Jump to content

venthos

HOWTO: Use publicvariableval.txt to auto-kick players with hacked weapons

Recommended Posts

Credit goes to the folks at Gotcha-Antihack for the list of 'Hacked in Weapons'. I basically look the list from the .ini file to use as the basis of my "hacked items list".

I had initially tried Gotcha-Antihack, but the RCON spam and in-game global advertisements turned me away from it. One of the only things it seemed to do beyond the default filtering system and BEC was hacked weapon kicking. So, I decided to implement that in an alternative way once I realized it could be done.

Using this method, you don't need anything other than your DayZ server out of the box. It's included functionality with the ARMA2 server with the latest betas.

THE STEPS

[1] Open (or create if it doesn't exist) "publicvariableval.txt" in your BattlEye directory. Note that this is DIFFERENT from "publicvariable.txt".

publicvariable.txt = Checks against variable names

publicvariableval.txt = Checks against the values of variables

We want publicvariableval.txt

However, both of these filter files log to publicvariable.log

[2] Paste in the below:

  Quote

5 "\"BAF_AS50_TWS\""

5 "\"ItemRadio\""

5 "\"UZI_SD_EP1\""

5 "\"30Rnd_9x19_UZI_SD\""

5 "\"M4A1_HWS_GL_SD_Camo\""

5 "\"Skin_Soldier1_DZ\""

5 "\"G36_C_SD_camo\""

5 "\"Laserdesignator\""

5 "\"30Rnd_556x45_G36SD\""

5 "\"Soldier1_DZ\""

5 "\"revolver_gold_EP1\""

5 "\"MakarovSD\""

5 "\"5Rnd_86x70_L115A1\""

5 "\"G36_C_SD_eotech\""

5 "\"M40A3\""

5 "\"m107\""

5 "\"BAF_LRR_scoped\""

5 "\"M4A1_HWS_GL\""

5 "\"20Rnd_B_765x17_Ball\""

5 "\"Sa61_EP1\""

5 "\"M4SPR\""

5 "\"M4A3_RCO_GL_EP1\""

5 "\"Mk_48_DES_EP1\""

5 "\"M4A1_Aim_camo\""

5 "\"M249\""

5 "\"AKS_GOLD\""

5 "\"8Rnd_9x18_MakarovSD\""

5 "\"1Rnd_HE_GP25\""

5 "\"100Rnd_556x45_BetaCMag\""

5 "\"Mk_48\""

5 "\"AK_107_GL_pso\""

5 "\"20Rnd_556x45_Stanag\""

5 "\"30Rnd_556x45_G36\""

5 "\"100Rnd_762x54_PK\""

5 "\"SmokeShellPurple\""

5 "\"100Rnd_556x45_M249\""

5 "\"MG36\""

5 "\"M16A4_ACG_GL\""

5 "\"ksvk\""

5 "\"AK_74_GL_kobra\""

5 "\"5Rnd_127x108_KSVK\""

5 "\"Pecheneg\""

5 "\"Laserbatteries\""

5 "\"30Rnd_545x39_AKSD\""

5 "\"SVD_des_EP1\""

5 "\"SmokeShellYellow\""

5 "\"MineE\""

5 "\"M249_EP1\""

5 "\"M24_des_EP1\""

5 "\"BAF_LRR_scoped_W\""

5 "\"BAF_ied_v1\""

5 "\"AK_107_kobra\""

5 "\"1Rnd_SmokeRed_M203\""

5 "\"m16a4\""

5 "\"G36C_camo\""

5 "\"AKS_74_UN_kobra\""

5 "\"1470Rnd_127x108_YakB\""

5 "\"SmokeShellBlue\""

5 "\"M4A1_RCO_GL\""

5 "\"M249_m145_EP1\""

5 "\"FlareYellow_M203\""

5 "\"FlareRed_M203\""

5 "\"BAF_L86A2_ACOG\""

5 "\"AK_107_GL_kobra\""

5 "\"2100Rnd_20mm_M168\""

5 "\"1Rnd_SmokeGreen_M203\""

5 "\"SmokeShellOrange\""

5 "\"Saiga12K\""

5 "\"PK\""

5 "\"M60A4_EP1\""

5 "\"G36K_camo\""

5 "\"EvMoney\""

5 "\"BAF_M240_veh\""

5 "\"BAF_L85A2_UGL_Holo\""

5 "\"1Rnd_SmokeYellow_M203\""

5 "\"15Rnd_W1866_Pellet\""

5 "\"TimeBomb\""

5 "\"SVD\""

5 "\"Rocket_DZ\""

5 "\"Mine\""

5 "\"m240_scoped_EP1\""

5 "\"M16A4_GL\""

5 "\"m107_TWS_EP1_DZ\""

5 "\"GRAD\""

5 "\"EvMap\""

5 "\"bizon\""

5 "\"BAF_L85A2_UGL_ACOG\""

5 "\"BAF_L85A2_RIS_Holo\""

5 "\"BAF_L85A2_RIS_ACOG\""

5 "\"AKS_74\""

5 "\"AK_107_pso\""

5 "\"8Rnd_Hellfire\""

5 "\"8Rnd_B_Saiga12_Pellets\""

5 "\"750Rnd_M197_AH1\""

5 "\"6Rnd_GBU12_AV8B\""

5 "\"64Rnd_9x19_Bizon\""

5 "\"30Rnd_762x39_SA58\""

5 "\"20Rnd_120mmSABOT_M1A2\""

5 "\"20Rnd_120mmHE_M1A2\""

5 "\"200Rnd_556x45_L110A1\""

5 "\"2000Rnd_23mm_AZP85\""

5 "\"1Rnd_SmokeRed_GP25\""

5 "\"1Rnd_SmokeGreen_GP25\""

Run the "loadevents" command through rcon to read in the new filters. Or, worst case, just restart the server.

When someone gets ejected for a hacked in weapon, you will see something like this in publicvariable.log

  Quote

19.09.2012 07:58:35: PLAYER (IP:PORT) GUID - Value Restriction #46 "dayzPlayerSave" = ,"20Rnd_762x51_FNFAL","30Rnd_556x45_G36SD","30Rnd_556x45_G36SD","ItemMorphine","ItemWaterbottle","ItemWaterbottle","FoodCanFrankBeans","ItemSodaCoke","FoodCanBakedBeans","ItemSodaCoke","30Rnd_556x45_G36SD",["15Rnd_9x19_M9SD",8],"15Rnd_9x19_M9SD","ItemBanda

The actual "Value Restriction #" will vary based on how many rules are in your publicvariableval.txt

How effective is it?

It's better than nothing. Basically, every time a player's information is saved to the hive this filter will have the opportunity to check for hacked weapons. So, every hive save is when the check goes off for a given player. You'll see the kicks fire off with two public variable names. "dayzPlayerSave" (the hive save) and "dayzCharDisco" (which I *think* is the final hive save on disconnect?). The latter obviously doesn't really do much when you're kicking someone who is already logging off.

I don't see the hacked weapon in the publicvariable.log text

As you'll quickly notice with all of the publicvariable.log logged lines, there seems to be a character limit on the log. After so many characters per line, it truncates the line. Note my example above, you don't actually see the G36SD weapon in the log line, but the ammo is there that makes it apparent he had one. Despite that the log line isn't conclusive, the filter actually seems to get to check against the full variable value and did in fact see the hacked weapon.

Can I ban more stuff?

Sure. You can kick for any item name at all from being on a player. It should be self apparent how to add new stuff in. Just make sure you enclose the item name in escaped quotations, otherwise you run the risk of matching more than you intended. In other words, make sure you match with:

"\"GUNHERE\""

and not:

"GUNHERE"

But my name is AndreasB, and therefore I am already donning my angry pants about this.

The only thing I don't like about filtering for hacked weapons this way is that it's not clear at all to the person being kicked as to why they're being kicked. They'll just see "You were kicked for: Value Restriction #". I wish you could customize the filter message kicks. However, on that same token this is purely a kick and not a ban. Hopefully if enough people filter for these hacked weapons it can become common forum knowledge to explain to people what the kick means and that they can happily play on that server once they drop the hacked weapons.

Edited by Venthos
  • Like 30

Share this post


Link to post
Share on other sites

But I loves my KSVK.

1: cannot find more ammo for it

2: no zeroing, actually takes skill

3: looks fucking awesome

4: same bloodval damage as m107

No problem here.

Share this post


Link to post
Share on other sites

I'm sure you'll find a reasonable amount of servers who do not care what weapons you use on their server. You're welcome to play on those servers. There are those of us who wish to stick to only items that are legitimately obtainable. I don't care if the only difference between the hacked gun and legit gun is that one has a small sticker of a kitten on the side. I only want legit weapons on my server ;)

  • Like 2

Share this post


Link to post
Share on other sites

I don't know how Citizen Purple extracted spark energy promotion code from Keri Hilsons ass pictures via Hyperspatial travel but I'd kinda like to hear more.

Share this post


Link to post
Share on other sites
  On 9/19/2012 at 5:03 PM, stokvis said:

The M16 M203 is a legit weapon isn't it??

M16A2 is. M16A4 is not.

Edited by sp86

Share this post


Link to post
Share on other sites
  On 9/19/2012 at 5:03 PM, stokvis said:

The M16 M203 is a legit weapon isn't it??

Good catch. The list I copied over is direct from Gotcha-Antihack. So, this means Gotcha-Antihack by default is kicking for the M16A2_M203 as well. I'll edit the original post and remove that gun from the kick list.

Share this post


Link to post
Share on other sites

Sure, go ahead and send me a PM. I'm kind of curious what questions you have that you wouldn't just ask in the thread ;)

Share this post


Link to post
Share on other sites

As a new server admin I have been trying to find the right files to help eliminate hackers as much as possible, so I will try this.

Another question though: is there a single place I can go to download all the latest and recommended files for my server?

Share this post


Link to post
Share on other sites
  On 9/19/2012 at 6:04 PM, Omaran said:

As a new server admin I have been trying to find the right files to help eliminate hackers as much as possible, so I will try this.

Another question though: is there a single place I can go to download all the latest and recommended files for my server?

Right here. CBL Link, pops.

Edited by sp86
  • Like 1

Share this post


Link to post
Share on other sites

I was pondering this, and I realized that this rule set may actually prevent the player from saving the hacked item to their character on the hive since it's tripping on the hive saves. Therefore, if someone OBTAINS a hacked item on your server (hacks it in, loots from a crate/tent, loots from a player corpse, whatever) then the hive save will be blocked and they'll be kicked. This effectively prevents someone from even abusing your server to grab a hacked item and take it to another server.

The only way someone would get to keep the hacked in weapon is if they already had saved it to the hive from having it on another server first that didn't have this rule set.

Kind of interesting. By this rule set blocking hive saves of hacked in gear, the garbage should slowly filter out of the hive if more people kick for this stuff.

I'll work on expanding the list beyond just a "top offenders" weapon list. It's just annoying that since you can only block on variable name OR value (not both), I have to make this a blacklist vs. just whitelisting known good DayZ items.

  • Like 4

Share this post


Link to post
Share on other sites

I think it will be a good idea to add this to the CBL files. I'm using the autoupdate tool and it will overwrite my changes on every update now.

I'm sure that it will be not an issue when these lines are added to the files. People who use the CBL files and update frequently, don't like hacked in shit on there servers.

Edited by Polli

Share this post


Link to post
Share on other sites
  On 9/19/2012 at 5:04 PM, sp86 said:

M16A2 is. M16A4 is not.

M16A4 Acog is on Dayz Wiki as legit?

Doh. Edit. You mean the m16a4 with GL right.

Edited by scottyboy

Share this post


Link to post
Share on other sites

For those using another publicvariableval.txt already (like the DayZ Community Banlist version), I added this to the script that downloads that file on my server to merge them, after the line that downloads the fresh DCBL publicvariableval.txt:

copy /b publicvariableval.txt + publicvariableval-local.txt publicvariableval.txt

publicvariableval-local.txt contains Venthos' entries, with an extra line break at the top to make the merge work correctly.

Update: I'm actually using the following in my publicvariableval-local.txt, though, based on the list of personally-detected invalid items I provided, and it seems to work great:

Moved to Google Code project.

Edited by Mister_Magotchi
  • Like 8

Share this post


Link to post
Share on other sites

Nice list, but I've set the entries to 1 instead of 5 since I thought the server hosting rules stated you can't kick people for this kind of stuff.

Furthermore, given the fact that I've seen someone get kicked for spawning in a vehicle and actually finding said vehicle makes me believe the BE kicks only take place after the fact. I don't think you'll see players losing illegal items over this.

Share this post


Link to post
Share on other sites
  On 9/20/2012 at 7:15 PM, Frop said:

Nice list, but I've set the entries to 1 instead of 5 since I thought the server hosting rules stated you can't kick people for this kind of stuff.

Fair enough. With the stated relaxation on the some public hive rules, though, I feel a kick is not unfair here. The only thing I don't like about this solution is it doesn't clearly say why they were kicked. It's just the generic kick with # like all other BattlEye filters. If this method becomes more popular, then hopefully it can become common knowledge of what's happening.

I would not condone banning players through this method. That doesn't make sense and I would side with anyone who complained about being banned for having a hacked item on their person. That is, as long as their excuse was that they did not know it was hacked and would happily destroy it otherwise. If their excuse is "I didn't hack it in, therefore I should get to use it forever and ever" - AndreasB. then I think they're just being a douche bag. Sadly, banning for being a douche bag isn't something anyone should do on the public hive ;) But, I'd smirk as the filter kicks them constantly until they dispose of the hacked item(s).

I'm also unsure about whether it actually will block the hive saves, just like you I'm skeptical. It's yet to be confirmed. I destroy all the hacked weapons I come across so I simply don't have anything to test with ;) Either way, a kick for this stuff is sufficient in my eyes. The hive save block would've just been a bonus.

Share this post


Link to post
Share on other sites

Interesting Stuff, thanks for the information i think i will try this on my server, its already seeing a massive influx of thermal as50's..

Share this post


Link to post
Share on other sites
  On 9/20/2012 at 10:13 PM, Venthos said:

I'm also unsure about whether it actually will block the hive saves, just like you I'm skeptical. It's yet to be confirmed. I destroy all the hacked weapons I come across so I simply don't have anything to test with ;) Either way, a kick for this stuff is sufficient in my eyes. The hive save block would've just been a bonus.

I tested this 5 minutes ago, picked up an AS50 Thermal from a dead body (Cherno roof tops galore:D), got kicked 2/3 minutes later for value restriction but i was able to log back on with the same weapon, so i am assuming it won't prevent hive saves.

Share this post


Link to post
Share on other sites
  On 9/21/2012 at 10:42 AM, Xforce said:

I tested this 5 minutes ago, picked up an AS50 Thermal from a dead body (Cherno roof tops galore:D), got kicked 2/3 minutes later for value restriction but i was able to log back on with the same weapon, so i am assuming it won't prevent hive saves.

Obviously not. But you will get kicked as long as you carry hacked gear.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×