Jump to content
DayZ Forums
venthos

You may want to hold off on 1.7.2.6 until this new hack is detected

By venthos, in Mod Servers & Private Hives

Recommended Posts

venthos    605

venthos
Posted (edited)

The hack/bypass mentioned below is now reported to be detected and dishing out global bans. See Post #14 for details. Yay :D

Back on 09/02 a hack was released that made it very easy for people to insta-kill entire servers, summon all vehicles to their location, etc. It abuses the publicvariable situation that permits the scripts to evade current scripts.txt/createvehicle.txt/remoteexec.txt rulesets. Just recently with a new Beta server .exe were we granted the new publicvariable.txt ruleset, so understandably that's still being worked on and doesn't yet have any kick restrictions in place. The release day of this hack was also the day that hack activity went up quite a bit on the forums (no doubt from this particular hack). Within 24 hours, BattlEye had it detected and was globally banning the offenders left and right. 09/02 was also the only day my server experienced a server-wide kill from a hacker, although that's just anecdotal evidence.

Today, a re-release of the same hack was published that is presently undetected. For this reason, I am holding back my own server to 1.7.2.5 to prevent hackers from screwing with my vehicles and getting them saved on some remote island/destroying them and saving them. That's been the one nice thing about saves not working, hackers can't screw you out of vehicles for 7 days.

This may all be for naught, as no server is immune to hackers of course even once this particular hack gets detected. But, I am hoping that BattlEye experiences similar turnaround here and can detect it again within 24-48 hours, and therefore holding back on updating my server to where tents/vehicles are fixed to hopefully minimize the effects of hackers.

I'm simply putting this out there so server admins can make their own decision on this. I know some are desperate for the artifact/tent/vehicle fixes. But, at least you have this knowledge in hand when you make your decision on whether or not to update. Just to clarify, 1.7.2.5 doesn't make you "safe" from this hack, it just means if they screw with your vehicles a server restart will always fix it whereas in 1.7.2.6 they'll be able to save them in their blown up/portaled to an island state and you'll have to wait 7 days for new ones.

If you guys are seeing a spike in hack activity today/tonight/tomorrow, this hack is likely why.

Edited by Venthos
  • Like 8

Share this post

Link to post
Share on other sites

crusader_111    62

crusader_111
Posted

Good to know, but as you said hacking won't stop so this isn't new and if servers want to keep their players then they will have to update to 1.7.3 (1.7.2.6) so people don't have to deal with annoying bugs. Unfortunately you just can't win in any circumstance because most people who hack are prepared to pay for a new CD-Key and change it then start hacking again. So good luck winning against that.

Share this post

Link to post
Share on other sites

phillyjoker    10

phillyjoker
Posted (edited)

Good info, have some beans!

EDIT: What about players, would you recommend not updating for them as well?

Edited by PhillyJoker

Share this post

Link to post
Share on other sites

echosyp    56

echosyp
Posted

Why do people keep calling 1.7.2.6 1.7.3? Did dogs get released? if not its not 1.7.3

  • Like 3

Share this post

Link to post
Share on other sites

venthos    605

venthos
Posted (edited)
...if servers want to keep their players then they will have to update to 1.7.3 (1.7.2.6)...

Absolutely agreed. The only reason I felt the need to mention this particular hack is BattlEye's amazing turnaround time last time (just under 24 hours). If delaying the update to 1.7.2.6 by 24 hours for my server saves out on losing vehicles for 7 days, it's worth it. But yeah, for sure, I'll be updating tomorrow regardless for the weekend. I'm just in no rush right now given the new release of the hack today. Not every server admin is in my position though, and it doesn't make sense for everyone to hold back to 1.7.2.5

Why do people keep calling 1.7.2.6 1.7.3? Did dogs get released? if not its not 1.7.3

Some people are really confused about the fact that there are two software packages related to DayZ.

Hive 0.7.4

DayZ 1.7.2.6

The confusion has lead to people calling it all sorts of version numbers. They are unique software packages and their versions should be mentioned independently (as above). However, Hive 0.7.4 only works with DayZ 1.7.2.6 and Hive 0.7.3 is required for DayZ 1.7.2.5.

Edited by Venthos

Share this post

Link to post
Share on other sites

venthos    605

venthos
Posted

There is already a way to track public variables, the community ban site has the info: http://code.google.c...munity-banlist/

Yep I mentioned that fact it in the 3rd and 4th sentences of my original post :)

As I stated in the original post, currently the filter is purely logging and has no rules in place of category "5" (prevent/kick). So at best you'd log what happened or have no log at all about it if they used one of the vars exempt from the initial category "1" log rule. This is brand new (like you say) so I'm sure the ruleset will mature over time. It's just doing nothing right now but logging.

Share this post

Link to post
Share on other sites

venthos    605

venthos
Posted

DayZ anti-hax does very little since it's simply a log parser. Not to say it's useless, but it's one thing that I have no plans to implement on my server ;P It wouldn't catch this particular hack, for instance.

Share this post

Link to post
Share on other sites

fuzzy4ever    22

fuzzy4ever
Posted

DayZ anti-hax does very little since it's simply a log parser. Not to say it's useless, but it's one thing that I have no plans to implement on my server ;P It wouldn't catch this particular hack, for instance.

And it's actually pretty buggy. Was banned from a server cause I repeatedly saved a helicopter (gutman tendencies, whoops!)

Share this post

Link to post
Share on other sites

Graz (DayZ)    146

Graz (DayZ)
Posted

I barely understood any of what you said.

But I liked it anyway! Battleye is getting pretty quick at slapping these kids back down. Unfortunately they breed like flies >_<

Excited and apprehensive for the new patch!

Share this post

Link to post
Share on other sites

venthos    605

venthos
Posted

As anticipated, 26 hours later the hack thread has been closed down marked as "Detected!" with hackers reporting receiving global bans for its use.

So, this particular bypass/hack has been detected and kicked in the face by BattlEye's crew once again in rapid fashion. You never hear this stuff, do you? Just the people crying about BattlEye "not doing anything".

This doesn't mean everyone is safe from hacks, just this particular hack in question.

Note that another good thing you can do to fight hacks is make sure you ALWAYS run the latest and greatest ARMA2:OA Beta. While the beta updates themselves may not protect against hacks, each new Beta client means that anyone reading/writing to memory are forced to locate and update their memory offsets for the latest Beta. Since the vast majority of "hackers" know almost nothing about how to create the hacks, this usually means you at least get a period of time when your server isn't vulnerable to some hacks (mostly this is going to be ESP type hacks that this prevents_ until its author updates them.

Keeping up-to-date on the beta only matters, though, if you also keep your server's config to REQUIRE that your players use the latest beta client as well (the "requiredBuild" value in your config file). If you don't require they use the latest beta, they can just run an older client they have the offsets for.

Anyway, that's the update on the situation.

  • Like 2

Share this post

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Go To Topic Listing Mod Servers & Private Hives
×