byteslam (DayZ) 0 Posted August 23, 2012 I guess, there is nothing we can do against RADAR hacking or? Share this post Link to post Share on other sites
(OCN)Vortech 65 Posted August 23, 2012 I guess, there is nothing we can do against RADAR hacking or?There is currently nothing much we can do about radar/ESP, teleporting, and infinite ammo. Basically any cheater utilizing a functional bypass can do anything they like client side. I also believe we still can't do anything about remote executions to/on other players. I'm hopeful we can eventually defeat all script based stuff, we'll likely never defeat anything utilizing DirectX. Share this post Link to post Share on other sites
Frop 33 Posted August 23, 2012 My scripts.log has been spammed with this entry somewhere after midnight. Even after restarting the server it keeps occurring and my logfile is simply exploding in size. Does anyone have an idea what's going on and how to fix this (other than commenting out the corresponding line in scripts.txt)?23.08.2012 12:57:02: <hidden> (<hidden>) <hidden> - #0 "e >> _type >> _classname >> "displayName");null = _holder addAction [format[(localize "STR_DAYZ_CODE_1"),_name], "\z\addons\day" Share this post Link to post Share on other sites
falcon911 19 Posted August 23, 2012 (edited) My scripts.log has been spammed with this entry somewhere after midnight. Even after restarting the server it keeps occurring and my logfile is simply exploding in size. Does anyone have an idea what's going on and how to fix this (other than commenting out the corresponding line in scripts.txt)?23.08.2012 12:57:02: <hidden> (<hidden>) <hidden> - #0 "e >> _type >> _classname >> "displayName");null = _holder addAction [format[(localize "STR_DAYZ_CODE_1"),_name], "\z\addons\day"Funny that this only happens to certain people. Think this could be the "ESP/Radar" hack? IF so I think we can figure out how to just "search/log" for only this...Just can't quite figure out if the issue is with Displayname or not. Edited August 23, 2012 by Falcon911 Share this post Link to post Share on other sites
(OCN)Vortech 65 Posted August 23, 2012 (edited) Two new types of entries22.08.2012 14:05:56: username (ip) guid - #3 "m1aark1Pods3=True;While {m1aark1Pods3} do {{(group _x) addGroupIcon ["x_art"];(group _x) setGroupIconParams [[1,0,0,1],forma"Little ESP?22.08.2012 15:04:14: username (ip) guid - #121 "0;}; private ['_dummy']; _dummy = [_this,'initDialog'] call compile preprocessFile 'hooray.sqf'; _dummy = [_t"22.08.2012 15:04:14: username (ip) guid - #2 "sqf";};_handled;};Missionstrr =(findDisplay 46) displayAddEventHandler ["keyDown", "_this call keyhandler"];"22.08.2012 15:04:16: username (ip) guid - #0 "#line 1 "hello.sqf"_veh = vehicle player;_veh addaction ["A", "\dayztest\A.sqf"];_veh addaction ["Remote CMD", "\dayztest\A"22.08.2012 15:04:18: username (ip) guid - #9 "';_veh addEventHandler+['handleDamage', { false }];_veh allowDamage false;"22.08.2012 15:04:18: username (ip) guid - #31 "line 1 "dayztest\A.sqf"_veh = vehicle player;_veh removeAllEventHandlers 'handleDamage';_veh addEventHandler+['handleDamage'"22.08.2012 15:04:20: username (ip) guid - #21 "_wtf = getposATL player;wtf1 = "USBasicAmmunitionBox" createVehiclelocal ( position player ); wtf1 setposATL _plpos;_dayz_we"Looks like we see some invincibility and a crate spawn? Nice work Dwarden and whoever else may be contributing to the filters. Edited August 23, 2012 by (OCN)Vortech Share this post Link to post Share on other sites
Frop 33 Posted August 23, 2012 Funny that this only happens to certain people. Think this could be the "ESP/Radar" hack? IF so I think we can figure out how to just "search/log" for only this...Just can't quite figure out if the issue is with Displayname or not.I doubt it since this entry has come up multiple times for nearly everyone on the server (even a buddy who doesn't hack for sure). Share this post Link to post Share on other sites
falcon911 19 Posted August 23, 2012 I doubt it since this entry has come up multiple times for nearly everyone on the server (even a buddy who doesn't hack for sure).Yeap. Share this post Link to post Share on other sites
hohlraum 9 Posted August 23, 2012 I think the new scripts.log spam is caused by the new battleye update. I don't see any changes to scripts.txt on the site for 2 days and this just started. Share this post Link to post Share on other sites
Frop 33 Posted August 23, 2012 (edited) I've edited out the following (and coincidentally the first) line of scripts.txt. I doubt it's a good idea on the long run, but at least for now it gets rid of the spam.1 addAction !"\"addAction\"," !"_action1 = _unit addAction [localize \"str_actions_medical_01" !"s_player_grabflare = player addAction [format[localize \"str_actions_medical_15\",_te" !"raddAction = 'addAction'" !"raddActioncode = compile PreprocessFile (BIS_PathMPscriptCommands + 'addAction.sqf')" !"null = _holder addAction [format[(localize \"STR_DAYZ_CODE_1\"),_name], \"z\addons\dayz_code\actions\object_pickup.sqf\"," !"NORRN_dropAction = player addAction [\"Drop body\", \"\z\addons\dayz_code\medical\drop_body.sqf\",_dragee, 0, false, true];" !"s_player_dropflare = player addAction [format[localize \"str_actions_medical_16\",_text]," Edited August 23, 2012 by Frop Share this post Link to post Share on other sites
digital0 22 Posted August 23, 2012 can anyone tell me what this is doing?#121 "e ['_dummy']; _dummy = [_this, "CA_VO_ToggleAdvanced"] call compile preprocessfilelinenumbers "\ca\ui\scripts\HideVideoOptions.s" Share this post Link to post Share on other sites
Frop 33 Posted August 23, 2012 can anyone tell me what this is doing?#121 "e ['_dummy']; _dummy = [_this, "CA_VO_ToggleAdvanced"] call compile preprocessfilelinenumbers "\ca\ui\scripts\HideVideoOptions.s"I've seen this one too and my uneducated guess would be that people are hiding the Advanced video options after they tried flushing their memory with the Video Memory setting. Share this post Link to post Share on other sites
Frop 33 Posted August 24, 2012 (edited) The new .txts released last night seem to fix the spam problem of "STR_DAYZ_CODE_1". Edited August 24, 2012 by Frop Share this post Link to post Share on other sites
quatermass 9 Posted August 24, 2012 Can someone explain why in the game does BattlEye kick a player for a line such as #213 when line 213 is// not much of use //#+14I presume that BE takes account of commented lines and therefore is reported the correct line in Scripts.txt?I would like to see each line with an explanation of what it is intended to do.For example what the heck does line 215 report? 1 "wuat\\" :)As a IT engineer and not stupid, I can't find the documentation of these security lines on BE web site or this forum.Many thanks... :thumbsup: Share this post Link to post Share on other sites
falcon911 19 Posted August 24, 2012 Can someone explain why in the game does BattlEye kick a player for a line such as #213 when line 213 is// not much of use //#+14I presume that BE takes account of commented lines and therefore is reported the correct line in Scripts.txt?I would like to see each line with an explanation of what it is intended to do.For example what the heck does line 215 report? 1 "wuat\\" :)As a IT engineer and not stupid, I can't find the documentation of these security lines on BE web site or this forum.Many thanks... :thumbsup:Well you need to go back to school, do a little more research next time or take a programming class. Line 213 -1 So look at line 212. The -1 is due to the first line not being counted.Try the below link over at BI there since they are the ones that created the new feature to assist you on the hackers. http://forums.bistudio.com/showthread.php?138736-Introducing-Server-side-Event-Logging-BlockingEasy up cowboy and do better research before coming on here and ranting like you did. Share this post Link to post Share on other sites
Frop 33 Posted August 24, 2012 (edited) Obviously BE doesn't count commented lines, so the scripting team put +# behind the commented lines for convenience (for instance everything under a "#+10" line needs to have 10 subtracted to get to the kick reason, e.g. something on line 200 would be kick reason #190). Edited August 24, 2012 by Frop Share this post Link to post Share on other sites
Khyron_UN 14 Posted August 24, 2012 is there any way, or is it possible to log who kills who? I don't mean to show in the game of course, but when I hear complaints about teleporting killers it would be so easy to catch is we had a log saying so and so killed so and so here.... because if you see 3 kills from one person all over the map in less then a minutes then bam, we got them. Share this post Link to post Share on other sites
falcon911 19 Posted August 24, 2012 is there any way, or is it possible to log who kills who? I don't mean to show in the game of course, but when I hear complaints about teleporting killers it would be so easy to catch is we had a log saying so and so killed so and so here.... because if you see 3 kills from one person all over the map in less then a minutes then bam, we got them.That would be nice... Share this post Link to post Share on other sites
cwc_shadow 70 Posted August 25, 2012 Found this in my remoteexec.log. Hack or not?24.08.2012 16:27:48: PLAYERNAME (IP) GUID - #0 "titleText ["Everybody stop and Dance!", "PLAIN"];"24.08.2012 16:27:48: PLAYERNAME (IP) GUID - #13 "titleText ["Everybody stop and Dance!", "PLAIN"];"24.08.2012 16:27:48: PLAYERNAME (IP) GUID - #0 "player playMove 'ActsPercMstpSnonWnonDnon_DancingDuoIvan';"24.08.2012 16:27:48: Kerr (90.213.94.238:2304) 92c2953024ff119aabf8c61885176826 - #8 "player playMove 'ActsPercMstpSnonWnonDnon_DancingDuoIvan';"I anonymized the name, IP and GUID in case that guy is innocent. But it looks like he executed a dance script. Am I right? Share this post Link to post Share on other sites
violentnava@gmail.com 7 Posted August 25, 2012 (edited) So....Just got my own server a few days ago, and while perusing my createvehicle log, I found these.25.08.2012 02:48:45: player2 (x.x.x.x.:xxxx) GUID - #0 "AmmoBoxBig" 22:29 [12301,3502,6]25.08.2012 05:24:06: player (x.x.x.x.:xxxx) GUID - #0 "AmmoBoxSmall_762" 43:787 [4668,9595,339]Im pretty sure they spawned boxes, correct?I also saw these and thought they looked strange."GrenadeHandTimedWest" 24:117 24:4 [4632,10485,340] [3,-7,0]"PipeBomb" 75:144 75:4 [10772,8586,243] [0,0,0]But out of these last 4, these 2 stood out the most to me as suspicious."HelicopterExploSmall" 70:84 0:0 [10076,8153,244] [0,0,0]"HelicopterExploBig" 70:85 0:0 [10076,8153,245] [0,0,0]Also, what should my remoteexec.txt have in it. Its pretty empty and it hasnt even created a log for it yet. Edited August 25, 2012 by Nava Share this post Link to post Share on other sites
nik21 287 Posted August 25, 2012 @System98Yes it's a hack, makes everybody dance (lol).@NavaYou can find official files for DayZ here:http://code.google.com/p/dayz-community-banlist/source/browse/#git%2Ffilters Share this post Link to post Share on other sites
icetbag 3 Posted August 25, 2012 Hi chaps,Found several of the following entries in my scripts.log (having used dwardens CBL filters):21.08.2012 23:08:52: PLAYER_NAME (PLAYER_IP:PORT) PLAYER_GUID - #121 "private ['_dummy']; _dummy = [_this' date='onload'] call compile preprocessfile '\ca\ui\scripts\server_interface.sqf';"I'm aware of kicks for accessing the in-game admin control panel (dedicatedServerInterface.sqf) but this is first time I've seen log entries for server_interface.sqf, anyone got any thoughts? Not all players are logged, but some players are logged several times for this.Cheers Share this post Link to post Share on other sites
Geit (DayZ) 1 Posted August 25, 2012 (edited) Hi chaps,Found several of the following entries in my scripts.log (having used dwardens CBL filters):I'm aware of kicks for accessing the in-game admin control panel (dedicatedServerInterface.sqf) but this is first time I've seen log entries for server_interface.sqf, anyone got any thoughts? Not all players are logged, but some players are logged several times for this.CheersThis one is the "map/briefing" screen that appears for a player before the mission starts (That is, the first few people who join the server after a restart will be logged with this), it is not a hack. Edited August 25, 2012 by Geit 1 Share this post Link to post Share on other sites
icetbag 3 Posted August 25, 2012 Cheers Geit :thumbsup: Share this post Link to post Share on other sites
xXdom 5 Posted August 26, 2012 Earlier today I had a guy on my server picking up randoms in a chopper and ferrying them around, being an all around nice guy. Since he was solo prior to picking up people, I decided to check the logs for anything suspicious. The ONLY trace of him being on the server was this from createvehicle.log:25.08.2012 16:05:28: PLAYERNAME (IP) GUID - #0 "Sniper1_DZ" 100:30 [1,0,0]25.08.2012 16:06:10: PLAYERNAME (IP) GUID - #0 "Camo1_DZ" 100:36 [1,1,0]I parsed the scripts.log and remoteexec.log for any other entries from his name, IP and GUID and there wasn't a single entry in either. I find it suspicious that there isn't a single entry from him in scipts.log and I was curious if anyone had any thoughts on this. Share this post Link to post Share on other sites
Frop 33 Posted August 26, 2012 Earlier today I had a guy on my server picking up randoms in a chopper and ferrying them around, being an all around nice guy. Since he was solo prior to picking up people, I decided to check the logs for anything suspicious. The ONLY trace of him being on the server was this from createvehicle.log:I parsed the scripts.log and remoteexec.log for any other entries from his name, IP and GUID and there wasn't a single entry in either. I find it suspicious that there isn't a single entry from him in scipts.log and I was curious if anyone had any thoughts on this.I find it odd that someone would have a ghillie _and_ a camo suit on at the same time. Yesterday I had very strong indications someone was teleporting on our server, but I couldn't find anything in the logs except the fact he spawned in with two different backpacks at the same time (Assault and Coyote). I think I've seen screenshots here on the forum of hackers having multiple backpacks on them (I guess the spawn scripts don't take into account regular inventory restrictions), so I had to ban him. Better safe than sorry. Share this post Link to post Share on other sites