(I added hlds to the To list as well, since this affects both Windows
and Linux servers)
The problem is that it appears to be running client commands that the
server isn't supposed to have access to. AND uploading files from a
client's machine back to the server. AND sending them to the author of
the plugin; you did catch that part, right?
The plugin's author won't even send the source code to the admins of
ETF2L, let alone anyone else. Which means, unless you decompile it, you
have no idea what it's doing. Heck, even if you DO decompile it, you
may have no idea what it's doing... decompilation isn't exactly the
easiest thing to read.
So... you have Security by Obscurity that is itself bypassing the game
client's security.
On 9/10/2012 10:35 AM, ics wrote:
Presumably it's all there in the SDK and i have to say it's an awesome
feature. If i would have to guess, Valve propably uses same thing on
VAC as extra proof of cheating.
No one wouldn't even be alarmed if they didn't know such feature
exists on this plugin or on the server they play on. I tested this
yesterday and already got 1 cheater caught. Besides, it only takes
screenshots. No desktop shots, just ingame footage.
-ics
10.9.2012 16:47, Drogen Viech kirjoitti:
What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?
2012/9/8 lwf <l...@rocketblast.com>:
http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...
I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.
On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn . <anakin...@gmail.com> wrote:
Hi,
As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit
Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just check
the STV demos then to confirm that they cheat or not.
The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.
Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.
The detections get printed to a log called TriggerBotDetections.log in
tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.
Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
--
Best regards,
AnAkIn
_______________________________________________
To unsubscribe, edit your list preferences, or view the list
archives, please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________
To unsubscribe, edit your list preferences, or view the list
archives, please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________
To unsubscribe, edit your list preferences, or view the list
archives, please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
