polli 57 Posted July 31, 2012 (edited) Hi allA few minutes ago our server was hacked. All players where teleported to the debug forest and killed instantly. I shutdown the server immediatly which helped the most players to survive.I looked in the log and found only one entry that can be the cause of the hack maybe:31.07.2012 17:25:38: (Player details deleted for privacy - data can be send to the devs) - #39 icopter" || _v iskindof "plane")then{_v setVehicleInit "[this] spawn BIS_Effects_AirDestruction";31.07.2012 17:25:38: (Player details deleted for privacy - data can be send to the devs) - #58 his] spawn BIS_Effects_AirDestruction";processInitCommands;};if (_v iskindof "tank")then{_intI have no idea if this is the right entry or the right player. Could you help me please?Many ThanksPolli Edited July 31, 2012 by Polli Share this post Link to post Share on other sites
grubster 0 Posted August 1, 2012 Hi, this just happened to me. I was in a server and all of a sudden I was transported somewhere on the map with all the other players around me. I was then shot i think but regardless I died. This was on NZ17 i think Share this post Link to post Share on other sites
The_Weasel 16 Posted August 1, 2012 That log entry (I THINK) happens everytime someone enters a vehicle.Its a check to see if the vehicle is legal in game, if not (I.e. is it a plane) the player gets exploded.This seems to have been a recent change in the game, so if you find a hacked vehicle DO NOT ENTER, you will die, especially if its a plane or tank.So nothing to worry about, its a security check, not a hack.See my Thread here: http://dayzmod.com/forum/index.php?/topic/54872-in-my-server-logs-uk207/For examples of what script execution looks like in the server logs.Again I am not 100% sure with this, but I tested this log entry last night with a vehicle and it seems to execute everytime you enter one, as a check. Share this post Link to post Share on other sites
polli 57 Posted August 1, 2012 That log entry (I THINK) happens everytime someone enters a vehicle.Its a check to see if the vehicle is legal in game, if not (I.e. is it a plane) the player gets exploded.This seems to have been a recent change in the game, so if you find a hacked vehicle DO NOT ENTER, you will die, especially if its a plane or tank.So nothing to worry about, its a security check, not a hack.See my Thread here: http://dayzmod.com/f...ver-logs-uk207/For examples of what script execution looks like in the server logs.Again I am not 100% sure with this, but I tested this log entry last night with a vehicle and it seems to execute everytime you enter one, as a check.Thanks. So in the end there is nothing what shows me the script what caused the hack. I hope the Battleye devs would do a better job to detect scripting. Share this post Link to post Share on other sites
The_Weasel 16 Posted August 1, 2012 Thanks. So in the end there is nothing what shows me the script what caused the hack. I hope the Battleye devs would do a better job to detect scripting.See my thread (linked above) the battleeye log will log script execution. (dunno if there is a bypass to prevent that)I certainly have seen "Aimjunkies\addweapon.sqf" in my battleeye log file.The only .sqf entry that seems legit is:_dummy = [_this,"players"] execVM "\ca\ui\scripts\dedicatedServerInterface.sqf";This seems to occur when a player logs in, theres also a player morph command, but I think that just sets the players skin.So if you see any file entry that ends .sqf, except that one above, it might well be suspect. Share this post Link to post Share on other sites
polli 57 Posted August 1, 2012 What i find out is, that i didn´t can see the hacker in the log. No logins, except weapon pickups where is no name belongin to. I have no ID or GUID. I have nothing in my hands to get sure who the hacker is.I´ve banned accidently the wrong person because of the entrys in the log. I thougt they come from this player. But it was not. I unbanned him, but i think he will never come back to my server.I´m so sorry about that. We have nothing against the hackers. Share this post Link to post Share on other sites