Hackers - What you need to know.

[br0nx 9]

The funny thing is that if you put up a server just for hackers they won't join it.

[Kaishi 1]

Nice post, though all this defending of Arma2 by saying it's "designed to be open" I don't buy.

Arma2's open nature is why we see such creative and extensive hacks once someone breaks in, which actually are in some ways better than the typical aimbots/wallhacks.

But the fact that it is possible at all to cause the *sever* to spawn an item that is not logged is just silly. Trusting the commands of a client are one thing, but trusting the client to do the logging for you is kind of absurd (or lazy). It seems like a sever side fix could be made to actually log what a player does, then you could have server side anti-cheat and now the hackers will only have the standard aimbots/wallhacks that can be done entirely client side.

Let's home Arma3/standalone comes out before DayZ dies to the hackers.

[DarkRaven123 602]

Arma 3 will be the exact same.

It's not laziness.

At all.

It's designed spefically with modding in mind.

It's one I'd the most moddable engines on the market.

If anything, I'd say it was harder to code the engine this way.

[Azrail (DayZ) 211]

yst a pley came with a heli on the internationel hotel in cherno he put his chopper on the building and wanted to parachute down seems that din't work and he crasht to his dead :D I was near the woods and i saw a second chopper just mins after he died again so wtf a hacker in my server i told my m8 shoot him he got the kill and i noticed it was the person who put the first chopper on that hotel so i banned his ass

dafuq i just read

afaik there are three possible helicopters per server

Edited August 8, 2012 by Azrail

[jefe4life 42]

Im keeping my beans... You can have my Sardines.

[Konrad010 6]

DarkRaven 123:

Excellent piece! Thank you for giving perspective to this issue. Please enjoy this can of beans!

[CommanderBoiled 1]

i was always wondering why our camps and vehicles are always gone in less than 24 hours after we built them up. when i read about this ESP shit and saw some screenshots (just google, you'll find them very quickly) of ppl actually using it, then this is no surprise for me anymore. there are ESP's out there which allow you to see vehicles, survivors and tents over the WHOLE map. ESP is something like a much more powerfull magic rangefinder. thats just insane and makes it really pointless to me to play this game any longer. you cant hide camps, you cant hide vehicles, you cant even hide yourself from this. this really must be stopped. otherwise iam afraid that this game will be cheated to death some day.

i experience this especially since the reintroduction of helicopters. my group has built up 6 or 7 choppers on different servers yet. not a single one stood longer than 24 hours where we parked it for the night.

Edited August 8, 2012 by CommanderBoiled

[Azrail (DayZ) 211]

i experience this especially since the reintroduction of helicopters. my group has built up 6 or 7 choppers on different servers yet. not a single one stood longer than 24 hours where we parked it for the night.

helicopters don't save properly at the moment.

they reset back to their spawn point.

must be a cheater sitting there resetting all helicopters across all servers.

[TheDannyB 0]

Bump. Because I just got killed by a hacker. Woot!

[Shuny 7]

Arma 3 will be the exact same.

It's not laziness.

At all.

It's designed spefically with modding in mind.

It's one I'd the most moddable engines on the market.

If anything, I'd say it was harder to code the engine this way.

This feature is nice, but you should be able to disable or limitate the people being able to use scripts. A lot of games are designed for modding (look into UT2004) but it doesn't mean anyone can spawn random items on the map.

And yeah, I have to agree with a previous post: You said "IT WILL BE FIXED". No it won't. Because the scripting engine is a part of the Arma 2 engine, and fixing it would require recoding a part of Arma 2. Which BI will not do.

Edited August 8, 2012 by Shuny

[mjrhzrd 3]

Since yesterday's post in another thread. I played for 3 hours after work. I got Thunderdomed as I logged into another server with 4 people on it. On my group's server: Two cows appeared in front of me and were singing a tune I had not heard before. I alt F-4ed not waiting for something to happen. I came back into the server 10 minutes later and was stunned with the rest of the players. A half-hour later. Someone was popping in and out of the lobby ever 1-2 seconds it seemed and then ran a script the killed all the players on the server and forced and immediate up to the hive as everyone who Alt-F4ed were dead on the other servers they spawned into. Day 7 was my last day @#$@!%#%$#! Lost an L-85 and an Mp4 SD as well as other hard-won items. Not an actionable problem here eh?

Terrible that such a great game is being discredited by lack of action. I have read about the Hacking thread, and don't believe that they cannot stop scripts from the clients. How's about a mass ban to prove some action and dump some of the hackers.

Still liking the idea of having the Server admins of paid servers shutting down their servers on a set day for 24 hours to prove a point. There would be a very limited game if it were not for these community paid-for servers, and we are being told to put up with it....

[stonedmonkey 1]

SCRIPT KIDDIES.

These are the people you see running rampant. I can 99.99% guarantee these people either downloaded a leaked private hack or bought one from one of the hacking sites that make money from spastics who want an easier game.

These people go mad with power. That's why you see so many people nuking, mass teleporting and so on.

Because they are 12 year olds who have access to their parents credit card.

You'd generally find these people who got killed by a legit sniper and say to themselves "I want that gun, oh, better look for an easy way to get it because i'm aman with ADD and a short attention span."

Basically, they are the spoilt brats of our generation who want instant gratitude.

Unfortunately, the hackers who made these hacks decided to put in instant-kill and teleportation and all these other exploits that ruin everyone's day.

Yes stop calling them "Hackers" since they dont even know how to use a command script.

Calling them Hackers is like calling a gamer a Pro ^^

[patakiorama@gmail.com 3]

As we have seen, there is rampant "hacking" in -game at the moment...

Great overview but you didn't mentioned the probably largest group of hackers: those who have played DayZ legit for hundreds of hours and now are totally bored by it.

Let's face it - once you got a Coyote backpack and a high-tier weapon set, like an AS50 - M4A1 Holo - PDW trio, you have achieved everything in DayZ you can. There's no content to keep you interested any longer. No missions no goal no new areas no nothing.

With quests and storyline probably never to be added, the only feature to keep me interested would be new weapons. Not just another 5.56mm rifle that wouldn't make a difference but something like the VSS Vintorez or multiple grenade launcher or sniper rifle with NV which opened up new tactics and changed gameplay and thereby renewed the whole experience. But what did we get in terms of new content? Hatchet and crowbar, LOL.

Hence I can very much understand players who hack content into the game that should have been added legitimately a long time ago.

If I'd find one of the notorious hacked-in items like a Vintorez or AS50 w/thermal vision I would happily keep it.

Besides, this whining about the game not being clean and legit any longer is insanely hypocritical. It's not hackers but immoral players destroying the game, people who come here reporting hackers and think they're good guys but would kill any friendly over a can of beans or just for the fun in it.

PS: Thunderdome, god mode, nuking etc hackers should be shot in the dick, no arguing about that. I'm not talking about them as there's no excuse whatsoever for their actions.

[stonedmonkey 1]

Great overview but you didn't mentioned the probably largest group of hackers: those who have played DayZ legit for hundreds of hours and now are totally bored by it.

Let's face it - once you got a Coyote backpack and a high-tier weapon set, like an AS50 - M4A1 Holo - PDW trio, you have achieved everything in DayZ you can. There's no content to keep you interested any longer. No missions no goal no new areas no nothing.

With quests and storyline probably never to be added, the only feature to keep me interested would be new weapons. Not just another 5.56mm rifle that wouldn't make a difference but something like the VSS Vintorez or multiple grenade launcher or sniper rifle with NV which opened up new tactics and changed gameplay and thereby renewed the whole experience. But what did we get in terms of new content? Hatchet and crowbar, LOL.

Hence I can very much understand players who hack content into the game that should have been added legitimately a long time ago.

If I'd find one of the notorious hacked-in items like a Vintorez or AS50 w/thermal vision I would happily keep it.

Besides, this whining about the game not being clean and legit any longer is insanely hypocritical. It's not hackers but immoral players destroying the game, people who come here reporting hackers and think they're good guys but would kill any friendly over a can of beans or just for the fun in it.

PS: Thunderdome, god mode, nuking etc hackers should be shot in the dick, no arguing about that. I'm not talking about them as there's no excuse whatsoever for their actions.

Since i Got all weapons and archived all i wanted i should go out and use my little scripts i got from a other bored kid?

What about go into cherno and try to interact with the pplz there?Yes its true i got shot at 2 of 3 trys but sometime i find some funny guys or even sometimes a little surviver with a broken bone to help!

Also i go and shoot the little campers at the Fabrics camping there for like 2h and server hoping like a dumb shit.

No its not over and no its not the only game i can play...IF i get bored i go play ARMA 2 or even a other dumb game i have in my Steam libary.

There is no excuse for spawning items or nuking server also there is no DIF. its just rly lame shit the Kids doing to this game.

I Read from your post you are used to games like COD or BF where you can unlock TONS of weapons but at the end we all stick to our favorit weapon and forget about the 100 weapons we just unlocked...

[patakiorama@gmail.com 3]

Been there done that, kid.

You didn't get my point - I was talking about weapons that offer new combat tactics. I found once a crate with a silenced AK74 and didn't touch it. Why? Because as far as its usefulness goes it's just a legit M4A1 SD with a different skin. Wouldn't make a difference. If my wish for some new game content makes me equal to server nuking scumbags in your eyes - it's your problem and no offense but I couldn't care less.

[Elderic 2]

Well what you call scripts is just Debug functionality which all games have and are ussually disabled when released but since this is beta they probably left them active for testing. The little kids out there think they are cool because they found out how to access the debug menu and execute the commands are not hackers but lame jerk offs that have no clue.

[edonovan 15]

I guess we should be thankful there are so many varieties of hacks available. Otherwise, they'd just spawn nukes every 3 minutes because that's the only hack they had.

Still would be nice to somehow prevent teleporting and spawning non-sanctioned items. But since I don't know how the engine works, it's difficult to suggest any solutions.

[Allyourbase51 38]

Well written thread. Currently working on getting evidence against a particular hacker who makes the mistake of playing on the same server. In fact, they're the admin of the server as far as i know (before you say ADMEENZ ARNT HAXXOR) i got a confession from him, but i was a retard and didn't have fraps running at the time. But i've got a plan, and if it works, there'll be one less skiddie running around here.

[U.B.C.S. Ravin 326]

I thought this thread got deleted. It took awhile to find it. Thanks Hop's for relinking me.

[XPreCiZiiOnX 0]

Glad I read this!

[MrLuigi 0]

I have never wanted to hack in this game but the dancing script looks amazing and should be a feature. With the glow sticks and stereo mix over the mic would be fantastic.

[NightRipper 284]

PLEASE STICKY THIS THREAD.

[AdonaiJr 2]

Well explained.

[Sir Diealot 46]

Not much here I personally didn't already know, but nonetheless a must-read for MANY people, and well written. Have beans.

[moignus 10]

As we have seen, there is rampant "hacking" in -game at the moment.

Also as we've seen, everyone is a spastic and rants and raves over how rocket should fix the hacking.

I'm just making this so people can get some sort of knowledge about the situation, and generally because i'm sick of every second thread being some douche whining about how BI or DayZ team should fix it.

Background.

Since Arma was developed, it has primarily been made as a Military Simulator. To this end BI has ALWAYS had a "Trusted client" model.

Basically, players can execute any scripts they want, and freely.

The game was designed to be played on such a large scale, and with the Military in mind, they made this decision.

Why? So you could create your own scenarios with a click of a mouse. No need for modding or anything like that, you type up a quick script in Notepad++ and then you spawn everyone with a tank, or in helicopters, or whatever.

In short, Arma 2 was never made to be a MMOFPS w/ zombies.

Ever.

Because of the trusting relationship the engine has with the client, this clearly leads to people abusing it.

It has always been like this, since the first Arma engine.

And it won't change, BI cater first and foremost to their Military contractors and the HARDCORE MilSim fans.

So in the end, if you played Arma 2 at all, you'd know that most servers were passworded and you organised playing with friends or skrims on the web. Because anyone can just walk in and execute a script that say, spawn a nuke.

This is where the Arma 2 engine "fails" in terms of DayZ. (Not to mention being buggy .)

Then comes Battleye.

But first.

For UBCSRavin!

More on the Arma Engine/Hive/"Untrusted"

In every other game I have come across, the client is automatically UNtrusted. Basically, you're a criminal waiting to happen in the eyes of whatever engine you are on.

This restricts just about everything you can do, to an extent.

If we take Battlefield 3 for example, there is no way in hell, without the use of a mod, or other more nefarious means, can you spawn anything that the server doesn't already have on it.

Or even any Valve game.

Each game comes installed with anti-piracy/anti-tamper measures. In Valve's case, its steam and punkbuster.

Because you're already untrusted, any time ANYTHING that doesn't match the server-side "rules" you are instantly banned or kicked, not to mention that the Server Admin on most other games have complete control of their servers.

There is good reasoning behind DayZ teams decision to tighten up the rules in relation to hacking and such. Without them anyone could accuse someone of hacking, get them banned, probably lose their 5 hour progress.

This just can't happen.

Its frustrating, but there simply isn't another way, unless Rocket chooses to centralise ALL the servers, like an MMO, and completely cut out the publics involvement in the running of the servers. Seriously, name another MMO that lets you run your own server.

But you don't have the ability to execute scripts or anything remotely close to that of ArmA 2 on other games.

Its pretty simple, it would get abused, not to mention that coding in the ability to make scenarios (For instance - Thunderdome) on the fly is a huge undertaking.

Scripts are normally executed server-side, Client-side doesn't even get to see these scripts, without the aid of certain tools.

On Arma 2 however, you can execute scripts at will. It has always been BI's mission to deliver an AUTHENTIC MilSim experience with their engine. Some of the contracts they hold are huge, I would assume.

If you have a look at the BI website, it show cases some of their work, most pretty dam impressive.

Unless you are playing Eve, I don't think there is any games of note that actually use a HIVE system.

The HIVE, if you don't know, is basically a huge SQL (assumption) database containing EVERYTHING pertaining to each players Characters.

The general way I the HIVE works is this : (I'd assume there would be more steps, and it would be more complex, but then again, you never know)

- Join Server, "waiting for character to create" is the server you join (Lets say ANZ1 for now) querying the main HIVE for your specific data.

- Do whatever it is you are doing on ANZ1, find a weapon, get some gear, etc, Battleye is active on each DayZ server, trying to find scripts that aren't meant to be there.

- Leave server. ANZ1 communicates all your gear, positioning data etc. to the HIVE.

The problem with this model is that its easy to exploit.

If you can circumvent Battleye, the only server-level security aloud at the moment, you are free to do what you like.

So you can spawn a bunch of vehicles and weapons and the ARMA 2 engine believes that is "legal."

Then when you leave it communicates all this information to the HIVE, which also trusts what the Server has to say. Why wouldn't it though? If you assume everyone is good, there is no reason to look for the bad.

And we need to remember as well, Arma 2 was never made to have a persistent world.

It was designed so you can run scripts, which generally make entire missions, or change the current mission on the fly. Something I'm sure would let the Military contractors stress to their users how battle can change.

SCRIPTS.

Just about everything in Arma 2 is run by scripts. Practically all of DayZ is one script comprised of many, many smaller scripts.

Every time loot spawns. Script.

Every time you spawn. Script.

Zombies spawn. Script.

And so on.

Which leads to the system being easily abused by the less savoury types of gaming.

Understanding how scripting works in relation to anti-cheat.

As you know, scripts can be executed at any time, by any player on any server.

Its ridiculously easy to do.

That is why Battleye is here. It picks up on any "illegal" scripts being executed, the ones that don't match what is meant to be run according to the server.

There is basically a whitelist of scripts that are allowed to run, and anything else results in a kick, or even a global ban.

Battleye is quite efficient at DETECTING scripts that aren't aloud to be run.

The problem at the moment though, isn't Battleye failing (Well, kinda) It's the fact you can use a "hook" to inject into the Client-side Battleye process and typing a few lines of code that effectively make all the scripts you execute invisible to the server log, which means you can't get kicked, banned, etc.

Once they find the memory space getting "hooked" onto, they release an update and a mass ban rolls out.

One happened 3 days or so ago.

That is how anti-cheat and hacking work in relation to each other.

Hackers create a hack, Anti-cheat responds. Mass ban. Rinse and repeat.

You can never completely stop hacking, ever.

There are people who simply dedicate their time as a hobby to writing hacks for games.

These people you don't really need to worry about. They might hack in weapons or vehicles and so on, but their hack stays for their private use, and perhaps a few close friends.

They don't intentionally, ALL THE TIME, go out of their way to ruin other peoples days, like the currently huge amount of Scripts kiddies that got a hold of a certain hack, the friendly hackers you hear about, the ones giving heli rides and gear are generally the people who write their own shit.

SCRIPT KIDDIES.

These are the people you see running rampant. I can 99.99% guarantee these people either downloaded a leaked private hack or bought one from one of the hacking sites that make money from spastics who want an easier game.

These people go mad with power. That's why you see so many people nuking, mass teleporting and so on.

Because they are 12 year olds who have access to their parents credit card.

You'd generally find these people who got killed by a legit sniper and say to themselves "I want that gun, oh, better look for an easy way to get it because i'm aman with ADD and a short attention span."

Basically, they are the spoilt brats of our generation who want instant gratitude.

Unfortunately, the hackers who made these hacks decided to put in instant-kill and teleportation and all these other exploits that ruin everyone's day.

Current scripts ruining your day - UPDATED.

For more information on this look here : The Truth - A guide to surviving Hackers

User Elenkel has gracefully admitted to hacking, and his experiences in relation to what scripts are out there, and how many people are actually hacking are quite eye-opening.

I personally had never even heard of "Thunderdome" until he posted it.

I did choose to omit certain hacks from my original post however, simply because I believe that some people may think it would actually be pretty cool to hack with all the added features.

ESP (in some of the released hacks)

Teleportation. (Of themselves and others)

Ability to see everyone on the map.

Spawning of objects, weaponry or vehicles, including those not in DayZ itself.

God mode.

Nuking.

Give themselves full health with a single button.

Disable grass. - Dunno why they would do that, maybe to see people crawling?

Name Spoofing/Possible GUID spoofing.

Wallhack, kind of. (Tampering with files)

If any admin are reading this, you should read this post : http://dayzmod.com/f..._20#entry481304

Props to Barronism for posting it. It should fix the "wallhack" that people are abusing at the moment, its a very good fix, but i'm sure it will be patched.

What can Admin or even regular players do?

First of all, if you haven't read this thread, please do : http://dayzmod.com/f...u-need-to-know/

A fantastic thread letting you know that admins aren't the ones doing this shit to you.

On our side there aren't many things we can do to stop them. If you can Fraps them hacking and possibly get their names or what not, you can contact Battleye, the DayZ team or even BI with your evidence and they should get a ban, sometimes. I can't say for certain how on top of this type of reporting they are.

The DayZ server hosting rules are pretty strict when it comes to banning people from your server. Therefore it is advised you don't ban anyone without the proper evidence, as you could get blacklisted.

Besides, if you have no evidence the suspect will just come here and whine to the DayZ team for an unban. And if you have no evidence they have to oblige. Its not worth the hassle.

What does Rocket have to do with anti-cheat? (And is this a DayZ problem?)

First of all, aside from the HIVE database bans, Rocket + Team, as far as my knowledge goes (probably wrong :/) have nothing to do directly with the anti-cheat.

At all. That is completely in Battleye's hands, not even BI itself would have anything directly to do with it. And no, they won't change their entire engine to stop scripts from being executed.

A lot of people i've seen on the forum have been saying shit like :

The kind of "special person" I am trying to reach out to with this post.

Day Z is DEFINATELY the reason we see SO MANY skiddies in the game. ArmA 2 wouldn't be receiving any attention at all in the mainstream if it wasn't for DayZ. So thats where the influx of skiddie scum has come from. They came to play DayZ, it was too hard, or they got bored and they decided to grief everyone.

But DayZ isn't the CAUSE of the hacking. You need to understand this part. ITS NOT DAYZ'S FAULT THERE ARE SKIDDIES EVERYWHERE.

Its multiple things.

Mainly :

- Arma 2 is a trusting engine.

- DayZ is super popular at the moment.

- Battleye is easy to hook into.

Well, what now?

It will be fixed.

I think i've written that sentence over 100 times on this forum the past two weeks.

Battleye nor BI or the DayZ team announce what they are doing in terms to anti-cheat.

It will just come out of the blue one day and MANY people will get banned.

Patience, a virtue much lost in this generation.

Oh? What is this "Patience" you speak of Raven?

Well young man in year 10, its where you wait. You wait without screaming and crying every 5 seconds like a spoilt toddler not getting his lolly.

IT WILL BE FIXED.

Battleye is a company contracted to work on the anti-cheat for the Arma 2 engine. Its a job.

They will get it done, because thats what they are payed for.

Its a complex job looking for hooks in your own .DLL, because there are so many places they could be injected.

TL;DR :

Shit happens then you die.

Hackers are always a problem in games. There are ALWAYS people out to crack open games and look inside.

Its just unfortunate that the Engine this incredibly popular game is running on happens to trust EVERY SINGLE PERSON.

Of course people are going to abuse that trust. People are dicks.

You should know that just by running around in Cherno.

Edit : I'd appreciate after reading some sort of comment, to keep the topic up on the front page.

It would be amazing if it got stickied, but not much chance of that.

To the DayZ crew, I apologise if I overstep my bounds with any of this information, I attempted to keep it as clean as possible in regards to hacking.

I like this but i heard that other hackers/scripters can make it to where your data runs the script for them.. i've been reading alot of that lately and hoping that battleye and rocket in general take a closer look at things before banning/kicking people that instantly used a script, mostly because they can make other players use the script for them without even knowing I don't know how but GJ you sir can have my beans