Jump to content
Sign in to follow this  
brezmans

Guys, I need some help with this line in the serverlogs

Recommended Posts

Hi guys,

my clan is running a DayZ server and today I downloaded our 2 GB log file to look through it and try and spot hackers.

Immediately, this line popped up:

17.06.2012 17:59:22: [redacted] - #36 raddWeapon = 'addWeapon'

17.06.2012 17:59:22: [redacted] - #36 raddWeaponcode = compile PreprocessFile (BIS_PathMPscriptCommands + 'addWeapon.sqf')

17.06.2012 17:59:22: [redacted] - #36 raddWeaponCargo = 'addWeaponCargo'

17.06.2012 17:59:22: [redacted] - #36 raddWeaponCargocode = compile PreprocessFile (BIS_PathMPscriptCommands + 'addWeaponCargo.sqf')

17.06.2012 17:59:22: [redacted] - #30 rcreateMarkerLocal = 'createMarkerLocal'

17.06.2012 17:59:22: [redacted] - #30 rcreateMarkerLocalcode = compile PreprocessFile (BIS_PathMPscriptCommands + 'createMarkerLocal.sqf')

17.06.2012 17:59:22: [redacted] - #31 rsetMarkerPosLocal = 'setMarkerPosLocal'

17.06.2012 17:59:22: [redacted] - #31 rsetMarkerPosLocalcode = compile PreprocessFile (BIS_PathMPscriptCommands + 'setMarkerPosLocal.sqf')

I have removed the lines identifying who this was, as I don't want to jump the gun here. Are these lines definite proof of someone injecting scripts or not?

Thanks in advance guys

Share this post


Link to post
Share on other sites

Seems like it, I see "addweapon" then "addweaponcargo" looks like they're spawning the infamous weapon crate.

Share this post


Link to post
Share on other sites

2GB log file? Rotate that bad boy out man!

Share this post


Link to post
Share on other sites

totaly legit, you will find yourself with those lines ;)

Share this post


Link to post
Share on other sites

Alright guys, thanks! I've also found some lines referencing planes and helicopters, but then i've found those with my guid too... It seems like the hackers are able to make it look like someone else does the hack?

Share this post


Link to post
Share on other sites

The good ones are using a battleye bypass, you'll never see anything in the logs with them. Dumb ones still try stuff like ammo.sqf scripts

Share this post


Link to post
Share on other sites

Alright guys, thanks! I've also found some lines referencing planes and helicopters, but then i've found those with my guid too... It seems like the hackers are able to make it look like someone else does the hack?

Is the line something like BIS_AirEffects plane explode or something similar like that? (I can't recall the exact name off the top of my head) If so, that is normal as well.

Edited by HowIChrgeLazer

Share this post


Link to post
Share on other sites

Yup, that's the same one HowIChrgeLazer.

I found one using a teleport script, he's banned now.

Also, we found a camp that had a Soldier Clothing in it, any idea how I can find in the logs the person that spawned this? If they did it on this server?

Edited by brezmans
  • Like 1

Share this post


Link to post
Share on other sites

Yup, that's the same one HowIChrgeLazer.

I found one using a teleport script, he's banned now.

Also, we found a camp that had a Soldier Clothing in it, any idea how I can find in the logs the person that spawned this? If they did it on this server?

How did you detect the teleport script if i may ask? We are having issues with a hacker teleporting to our members and players on US 266 to kill them.

Share this post


Link to post
Share on other sites

Really simple, check the logs for the string "teleport". That's ofcourse only if the hacker is a bit of a noob, apparently the smarter ones are able to bypass the logs and inject straight away.

Share this post


Link to post
Share on other sites

would love some kind of DB that shows what bad scripts looks like, impossible to drag the info out of spammed web console and the logs are massive and un parsed..... please move the hive crap to its own log as well it clutters up the console.

Share this post


Link to post
Share on other sites

Ive banned like 10 people in the last couple days for ammo.sqf. I have had a couple people I've caught on my server teleporting and spawning helicopters but there is absolutely nothing in the logs that they are doing anything. I just happened to see it first hand.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×