joecheeze 0 Posted July 27, 2012 Ok as promised I have the 'further details'. This is a quote from a friend on TS."the 'issue' at hand is fairly simple...this thread / warning about 'extensions' is dated 4 May 2012, at 06:14http://community.bistudio.com/wiki/Extensionsyes doom and gloom 'potentials' that.. and i quote.."The easy way out is to simply trust the people involved, and take the fall if/when you do get hacked from it. Problem is, you might not know."well the problem is this function just came 'live' in the 1.62 patch..http://community.bistudio.com/wiki/callExtensionwhat does it do?handle = "pipes" callExtension "openPipe(pipe)";this allows 'it'.. any .dll file to directly access a running .exe file... such as arma.this is not a end of the world thing.. its a wide open backdoor / frontdoor skeleton key.. and it should have a shut off ability.no more.. no less-loki's </2 cents>" Share this post Link to post Share on other sites
thehumandove 344 Posted July 27, 2012 I want to...draw...you Share this post Link to post Share on other sites
Vipeax 318 Posted July 27, 2012 Uh, you do know callExtension has been used for months now right? It's what the Hive uses... On the client side however, there is nothing using it and as you shouldn't run any mods aside of DayZ, no players will ever be infected (say bye to your server?!). Share this post Link to post Share on other sites
joecheeze 0 Posted July 27, 2012 Uh, you do know callExtension has been used for months now right? It's what the Hive uses... On the client side however, there is nothing using it and as you shouldn't run any mods aside of DayZ, no players will ever be infected (say bye to your server?!).Wow so I FInally get a DayZ staff member to reply to this message and it's a super troll loaded response (dat je geen hulp je waardeloos trol!?). Just want you to know that I meant no offense or to scare anyone, just wanted to bring to light a development that has the possibility to cause harm to one's computer. I enjoy DayZ immensly and am very happy for the success that you have brought to BIS as I enjoy the delicate detail that they bring to a 'gaming' experience. However, your response, be it a rebuttle or what have you, still has not stated why this, a known, (lets call it a 'security risk) would be comon pratice for programming with no ability to disable for a popular 'game'. I also fail to reconize/understand your final words about a farewell to my so called unexistent server that I own. Share this post Link to post Share on other sites
dabatman1971 0 Posted July 27, 2012 Why is it so hard to get a decent technical response from the devs? The fact that the call extension went live to everyone with the update should scare the crap out of anyone. The ability to write a.dll file that is inserted in any mod and enable it to place bots or what have you on the server or anyone who connects to the infected server is a matter that should and needs to be taken more seriously than it appears to be. The other issue at hand is the inability of the call extension to work correctly in a linux environment is another problem that will have the community as a whole using different patches and unable to play with each other. Just got to say wow to the devs for not taking this way more seriously. Guess its gonna take someone actually writing a .dll and inserting it to make devs understand how powerful this security breach (open door or key ) is. Share this post Link to post Share on other sites
Webley 3 Posted July 27, 2012 I don't know what the fuck is going in this thread.My Steam updated Arma II, I updated the Arma II Beta, I played Dayz. Share this post Link to post Share on other sites
Vipeax 318 Posted July 27, 2012 Wow so I FInally get a DayZ staff member to reply to this message and it's a super troll loaded response (dat je geen hulp je waardeloos trol!?). Just want you to know that I meant no offense or to scare anyone, just wanted to bring to light a development that has the possibility to cause harm to one's computer. I enjoy DayZ immensly and am very happy for the success that you have brought to BIS as I enjoy the delicate detail that they bring to a 'gaming' experience. However, your response, be it a rebuttle or what have you, still has not stated why this, a known, (lets call it a 'security risk) would be comon pratice for programming with no ability to disable for a popular 'game'. I also fail to reconize/understand your final words about a farewell to my so called unexistent server that I own.You got me confused to the max with this post. A game always has the ability to cause harm to your pc, so does Six Updater, DayZ Commander, Steam, heck even this website could. I don't understand how a change they made many months ago is now put to light as if it's breaking everyone's pc while you first actually need to download a harmfull DLL from a source you don't consider trust worthy (and as you might know the files you download to play DayZ don't come with any DLLs), if DayZ is considered as so, you aren't forced to play it. To be exact the last 119 builds of ARMA2 have included callExtension, see ftp://downloads.bistudio.com/arma2.com/update/beta/ARMA2_OA_Build_95389.log (look for build 87640) and Bohemia implemented it, not DayZ.Why is it so hard to get a decent technical response from the devs? The fact that the call extension went live to everyone with the update should scare the crap out of anyone.See my above post, you had it for months already in your client.The ability to write a.dll file that is inserted in any mod and enable it to place bots or what have you on the server or anyone who connects to the infected server is a matter that should and needs to be taken more seriously than it appears to be.No, servers won't magically make you now download random files.Guess its gonna take someone actually writing a .dll and inserting it to, and having clients download it manually and have their startup parameters when launching the game include it, make devs understand how powerful this security breach (open door or key ) is.To summarize it for you (as it seems people here must be confused on how callExtension works):It can only do harm if you, as a client, download a DLL file, enable it as a mod (similar to how you run dayz with @dayz in the startup parameter) and then launch the game. In other words it won't have the ability to do any harm unless YOU download a tool that was designed to cause harm, which is no different to downloading a new browser, antivirus, game, chatprogram etc and assuming it's clean. Share this post Link to post Share on other sites
dabatman1971 0 Posted July 27, 2012 True, however DayZ mod may not use .dll's however the game itself does. Client does not need to download the .dll for someone to run a .dll that will execute any extensions that said .dll wants it to. Only the beta patches up till this point had the call extension go live..Now it is in the Official patch..hence the concern. This gives any hackers (which are already sorry individuals that like to ruin the arma game experience) a super tool to create severe havoc to not only the game itself but to hose servers and clients that are unaware.. Share this post Link to post Share on other sites
dabatman1971 0 Posted July 27, 2012 example dsound.dll Share this post Link to post Share on other sites
Tyler Bro 20 Posted July 27, 2012 I never have steam open/ lol Share this post Link to post Share on other sites
Vipeax 318 Posted July 27, 2012 Client does not need to download the .dll for someone to run a .dll that will execute any extensions that said .dll wants it to.How do you see it magically running on your pc without downloading it? Honestly, where are you getting this info from? It's so false that you honestly have me scratching my head on what is going on here.Only the beta patches up till this point had the call extension go live..Now it is in the Official patch..hence the concern.DayZ has been requiring people to run beta versions for weeks (or actually months). I'm still confused here.This gives any hackers (which are already sorry individuals that like to ruin the arma game experience) a super tool to create severe havoc to not only the game itself but to hose servers and clients that are unaware..Again, only if downloaded first. If a server runs a component (in the case of DayZ server the HiveEXT.dll component) all it can do is access that server and it can't magically make players on the server wipe their own harddrives. Maybe I'm just not catching what this thread is about, but if you think people can magically break your pc now without you enabling it first, please accept that it's a false assumption and that you are fine as long as you don't manually download AND enable it first.example dsound.dllWhich came with JayArma2Lib, which a client has to download and enable manually before it works. Share this post Link to post Share on other sites
dabatman1971 0 Posted July 27, 2012 (edited) Do what you will with this information, however .dll's work differently than you are assuming they work. And .dll's are in the main arma directory structure and can be created and used with no security checks able to be accomplished while the call extension pipeline is open. (last post on this topic..warning given with humility) Edited July 27, 2012 by dabatman1971 Share this post Link to post Share on other sites
Vipeax 318 Posted July 27, 2012 Ok, in that case it clearly works different than how I implemented it, magically appears to be working though. Can extensions cause big harm? Yes. Can they cause harm without YOU making it possible for them to do so? No.Will just ignore this thread as it's a pointless discussion if you consider any statement as false just because... *shrug*. For the other readers, please don't be worried, just don't download random files elsewhere than from dayzmod.com and you will be fine :). Share this post Link to post Share on other sites
loki 0 Posted July 27, 2012 *sighsseveral things...1. apologies for an off handed teamspeak conversation landing in the dayz main forums.2. all the squabble about viruses.. doomsday.. and who get 'infected' when... is silly.3. dayz is a 'MOD' of armed assault... until the stand alone release... b.t.w. gz to the crew.4. whether ones 'downloads' a .dll OR has one installed by any program installed.. such as arma.. which uses the dsound.dll as the interface from software to hardware sound system and drivers is moot. definition of .dll http://support.microsoft.com/kb/87934A dynamic-link library (DLL) file is an executable file that allows programs to share code and other resources necessary to perform particular tasks. Microsoft Windows provides DLL files that contain functions and resources that allow Windows-based programs to operate in the Windows environment.now.. first and foremost this should not have been an open thread in dayz..however.. required use of beta does not constitute 'live' across the arma community.i do not play dayz.. however i do have an extensive arma community portfolio which is easily verified via google search for 'loki arma'. (for good or bad)forget the drama and the strawman arguments about magical trolls putting stuff on ones system... and see it as it is... a 'potential hazard' that can easily be solved by BIS implementing a shut off switch that runs any and all user made .dll files 'if' desired.there is no need to defend or attack.. and whether this function that went 'live' months ago via beta or a few days ago for the regular arma user is an invalid distraction..if one can show verifiable evidence that anything i have said is untrue.. please do.. but save the personal opinions.. as such. opinions. Share this post Link to post Share on other sites