" on FN and displayed on the msremake website.

Just a thought :S

this would be nice but would require both a web programmer who knows SQL and PHP, or even ASP.NET. Along with someone who can hard code into MS:C the needed functions for sending the information to the SQL web server database. As nice as it would be I don't think we have the ability to do that here... though it might be able to be done through scripts...



as for making that database with peoples stuff all there, I have asked for a something similar a simple program that can read in what the character files have there levels stats and everything else. However thothie doesn't want any program that can work in that manner, all it would take is for someone to get that program and reverse engineer it and figure out the encryption key used to lock the character files.


Anyway keep hammering at those ideas, who knows maybe we can implement this stuff.
 

Thothie

Administrator
Staff member
Administrator
Moderator
MSC Archivist
Joined
Apr 8, 2005
Messages
16,342
Reaction score
326
Location
lost
The DLL’s already check against one another, and the scripting DLL’s are highly encrypted. I don’t think anyone’s cheating by hex editing the DLL’s. It used to be you could mix and match older DLL’s to take advantage of older sploits, but this isn’t possible anymore.

Security on FN, to my knowledge, is flawless (or rather, has never been breached). There's no flaw with FN. The flaws lie in Mastersword and Half-life itself.

Primary methods of cheating seem to be (and I midas well spell it out, in order):
- Parry sploits (easily resolved by removing the ability to level parry)
- Cheat maps
- AMX/***mod and other metamods that spawn items / god mode
- Speed hacks
- The new memory editor which I shall not name (maybe more common than this position suggests)

Cheat maps: I’ve the framework of solutions for a solution for but it is a bit tedious to initiate though. (I’ve gotta comb through all 40+ maps)

AMX: Spawning items I can’t do anything about unless I figure some way to know where items come from. With god mode it maybe possible to lock the player’s invulnerability flag (there’s already partial protection for this cheat). The only for-sure AMX fix is to disallow metamod, which 1) I don’t actually know how to do, and 2) don’t really want to do, 3) would require that we have internal fixes for everything that AMX fixes (map voting system, map crashes, MOTD, chat bug,and ability to ban people proper, etc.) Somewhere there’s an AMXmodX Sven who’s source we maybe able to use to help in that endeavor, but there’s also, 4) it limit’s the community’s ability to help fix stuff. The map voting I’ve been wanting to move internally for awhile now, but the rest of the functions I’m uncertain of.

Speedhacks: I’ve found a solution for that's already been partially implemented. (And I'm impressed with myself in this instance, as VAC hasn't managed to block speedhacks for the past, what is it, four years?). Thank MiB and Shurik3n for help with that.

The new memory editor I am absolutely powerless against, and it is not VAC detectable, which seems to make all other efforts null and void, so I’m hesitant to even bother wasting time on any of this.
 

Blasto121

New Adventurer
MSC Developer
The Pirates of Dreadwind
Joined
May 24, 2006
Messages
1,967
Reaction score
0
Age
37
Location
Eugene, OR
Thothie said:
Security on FN, to my knowledge, is flawless (or rather, has never been breached). There's no flaw with FN.

correct and I intend to keep it that way.


thought I saw some hex editing going on.... meh whatever its still bad. We can fight the memory editing by forcing checks against the client and server on the values of monsters can't we? If a difference is detected clients get kicked. Though that would add to the amount of information being flung about between server and client.[/quote]
 

*-Foggyspy-*

New Adventurer
Joined
May 19, 2007
Messages
61
Reaction score
0
Thothie said:
The new memory editor I am absolutely powerless against, and it is not VAC detectable, which seems to make all other efforts null and void, so I’m hesitant to even bother wasting time on any of this.

I could help you with that. i know all kinds of tricks and things you can do with the memory region that can make it unuseable. and ways to prevent some use of the program, and crash the game when unfair play occurs.
 

Shurik3n

New Adventurer
MSC Developer
RiP
Joined
Aug 15, 2006
Messages
1,357
Reaction score
0
Age
33
Blasto121 said:
this would be nice but would require both a web programmer who knows SQL and PHP

I could do this,

Blasto121 said:
Along with someone who can hard code into MS:C the needed functions for sending the information to the SQL web server database.

and with a little reading I could do that.

I have in my mind a way to accomplish it, but I would need a better method to extract player data. The only time I know of it being decrypted and read is upon character loading, then its saved into encrypted variables. Sending a bunch of SQL info out whenever a character is loaded would put even more stress on the server, theres ways to minimize this which I will be considering.

Theoretically, I could make a program to decrypt character files, read the info and send it to the SQL server, but I have been instructed not to fool with decryption, and it would probably be a bad idea anyways.
 

Sabre

New Adventurer
MSC Developer
RiP
Joined
Aug 24, 2004
Messages
4,545
Reaction score
1
Age
35
Location
SoCal
@Blasto, regarding my initial idea:
That idea is intended for those that are not hosting a server, and encounter a suspect of hacking. Chatlogs do indeed work great, but they are not accessible to the server visitors, unless they request them, and in some cases that may be nigh impossible.
 

Blasto121

New Adventurer
MSC Developer
The Pirates of Dreadwind
Joined
May 24, 2006
Messages
1,967
Reaction score
0
Age
37
Location
Eugene, OR
Sabre said:
@Blasto, regarding my initial idea:
That idea is intended for those that are not hosting a server, and encounter a suspect of hacking. Chatlogs do indeed work great, but they are not accessible to the server visitors, unless they request them, and in some cases that may be nigh impossible.

true, though does the average person really need everyones steam ID?
 

Sabre

New Adventurer
MSC Developer
RiP
Joined
Aug 24, 2004
Messages
4,545
Reaction score
1
Age
35
Location
SoCal
No, which is why it's a CVAR; we can let people know to look out for some fewl and they can ninja his ID when they find him, before he ninja leaves...Or something like that.
Real situation:
Me: *Joins a server, sees a level 50 adventurer*
Me: So, it looks like you cheat.
Adventurer: *disconnects promptly*
Me: Adventurer? ms_status 1 owned.
 

Jon

New Adventurer
RiP
Joined
Jun 23, 2007
Messages
304
Reaction score
0
Location
NJ. Teh Uber Chemical State
Use mySQL to manage peoples level/inventory.

Im not really sure if this is possible because its all done by "flags" ( I think). I had a some experience with it when I ran a TSRP server. Maybe we can use somehow to keep track of peoples items and levels. I have no clue how, but Im just talking about nothing at this point. lawl
 

Shurik3n

New Adventurer
MSC Developer
RiP
Joined
Aug 15, 2006
Messages
1,357
Reaction score
0
Age
33
Most of my experience with SQL comes from writing TSRP plugins, and subsequent web pages to show their stats and such. But the point of using SQL for this would NOT be to use it to save players, but rather to collect their info and compare it over time with an easier to read method than loading up rollbacks one by one and comparing them. I've got the whole design worked out in my head, and it seems feasible, but I'm going to invest time it in unless you guys think it would help weed out cheaters.
 

Sabre

New Adventurer
MSC Developer
RiP
Joined
Aug 24, 2004
Messages
4,545
Reaction score
1
Age
35
Location
SoCal
I would think that it would DEFINITELY help; if for nothing else, it will allow faster investigation.
 

Shadeska

New Adventurer
Joined
Aug 9, 2007
Messages
391
Reaction score
0
Location
Backwater County, NC
Edit: Woops

Edit: Woops

Edit: Woops

Do I hear an echo?

And back on topic...
I think cheating is going to reach a point where we can only catch people by watching them at home and hacking their computer like those Zionist bastards.
 
Top