Hackers - What you need to know.

[DarkRaven123 602]

As we have seen, there is rampant "hacking" in -game at the moment.

Also as we've seen, everyone is a spastic and rants and raves over how rocket should fix the hacking.

I'm just making this so people can get some sort of knowledge about the situation, and generally because i'm sick of every second thread being some douche whining about how BI or DayZ team should fix it.

Background.

Since Arma was developed, it has primarily been made as a Military Simulator. To this end BI has ALWAYS had a "Trusted client" model.

Basically, players can execute any scripts they want, and freely.

The game was designed to be played on such a large scale, and with the Military in mind, they made this decision.

Why? So you could create your own scenarios with a click of a mouse. No need for modding or anything like that, you type up a quick script in Notepad++ and then you spawn everyone with a tank, or in helicopters, or whatever.

In short, Arma 2 was never made to be a MMOFPS w/ zombies.

Ever.

Because of the trusting relationship the engine has with the client, this clearly leads to people abusing it.

It has always been like this, since the first Arma engine.

And it won't change, BI cater first and foremost to their Military contractors and the HARDCORE MilSim fans.

So in the end, if you played Arma 2 at all, you'd know that most servers were passworded and you organised playing with friends or skrims on the web. Because anyone can just walk in and execute a script that say, spawn a nuke.

This is where the Arma 2 engine "fails" in terms of DayZ. (Not to mention being buggy .)

Then comes Battleye.

But first.

For UBCSRavin!

More on the Arma Engine/Hive/"Untrusted"

In every other game I have come across, the client is automatically UNtrusted. Basically, you're a criminal waiting to happen in the eyes of whatever engine you are on.

This restricts just about everything you can do, to an extent.

If we take Battlefield 3 for example, there is no way in hell, without the use of a mod, or other more nefarious means, can you spawn anything that the server doesn't already have on it.

Or even any Valve game.

Each game comes installed with anti-piracy/anti-tamper measures. In Valve's case, its steam and VAC. Though some steam games also use punkbuster.

Because you're already untrusted, any time ANYTHING that doesn't match the server-side "rules" you are instantly banned or kicked, not to mention that the Server Admin on most other games have complete control of their servers.

There is good reasoning behind DayZ teams decision to tighten up the rules in relation to hacking and such. Without them anyone could accuse someone of hacking, get them banned, probably lose their 5 hour progress.

This just can't happen.

Its frustrating, but there simply isn't another way, unless Rocket chooses to centralise ALL the servers, like an MMO, and completely cut out the publics involvement in the running of the servers. Seriously, name another MMO that lets you run your own server.

But you don't have the ability to execute scripts or anything remotely close to that of ArmA 2 on other games.

Its pretty simple, it would get abused, not to mention that coding in the ability to make scenarios (For instance - Thunderdome) on the fly is a huge undertaking.

Scripts are normally executed server-side, Client-side doesn't even get to see these scripts, without the aid of certain tools.

On Arma 2 however, you can execute scripts at will. It has always been BI's mission to deliver an AUTHENTIC MilSim experience with their engine. Some of the contracts they hold are huge, I would assume.

If you have a look at the BI website, it show cases some of their work, most pretty dam impressive.

Unless you are playing Eve, I don't think there is any games of note that actually use a HIVE system.

The HIVE, if you don't know, is basically a huge SQL (assumption) database containing EVERYTHING pertaining to each players Characters.

The general way I the HIVE works is this : (I'd assume there would be more steps, and it would be more complex, but then again, you never know)

- Join Server, "waiting for character to create" is the server you join (Lets say ANZ1 for now) querying the main HIVE for your specific data.

- Do whatever it is you are doing on ANZ1, find a weapon, get some gear, etc, Battleye is active on each DayZ server, trying to find scripts that aren't meant to be there.

- Leave server. ANZ1 communicates all your gear, positioning data etc. to the HIVE.

The problem with this model is that its easy to exploit.

If you can circumvent Battleye, the only server-level security aloud at the moment, you are free to do what you like.

So you can spawn a bunch of vehicles and weapons and the ARMA 2 engine believes that is "legal."

Then when you leave it communicates all this information to the HIVE, which also trusts what the Server has to say. Why wouldn't it though? If you assume everyone is good, there is no reason to look for the bad.

And we need to remember as well, Arma 2 was never made to have a persistent world.

It was designed so you can run scripts, which generally make entire missions, or change the current mission on the fly. Something I'm sure would let the Military contractors stress to their users how battle can change.

SCRIPTS.

Just about everything in Arma 2 is run by scripts. Practically all of DayZ is one script comprised of many, many smaller scripts.

Every time loot spawns. Script.

Every time you spawn. Script.

Zombies spawn. Script.

And so on.

Which leads to the system being easily abused by the less savoury types of gaming.

Understanding how scripting works in relation to anti-cheat.

As you know, scripts can be executed at any time, by any player on any server.

Its ridiculously easy to do.

That is why Battleye is here. It picks up on any "illegal" scripts being executed, the ones that don't match what is meant to be run according to the server.

There is basically a whitelist of scripts that are allowed to run, and anything else results in a kick, or even a global ban.

Battleye is quite efficient at DETECTING scripts that aren't aloud to be run.

The problem at the moment though, isn't Battleye failing (Well, kinda) It's the fact you can use a "hook" to inject into the Client-side Battleye process and typing a few lines of code that effectively make all the scripts you execute invisible to the server log, which means you can't get kicked, banned, etc.

Once they find the memory space getting "hooked" onto, they release an update and a mass ban rolls out.

One happened 3 days or so ago.

That is how anti-cheat and hacking work in relation to each other.

Hackers create a hack, Anti-cheat responds. Mass ban. Rinse and repeat.

You can never completely stop hacking, ever.

There are people who simply dedicate their time as a hobby to writing hacks for games.

These people you don't really need to worry about. They might hack in weapons or vehicles and so on, but their hack stays for their private use, and perhaps a few close friends.

They don't intentionally, ALL THE TIME, go out of their way to ruin other peoples days, like the currently huge amount of Scripts kiddies that got a hold of a certain hack, the friendly hackers you hear about, the ones giving heli rides and gear are generally the people who write their own shit.

SCRIPT KIDDIES.

These are the people you see running rampant. I can 99.99% guarantee these people either downloaded a leaked private hack or bought one from one of the hacking sites that make money from spastics who want an easier game.

These people go mad with power. That's why you see so many people nuking, mass teleporting and so on.

Because they are 12 year olds who have access to their parents credit card.

You'd generally find these people who got killed by a legit sniper and say to themselves "I want that gun, oh, better look for an easy way to get it because i'm aman with ADD and a short attention span."

Basically, they are the spoilt brats of our generation who want instant gratitude.

Unfortunately, the hackers who made these hacks decided to put in instant-kill and teleportation and all these other exploits that ruin everyone's day.

Current scripts ruining your day - UPDATED.

For more information on this look here : The Truth - A guide to surviving Hackers

User Elenkel has gracefully admitted to hacking, and his experiences in relation to what scripts are out there, and how many people are actually hacking are quite eye-opening.

I personally had never even heard of "Thunderdome" until he posted it.

I did choose to omit certain hacks from my original post however, simply because I believe that some people may think it would actually be pretty cool to hack with all the added features.

ESP (in some of the released hacks)

Teleportation. (Of themselves and others)

Ability to see everyone on the map.

Spawning of objects, weaponry or vehicles, including those not in DayZ itself.

God mode.

Nuking.

Give themselves full health with a single button.

Disable grass. - Dunno why they would do that, maybe to see people crawling?

Name Spoofing/Possible GUID spoofing.

Wallhack, kind of. (Tampering with files)

If any admin are reading this, you should read this post : http://dayzmod.com/f..._20#entry481304

Props to Barronism for posting it. It should fix the "wallhack" that people are abusing at the moment, its a very good fix, but i'm sure it will be patched.

What can Admin or even regular players do? -Updated.

First of all, if you haven't read this thread, please do : http://dayzmod.com/f...u-need-to-know/

A fantastic thread letting you know that admins aren't the ones doing this shit to you.

On our side there aren't many things we can do to stop them. If you can Fraps them hacking and possibly get their names or what not, you can contact Battleye, the DayZ team or even BI with your evidence and they should get a ban, sometimes. I can't say for certain how on top of this type of reporting they are.

The DayZ server hosting rules are pretty strict when it comes to banning people from your server. Therefore it is advised you don't ban anyone without the proper evidence, as you could get blacklisted.

Besides, if you have no evidence the suspect will just come here and whine to the DayZ team for an unban. And if you have no evidence they have to oblige. Its not worth the hassle.

Found some fantastic work from a server owner, worth looking into if you admin any server.

http://dayzmod.com/f...-3/#entry377033

Huge props to PepperoniKiller.

EDIT. Server admin please read.

Browsing Reddit for the first time and came across this post - http://www.reddit.co...d_to_read_this/

Props to http://www.reddit.com/user/Zhoir for posting.

A lot of the reddit servers on the sidebar and the majority of servers in general have been comprimised by 4chan.

IF you still have your cfgdayz and battleye folders in your root directory where you launch your DAYZ Server from then they can run a script and find out what your rcon password is to access your server remotly or in-game.

This allows them to ban anyone, kick anyone, spam global admin messages and remove any bans you have set in place.

I have seen quite a few servers on the sidebar in a post on 4chan recently (not going to name them but I will notify everyone I can via PM on here)

To fix this (so far it has worked for us)

• you need to move your cfgdayz folder and battleye folders outside of your root server directory.
  
• Then edit your start_dayz.bat file to point to the new directorys location of where you have moved the folders to.
  

Example: "C:\Users\Administrator\dir\Arma 2\Expansion\beta\arma2oaserver.exe" -port=2302 -mod=EXPANSION\beta;EXPANSION\beta\Expansion;EXPANSION;ca;@dayz;@hive -name=cfgdayz -config=C:\Users\Administrator\dir\cfgdayz\server.cfg -cfg=C:\Users\Administrator\dir\cfgdayz\arma2.cfg -profiles=C:\Users\Administrator\dir\cfgdayz-bepath=C:\Users\Administrator\dir\BattlEye -world=Chernarus -cpuCount=3 -exThreads=3

The stuff i've highlighted in bold is what I have changed. As you can see I pointed it towards where I moved the cfgdayz folder and battleye folder. For security reasons I replaced the directory I used with "dir." Simply change dir to the directory you move the folders to.

This SHOULD stop people from grabbing your passwords. EVERY server is at risk right now who have not done this. I believe even Vipeax's server was exploited the same way.

I know this goes againsted our rules of posting anything related to hacking but as I am providing a fix and a lot of reddit servers have been exploited I decided to allow it.

What does Rocket have to do with anti-cheat? (And is this a DayZ problem?)

First of all, aside from the HIVE database bans, Rocket + Team, as far as my knowledge goes (probably wrong :/) have nothing to do directly with the anti-cheat.

At all. That is completely in Battleye's hands, not even BI itself would have anything directly to do with it. And no, they won't change their entire engine to stop scripts from being executed.

A lot of people i've seen on the forum have been saying shit like :

Edit : Original post snipped.

"OMG ROCKET Y U NOT DOING ENOUGH TO FIX THE HAXX"

The kind of "special person" I am trying to reach out to with this post.

Day Z is DEFINATELY the reason we see SO MANY skiddies in the game. ArmA 2 wouldn't be receiving any attention at all in the mainstream if it wasn't for DayZ. So thats where the influx of skiddie scum has come from. They came to play DayZ, it was too hard, or they got bored and they decided to grief everyone.

But DayZ isn't the CAUSE of the hacking. You need to understand this part. ITS NOT DAYZ'S FAULT THERE ARE SKIDDIES EVERYWHERE.

Its multiple things.

Mainly :

- Arma 2 is a trusting engine.

- DayZ is super popular at the moment.

- Battleye is easy to hook into.

There is a quote from Rocket here : http://dayzmod.com/f...ty/#entry434623

"It is going to take time to fix these issues, and security issues in particular are not transparent. DayZ, BIS, and BattlEye do not comment on the security issues for reasons which I really hope are bloody obvious. That means things often happen completely unannounced, and work is done all the time, there will be no big fanfare for dealing with the security issues just constant work and change."

User Max Planck linked in a thread recently.

It sums up why you don't hear anything from any of the people involved Anti-Cheat - With good reason too.

Well, what now?

It will be fixed.

I think i've written that sentence over 100 times on this forum the past two weeks.

Battleye nor BI or the DayZ team announce what they are doing in terms to anti-cheat.

It will just come out of the blue one day and MANY people will get banned.

Patience, a virtue much lost in this generation.

IT WILL BE FIXED.

Battleye is a company contracted to work on the anti-cheat for the Arma 2 engine. Its a job.

They will get it done, because thats what they are payed for.

Its a complex job looking for hooks in your own .DLL, because there are so many places they could be injected.

TL;DR :

Shit happens then you die.

Hackers are always a problem in games. There are ALWAYS people out to crack open games and look inside.

Its just unfortunate that the Engine this incredibly popular game is running on happens to trust EVERY SINGLE PERSON.

Of course people are going to abuse that trust. People are dicks.

You should know that just by running around in Cherno.

Edit : I'd appreciate after reading some sort of comment, to keep the topic up on the front page.

It would be amazing if it got stickied, but not much chance of that.

To the DayZ crew, I apologise if I overstep my bounds with any of this information, I attempted to keep it as clean as possible in regards to hacking.

Also i'd just like to mention that a good chunk of my understanding came directly from Suspenselol.

Props to him.

Edited August 17, 2012 by DarkRaven123

[Lumberjack (DayZ) 60]

Very nicely put.

[Senrain 148]

A very well organized post with useful information and constructive advice. You have my beans sir.

[ottis 9]

You've got my beans, sir. Hell if I had a Mountain Dew, I'd give you one as well.

[domistyle 221]

Good post, have some beans.

[Flip4Flap 8]

You have my beans Sir, interesting reading, thank you for sharing it!

Now I have hope! ;)

[Andreasss 1]

very good read

[DarkRaven123 602]

I honestly forgot I posted one in cheat reporting as well.

The one in my sig has some more updated info on some stuff.

[schalart 12]

I'm like now your #1 fan. . .

[zuk 39]

inb4 sticky.

[Flip316 3]

nice post! take my beans. i hope it will be fixed^^

[DarkRaven123 602]

Updated.

[schalart 12]

Updated.

I'll keeper alive capt'n.

[DarkRaven123 602]

http://dayzmod.com/forum/index.php?/topic/55030-hackers-what-you-need-to-know/

Keep this one alive more :)

[schalart 12]

http://dayzmod.com/f...u-need-to-know/

Keep this one alive more :)

I'm on that one too. . .

[osirish 165]

de_bump

[schalart 12]

How does this thread keep getting ignored?

[Senrain 148]

More people need to read this.

[DarkRaven123 602]

Haha, its not that its getting ignored, people just like it and don't post.

Seriously, look at dem likes.

I feel like one of those asshats on facebook.

"Like if you agree!"

Folow meh for 2000 freinds!

[pyck@hotmail.com 8]

yst a pley came with a heli on the internationel hotel in cherno he put his chopper on the building and wanted to parachute down seems that din't work and he crasht to his dead :D I was near the woods and i saw a second chopper just mins after he died again so wtf a hacker in my server i told my m8 shoot him he got the kill and i noticed it was the person who put the first chopper on that hotel so i banned his ass

[Dazed 80]

Disable trees is a rather huge problem. Ever try to sneak up on a sniper when you can't use trees as cover or even a shield against bullets?

Edited August 5, 2012 by Dazed

[Sticker704 121]

The thread lives!

Into my signature it goes.

[AGlumSon 43]

Thanks! Good read and gives me hope for the future.

[schalart 12]

Thanks! Good read and gives me hope for the future.

me too.

[tsandrey 379]

How do you mean "it will be fixed"? Either BI prevents scripts from being run or we wait for DayZ standalone.

It's sad, but that's the truth!