AlcApwn (DayZ)

download it and test it on private hives - if you like it, buy it.

they wont fix it, but he could still play without pay? i highly dislike this "you will buy it anyways"-attitude of the fanboys :)

or he will play on private hives, no need to buy it for that... so, why should he?

you know that an admin has exactly 0 chance to notice hacks like maphack? if you want to get rid of idiots spawning bullshit, private hives are your first choice. but there will ALWAYS be hackers, unless arma2 changes its engine design. especially hives with no-CD key in their name have more sophisticated anti-hack measures, as they were much more frequently targets by some idiots with a keygen. u might try odayz.org.ua :)

are you confusing a forum with twitter?

http://www.youtube.com/watch?v=aIrhVo1WA78 did you ever try to go over a rabbit on a bike with 50 km/h?

why is decrypting it needed? you just need the hexvalue... and i dont see why having 2 locations where the key is stored would do any good, as i would simply replace it at BOTH locations?

are you 100% sure of that?

or just test it on a private hive before buying the game... i didnt (and wont) buy arma2, but thats what private hives are for arent they ;)

http://battleye.com/downloads/arma2/new/BEClient.dll latest client you dont need the server dll, the latest client is enough (for obvious reasons) you dont need to open BEsetup, just put the BEClient.dll into your \ArmA 2\Expansion\BattlEye\ folder you dont need to start your game as admin, just put the new client in the right place and restart the game.

rocket said it will be ToH's engine, which is not Arma3's engine, but a branch of arma2s...

he was so in tears from his 17s video with that sad music :(

as he posted his steam add, you can talk to him. he discribed this "friend" as a 13year old, which is, imho, pretty much fitting to his style of writing. vote for close + ban for op :)

rarely have seen such an idiot like you... hope he does not consider scum like you as a "friend". if it bothers you, play allone or jump, write to battlEye about the exploit (and not the ones using) or jump off a bridge.

imo its their good right to demand it, because releasing a GAME with such an engine is fraud on the customers! of cause its the wrong forum to do so (as all those problems existed in arma2 anyways), but as rocket is belongs to BI he did know. there are SO many engines he could have used, both cheap and much better, but he chose BIS's ill-bred child of vodka and unreliability.

"That is why Battleye is here. It picks up on any "illegal" scripts being executed, the ones that don't match what is meant to be run according to the server. There is basically a whitelist of scripts that are allowed to run, and anything else results in a kick, or even a global ban." afaik: wrong?? BattlEye is NOT designed to check scripts. BattlEye is supposed to care about: - aimbots - wallhacks - maphacks - server/client communication - speedhacks/teleporting via memory-changes by third parties - general integrity of the game files and its RAM It CAN check the scripts for certain substrings and pseudo - regular expressions, but not a whitelist, and that is NOT what BattlEye is designed for. "Battleye is quite efficient at DETECTING scripts that aren't aloud to be run." it defenitely is NOT, as you can always use the scripts the regular game is sending on picking up an item etc. But, as i allrdy said, BattlEye was not, is not, and WILL not be designed to. "The problem at the moment though, isn't Battleye failing (Well, kinda) It's the fact you can use a "hook" to inject into the Client-side Battleye process and typing a few lines of code that effectively make all the scripts you execute invisible to the server log, which means you can't get kicked, banned, etc. Once they find the memory space getting "hooked" onto, they release an update and a mass ban rolls out." 1.) BattlEye has no Process. 2.) You can't make scripts invisible to the server log 3.) they dont find the memory space, they try to detect the hooking. 4.) there is no mass ban, because any half-decent child knows that it should NOT use an outdated hack which is unchecked on the hive-servers. "ESP (in some of the released hacks) Teleportation. (Of themselves and others) Ability to see everyone on the map. Spawning of objects, weaponry or vehicles, including those not in DayZ itself. God mode. Nuking. Give themselves full health with a single button. Disable grass. - Dunno why they would do that, maybe to see people crawling? Name Spoofing/Possible GUID spoofing. Wallhack, kind of. (Tampering with files)" not only players on the map. players, tents vehicles, even decoration-gadgets like soldier-corpses and rabbits/boars/cows/goats. furthermore: turn off rain, disable night, and so on... local client changes "And no, they won't change their entire engine to stop scripts from being executed." if they do not do that in the standallone, dayz will be ripped to pieces. and i will gladly help, you can not release a GAME with a trusted client. "But DayZ isn't the CAUSE of the hacking [..] Its multiple things." the only reason is that they thought the arma2 engine could work in a game like DayZ. propably the cheapest, and worst choice. "It will be fixed. It will just come out of the blue one day and MANY people will get banned." impossible by definition. obfucscation is no proof of security, new hacks will ALWAYS be released as long as arma2's engine does not get fixxed. and why on earth should many people get banned? lock the dll's file so that it cant patch (or by other means, there are plenty) and you know when to turn off your hack... your so naivly that it hurts -.- you cna even set up your firewall to supress battlEye patches, so... maybe some idiots who cant play without their hacks will be, but... "Its a complex job looking for hooks in your own .DLL, because there are so many places they could be injected." BattlEye is loading upon joing a server. most hacks are injected in the menue (dayz naivator (most popular maphack) btw is only undetected if you start it before joining a server), and battlEye failes to notice. there are indeed many ways of possibilities. but BattlEye is neither working with 2 processes watching each other (like punkbuster) nor using global hooks, so it will ALWAYS be easy to bypass it atm. battleye is not hooking readprocessmemory! they will NEVER detect a half-superior hack! and by the way, it does not matter WHERE it is injected, but HOW. "Edit : I'd appreciate after reading some sort of comment, to keep the topic up on the front page. It would be amazing if it got stickied, but not much chance of that." if you fix your many mistakes, i would appreciate it as well. the community is not really taken seriously in this point! just have a look here: BattlEye has got no problems if you attach a debugger to it's dll, and join a server with BE enabled than :) want to know how battlEye checks the clients version? a little hint: no hashing is involed :P

maybe search for servernames with "SAVE" or "KEY" - they will most likely belong to a private hive.

it should load minized without this parameter, are you sure it does not?

this problem has almost nothing to do anti virus software. DayZCommander requieres Administrator Privs on startup, so any AV is fucked anyways (if done right). But think about what it did: - read a registry-key (no anti-virus will say anything against that) - send it to a waiting source (can be done by mail, or HTTP-Post, or, or or... your firewall will not notice because you do not open a socket!) Brain is more important than anti-virus software! @OP: did your anti-virus scans FIND something? if not, you SHOULD be worried. never trust an infected system! if it is coded properly, it will steal your next key right away! and it does not matter when your key is sold. why on earth should it? it does not decay :)

you can change your CD-Key without having to reinstall Arma2, you know? and if someone stole your key, what point is in reinstalling the game? if your machine is infected you have more serious problems than your key -.- what will it help if you get a new one? will be stolen like the last one, if you dont do anything.

just play on private servers which block port 29910, you dont need a valid cd key than... arma2 is not worth 5€

nope, they DONT. You have no idea what you are talking about. BattlEye works on prohibiting client modification, not on prohibiting the scripts themselves (bc they cant). could you please write that again with proper grammar? i dont really get it what you want to say. public hacks (and almost any hack of arma2 is public) are FREE, and the creator gets NOTHING and codes for FUN. Maybe the platform hosting his products does, but the exploits are found by the community itself. just shut up if you have NO idea what you are talking about.

the problem regarding creating weapons/killall scripts is NOT only battleye. the main problem is that arma2servers were implemented without a single thought about security - the whole scripting-system of arma2 is just an insane failure.

nope, they dont. as i told you i know one myself, he is defenitely NOT paid. the most advanced hacks are even open-source, so... not the slightest need to pay for a hack, you can just compile and modify them yourself.

i had to laugh about your post. Do you really think MONEY is paid for a hack for ARMA? Seriously, Arma2 is a half-indie game with a small community, who would PAY for hacks? First of all, your impression of the "scene" is just hilarious. those "hackers" are just people who want to show off their skills, thats it! Have you never done sth bc others think you couldnt? i know one personally, and he gets no money from anyone for sure :D We just have 2 major problems here, which Bohemia appearently does not want to see. 1.) The servers execute CODE received from clients (WTF???) when i first heard of this, i fell half of my chair. i don't know WHO had this bright idea, but he has apparently NO idea of serious software engineering. thats just a failure in the project management like i have never seen before. the servers don't control anything (except the scripts.txt pseudo regexes), not even your HUD consistancy, otherwise i would not be able to get additional items just because the connection is unstable/delayed. that leads to the nice conclusion that you will NEVER be able to stop items from being spawned by an injected script, thanks to BIS's security standards of 1980. and guess what? that's why you can use tools like dayznavigator to find ANY tent, ANY vehicle and ANY player on the whole map - because arma2 is not interested in the slightest in the consistancy of the client-server communication. Client asks for all tent locations? oookaaaaay here ya are! 2.) BattlEye there is a lot i could talk about... lets get started! a) BattlEye loads upon joining the server. and thats just too late, i hope you dont need further explanations. B) BattlEye (afaik) communicates with the arma2client without any uses of encryption, you could corrupt the communication between them quite easily, i dont know how the current injections are exactly working c) BatllEye does not hook writeprocessmemory, thus it will ALWAYS be quite easy to manipulate it! d) we saw no hash-functions usage in the battleye-assembly-code, maybe they just use the version function from the DLL (unsure about that, have not investigated further... yet) that were the most "annoying" problems, as their effects harm the players' gaming experience quite harsh. But 99% of them are NOT caused by genius, wellpaid "hackers", but by elementary mistakes in the planning of Arma2. As DayZGame will use arma2's engine, and rocket said "it is being dealt with by Bohemia's key programming mind" i can only shiver about what will be the outcome, as they appear to programm more like a headless chicken than a serious software company. (sorry, im quite angry) if anyone of BIS's staff reads this: we could actually help you... but you would have to take us seriously. Implementing a BLACKLIST of codesnippets is NOT an effective way of dealing with an unchecked client-server communication. If dayz should be a GAME, than you will have to implement it as a game and not as a helicopter-company-hellokittyonlinegame-rippoff! clients must NOT get more informations than they have the right to! im SICK of watching people driving from one tent to the next just because they got dayznavigator on the second screen and see anything!