tickle_me_jesus 37 Posted August 12, 2012 Just a friendly question but isn't your project a bit moot since the latest dayz update 1.7.2.5?I heard (haven't been able to check it myself yet) there are hardly any entries logged to the server.rpt file or am I mistaken? Share this post Link to post Share on other sites
disorder 344 Posted August 12, 2012 Just a friendly question but isn't your project a bit moot since the latest dayz update 1.7.2.5?I heard (haven't been able to check it myself yet) there are hardly any entries logged to the server.rpt file or am I mistaken?Actually it scans scripts.logThe rpt support I would have added if they had anything relevant in. Share this post Link to post Share on other sites
leepfrog 26 Posted August 12, 2012 Just had the time to test this out a bit.Seems to work pretty good, however I noticed it is relatively slow. I'm not sure what you are using to search but I think there might be faster alternatives. I work with cygwin a lot and the awk/sed/grep utilities there can process 20-40mb text files per second and core - maybe this is something you can look into as the scans of 40MB take like 2-3 minutes right now ;) Share this post Link to post Share on other sites
disorder 344 Posted August 12, 2012 Just had the time to test this out a bit.Seems to work pretty good, however I noticed it is relatively slow. I'm not sure what you are using to search but I think there might be faster alternatives. I work with cygwin a lot and the awk/sed/grep utilities there can process 20-40mb text files per second and core - maybe this is something you can look into as the scans of 40MB take like 2-3 minutes right now ;)It's the fastest I could make it and it goes at HDD Seek speed(which means as fast as your hard drive can go)Please remember that for each line in every log, each 'cheat' from the db is searched for, which means iterating through both files simultaneously. If you want a quicker search edit the scripts.db to remove lines you know are safe. In fact the scripts.db file will be updated as/when I find out that stuff in there is not needed.There is a new version and a new more efficient db file, perhaps it will be a bit faster.New command line is -p=sessionfile.cfsParses the session file and automatically outputs a report to \reports folder. Share this post Link to post Share on other sites
oyci3c 2 Posted August 13, 2012 I've ran your tool and it only showed me the DISCO lines - what's that? Share this post Link to post Share on other sites
Gogster (DayZ) 626 Posted August 13, 2012 DISCO is the dayz_disco script that forces people to dance when they log in.This was added to the checks by the creator of this tool, but looking into it may need a little re-think. I believe the scripts is automated and appended to the log-in for each player, therefore they are not running it, it has been 'injected' so to speak for them.Will need to look at this in more detail although, as always, the quickest way to get rid of it is to quickly restart you server. Generally the person causing this script to be run on behalf of new players will be using one of the mainstream checks in the scripts.db file so you should pick them up for that anyway. Share this post Link to post Share on other sites
disorder 344 Posted August 13, 2012 (edited) DISCO is the dayz_disco script that forces people to dance when they log in.This was added to the checks by the creator of this tool, but looking into it may need a little re-think. I believe the scripts is automated and appended to the log-in for each player, therefore they are not running it, it has been 'injected' so to speak for them.Will need to look at this in more detail although, as always, the quickest way to get rid of it is to quickly restart you server. Generally the person causing this script to be run on behalf of new players will be using one of the mainstream checks in the scripts.db file so you should pick them up for that anyway.That's why I haven't added a system which shows usernames yet as there's no need to go accusing people of something they didn't do. The scanner points out unusual anomalies and the admin has to check manually if its a problem.I wanted the admin to have the control, not the program. What if the program detected and then banned someone who was innocent? I would never hear the last of it :) Edited August 13, 2012 by disorder Share this post Link to post Share on other sites
Gogster (DayZ) 626 Posted August 13, 2012 Yeah it's a good move - it was quite telling, the number of dayz_disco entries pretty much matched the log-ins from when it began. Easy to see it's not people running it themselves. Share this post Link to post Share on other sites
TheWeedMan 132 Posted August 13, 2012 (edited) Dont add a ban feature then lol. All we need is for the tool to display the name and guid of the hacker then its down to the admin to do more research before making a decision.At the present we use the tool and all it gives us is the info that a scripts been used...we then need to run through the entire log to find it. Whereas if we had a name and guid it makes the log search 90% faster and easier. Edited August 13, 2012 by TheWeedMan Share this post Link to post Share on other sites
Gogster (DayZ) 626 Posted August 13, 2012 Dont add a ban feature then lol. All we need is for the tool to display the name and guid of the hacker then its down to the admin to do more research before making a decision.At the present we use the tool and all it gives us is the info that a scripts been used...we then need to run through the entire log to find it. Whereas if we had a name and guid it makes the log search 90% faster and easier.A ban feature is not possible without running it on the server.@OP:I'd remove Loki in isolation and make the check "loki.sqf" Share this post Link to post Share on other sites
disorder 344 Posted August 13, 2012 (edited) Dont add a ban feature then lol. All we need is for the tool to display the name and guid of the hacker then its down to the admin to do more research before making a decision.At the present we use the tool and all it gives us is the info that a scripts been used...we then need to run through the entire log to find it. Whereas if we had a name and guid it makes the log search 90% faster and easier.Actually the line number is the best reference, If you use notepad++ it has line numbers down the side. CTRL+G is a jump to line thing, That's how I was using it anyway Edited August 13, 2012 by disorder Share this post Link to post Share on other sites
Gogster (DayZ) 626 Posted August 13, 2012 Actually the line number is the best reference, If you use notepad++ it has line numbers down the side. That's how I was using it anywaySee this http://superuser.com...n-line-shortcutCtrl+G :) Share this post Link to post Share on other sites
disorder 344 Posted August 13, 2012 (edited) Yeah I just updated my post lolBut I do realise people want more feedback so I will try and add the ability to see the section a cheat is found in. Edited August 13, 2012 by disorder Share this post Link to post Share on other sites
cereal7802 0 Posted August 13, 2012 Might be good to show the username or guid line along with the script being run so you know who did the suspected action. in my log there are tons of the same item listed at different points in the log. generally its the same user doing things over and over again. name/guid would give a better reference point when looking into multiple log entries. Share this post Link to post Share on other sites
disorder 344 Posted August 14, 2012 (edited) I need a few more logs to test on, especially some with cheaters/hackers in. Zipped around 10-15mb should do.Another thing I could do with is a list of the equipment ID's of stuff that is allowed in DayZ, so it can be removed from the DB perhaps (unless people want to search for normal items)Oh yeah new version too. Edited August 14, 2012 by disorder Share this post Link to post Share on other sites
Gogster (DayZ) 626 Posted August 14, 2012 IMHO setVehicleInit needs updating toplayer setVehicleInit _svr;As it stands it's pretty useless on its own. Share this post Link to post Share on other sites
disorder 344 Posted August 14, 2012 I have no idea where that line is? Are you using an older version of the database? Share this post Link to post Share on other sites
Gogster (DayZ) 626 Posted August 14, 2012 I have no idea where that line is? Are you using an older version of the database?Yep, I was - sorry. Share this post Link to post Share on other sites
disorder 344 Posted August 15, 2012 (edited) New lines for the database, these are known cheat lines so far.execVM "\ca\ui\scripts\dedicatedServerInterface.sqf"BIS_Effects_AirDestructionBIS_Effects_AirDestructionStage2if (_velz>1) then (_v setvelocity [velocity _v select 0,velocity _v select 1if (_velz>1) then {_v setvelocity [_xv/1.3,_yv/1.3,0[_v,_int,false] spawnBIS_Effects_Burn_v setVehicleInit format ["[this, %1, %2,false,true]if (_v iskindof "tank")if (_v iskindof "plane")openDSInterface_ent setHit ["legs",1]_ent setDamage 1_ent setVariable ["hit_legs"player setposatl Edited August 15, 2012 by disorder Share this post Link to post Share on other sites
falcon911 19 Posted August 15, 2012 I need a few more logs to test on, especially some with cheaters/hackers in. Zipped around 10-15mb should do.Another thing I could do with is a list of the equipment ID's of stuff that is allowed in DayZ, so it can be removed from the DB perhaps (unless people want to search for normal items)Oh yeah new version too.Not sure if you seen this post or not? http://www.tunngle.net/community/topic/77871-itemvehicle-ids-arma-2-combined-operations/ Share this post Link to post Share on other sites
disorder 344 Posted August 15, 2012 Hey Cool Thanks. Will adjust database to cheats onlyMight keep the dayz items seperate. Share this post Link to post Share on other sites
disorder 344 Posted August 15, 2012 (edited) I've made it about 5x faster wahaha *evil laugh*Got it using streams and a buffer, it now also reports the Username/IP address and IDOh yeah and since I can get the ID, I can automatically inject it in another file (cough bans cough) .. Is autoban a bit too much ? :D Edited August 15, 2012 by disorder 1 Share this post Link to post Share on other sites
lentWolf 24 Posted August 15, 2012 (edited) New lines for the database, these are known cheat lines so far.execVM "\ca\ui\scripts\dedicatedServerInterface.sqf"BIS_Effects_AirDestructionBIS_Effects_AirDestructionStage2if (_velz>1) then (_v setvelocity [velocity _v select 0,velocity _v select 1if (_velz>1) then {_v setvelocity [_xv/1.3,_yv/1.3,0[_v,_int,false] spawnBIS_Effects_Burn_v setVehicleInit format ["[this, %1, %2,false,true]if (_v iskindof "tank")if (_v iskindof "plane")openDSInterface_ent setHit ["legs",1]_ent setDamage 1_ent setVariable ["hit_legs"player setposatlTwo of those are known to be -somewhat- legitimate.BIS_Effects_AirDestructionBIS_Effects_AirDestructionStage2I remember reading that these are going to be present for every user that walks near a heli crash, etc - so they're legitimate effects, although I suppose a hacker could initialize them. I'll update this post with a link in a min.EDIT: As promised, here:http://dayzmod.com/forum/index.php?/topic/71904-new-major-battleye-anti-cheat-features/page__view__findpost__p__686256 Edited August 15, 2012 by lentWolf Share this post Link to post Share on other sites
shadow293 6 Posted August 15, 2012 I've made it about 5x faster wahaha *evil laugh*Got it using streams and a buffer, it now also reports the Username/IP address and IDOh yeah and since I can get the ID, I can automatically inject it in another file (cough bans cough) .. Is autoban a bit too much ? :DAnything to make our lives easier is appreciated. Can of Beans for you! Share this post Link to post Share on other sites
{sas}stalker 108 Posted August 16, 2012 Can we have this pinned please ? Share this post Link to post Share on other sites