Jump to content
Magotchi

BattlEye Bypass Detection

Recommended Posts

As a server admin, is it possible to detect the BattlEye bypass method which involves editing the Arma 2 client in RAM and setting a custom script to run when the in-game Server Control button is clicked?

If not, then DayZ is nearly unplayable at the moment. A simple perusal of the Cheat Reporting forum reveals it's an epidemic. On my server, in the last 24 hours, at one point every vehicle in the server exploded simultaneously, then hours later everyone got teleported to a lighthouse and sniped, then hours later a helicopter flew overhead, then a bit later, a person with godmode teleported around the map, killing everyone (while spamming things like "friendly" and "Why are you shooting at me?" in Direct).

Can anyone recommend current best practices for preventing hacks and catching hackers with the current state of DayZ, Arma 2, and BattlEye?

Edited by Mister_Magotchi

Share this post


Link to post
Share on other sites
Guest

Hey Mister_Magotchi,

Sorry to tell you friend, but BattlEye bypasses are exactly what they sound like; bypasses. Although there are many methods to blocking BattlEye from scanning your computer and the scripts you execute, they all prevent the server from being able to log anything you do.

Best practices to prevent hacking?

  • Never have more than 45 players online, hackers target high-pop. servers.
  • Don't be a dickish admin, ever; never give the hackers the excuse.
  • It's more efficient to befriend hackers and convince them to stop doing malicious stuff on your server than banning them, angering them further, then they just come back to nuke you on a spoofed CD key.

EDIT: To expand on my third point, BattlEye never "insta-bans" it always has a 24-48 hour delay between when a hack is detected and when a user is globally banned. The intent of this is to prevent the hackers from knowing what exact script it is that got them banned. Befriend them for a day or two, they'll be banned globally before they do anymore real damage >.>.

Edited by Guest

Share this post


Link to post
Share on other sites
t's more efficient to befriend hackers and convince them to stop doing malicious stuff on your server than banning them, angering them further, then they just come back to nuke you on a spoofed CD key.
LOL
  • Like 1

Share this post


Link to post
Share on other sites
Guest

LOL

Edited post to expand on that point. And I'm serious. I'd rather have a hacker spawning in vehicles and weapons any day vs. nuking servers. Everyone already dupes on this game anyway. Nuking just ruins everyone's day.

Edited by Guest

Share this post


Link to post
Share on other sites

US 303 Dallas clanmsn server? i saw your chat about BE bypass in-game :)

i dont know jack about cheats but i wanted to grats you for your great server that gave me some good time,

thank you, sir. :)

Edited by Dreffh
  • Like 1

Share this post


Link to post
Share on other sites

Thanks, man. Things are just getting nuts at this point, though. I just want to make sure I'm doing everything I can to keep the hacks to a minimum with what I have available.

Share this post


Link to post
Share on other sites

This game is lost to hackers. I was just on a server where a hacker emptied my entire inventory then gave me a broken leg. When I respawned he killed off the entire server. That about does it for me I think, at least until alpha is over.

I have thick skin, I like the harshness of this game when its legitimate but stuff like that is unacceptable.

Share this post


Link to post
Share on other sites
Guest

Thanks, man. Things are just getting nuts at this point, though. I just want to make sure I'm doing everything I can to keep the hacks to a minimum with what I have available.

Yup. The game is overrun, and I'm starting to get kind of pissed off with the devs. They threatened to blacklist my servers (all 3 of them) earlier today for having a minor naming issue. Yet, there are ~3 servers up right now with battleye off full of hackers spawning in items, and hundreds of locked servers where loot is being duped and hunted.

I'll prob make a rant thread tomorrow lol.

Share this post


Link to post
Share on other sites

While I highly appreciate the DayZ team and the work they've done so far (for free with regard to me), something must be done about this hacking epidemic.

Share this post


Link to post
Share on other sites

Ban. Ban. Ban. And then Ban some more.

Edited post to expand on that point. And I'm serious. I'd rather have a hacker spawning in vehicles and weapons any day vs. nuking servers. Everyone already dupes on this game anyway. Nuking just ruins everyone's day.
I get what your saying, but your basically conceding and picking your poison. Shouldn't have to do that. Don't do that.
It's more efficient to befriend hackers and convince them to stop doing malicious stuff on your server than banning them, angering them further, then they just come back to nuke you on a spoofed CD key.
Screw em. Let them keep buying keys, at some point the well will dry up.

Your trying to be too diplomatic about this, I applaud you for your tolerance, and I feel for all of you that rent servers and have to go through this bullshit, but at some point, and I hope soon, you guys ( server admins) will say enough of the bullshit.

Share this post


Link to post
Share on other sites

I'd be banning them like crazy if there was evidence of their hacks in the logs. With the BattlEye bypass method I described, it seems admins are basically powerless at this point, unless there's some way to detect the bypass.

Share this post


Link to post
Share on other sites

I'd be banning them like crazy if there was evidence of their hacks in the logs. With the BattlEye bypass method I described, it seems admins are basically powerless at this point, unless there's some way to detect the bypass.

I don't know anything about logs and such, so I might be talking out of my ass, but if everything in the game essentially runs off of scripts; executing, saving, etc, there is no tracers or anything that might show PLAYER X acquired " a gun" ( whatever) or PLAYER X executed " nuke script". Again, this element is above my understanding, but it would seem that every action a player commits is recorded or logged somehow, or is that not the case?

Share this post


Link to post
Share on other sites

Normally you would see the equivalent of "PLAYER X executed 'nuke script'", but at this point, all but the dumbest of hackers are using a method to bypass BattlEye's script logging feature, as I described in the OP.

Share this post


Link to post
Share on other sites

Normally you would see the equivalent of "PLAYER X executed 'nuke script'", but at this point, all but the dumbest of hackers are using a method to bypass BattlEye's script logging feature, as I described in the OP.

Do you guys (admins) have your own logs that you can look at that may or may not indicate something going down? I don't know what a log looks like, could be a billion lines of code and it would unrealistic to actually go through it and pinpoint a certain instance. But it seems like Battle Eye is dropping the ball and something needs to be done.

Share this post


Link to post
Share on other sites

Excession: With the method I described above (and would link if it weren't against the rules), only the script ran through the method doesn't show up in the scripts log. All other scripts ran as normal parts of the hackers gameplay still show up.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×