Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2013-08-05 Thread AnAkIn
For the few still using it on this mailing list, just letting you know I
released the update.
Changelog:
- Fixed crash when trying to reload the plugin after it has been auto
updated
- Added a banlist system. Cheaters using prediction hacks and
anti-speedhack bypass hacks will be automatically banned if
aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
aac_banmethod 0 uses the local banlist, aac_banmethod 1 uses SourceBans.
For the local banlist, the banned cheaters can be seen with aac_showbans,
or by opening the aac_banned.txt file in the tf directory.
You can also remove a ban with the aac_removeban command.
- Improved autoshoot detections, they should now be more precise
- Added invalid viewangles detections (still experimental, will only log
for now)
- Added aac_logname to change the logfile’s name, useful when running
multiple servers from a same directory.


2013/7/24 AnAkIn 

> I guess it's just a matter of calling the sm_ban command? I could add
> that, wouldn't take long :)
>
>
> 2013/7/24 ics 
>
>> Got plans to do SourceBans integration instead of plain file? Would help
>> sharing the lists between multiple servers.
>>
>> -ics
>>
>> AnAkIn kirjoitti:
>>
>>  Viewangles detections are common in a lot of anti-cheats. And no, some of
>>> my detections are done differently than SMAC ones. The problem with SMAC
>>> is
>>> that many hacks can detect if SMAC is running on the server and just
>>> disable the detected features, many cheaters don't get banned and keep
>>> cheating.
>>>
>>>
>>> 2013/7/24 Weasel 
>>>
>>>  Doesn't SMAC (SourceMod Anti-Cheat) already take cover this stuff?
>>>> I seem to recall "view-angles" stuff in there.
>>>>
>>>> https://forums.alliedmods.net/**forumdisplay.php?f=133<https://forums.alliedmods.net/forumdisplay.php?f=133>
>>>> https://bitbucket.org/**psychonic/smac/wiki/Home<https://bitbucket.org/psychonic/smac/wiki/Home>
>>>>
>>>> __**__**
>>>> 
>>>>
>>>>
>>>> Re: [hlds] [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>>> detection plugin
>>>> AnAkIn Wed, 24 Jul 2013 11:55:39 -0700
>>>>
>>>> If anyone on this list still uses it, I’ll release an update soon and
>>>> I’m
>>>> looking for some beta testers. Let me know with a private email if
>>>> you’re
>>>> interested.
>>>>
>>>> Changelog:
>>>> - Fixed crash when trying to reload the plugin after it has been auto
>>>> updated
>>>> - Added a banlist system. Cheaters using prediction hacks and
>>>> anti-speedhack bypass hacks will be automatically banned if
>>>> aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
>>>> The banned cheaters can be seen with aac_showbans, or by opening the
>>>> aac_banned.txt file in the tf directory.
>>>> You can also remove a ban with the aac_removeban command.
>>>> - Improved triggerbot detection, it should now be more precise
>>>> - Added invalid viewangles detection (beta though, needs testing)
>>>>
>>>> __**_
>>>> To unsubscribe, edit your list preferences, or view the list archives,
>>>> please visit:
>>>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
>>>>
>>>>  __**_
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
>>>
>>
>>
>> __**_
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
>>
>
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2013-07-24 Thread AnAkIn
I guess it's just a matter of calling the sm_ban command? I could add that,
wouldn't take long :)


2013/7/24 ics 

> Got plans to do SourceBans integration instead of plain file? Would help
> sharing the lists between multiple servers.
>
> -ics
>
> AnAkIn kirjoitti:
>
>  Viewangles detections are common in a lot of anti-cheats. And no, some of
>> my detections are done differently than SMAC ones. The problem with SMAC
>> is
>> that many hacks can detect if SMAC is running on the server and just
>> disable the detected features, many cheaters don't get banned and keep
>> cheating.
>>
>>
>> 2013/7/24 Weasel 
>>
>>  Doesn't SMAC (SourceMod Anti-Cheat) already take cover this stuff?
>>> I seem to recall "view-angles" stuff in there.
>>>
>>> https://forums.alliedmods.net/**forumdisplay.php?f=133<https://forums.alliedmods.net/forumdisplay.php?f=133>
>>> https://bitbucket.org/**psychonic/smac/wiki/Home<https://bitbucket.org/psychonic/smac/wiki/Home>
>>>
>>> __**__**
>>> 
>>>
>>>
>>> Re: [hlds] [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>> detection plugin
>>> AnAkIn Wed, 24 Jul 2013 11:55:39 -0700
>>>
>>> If anyone on this list still uses it, I’ll release an update soon and I’m
>>> looking for some beta testers. Let me know with a private email if you’re
>>> interested.
>>>
>>> Changelog:
>>> - Fixed crash when trying to reload the plugin after it has been auto
>>> updated
>>> - Added a banlist system. Cheaters using prediction hacks and
>>> anti-speedhack bypass hacks will be automatically banned if
>>> aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
>>> The banned cheaters can be seen with aac_showbans, or by opening the
>>> aac_banned.txt file in the tf directory.
>>> You can also remove a ban with the aac_removeban command.
>>> - Improved triggerbot detection, it should now be more precise
>>> - Added invalid viewangles detection (beta though, needs testing)
>>>
>>> __**_
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
>>>
>>>  __**_
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
>>
>
>
> __**_
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux<https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux>
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2013-07-24 Thread ics
Got plans to do SourceBans integration instead of plain file? Would help 
sharing the lists between multiple servers.


-ics

AnAkIn kirjoitti:

Viewangles detections are common in a lot of anti-cheats. And no, some of
my detections are done differently than SMAC ones. The problem with SMAC is
that many hacks can detect if SMAC is running on the server and just
disable the detected features, many cheaters don't get banned and keep
cheating.


2013/7/24 Weasel 


Doesn't SMAC (SourceMod Anti-Cheat) already take cover this stuff?
I seem to recall "view-angles" stuff in there.

https://forums.alliedmods.net/forumdisplay.php?f=133
https://bitbucket.org/psychonic/smac/wiki/Home

____


Re: [hlds] [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
detection plugin
AnAkIn Wed, 24 Jul 2013 11:55:39 -0700

If anyone on this list still uses it, I’ll release an update soon and I’m
looking for some beta testers. Let me know with a private email if you’re
interested.

Changelog:
- Fixed crash when trying to reload the plugin after it has been auto
updated
- Added a banlist system. Cheaters using prediction hacks and
anti-speedhack bypass hacks will be automatically banned if
aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
The banned cheaters can be seen with aac_showbans, or by opening the
aac_banned.txt file in the tf directory.
You can also remove a ban with the aac_removeban command.
- Improved triggerbot detection, it should now be more precise
- Added invalid viewangles detection (beta though, needs testing)

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2013-07-24 Thread AnAkIn
Viewangles detections are common in a lot of anti-cheats. And no, some of
my detections are done differently than SMAC ones. The problem with SMAC is
that many hacks can detect if SMAC is running on the server and just
disable the detected features, many cheaters don't get banned and keep
cheating.


2013/7/24 Weasel 

> Doesn't SMAC (SourceMod Anti-Cheat) already take cover this stuff?
> I seem to recall "view-angles" stuff in there.
>
> https://forums.alliedmods.net/forumdisplay.php?f=133
> https://bitbucket.org/psychonic/smac/wiki/Home
>
> ________
>
>
> Re: [hlds] [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> detection plugin
> AnAkIn Wed, 24 Jul 2013 11:55:39 -0700
>
> If anyone on this list still uses it, I’ll release an update soon and I’m
> looking for some beta testers. Let me know with a private email if you’re
> interested.
>
> Changelog:
> - Fixed crash when trying to reload the plugin after it has been auto
> updated
> - Added a banlist system. Cheaters using prediction hacks and
> anti-speedhack bypass hacks will be automatically banned if
> aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
> The banned cheaters can be seen with aac_showbans, or by opening the
> aac_banned.txt file in the tf directory.
> You can also remove a ban with the aac_removeban command.
> - Improved triggerbot detection, it should now be more precise
> - Added invalid viewangles detection (beta though, needs testing)
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2013-07-24 Thread Weasel
Doesn't SMAC (SourceMod Anti-Cheat) already take cover this stuff?
I seem to recall "view-angles" stuff in there.

https://forums.alliedmods.net/forumdisplay.php?f=133
https://bitbucket.org/psychonic/smac/wiki/Home




Re: [hlds] [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
detection plugin
AnAkIn Wed, 24 Jul 2013 11:55:39 -0700

If anyone on this list still uses it, I’ll release an update soon and I’m
looking for some beta testers. Let me know with a private email if you’re
interested.

Changelog:
- Fixed crash when trying to reload the plugin after it has been auto
updated
- Added a banlist system. Cheaters using prediction hacks and
anti-speedhack bypass hacks will be automatically banned if
aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
The banned cheaters can be seen with aac_showbans, or by opening the
aac_banned.txt file in the tf directory.
You can also remove a ban with the aac_removeban command.
- Improved triggerbot detection, it should now be more precise
- Added invalid viewangles detection (beta though, needs testing)

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2013-07-24 Thread AnAkIn
If anyone on this list still uses it, I’ll release an update soon and I’m
looking for some beta testers. Let me know with a private email if you’re
interested.

Changelog:
- Fixed crash when trying to reload the plugin after it has been auto
updated
- Added a banlist system. Cheaters using prediction hacks and
anti-speedhack bypass hacks will be automatically banned if
aac_prediction_ban and aac_speedhackbypass_ban are set to 1 (default).
The banned cheaters can be seen with aac_showbans, or by opening the
aac_banned.txt file in the tf directory.
You can also remove a ban with the aac_removeban command.
- Improved triggerbot detection, it should now be more precise
- Added invalid viewangles detection (beta though, needs testing)



2012/10/27 AnAkIn 

> Update
> - Compatibility with the new TF2 update
>
> If you have a Linux server, you might need to redownload:
> http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>
> 2012/9/12 doc 
>
>> From what I gathered the "name protection" is one of those things that is
>> nice to have because it's easy to implement, but it usually won't happen
>> anymore; mostly because 'name' doesn't work in orangebox games.
>>
>> On Wed, Sep 12, 2012 at 12:54 AM, AnAkIn  wrote:
>>
>> > You can't change your in-game name with "name" in Orange Box engine
>> games.
>> >
>> > 2012/9/12 Herover 
>> >
>> > > 2012/9/12 Rudy Bleeker :
>> > > > On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn 
>> wrote:
>> > > >> - Detect name hacks (different name in-game than on Steam)
>> > > >
>> > > > What is the problem with this? I assume it's done by using the
>> "name"
>> > > > console command from your game client. I fail to see why this is a
>> > > > hack or cheat or whatever...
>> > >
>> > > As a alternative, it could be done by querying the steam community
>> > > with a steam id, which is completely legal.
>> > >
>> > > ___
>> > > To unsubscribe, edit your list preferences, or view the list archives,
>> > > please visit:
>> > > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>> > >
>> >
>> >
>> >
>> > --
>> > Best regards,
>> > AnAkIn
>> > ___
>> > To unsubscribe, edit your list preferences, or view the list archives,
>> > please visit:
>> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>> >
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-10-26 Thread AnAkIn
Update
- Compatibility with the new TF2 update

If you have a Linux server, you might need to redownload:
http://tftrue.redline-utilities.net/TriggerBotDetector.zip

2012/9/12 doc 

> From what I gathered the "name protection" is one of those things that is
> nice to have because it's easy to implement, but it usually won't happen
> anymore; mostly because 'name' doesn't work in orangebox games.
>
> On Wed, Sep 12, 2012 at 12:54 AM, AnAkIn  wrote:
>
> > You can't change your in-game name with "name" in Orange Box engine
> games.
> >
> > 2012/9/12 Herover 
> >
> > > 2012/9/12 Rudy Bleeker :
> > > > On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:
> > > >> - Detect name hacks (different name in-game than on Steam)
> > > >
> > > > What is the problem with this? I assume it's done by using the "name"
> > > > console command from your game client. I fail to see why this is a
> > > > hack or cheat or whatever...
> > >
> > > As a alternative, it could be done by querying the steam community
> > > with a steam id, which is completely legal.
> > >
> > > ___
> > > To unsubscribe, edit your list preferences, or view the list archives,
> > > please visit:
> > > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> > >
> >
> >
> >
> > --
> > Best regards,
> > AnAkIn
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-12 Thread AnAkIn
There are many hacks that change your nickname without changing it on Steam
Community.

The detection is not perfect ATM though, because there are many server side
filters which cause your name to be a little different than the Steam one.
You can still check manually and see if the name is really totally
different than the Steam one.

2012/9/12 doc 

> From what I gathered the "name protection" is one of those things that is
> nice to have because it's easy to implement, but it usually won't happen
> anymore; mostly because 'name' doesn't work in orangebox games.
>
> On Wed, Sep 12, 2012 at 12:54 AM, AnAkIn  wrote:
>
> > You can't change your in-game name with "name" in Orange Box engine
> games.
> >
> > 2012/9/12 Herover 
> >
> > > 2012/9/12 Rudy Bleeker :
> > > > On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:
> > > >> - Detect name hacks (different name in-game than on Steam)
> > > >
> > > > What is the problem with this? I assume it's done by using the "name"
> > > > console command from your game client. I fail to see why this is a
> > > > hack or cheat or whatever...
> > >
> > > As a alternative, it could be done by querying the steam community
> > > with a steam id, which is completely legal.
> > >
> > > ___
> > > To unsubscribe, edit your list preferences, or view the list archives,
> > > please visit:
> > > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> > >
> >
> >
> >
> > --
> > Best regards,
> > AnAkIn
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>



-- 
Best regards,
AnAkIn
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-12 Thread doc
>From what I gathered the "name protection" is one of those things that is
nice to have because it's easy to implement, but it usually won't happen
anymore; mostly because 'name' doesn't work in orangebox games.

On Wed, Sep 12, 2012 at 12:54 AM, AnAkIn  wrote:

> You can't change your in-game name with "name" in Orange Box engine games.
>
> 2012/9/12 Herover 
>
> > 2012/9/12 Rudy Bleeker :
> > > On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:
> > >> - Detect name hacks (different name in-game than on Steam)
> > >
> > > What is the problem with this? I assume it's done by using the "name"
> > > console command from your game client. I fail to see why this is a
> > > hack or cheat or whatever...
> >
> > As a alternative, it could be done by querying the steam community
> > with a steam id, which is completely legal.
> >
> > ___
> > To unsubscribe, edit your list preferences, or view the list archives,
> > please visit:
> > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> >
>
>
>
> --
> Best regards,
> AnAkIn
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-12 Thread AnAkIn
You can't change your in-game name with "name" in Orange Box engine games.

2012/9/12 Herover 

> 2012/9/12 Rudy Bleeker :
> > On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:
> >> - Detect name hacks (different name in-game than on Steam)
> >
> > What is the problem with this? I assume it's done by using the "name"
> > console command from your game client. I fail to see why this is a
> > hack or cheat or whatever...
>
> As a alternative, it could be done by querying the steam community
> with a steam id, which is completely legal.
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>



-- 
Best regards,
AnAkIn
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-12 Thread Herover
2012/9/12 Rudy Bleeker :
> On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:
>> - Detect name hacks (different name in-game than on Steam)
>
> What is the problem with this? I assume it's done by using the "name"
> console command from your game client. I fail to see why this is a
> hack or cheat or whatever...

As a alternative, it could be done by querying the steam community
with a steam id, which is completely legal.

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread ics
You obviously haven't seen any if you do not think those aren't an 
issue. The name change is different from Steam name (done with a hack). 
They mimic existing player names but add an invisible mark to the end so 
players and admins might ban the wrong one. Also name changes can be 
rapid, like once a second so it's sometimes hard to catch these. I 
havent seen one for long time but there used to be lots of these.


-ics

12.9.2012 3:28, Rudy Bleeker kirjoitti:

On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:

- Detect name hacks (different name in-game than on Steam)

What is the problem with this? I assume it's done by using the "name"
console command from your game client. I fail to see why this is a
hack or cheat or whatever...





___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread Rudy Bleeker
On Tue, Sep 11, 2012 at 9:09 PM, AnAkIn  wrote:
> - Detect name hacks (different name in-game than on Steam)

What is the problem with this? I assume it's done by using the "name"
console command from your game client. I fail to see why this is a
hack or cheat or whatever...


-- 
Idleness is not doing nothing. Idleness is being free to do anything.
  - Floyd Dell

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread AnAkIn
With the same old features as before:

- Detect prediction hacks (crit hacks & no spread hacks)
- Detect an exploit to fully bypass Valve anti speedhack protection (which
do not even really work by default)
- Detect name hacks (different name in-game than on Steam)
- Detect potential triggerbots based on heuristics
- Detect potential auto zoom/auto stickybomb det/auto airblast/auto cloak
hacks based on heuristics

2012/9/11 Cameron Munroe 

> So now how does it work?
>
> Sent from my android device.
>
>
>
> -Original Message-
> From: AnAkIn 
> To: Half-Life dedicated Linux server mailing list <
> hlds_linux@list.valvesoftware.com>
> Sent: Tue, 11 Sep 2012 12:00 PM
> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> detection plugin
>
> I updated it to totally remove the screenshot feature now.
>
> 2012/9/11 AnAkIn 
>
> > I updated it to disable the screenshot feature under TF2 & DoD S. Still
> > available on CSS.
> >
> > --
> > Best regards,
> > AnAkIn
> >
> >
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>



-- 
Best regards,
AnAkIn
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread Cameron Munroe
So now how does it work?

Sent from my android device.



-Original Message-
From: AnAkIn 
To: Half-Life dedicated Linux server mailing list 

Sent: Tue, 11 Sep 2012 12:00 PM
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
detection plugin

I updated it to totally remove the screenshot feature now.

2012/9/11 AnAkIn 

> I updated it to disable the screenshot feature under TF2 & DoD S. Still
> available on CSS.
>
> --
> Best regards,
> AnAkIn
>
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread AnAkIn
I updated it to totally remove the screenshot feature now.

2012/9/11 AnAkIn 

> I updated it to disable the screenshot feature under TF2 & DoD S. Still
> available on CSS.
>
> --
> Best regards,
> AnAkIn
>
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread Bruno Garcia
CSS Just updated.

Perhaps you could have it execute "jpeg" command :)
Most of the times it will work.

On Tue, Sep 11, 2012 at 9:28 AM, AnAkIn  wrote:

> I updated it to disable the screenshot feature under TF2 & DoD S. Still
> available on CSS.
>
> --
> Best regards,
> AnAkIn
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-11 Thread AnAkIn
I updated it to disable the screenshot feature under TF2 & DoD S. Still
available on CSS.

-- 
Best regards,
AnAkIn
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Ryan Stecker
The 'jpeg' command is an assumption. There are a few commands that take
screenshots that could be used. Which command being used is irrelevant
though, as the method *is* executing a command on the client.

On Mon, Sep 10, 2012 at 3:37 PM, Drogen Viech wrote:

> Then why won't "alias jpeg" prevent it from taking screenshots huh?
>
> 2012/9/10 Asher Baker :
> > It's a server plugin, not a client plugin.
> > It's using ClientCommand + an exploit to execute "jpeg", then
> > INetChannel::RequestFile to upload it.
> >
> > On Mon, Sep 10, 2012 at 8:08 PM, Bruno Garcia 
> wrote:
> >> This is obviously not using the "screenshot" command, rather the
> screenshot
> >> client function call.
> >> As well as the INetChannel SendFile function to upload the file.
> >>
> >> I wouldn't expect VALVe to update this function, this also used to
> upload
> >> spray tags to the server, and it has a very secure extension block that
> >> won't let you upload almost anything (Except for screenshots in this
> case)
> >>
> >> @Anakin: If I were you, I would find a way to get the stack of loaded
> DLLs
> >> to Hl2.exe and print them on a txt on the client, and then upload that
> to a
> >> server, that way you could have a handful of cheat's DLLs and block em
> by
> >> default if they are detected on the client. Anything if possible, of
> course.
> >>
> >> Take care.
> >>
> >> On Mon, Sep 10, 2012 at 3:29 PM, ics  wrote:
> >>
> >>> Screenshots are saved to tf/resource and also the player will have the
> >>> shots taken from his/her screen on the same location on his/her pc.
> >>>
> >>> -ics
> >>>
> >>> 10.9.2012 21:09, Thomas K kirjoitti:
> >>>
> >>>  In what folder the screenshots are uploaded to the server?
> >>>>
> >>>> -Ursprüngliche Nachricht- From: Ejziponken -
> >>>> Sent: Monday, September 10, 2012 7:35 PM
> >>>> To: hlds_linux@list.valvesoftware.**com<
> hlds_linux@list.valvesoftware.com>
> >>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
> spread)
> >>>> detection plugin
> >>>>
> >>>>
> >>>> lol need this for CS 1.6 and CSGO.. :P
> >>>>
> >>>>  Date: Mon, 10 Sep 2012 13:19:42 -0400
> >>>>> From: epichat...@litewin.net
> >>>>> To: hlds_linux@list.valvesoftware.**com<
> hlds_linux@list.valvesoftware.com>
> >>>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
> >>>>> spread) detection plugin
> >>>>>
> >>>>> Would be nice if valve added a legitimate way for server admins to
> grab
> >>>>> screenshots if they are going to patch this exploit. Considering the
> >>>>> screenshots only take an in-game image the only people to have
> reasons
> >>>>> against it are hackers themselves.
> >>>>>
> >>>>> --EHG
> >>>>>
> >>>>> On 9/10/2012 1:04 PM, Ryan Stecker wrote:
> >>>>> > There's clearly a lack of understanding in this thread.
> >>>>> >
> >>>>> > The plugin simply executes 'jpeg' or 'screenshot' on the client
> (which
> >>>>> > is
> >>>>> > the exploit everyone is talking about), and uses the client's >
> >>>>> INetChannel
> >>>>> > (an interface in the source engine) to have the server request the
> file
> >>>>> > from the client.
> >>>>> >
> >>>>> > It can't take a screenshot of your desktop, or steam chats, or
> anything
> >>>>> > else other than the game's screen. The jpeg command has only ever
> taken
> >>>>> > screenshots of your game.
> >>>>> >
> >>>>> > Really there's two sides of the coin on the issue of making
> clients >
> >>>>> execute
> >>>>> > commands.
> >>>>> >
> >>>>> > On one side, malicious server operators could do bad things, and
> on the
> >>>>> > other, it made it possible for an anticheat to get client
> screenshots.
> >>>>> >
> >>>>> > I would have loved it if this plu

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
Then why won't "alias jpeg" prevent it from taking screenshots huh?

2012/9/10 Asher Baker :
> It's a server plugin, not a client plugin.
> It's using ClientCommand + an exploit to execute "jpeg", then
> INetChannel::RequestFile to upload it.
>
> On Mon, Sep 10, 2012 at 8:08 PM, Bruno Garcia  wrote:
>> This is obviously not using the "screenshot" command, rather the screenshot
>> client function call.
>> As well as the INetChannel SendFile function to upload the file.
>>
>> I wouldn't expect VALVe to update this function, this also used to upload
>> spray tags to the server, and it has a very secure extension block that
>> won't let you upload almost anything (Except for screenshots in this case)
>>
>> @Anakin: If I were you, I would find a way to get the stack of loaded DLLs
>> to Hl2.exe and print them on a txt on the client, and then upload that to a
>> server, that way you could have a handful of cheat's DLLs and block em by
>> default if they are detected on the client. Anything if possible, of course.
>>
>> Take care.
>>
>> On Mon, Sep 10, 2012 at 3:29 PM, ics  wrote:
>>
>>> Screenshots are saved to tf/resource and also the player will have the
>>> shots taken from his/her screen on the same location on his/her pc.
>>>
>>> -ics
>>>
>>> 10.9.2012 21:09, Thomas K kirjoitti:
>>>
>>>  In what folder the screenshots are uploaded to the server?
>>>>
>>>> -Ursprüngliche Nachricht- From: Ejziponken -
>>>> Sent: Monday, September 10, 2012 7:35 PM
>>>> To: hlds_linux@list.valvesoftware.**com
>>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>>> detection plugin
>>>>
>>>>
>>>> lol need this for CS 1.6 and CSGO.. :P
>>>>
>>>>  Date: Mon, 10 Sep 2012 13:19:42 -0400
>>>>> From: epichat...@litewin.net
>>>>> To: hlds_linux@list.valvesoftware.**com
>>>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
>>>>> spread) detection plugin
>>>>>
>>>>> Would be nice if valve added a legitimate way for server admins to grab
>>>>> screenshots if they are going to patch this exploit. Considering the
>>>>> screenshots only take an in-game image the only people to have reasons
>>>>> against it are hackers themselves.
>>>>>
>>>>> --EHG
>>>>>
>>>>> On 9/10/2012 1:04 PM, Ryan Stecker wrote:
>>>>> > There's clearly a lack of understanding in this thread.
>>>>> >
>>>>> > The plugin simply executes 'jpeg' or 'screenshot' on the client (which
>>>>> > is
>>>>> > the exploit everyone is talking about), and uses the client's >
>>>>> INetChannel
>>>>> > (an interface in the source engine) to have the server request the file
>>>>> > from the client.
>>>>> >
>>>>> > It can't take a screenshot of your desktop, or steam chats, or anything
>>>>> > else other than the game's screen. The jpeg command has only ever taken
>>>>> > screenshots of your game.
>>>>> >
>>>>> > Really there's two sides of the coin on the issue of making clients >
>>>>> execute
>>>>> > commands.
>>>>> >
>>>>> > On one side, malicious server operators could do bad things, and on the
>>>>> > other, it made it possible for an anticheat to get client screenshots.
>>>>> >
>>>>> > I would have loved it if this plugin could have survived longer, but it
>>>>> > seems like the command execution method is being fixed. I'd kill to
>>>>> get > a
>>>>> > proper anticheat in source, and not the flawed disaster that is VAC.
>>>>> >
>>>>> > On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:
>>>>> >
>>>>> >> http://tftrue.redline-**utilit**ies.net/anakinac.html<http://utilities.net/anakinac.html>
>>>>> <http://**tftrue.redline-utilities.net/**anakinac.html<http://tftrue.redline-utilities.net/anakinac.html>
>>>>> >
>>>>> >>
>>>>> >> -ics
>>>>> >>
>>>>> >> 10.9.2012 19:52, Cameron Munroe kirjoi

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Asher Baker
It's a server plugin, not a client plugin.
It's using ClientCommand + an exploit to execute "jpeg", then
INetChannel::RequestFile to upload it.

On Mon, Sep 10, 2012 at 8:08 PM, Bruno Garcia  wrote:
> This is obviously not using the "screenshot" command, rather the screenshot
> client function call.
> As well as the INetChannel SendFile function to upload the file.
>
> I wouldn't expect VALVe to update this function, this also used to upload
> spray tags to the server, and it has a very secure extension block that
> won't let you upload almost anything (Except for screenshots in this case)
>
> @Anakin: If I were you, I would find a way to get the stack of loaded DLLs
> to Hl2.exe and print them on a txt on the client, and then upload that to a
> server, that way you could have a handful of cheat's DLLs and block em by
> default if they are detected on the client. Anything if possible, of course.
>
> Take care.
>
> On Mon, Sep 10, 2012 at 3:29 PM, ics  wrote:
>
>> Screenshots are saved to tf/resource and also the player will have the
>> shots taken from his/her screen on the same location on his/her pc.
>>
>> -ics
>>
>> 10.9.2012 21:09, Thomas K kirjoitti:
>>
>>  In what folder the screenshots are uploaded to the server?
>>>
>>> -Ursprüngliche Nachricht----- From: Ejziponken -
>>> Sent: Monday, September 10, 2012 7:35 PM
>>> To: hlds_linux@list.valvesoftware.**com
>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>> detection plugin
>>>
>>>
>>> lol need this for CS 1.6 and CSGO.. :P
>>>
>>>  Date: Mon, 10 Sep 2012 13:19:42 -0400
>>>> From: epichat...@litewin.net
>>>> To: hlds_linux@list.valvesoftware.**com
>>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
>>>> spread) detection plugin
>>>>
>>>> Would be nice if valve added a legitimate way for server admins to grab
>>>> screenshots if they are going to patch this exploit. Considering the
>>>> screenshots only take an in-game image the only people to have reasons
>>>> against it are hackers themselves.
>>>>
>>>> --EHG
>>>>
>>>> On 9/10/2012 1:04 PM, Ryan Stecker wrote:
>>>> > There's clearly a lack of understanding in this thread.
>>>> >
>>>> > The plugin simply executes 'jpeg' or 'screenshot' on the client (which
>>>> > is
>>>> > the exploit everyone is talking about), and uses the client's >
>>>> INetChannel
>>>> > (an interface in the source engine) to have the server request the file
>>>> > from the client.
>>>> >
>>>> > It can't take a screenshot of your desktop, or steam chats, or anything
>>>> > else other than the game's screen. The jpeg command has only ever taken
>>>> > screenshots of your game.
>>>> >
>>>> > Really there's two sides of the coin on the issue of making clients >
>>>> execute
>>>> > commands.
>>>> >
>>>> > On one side, malicious server operators could do bad things, and on the
>>>> > other, it made it possible for an anticheat to get client screenshots.
>>>> >
>>>> > I would have loved it if this plugin could have survived longer, but it
>>>> > seems like the command execution method is being fixed. I'd kill to
>>>> get > a
>>>> > proper anticheat in source, and not the flawed disaster that is VAC.
>>>> >
>>>> > On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:
>>>> >
>>>> >> http://tftrue.redline-**utilit**ies.net/anakinac.html<http://utilities.net/anakinac.html>
>>>> <http://**tftrue.redline-utilities.net/**anakinac.html<http://tftrue.redline-utilities.net/anakinac.html>
>>>> >
>>>> >>
>>>> >> -ics
>>>> >>
>>>> >> 10.9.2012 19:52, Cameron Munroe kirjoitti:
>>>> >>
>>>> >>   So really it just takes a screen shot of whats on their screen and
>>>> >> then
>>>> >>> uploads it to the game server / FTP? and then at a later time you
>>>> look
>>>> >>> through them and see if someone had a wall hack on. Is there
>>>> anything >>> else
>>>> >>> that it can detect as really a

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Bruno Garcia
This is obviously not using the "screenshot" command, rather the screenshot
client function call.
As well as the INetChannel SendFile function to upload the file.

I wouldn't expect VALVe to update this function, this also used to upload
spray tags to the server, and it has a very secure extension block that
won't let you upload almost anything (Except for screenshots in this case)

@Anakin: If I were you, I would find a way to get the stack of loaded DLLs
to Hl2.exe and print them on a txt on the client, and then upload that to a
server, that way you could have a handful of cheat's DLLs and block em by
default if they are detected on the client. Anything if possible, of course.

Take care.

On Mon, Sep 10, 2012 at 3:29 PM, ics  wrote:

> Screenshots are saved to tf/resource and also the player will have the
> shots taken from his/her screen on the same location on his/her pc.
>
> -ics
>
> 10.9.2012 21:09, Thomas K kirjoitti:
>
>  In what folder the screenshots are uploaded to the server?
>>
>> -Ursprüngliche Nachricht- From: Ejziponken -
>> Sent: Monday, September 10, 2012 7:35 PM
>> To: hlds_linux@list.valvesoftware.**com
>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> detection plugin
>>
>>
>> lol need this for CS 1.6 and CSGO.. :P
>>
>>  Date: Mon, 10 Sep 2012 13:19:42 -0400
>>> From: epichat...@litewin.net
>>> To: hlds_linux@list.valvesoftware.**com
>>> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
>>> spread) detection plugin
>>>
>>> Would be nice if valve added a legitimate way for server admins to grab
>>> screenshots if they are going to patch this exploit. Considering the
>>> screenshots only take an in-game image the only people to have reasons
>>> against it are hackers themselves.
>>>
>>> --EHG
>>>
>>> On 9/10/2012 1:04 PM, Ryan Stecker wrote:
>>> > There's clearly a lack of understanding in this thread.
>>> >
>>> > The plugin simply executes 'jpeg' or 'screenshot' on the client (which
>>> > is
>>> > the exploit everyone is talking about), and uses the client's >
>>> INetChannel
>>> > (an interface in the source engine) to have the server request the file
>>> > from the client.
>>> >
>>> > It can't take a screenshot of your desktop, or steam chats, or anything
>>> > else other than the game's screen. The jpeg command has only ever taken
>>> > screenshots of your game.
>>> >
>>> > Really there's two sides of the coin on the issue of making clients >
>>> execute
>>> > commands.
>>> >
>>> > On one side, malicious server operators could do bad things, and on the
>>> > other, it made it possible for an anticheat to get client screenshots.
>>> >
>>> > I would have loved it if this plugin could have survived longer, but it
>>> > seems like the command execution method is being fixed. I'd kill to
>>> get > a
>>> > proper anticheat in source, and not the flawed disaster that is VAC.
>>> >
>>> > On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:
>>> >
>>> >> http://tftrue.redline-**utilit**ies.net/anakinac.html<http://utilities.net/anakinac.html>
>>> <http://**tftrue.redline-utilities.net/**anakinac.html<http://tftrue.redline-utilities.net/anakinac.html>
>>> >
>>> >>
>>> >> -ics
>>> >>
>>> >> 10.9.2012 19:52, Cameron Munroe kirjoitti:
>>> >>
>>> >>   So really it just takes a screen shot of whats on their screen and
>>> >> then
>>> >>> uploads it to the game server / FTP? and then at a later time you
>>> look
>>> >>> through them and see if someone had a wall hack on. Is there
>>> anything >>> else
>>> >>> that it can detect as really a screen shot isn't useful in most
>>> other >>> hacks.
>>> >>>
>>> >>> On 9/10/2012 9:49 AM, ics wrote:
>>> >>>
>>> >>>> You need to check the screenshots yourself that it picks. Makes one
>>> >>>> once
>>> >>>> in an hour.
>>> >>>>
>>> >>>> PS: cl_allowupload 0 doesn't block uploading the shot. This plugin
>>> is
>>> >>>> simply awesome tool for every server owner that 

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread ics
Screenshots are saved to tf/resource and also the player will have the 
shots taken from his/her screen on the same location on his/her pc.


-ics

10.9.2012 21:09, Thomas K kirjoitti:

In what folder the screenshots are uploaded to the server?

-Ursprüngliche Nachricht- From: Ejziponken -
Sent: Monday, September 10, 2012 7:35 PM
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No 
spread) detection plugin



lol need this for CS 1.6 and CSGO.. :P


Date: Mon, 10 Sep 2012 13:19:42 -0400
From: epichat...@litewin.net
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No 
spread) detection plugin


Would be nice if valve added a legitimate way for server admins to grab
screenshots if they are going to patch this exploit. Considering the
screenshots only take an in-game image the only people to have reasons
against it are hackers themselves.

--EHG

On 9/10/2012 1:04 PM, Ryan Stecker wrote:
> There's clearly a lack of understanding in this thread.
>
> The plugin simply executes 'jpeg' or 'screenshot' on the client 
(which > is
> the exploit everyone is talking about), and uses the client's > 
INetChannel
> (an interface in the source engine) to have the server request the 
file

> from the client.
>
> It can't take a screenshot of your desktop, or steam chats, or 
anything
> else other than the game's screen. The jpeg command has only ever 
taken

> screenshots of your game.
>
> Really there's two sides of the coin on the issue of making clients 
> execute

> commands.
>
> On one side, malicious server operators could do bad things, and on 
the

> other, it made it possible for an anticheat to get client screenshots.
>
> I would have loved it if this plugin could have survived longer, 
but it
> seems like the command execution method is being fixed. I'd kill to 
get > a

> proper anticheat in source, and not the flawed disaster that is VAC.
>
> On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:
>
>> 
http://tftrue.redline-**utilities.net/anakinac.html<http://tftrue.redline-utilities.net/anakinac.html>

>>
>> -ics
>>
>> 10.9.2012 19:52, Cameron Munroe kirjoitti:
>>
>>   So really it just takes a screen shot of whats on their screen 
and >> then
>>> uploads it to the game server / FTP? and then at a later time you 
look
>>> through them and see if someone had a wall hack on. Is there 
anything >>> else
>>> that it can detect as really a screen shot isn't useful in most 
other >>> hacks.

>>>
>>> On 9/10/2012 9:49 AM, ics wrote:
>>>
>>>> You need to check the screenshots yourself that it picks. Makes 
one >>>> once

>>>> in an hour.
>>>>
>>>> PS: cl_allowupload 0 doesn't block uploading the shot. This 
plugin is
>>>> simply awesome tool for every server owner that wants to catch 
>>>> wallhackers

>>>> and such.
>>>>
>>>> -ics
>>>>
>>>> 10.9.2012 19:46, Cameron Munroe kirjoitti:
>>>>
>>>>> Asher? Can you give us an example, or some info on the subject.
>>>>>
>>>>> On 9/10/2012 9:31 AM, Drogen Viech wrote:
>>>>>
>>>>>> I assume you have to go through all of them on your server, 
the no
>>>>>> spread and trigger bot detection is fully automatic, other 
>>>>>> heuristic

>>>>>> detections are printed to your console
>>>>>>
>>>>>> 2012/9/10 Cameron Munroe :
>>>>>>
>>>>>>> No, I mean how would you use this to detect if someone is 
>>>>>>> cheating?

>>>>>>>
>>>>>>>
>>>>>>> On 9/10/2012 9:23 AM, Drogen Viech wrote:
>>>>>>>
>>>>>>>> It takes a screenshot randomly, only anakin knows when (he 
said >>>>>>>> every

>>>>>>>> 10 or so minutes)
>>>>>>>> He's using some really fucked up kind of exploit - not even the
>>>>>>>> following config will prevent it from taking screenshots:
>>>>>>>>
>>>>>>>> 
http://pastebin.com/raw.php?i=**Xr39hrys<http://pastebin.com/raw.php?i=Xr39hrys>

>>>>>>>>
>>>>>>>> 2012/9/10 Cameron Munroe :
>>>>>>>>
>>>>>>>>> So how does this work?
>>>&g

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Herover
2012/9/10 Ryan Stecker :
> There's clearly a lack of understanding in this thread.
>
> The plugin simply executes 'jpeg' or 'screenshot' on the client (which is
> the exploit everyone is talking about), and uses the client's INetChannel
> (an interface in the source engine) to have the server request the file
> from the client.

Additionally, it have a autoupdating feature which the author did not
advertise before someone reverse engeneerd it, which doesn't make
anything bether since the operator can't disable it.

You are right, and its but it's really anoying that a better
alternative to VAC have to be malicius in this way -- and personally I
won't use it because I don't like someone to have an option to push
code into my server and I don't like someone to take screencaps of my
players (or me) and distributing them like this.

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Thomas K

In what folder the screenshots are uploaded to the server?

-Ursprüngliche Nachricht- 
From: Ejziponken -

Sent: Monday, September 10, 2012 7:35 PM
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
detection plugin



lol need this for CS 1.6 and CSGO.. :P


Date: Mon, 10 Sep 2012 13:19:42 -0400
From: epichat...@litewin.net
To: hlds_linux@list.valvesoftware.com
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
detection plugin


Would be nice if valve added a legitimate way for server admins to grab
screenshots if they are going to patch this exploit. Considering the
screenshots only take an in-game image the only people to have reasons
against it are hackers themselves.

--EHG

On 9/10/2012 1:04 PM, Ryan Stecker wrote:
> There's clearly a lack of understanding in this thread.
>
> The plugin simply executes 'jpeg' or 'screenshot' on the client (which 
> is
> the exploit everyone is talking about), and uses the client's 
> INetChannel

> (an interface in the source engine) to have the server request the file
> from the client.
>
> It can't take a screenshot of your desktop, or steam chats, or anything
> else other than the game's screen. The jpeg command has only ever taken
> screenshots of your game.
>
> Really there's two sides of the coin on the issue of making clients 
> execute

> commands.
>
> On one side, malicious server operators could do bad things, and on the
> other, it made it possible for an anticheat to get client screenshots.
>
> I would have loved it if this plugin could have survived longer, but it
> seems like the command execution method is being fixed. I'd kill to get 
> a

> proper anticheat in source, and not the flawed disaster that is VAC.
>
> On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:
>
>> 
http://tftrue.redline-**utilities.net/anakinac.html<http://tftrue.redline-utilities.net/anakinac.html>
>>
>> -ics
>>
>> 10.9.2012 19:52, Cameron Munroe kirjoitti:
>>
>>   So really it just takes a screen shot of whats on their screen and 
>> then

>>> uploads it to the game server / FTP? and then at a later time you look
>>> through them and see if someone had a wall hack on. Is there anything 
>>> else
>>> that it can detect as really a screen shot isn't useful in most other 
>>> hacks.

>>>
>>> On 9/10/2012 9:49 AM, ics wrote:
>>>
>>>> You need to check the screenshots yourself that it picks. Makes one 
>>>> once

>>>> in an hour.
>>>>
>>>> PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is
>>>> simply awesome tool for every server owner that wants to catch 
>>>> wallhackers

>>>> and such.
>>>>
>>>> -ics
>>>>
>>>> 10.9.2012 19:46, Cameron Munroe kirjoitti:
>>>>
>>>>> Asher? Can you give us an example, or some info on the subject.
>>>>>
>>>>> On 9/10/2012 9:31 AM, Drogen Viech wrote:
>>>>>
>>>>>> I assume you have to go through all of them on your server, the no
>>>>>> spread and trigger bot detection is fully automatic, other 
>>>>>> heuristic

>>>>>> detections are printed to your console
>>>>>>
>>>>>> 2012/9/10 Cameron Munroe :
>>>>>>
>>>>>>> No, I mean how would you use this to detect if someone is 
>>>>>>> cheating?

>>>>>>>
>>>>>>>
>>>>>>> On 9/10/2012 9:23 AM, Drogen Viech wrote:
>>>>>>>
>>>>>>>> It takes a screenshot randomly, only anakin knows when (he said 
>>>>>>>> every

>>>>>>>> 10 or so minutes)
>>>>>>>> He's using some really fucked up kind of exploit - not even the
>>>>>>>> following config will prevent it from taking screenshots:
>>>>>>>>
>>>>>>>> 
http://pastebin.com/raw.php?i=**Xr39hrys<http://pastebin.com/raw.php?i=Xr39hrys>
>>>>>>>>
>>>>>>>> 2012/9/10 Cameron Munroe :
>>>>>>>>
>>>>>>>>> So how does this work?
>>>>>>>>>
>>>>>>>>> It takes a snapshot every X minutes and then you have to go 
>>>>>>>>> through

>>>>>>>>> them?
>>>>>>>>&

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Ejziponken -

lol need this for CS 1.6 and CSGO.. :P

> Date: Mon, 10 Sep 2012 13:19:42 -0400
> From: epichat...@litewin.net
> To: hlds_linux@list.valvesoftware.com
> Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
> detection plugin
> 
> Would be nice if valve added a legitimate way for server admins to grab 
> screenshots if they are going to patch this exploit. Considering the 
> screenshots only take an in-game image the only people to have reasons 
> against it are hackers themselves.
> 
> --EHG
> 
> On 9/10/2012 1:04 PM, Ryan Stecker wrote:
> > There's clearly a lack of understanding in this thread.
> >
> > The plugin simply executes 'jpeg' or 'screenshot' on the client (which is
> > the exploit everyone is talking about), and uses the client's INetChannel
> > (an interface in the source engine) to have the server request the file
> > from the client.
> >
> > It can't take a screenshot of your desktop, or steam chats, or anything
> > else other than the game's screen. The jpeg command has only ever taken
> > screenshots of your game.
> >
> > Really there's two sides of the coin on the issue of making clients execute
> > commands.
> >
> > On one side, malicious server operators could do bad things, and on the
> > other, it made it possible for an anticheat to get client screenshots.
> >
> > I would have loved it if this plugin could have survived longer, but it
> > seems like the command execution method is being fixed. I'd kill to get a
> > proper anticheat in source, and not the flawed disaster that is VAC.
> >
> > On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:
> >
> >> http://tftrue.redline-**utilities.net/anakinac.html<http://tftrue.redline-utilities.net/anakinac.html>
> >>
> >> -ics
> >>
> >> 10.9.2012 19:52, Cameron Munroe kirjoitti:
> >>
> >>   So really it just takes a screen shot of whats on their screen and then
> >>> uploads it to the game server / FTP? and then at a later time you look
> >>> through them and see if someone had a wall hack on. Is there anything else
> >>> that it can detect as really a screen shot isn't useful in most other 
> >>> hacks.
> >>>
> >>> On 9/10/2012 9:49 AM, ics wrote:
> >>>
> >>>> You need to check the screenshots yourself that it picks. Makes one once
> >>>> in an hour.
> >>>>
> >>>> PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is
> >>>> simply awesome tool for every server owner that wants to catch 
> >>>> wallhackers
> >>>> and such.
> >>>>
> >>>> -ics
> >>>>
> >>>> 10.9.2012 19:46, Cameron Munroe kirjoitti:
> >>>>
> >>>>> Asher? Can you give us an example, or some info on the subject.
> >>>>>
> >>>>> On 9/10/2012 9:31 AM, Drogen Viech wrote:
> >>>>>
> >>>>>> I assume you have to go through all of them on your server, the no
> >>>>>> spread and trigger bot detection is fully automatic, other heuristic
> >>>>>> detections are printed to your console
> >>>>>>
> >>>>>> 2012/9/10 Cameron Munroe :
> >>>>>>
> >>>>>>> No, I mean how would you use this to detect if someone is cheating?
> >>>>>>>
> >>>>>>>
> >>>>>>> On 9/10/2012 9:23 AM, Drogen Viech wrote:
> >>>>>>>
> >>>>>>>> It takes a screenshot randomly, only anakin knows when (he said every
> >>>>>>>> 10 or so minutes)
> >>>>>>>> He's using some really fucked up kind of exploit - not even the
> >>>>>>>> following config will prevent it from taking screenshots:
> >>>>>>>>
> >>>>>>>> http://pastebin.com/raw.php?i=**Xr39hrys<http://pastebin.com/raw.php?i=Xr39hrys>
> >>>>>>>>
> >>>>>>>> 2012/9/10 Cameron Munroe :
> >>>>>>>>
> >>>>>>>>> So how does this work?
> >>>>>>>>>
> >>>>>>>>> It takes a snapshot every X minutes and then you have to go through
> >>>>>>>>> them?
> >>>>>>&g

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread EHG
Would be nice if valve added a legitimate way for server admins to grab 
screenshots if they are going to patch this exploit. Considering the 
screenshots only take an in-game image the only people to have reasons 
against it are hackers themselves.


--EHG

On 9/10/2012 1:04 PM, Ryan Stecker wrote:

There's clearly a lack of understanding in this thread.

The plugin simply executes 'jpeg' or 'screenshot' on the client (which is
the exploit everyone is talking about), and uses the client's INetChannel
(an interface in the source engine) to have the server request the file
from the client.

It can't take a screenshot of your desktop, or steam chats, or anything
else other than the game's screen. The jpeg command has only ever taken
screenshots of your game.

Really there's two sides of the coin on the issue of making clients execute
commands.

On one side, malicious server operators could do bad things, and on the
other, it made it possible for an anticheat to get client screenshots.

I would have loved it if this plugin could have survived longer, but it
seems like the command execution method is being fixed. I'd kill to get a
proper anticheat in source, and not the flawed disaster that is VAC.

On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:


http://tftrue.redline-**utilities.net/anakinac.html

-ics

10.9.2012 19:52, Cameron Munroe kirjoitti:

  So really it just takes a screen shot of whats on their screen and then

uploads it to the game server / FTP? and then at a later time you look
through them and see if someone had a wall hack on. Is there anything else
that it can detect as really a screen shot isn't useful in most other hacks.

On 9/10/2012 9:49 AM, ics wrote:


You need to check the screenshots yourself that it picks. Makes one once
in an hour.

PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is
simply awesome tool for every server owner that wants to catch wallhackers
and such.

-ics

10.9.2012 19:46, Cameron Munroe kirjoitti:


Asher? Can you give us an example, or some info on the subject.

On 9/10/2012 9:31 AM, Drogen Viech wrote:


I assume you have to go through all of them on your server, the no
spread and trigger bot detection is fully automatic, other heuristic
detections are printed to your console

2012/9/10 Cameron Munroe :


No, I mean how would you use this to detect if someone is cheating?


On 9/10/2012 9:23 AM, Drogen Viech wrote:


It takes a screenshot randomly, only anakin knows when (he said every
10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=**Xr39hrys

2012/9/10 Cameron Munroe :


So how does this work?

It takes a snapshot every X minutes and then you have to go through
them?

It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take
10** snapshots a sec?



__**_
To unsubscribe, edit your list preferences, or view the list
archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**
hlds_linux


__**_
To unsubscribe, edit your list preferences, or view the list
archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**
hlds_linux



__**_
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**
hlds_linux


__**_
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux



__**_
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux



__**_
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux



__**_
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux



__

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Ryan Stecker
There's clearly a lack of understanding in this thread.

The plugin simply executes 'jpeg' or 'screenshot' on the client (which is
the exploit everyone is talking about), and uses the client's INetChannel
(an interface in the source engine) to have the server request the file
from the client.

It can't take a screenshot of your desktop, or steam chats, or anything
else other than the game's screen. The jpeg command has only ever taken
screenshots of your game.

Really there's two sides of the coin on the issue of making clients execute
commands.

On one side, malicious server operators could do bad things, and on the
other, it made it possible for an anticheat to get client screenshots.

I would have loved it if this plugin could have survived longer, but it
seems like the command execution method is being fixed. I'd kill to get a
proper anticheat in source, and not the flawed disaster that is VAC.

On Mon, Sep 10, 2012 at 11:58 AM, ics  wrote:

> http://tftrue.redline-**utilities.net/anakinac.html
>
> -ics
>
> 10.9.2012 19:52, Cameron Munroe kirjoitti:
>
>  So really it just takes a screen shot of whats on their screen and then
>> uploads it to the game server / FTP? and then at a later time you look
>> through them and see if someone had a wall hack on. Is there anything else
>> that it can detect as really a screen shot isn't useful in most other hacks.
>>
>> On 9/10/2012 9:49 AM, ics wrote:
>>
>>> You need to check the screenshots yourself that it picks. Makes one once
>>> in an hour.
>>>
>>> PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is
>>> simply awesome tool for every server owner that wants to catch wallhackers
>>> and such.
>>>
>>> -ics
>>>
>>> 10.9.2012 19:46, Cameron Munroe kirjoitti:
>>>
 Asher? Can you give us an example, or some info on the subject.

 On 9/10/2012 9:31 AM, Drogen Viech wrote:

> I assume you have to go through all of them on your server, the no
> spread and trigger bot detection is fully automatic, other heuristic
> detections are printed to your console
>
> 2012/9/10 Cameron Munroe :
>
>> No, I mean how would you use this to detect if someone is cheating?
>>
>>
>> On 9/10/2012 9:23 AM, Drogen Viech wrote:
>>
>>> It takes a screenshot randomly, only anakin knows when (he said every
>>> 10 or so minutes)
>>> He's using some really fucked up kind of exploit - not even the
>>> following config will prevent it from taking screenshots:
>>>
>>> http://pastebin.com/raw.php?i=**Xr39hrys
>>>
>>> 2012/9/10 Cameron Munroe :
>>>
 So how does this work?

 It takes a snapshot every X minutes and then you have to go through
 them?

 It takes a snapshot when someone is cheating?

 It slows down the cheaters computer by making them take
 10** snapshots a sec?



 __**_
 To unsubscribe, edit your list preferences, or view the list
 archives,
 please visit:
 https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**
 hlds_linux

>>> __**_
>>> To unsubscribe, edit your list preferences, or view the list
>>> archives,
>>> please visit:
>>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**
>>> hlds_linux
>>>
>>
>>
>> __**_
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**
>> hlds_linux
>>
> __**_
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux
>


 __**_
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux

>>>
>>>
>>> __**_
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux
>>>
>>
>>
>> ___

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Chris Oryschak
When you review a screenshot looking like this... it speaks for itself:

http://i.imgur.com/B9UjE.jpg



On Mon, Sep 10, 2012 at 12:29 PM, Cameron Munroe
wrote:

> No, I mean how would you use this to detect if someone is cheating?
>
>
> On 9/10/2012 9:23 AM, Drogen Viech wrote:
>
>> It takes a screenshot randomly, only anakin knows when (he said every
>> 10 or so minutes)
>> He's using some really fucked up kind of exploit - not even the
>> following config will prevent it from taking screenshots:
>>
>> http://pastebin.com/raw.php?i=**Xr39hrys
>>
>> 2012/9/10 Cameron Munroe :
>>
>>> So how does this work?
>>>
>>> It takes a snapshot every X minutes and then you have to go through them?
>>>
>>> It takes a snapshot when someone is cheating?
>>>
>>> It slows down the cheaters computer by making them take
>>> 10** snapshots a sec?
>>>
>>>
>>>
>>> __**_
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux
>>>
>> __**_
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux
>>
>
>
> __**_
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.**com/cgi-bin/mailman/listinfo/**hlds_linux
>
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread ics

http://tftrue.redline-utilities.net/anakinac.html

-ics

10.9.2012 19:52, Cameron Munroe kirjoitti:
So really it just takes a screen shot of whats on their screen and 
then uploads it to the game server / FTP? and then at a later time you 
look through them and see if someone had a wall hack on. Is there 
anything else that it can detect as really a screen shot isn't useful 
in most other hacks.


On 9/10/2012 9:49 AM, ics wrote:
You need to check the screenshots yourself that it picks. Makes one 
once in an hour.


PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is 
simply awesome tool for every server owner that wants to catch 
wallhackers and such.


-ics

10.9.2012 19:46, Cameron Munroe kirjoitti:

Asher? Can you give us an example, or some info on the subject.

On 9/10/2012 9:31 AM, Drogen Viech wrote:

I assume you have to go through all of them on your server, the no
spread and trigger bot detection is fully automatic, other heuristic
detections are printed to your console

2012/9/10 Cameron Munroe :

No, I mean how would you use this to detect if someone is cheating?


On 9/10/2012 9:23 AM, Drogen Viech wrote:
It takes a screenshot randomly, only anakin knows when (he said 
every

10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=Xr39hrys

2012/9/10 Cameron Munroe :

So how does this work?

It takes a snapshot every X minutes and then you have to go 
through them?


It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take
10 snapshots a sec?



___
To unsubscribe, edit your list preferences, or view the list 
archives,

please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives,

please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list 
archives,

please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
If that is the case valve should get their shit together with their
uploading/downloading policies, it's getting ridiculous

2012/9/10 ics :
> You need to check the screenshots yourself that it picks. Makes one once in
> an hour.
>
> PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is simply
> awesome tool for every server owner that wants to catch wallhackers and
> such.
>
> -ics
>
> 10.9.2012 19:46, Cameron Munroe kirjoitti:
>
>> Asher? Can you give us an example, or some info on the subject.
>>
>> On 9/10/2012 9:31 AM, Drogen Viech wrote:
>>>
>>> I assume you have to go through all of them on your server, the no
>>> spread and trigger bot detection is fully automatic, other heuristic
>>> detections are printed to your console
>>>
>>> 2012/9/10 Cameron Munroe :

 No, I mean how would you use this to detect if someone is cheating?


 On 9/10/2012 9:23 AM, Drogen Viech wrote:
>
> It takes a screenshot randomly, only anakin knows when (he said every
> 10 or so minutes)
> He's using some really fucked up kind of exploit - not even the
> following config will prevent it from taking screenshots:
>
> http://pastebin.com/raw.php?i=Xr39hrys
>
> 2012/9/10 Cameron Munroe :
>>
>> So how does this work?
>>
>> It takes a snapshot every X minutes and then you have to go through
>> them?
>>
>> It takes a snapshot when someone is cheating?
>>
>> It slows down the cheaters computer by making them take
>> 10 snapshots a sec?
>>
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Cameron Munroe
So really it just takes a screen shot of whats on their screen and then 
uploads it to the game server / FTP? and then at a later time you look 
through them and see if someone had a wall hack on. Is there anything 
else that it can detect as really a screen shot isn't useful in most 
other hacks.


On 9/10/2012 9:49 AM, ics wrote:
You need to check the screenshots yourself that it picks. Makes one 
once in an hour.


PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is 
simply awesome tool for every server owner that wants to catch 
wallhackers and such.


-ics

10.9.2012 19:46, Cameron Munroe kirjoitti:

Asher? Can you give us an example, or some info on the subject.

On 9/10/2012 9:31 AM, Drogen Viech wrote:

I assume you have to go through all of them on your server, the no
spread and trigger bot detection is fully automatic, other heuristic
detections are printed to your console

2012/9/10 Cameron Munroe :

No, I mean how would you use this to detect if someone is cheating?


On 9/10/2012 9:23 AM, Drogen Viech wrote:

It takes a screenshot randomly, only anakin knows when (he said every
10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=Xr39hrys

2012/9/10 Cameron Munroe :

So how does this work?

It takes a snapshot every X minutes and then you have to go 
through them?


It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take
10 snapshots a sec?



___
To unsubscribe, edit your list preferences, or view the list 
archives,

please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives,

please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread ics
You need to check the screenshots yourself that it picks. Makes one once 
in an hour.


PS: cl_allowupload 0 doesn't block uploading the shot. This plugin is 
simply awesome tool for every server owner that wants to catch 
wallhackers and such.


-ics

10.9.2012 19:46, Cameron Munroe kirjoitti:

Asher? Can you give us an example, or some info on the subject.

On 9/10/2012 9:31 AM, Drogen Viech wrote:

I assume you have to go through all of them on your server, the no
spread and trigger bot detection is fully automatic, other heuristic
detections are printed to your console

2012/9/10 Cameron Munroe :

No, I mean how would you use this to detect if someone is cheating?


On 9/10/2012 9:23 AM, Drogen Viech wrote:

It takes a screenshot randomly, only anakin knows when (he said every
10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=Xr39hrys

2012/9/10 Cameron Munroe :

So how does this work?

It takes a snapshot every X minutes and then you have to go 
through them?


It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take
10 snapshots a sec?



___
To unsubscribe, edit your list preferences, or view the list 
archives,

please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Cameron Munroe

Asher? Can you give us an example, or some info on the subject.

On 9/10/2012 9:31 AM, Drogen Viech wrote:

I assume you have to go through all of them on your server, the no
spread and trigger bot detection is fully automatic, other heuristic
detections are printed to your console

2012/9/10 Cameron Munroe :

No, I mean how would you use this to detect if someone is cheating?


On 9/10/2012 9:23 AM, Drogen Viech wrote:

It takes a screenshot randomly, only anakin knows when (he said every
10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=Xr39hrys

2012/9/10 Cameron Munroe :

So how does this work?

It takes a snapshot every X minutes and then you have to go through them?

It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take
10 snapshots a sec?



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
I totally forgot about cl_allowupload, derp.

2012/9/10 Drogen Viech :
> I assume you have to go through all of them on your server, the no
> spread and trigger bot detection is fully automatic, other heuristic
> detections are printed to your console
>
> 2012/9/10 Cameron Munroe :
>> No, I mean how would you use this to detect if someone is cheating?
>>
>>
>> On 9/10/2012 9:23 AM, Drogen Viech wrote:
>>>
>>> It takes a screenshot randomly, only anakin knows when (he said every
>>> 10 or so minutes)
>>> He's using some really fucked up kind of exploit - not even the
>>> following config will prevent it from taking screenshots:
>>>
>>> http://pastebin.com/raw.php?i=Xr39hrys
>>>
>>> 2012/9/10 Cameron Munroe :

 So how does this work?

 It takes a snapshot every X minutes and then you have to go through them?

 It takes a snapshot when someone is cheating?

 It slows down the cheaters computer by making them take
 10 snapshots a sec?



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
I assume you have to go through all of them on your server, the no
spread and trigger bot detection is fully automatic, other heuristic
detections are printed to your console

2012/9/10 Cameron Munroe :
> No, I mean how would you use this to detect if someone is cheating?
>
>
> On 9/10/2012 9:23 AM, Drogen Viech wrote:
>>
>> It takes a screenshot randomly, only anakin knows when (he said every
>> 10 or so minutes)
>> He's using some really fucked up kind of exploit - not even the
>> following config will prevent it from taking screenshots:
>>
>> http://pastebin.com/raw.php?i=Xr39hrys
>>
>> 2012/9/10 Cameron Munroe :
>>>
>>> So how does this work?
>>>
>>> It takes a snapshot every X minutes and then you have to go through them?
>>>
>>> It takes a snapshot when someone is cheating?
>>>
>>> It slows down the cheaters computer by making them take
>>> 10 snapshots a sec?
>>>
>>>
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Cameron Munroe

No, I mean how would you use this to detect if someone is cheating?

On 9/10/2012 9:23 AM, Drogen Viech wrote:

It takes a screenshot randomly, only anakin knows when (he said every
10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=Xr39hrys

2012/9/10 Cameron Munroe :

So how does this work?

It takes a snapshot every X minutes and then you have to go through them?

It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take
10 snapshots a sec?



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
I think you can prevent this plugin from working if you disallow your
user account to write to the tf2 folder though

2012/9/10 Drogen Viech :
> It takes a screenshot randomly, only anakin knows when (he said every
> 10 or so minutes)
> He's using some really fucked up kind of exploit - not even the
> following config will prevent it from taking screenshots:
>
> http://pastebin.com/raw.php?i=Xr39hrys
>
> 2012/9/10 Cameron Munroe :
>> So how does this work?
>>
>> It takes a snapshot every X minutes and then you have to go through them?
>>
>> It takes a snapshot when someone is cheating?
>>
>> It slows down the cheaters computer by making them take
>> 10 snapshots a sec?
>>
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
It takes a screenshot randomly, only anakin knows when (he said every
10 or so minutes)
He's using some really fucked up kind of exploit - not even the
following config will prevent it from taking screenshots:

http://pastebin.com/raw.php?i=Xr39hrys

2012/9/10 Cameron Munroe :
> So how does this work?
>
> It takes a snapshot every X minutes and then you have to go through them?
>
> It takes a snapshot when someone is cheating?
>
> It slows down the cheaters computer by making them take
> 10 snapshots a sec?
>
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Cameron Munroe

So how does this work?

It takes a snapshot every X minutes and then you have to go through them?

It takes a snapshot when someone is cheating?

It slows down the cheaters computer by making them take 
10 snapshots a sec?



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Steve Tomaszewski
Steamchat is a separate program run over top the game. If your executing a
Screenshot on hl2.exe for example, it cannot interfere with
steamoverlay.exe. The two cannot communicate.

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Peter
Svensson
Sent: Monday, September 10, 2012 11:34 AM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
detection plugin

I suppose it takes screenshots of steamchats, that is not ok.

2012/9/10 Erik-jan Riemers 

> You mean all the cheaters can avoid that server?
>
> 2012/9/10 Drogen Viech 
>
> > He should atleast force a tag into sv_tags when this plugin is 
> > installed so i can avoid all those servers
> >
> > 2012/9/10 ics :
> > > Like i said you wouldn't even care if you didn't know about such
> feature
> > > existed on this plugin. Anakin isn't some mojo from backalley who 
> > > tries
> > to
> > > exploit everyone. Plugin takes screenshots that reveal cheaters.
> Nothing
> > > else. Granted, you don't know that for sure as it isn't open 
> > > source but that's what it does.
> > >
> > > I¨'m all in for extra tools to get cheaters out as we ban more 
> > > cheaters
> > than
> > > VAC catches (if we look back 2 months after ban was issued by us, 
> > > VAC doesn't get nearly all of them). I'm even helping with 
> > > reporting every single cheater through Steamcommunity because i know
it also helps.
> > >
> > > -ics
> > >
> > > 10.9.2012 17:54, Drogen Viech kirjoitti:
> > >
> > >> The difference is that it's common knowledge that punkbuster 
> > >> takes screenshots, whereas it is done in some obscure and hidden 
> > >> way in anakins plugin, i really hope these exploits are going to 
> > >> be fixed
> > >>
> > >> 2012/9/10 ics :
> > >>>
> > >>> I know what it does and i'm fine with it. Open Source isn't 
> > >>> always
> best
> > >>> solution especially on anticheat systems as cheat developers can 
> > >>> see
> > what
> > >>> it
> > >>> does and do countermeasures. I'm also pretty sure Valve will do
> > something
> > >>> that kills the screenshot feature as they did long ago to server
> > plugins
> > >>> that were able to execute commands on clients.
> > >>>
> > >>> -ics
> > >>>
> > >>> 10.9.2012 17:40, Ross Bemrose kirjoitti:
> > >>>
> > >>>> (I added hlds to the To list as well, since this affects both
> Windows
> > >>>> and
> > >>>> Linux servers)
> > >>>>
> > >>>> The problem is that it appears to be running client commands 
> > >>>> that
> the
> > >>>> server isn't supposed to have access to.  AND uploading files 
> > >>>> from a client's machine back to the server.  AND sending them 
> > >>>> to the author
> > of
> > >>>> the
> > >>>> plugin; you did catch that part, right?
> > >>>>
> > >>>> The plugin's author won't even send the source code to the 
> > >>>> admins of ETF2L, let alone anyone else.  Which means, unless 
> > >>>> you decompile it,
> > you
> > >>>> have no idea what it's doing.  Heck, even if you DO decompile 
> > >>>> it,
> you
> > >>>> may
> > >>>> have no idea what it's doing... decompilation isn't exactly the
> > easiest
> > >>>> thing to read.
> > >>>>
> > >>>> So... you have Security by Obscurity that is itself bypassing 
> > >>>> the
> game
> > >>>> client's security.
> > >>>>
> > >>>> On 9/10/2012 10:35 AM, ics wrote:
> > >>>>>
> > >>>>> Presumably it's all there in the SDK and i have to say it's an
> > awesome
> > >>>>> feature. If i would have to guess, Valve propably uses same 
> > >>>>> thing
> on
> > >>>>> VAC as
> > >>>>> extra proof of cheating.
> > >>>>>
> > >>>>> No one wouldn't even be

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Peter Svensson
I suppose it takes screenshots of steamchats, that is not ok.

2012/9/10 Erik-jan Riemers 

> You mean all the cheaters can avoid that server?
>
> 2012/9/10 Drogen Viech 
>
> > He should atleast force a tag into sv_tags when this plugin is
> > installed so i can avoid all those servers
> >
> > 2012/9/10 ics :
> > > Like i said you wouldn't even care if you didn't know about such
> feature
> > > existed on this plugin. Anakin isn't some mojo from backalley who tries
> > to
> > > exploit everyone. Plugin takes screenshots that reveal cheaters.
> Nothing
> > > else. Granted, you don't know that for sure as it isn't open source but
> > > that's what it does.
> > >
> > > I¨'m all in for extra tools to get cheaters out as we ban more cheaters
> > than
> > > VAC catches (if we look back 2 months after ban was issued by us, VAC
> > > doesn't get nearly all of them). I'm even helping with reporting every
> > > single cheater through Steamcommunity because i know it also helps.
> > >
> > > -ics
> > >
> > > 10.9.2012 17:54, Drogen Viech kirjoitti:
> > >
> > >> The difference is that it's common knowledge that punkbuster takes
> > >> screenshots, whereas it is done in some obscure and hidden way in
> > >> anakins plugin, i really hope these exploits are going to be fixed
> > >>
> > >> 2012/9/10 ics :
> > >>>
> > >>> I know what it does and i'm fine with it. Open Source isn't always
> best
> > >>> solution especially on anticheat systems as cheat developers can see
> > what
> > >>> it
> > >>> does and do countermeasures. I'm also pretty sure Valve will do
> > something
> > >>> that kills the screenshot feature as they did long ago to server
> > plugins
> > >>> that were able to execute commands on clients.
> > >>>
> > >>> -ics
> > >>>
> > >>> 10.9.2012 17:40, Ross Bemrose kirjoitti:
> > >>>
> >  (I added hlds to the To list as well, since this affects both
> Windows
> >  and
> >  Linux servers)
> > 
> >  The problem is that it appears to be running client commands that
> the
> >  server isn't supposed to have access to.  AND uploading files from a
> >  client's machine back to the server.  AND sending them to the author
> > of
> >  the
> >  plugin; you did catch that part, right?
> > 
> >  The plugin's author won't even send the source code to the admins of
> >  ETF2L, let alone anyone else.  Which means, unless you decompile it,
> > you
> >  have no idea what it's doing.  Heck, even if you DO decompile it,
> you
> >  may
> >  have no idea what it's doing... decompilation isn't exactly the
> > easiest
> >  thing to read.
> > 
> >  So... you have Security by Obscurity that is itself bypassing the
> game
> >  client's security.
> > 
> >  On 9/10/2012 10:35 AM, ics wrote:
> > >
> > > Presumably it's all there in the SDK and i have to say it's an
> > awesome
> > > feature. If i would have to guess, Valve propably uses same thing
> on
> > > VAC as
> > > extra proof of cheating.
> > >
> > > No one wouldn't even be alarmed if they didn't know such feature
> > exists
> > > on this plugin or on the server they play on. I tested this
> yesterday
> > > and
> > > already got 1 cheater caught. Besides, it only takes screenshots.
> No
> > > desktop
> > > shots, just ingame footage.
> > >
> > > -ics
> > >
> > > 10.9.2012 16:47, Drogen Viech kirjoitti:
> > >>
> > >> What the hell? Servers can tell the client to take screenshots
> *and*
> > >> tell them to upload them to the server? Whatever happened about
> > >> privacy?
> > >>
> > >> 2012/9/8 lwf :
> > >>>
> > >>>
> > >>>
> > >>>
> >
> http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
> > >>>
> > >>> This is absolutely brilliant, great job! Now just imagine having
> > >>> something like Greenlight to go through those...
> > >>>
> > >>> I'm not even going to bother asking you to open source it but
> > please,
> > >>> at least consider releasing a "stable" version with that doesn't
> > open
> > >>> connection (no auto-update or reports to you or anywhere else, no
> > >>> offense) and has no undocumented features (now or later). I'd
> > really
> > >>> like to use this, we should have had this long ago.
> > >>>
> > >>> On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn . 
> > >>> wrote:
> > 
> >  Hi,
> > 
> >  As Valve is too lazy to do anything about hacks, I started
> working
> >  back in January on a plugin that can detect:
> >  - POTENTIAL triggerbotters
> >  - Prediction hacks (crit hacks/no spread hacks)
> >  - An anti-speedhack bypass exploit
> > 
> >  Triggerbots:
> >  To make it clear as some people I gave it to didn’t understand,
> > the
> >  detection is kind of “heuristic” (I won’t explain in detail, if
> I
> > do
> >  then t

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Erik-jan Riemers
You mean all the cheaters can avoid that server?

2012/9/10 Drogen Viech 

> He should atleast force a tag into sv_tags when this plugin is
> installed so i can avoid all those servers
>
> 2012/9/10 ics :
> > Like i said you wouldn't even care if you didn't know about such feature
> > existed on this plugin. Anakin isn't some mojo from backalley who tries
> to
> > exploit everyone. Plugin takes screenshots that reveal cheaters. Nothing
> > else. Granted, you don't know that for sure as it isn't open source but
> > that's what it does.
> >
> > I¨'m all in for extra tools to get cheaters out as we ban more cheaters
> than
> > VAC catches (if we look back 2 months after ban was issued by us, VAC
> > doesn't get nearly all of them). I'm even helping with reporting every
> > single cheater through Steamcommunity because i know it also helps.
> >
> > -ics
> >
> > 10.9.2012 17:54, Drogen Viech kirjoitti:
> >
> >> The difference is that it's common knowledge that punkbuster takes
> >> screenshots, whereas it is done in some obscure and hidden way in
> >> anakins plugin, i really hope these exploits are going to be fixed
> >>
> >> 2012/9/10 ics :
> >>>
> >>> I know what it does and i'm fine with it. Open Source isn't always best
> >>> solution especially on anticheat systems as cheat developers can see
> what
> >>> it
> >>> does and do countermeasures. I'm also pretty sure Valve will do
> something
> >>> that kills the screenshot feature as they did long ago to server
> plugins
> >>> that were able to execute commands on clients.
> >>>
> >>> -ics
> >>>
> >>> 10.9.2012 17:40, Ross Bemrose kirjoitti:
> >>>
>  (I added hlds to the To list as well, since this affects both Windows
>  and
>  Linux servers)
> 
>  The problem is that it appears to be running client commands that the
>  server isn't supposed to have access to.  AND uploading files from a
>  client's machine back to the server.  AND sending them to the author
> of
>  the
>  plugin; you did catch that part, right?
> 
>  The plugin's author won't even send the source code to the admins of
>  ETF2L, let alone anyone else.  Which means, unless you decompile it,
> you
>  have no idea what it's doing.  Heck, even if you DO decompile it, you
>  may
>  have no idea what it's doing... decompilation isn't exactly the
> easiest
>  thing to read.
> 
>  So... you have Security by Obscurity that is itself bypassing the game
>  client's security.
> 
>  On 9/10/2012 10:35 AM, ics wrote:
> >
> > Presumably it's all there in the SDK and i have to say it's an
> awesome
> > feature. If i would have to guess, Valve propably uses same thing on
> > VAC as
> > extra proof of cheating.
> >
> > No one wouldn't even be alarmed if they didn't know such feature
> exists
> > on this plugin or on the server they play on. I tested this yesterday
> > and
> > already got 1 cheater caught. Besides, it only takes screenshots. No
> > desktop
> > shots, just ingame footage.
> >
> > -ics
> >
> > 10.9.2012 16:47, Drogen Viech kirjoitti:
> >>
> >> What the hell? Servers can tell the client to take screenshots *and*
> >> tell them to upload them to the server? Whatever happened about
> >> privacy?
> >>
> >> 2012/9/8 lwf :
> >>>
> >>>
> >>>
> >>>
> http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
> >>>
> >>> This is absolutely brilliant, great job! Now just imagine having
> >>> something like Greenlight to go through those...
> >>>
> >>> I'm not even going to bother asking you to open source it but
> please,
> >>> at least consider releasing a "stable" version with that doesn't
> open
> >>> connection (no auto-update or reports to you or anywhere else, no
> >>> offense) and has no undocumented features (now or later). I'd
> really
> >>> like to use this, we should have had this long ago.
> >>>
> >>> On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn . 
> >>> wrote:
> 
>  Hi,
> 
>  As Valve is too lazy to do anything about hacks, I started working
>  back in January on a plugin that can detect:
>  - POTENTIAL triggerbotters
>  - Prediction hacks (crit hacks/no spread hacks)
>  - An anti-speedhack bypass exploit
> 
>  Triggerbots:
>  To make it clear as some people I gave it to didn’t understand,
> the
>  detection is kind of “heuristic” (I won’t explain in detail, if I
> do
>  then the cheat coders will bypass it in no time), so it’s not
>  because
>  someone got detected that he is surely cheating. It’s just a tool
> to
>  help you find people that can potentially cheat and you can just
>  check
>  the STV demos then to confirm that they cheat or not.
> 
>  The most detections for a single pers

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Steve Tomaszewski
Why are you so worried about it taking screenshots? They said it can only
take shots of game footage.

I think this is a great idea and should not be patched. It's probably the
most indefinite proof that someone is cheating. And having their steam id
and everything would get them out of a community that would be better
without any cheaters. If you want to use hacks, stand up your own server and
pay for it then see how many people stay there.

-Original Message-
From: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Drogen Viech
Sent: Monday, September 10, 2012 11:19 AM
To: Half-Life dedicated Linux server mailing list
Subject: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
detection plugin

Will "alias jpeg" and "alias screenshot" prevent this from taking
screenshots?

2012/9/10 Drogen Viech :
> He should atleast force a tag into sv_tags when this plugin is 
> installed so i can avoid all those servers
>
> 2012/9/10 ics :
>> Like i said you wouldn't even care if you didn't know about such 
>> feature existed on this plugin. Anakin isn't some mojo from backalley 
>> who tries to exploit everyone. Plugin takes screenshots that reveal 
>> cheaters. Nothing else. Granted, you don't know that for sure as it 
>> isn't open source but that's what it does.
>>
>> I¨'m all in for extra tools to get cheaters out as we ban more 
>> cheaters than VAC catches (if we look back 2 months after ban was 
>> issued by us, VAC doesn't get nearly all of them). I'm even helping 
>> with reporting every single cheater through Steamcommunity because i know
it also helps.
>>
>> -ics
>>
>> 10.9.2012 17:54, Drogen Viech kirjoitti:
>>
>>> The difference is that it's common knowledge that punkbuster takes 
>>> screenshots, whereas it is done in some obscure and hidden way in 
>>> anakins plugin, i really hope these exploits are going to be fixed
>>>
>>> 2012/9/10 ics :
>>>>
>>>> I know what it does and i'm fine with it. Open Source isn't always 
>>>> best solution especially on anticheat systems as cheat developers 
>>>> can see what it does and do countermeasures. I'm also pretty sure 
>>>> Valve will do something that kills the screenshot feature as they 
>>>> did long ago to server plugins that were able to execute commands 
>>>> on clients.
>>>>
>>>> -ics
>>>>
>>>> 10.9.2012 17:40, Ross Bemrose kirjoitti:
>>>>
>>>>> (I added hlds to the To list as well, since this affects both 
>>>>> Windows and Linux servers)
>>>>>
>>>>> The problem is that it appears to be running client commands that 
>>>>> the server isn't supposed to have access to.  AND uploading files 
>>>>> from a client's machine back to the server.  AND sending them to 
>>>>> the author of the plugin; you did catch that part, right?
>>>>>
>>>>> The plugin's author won't even send the source code to the admins 
>>>>> of ETF2L, let alone anyone else.  Which means, unless you 
>>>>> decompile it, you have no idea what it's doing.  Heck, even if you 
>>>>> DO decompile it, you may have no idea what it's doing... 
>>>>> decompilation isn't exactly the easiest thing to read.
>>>>>
>>>>> So... you have Security by Obscurity that is itself bypassing the 
>>>>> game client's security.
>>>>>
>>>>> On 9/10/2012 10:35 AM, ics wrote:
>>>>>>
>>>>>> Presumably it's all there in the SDK and i have to say it's an 
>>>>>> awesome feature. If i would have to guess, Valve propably uses 
>>>>>> same thing on VAC as extra proof of cheating.
>>>>>>
>>>>>> No one wouldn't even be alarmed if they didn't know such feature 
>>>>>> exists on this plugin or on the server they play on. I tested 
>>>>>> this yesterday and already got 1 cheater caught. Besides, it only 
>>>>>> takes screenshots. No desktop shots, just ingame footage.
>>>>>>
>>>>>> -ics
>>>>>>
>>>>>> 10.9.2012 16:47, Drogen Viech kirjoitti:
>>>>>>>
>>>>>>> What the hell? Servers can tell the client to take screenshots 
>>>>>>> *and* tell them to upload them to th

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
Will "alias jpeg" and "alias screenshot" prevent this from taking screenshots?

2012/9/10 Drogen Viech :
> He should atleast force a tag into sv_tags when this plugin is
> installed so i can avoid all those servers
>
> 2012/9/10 ics :
>> Like i said you wouldn't even care if you didn't know about such feature
>> existed on this plugin. Anakin isn't some mojo from backalley who tries to
>> exploit everyone. Plugin takes screenshots that reveal cheaters. Nothing
>> else. Granted, you don't know that for sure as it isn't open source but
>> that's what it does.
>>
>> I¨'m all in for extra tools to get cheaters out as we ban more cheaters than
>> VAC catches (if we look back 2 months after ban was issued by us, VAC
>> doesn't get nearly all of them). I'm even helping with reporting every
>> single cheater through Steamcommunity because i know it also helps.
>>
>> -ics
>>
>> 10.9.2012 17:54, Drogen Viech kirjoitti:
>>
>>> The difference is that it's common knowledge that punkbuster takes
>>> screenshots, whereas it is done in some obscure and hidden way in
>>> anakins plugin, i really hope these exploits are going to be fixed
>>>
>>> 2012/9/10 ics :

 I know what it does and i'm fine with it. Open Source isn't always best
 solution especially on anticheat systems as cheat developers can see what
 it
 does and do countermeasures. I'm also pretty sure Valve will do something
 that kills the screenshot feature as they did long ago to server plugins
 that were able to execute commands on clients.

 -ics

 10.9.2012 17:40, Ross Bemrose kirjoitti:

> (I added hlds to the To list as well, since this affects both Windows
> and
> Linux servers)
>
> The problem is that it appears to be running client commands that the
> server isn't supposed to have access to.  AND uploading files from a
> client's machine back to the server.  AND sending them to the author of
> the
> plugin; you did catch that part, right?
>
> The plugin's author won't even send the source code to the admins of
> ETF2L, let alone anyone else.  Which means, unless you decompile it, you
> have no idea what it's doing.  Heck, even if you DO decompile it, you
> may
> have no idea what it's doing... decompilation isn't exactly the easiest
> thing to read.
>
> So... you have Security by Obscurity that is itself bypassing the game
> client's security.
>
> On 9/10/2012 10:35 AM, ics wrote:
>>
>> Presumably it's all there in the SDK and i have to say it's an awesome
>> feature. If i would have to guess, Valve propably uses same thing on
>> VAC as
>> extra proof of cheating.
>>
>> No one wouldn't even be alarmed if they didn't know such feature exists
>> on this plugin or on the server they play on. I tested this yesterday
>> and
>> already got 1 cheater caught. Besides, it only takes screenshots. No
>> desktop
>> shots, just ingame footage.
>>
>> -ics
>>
>> 10.9.2012 16:47, Drogen Viech kirjoitti:
>>>
>>> What the hell? Servers can tell the client to take screenshots *and*
>>> tell them to upload them to the server? Whatever happened about
>>> privacy?
>>>
>>> 2012/9/8 lwf :



 http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387

 This is absolutely brilliant, great job! Now just imagine having
 something like Greenlight to go through those...

 I'm not even going to bother asking you to open source it but please,
 at least consider releasing a "stable" version with that doesn't open
 connection (no auto-update or reports to you or anywhere else, no
 offense) and has no undocumented features (now or later). I'd really
 like to use this, we should have had this long ago.

 On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn . 
 wrote:
>
> Hi,
>
> As Valve is too lazy to do anything about hacks, I started working
> back in January on a plugin that can detect:
> - POTENTIAL triggerbotters
> - Prediction hacks (crit hacks/no spread hacks)
> - An anti-speedhack bypass exploit
>
> Triggerbots:
> To make it clear as some people I gave it to didn’t understand, the
> detection is kind of “heuristic” (I won’t explain in detail, if I do
> then the cheat coders will bypass it in no time), so it’s not
> because
> someone got detected that he is surely cheating. It’s just a tool to
> help you find people that can potentially cheat and you can just
> check
> the STV demos then to confirm that they cheat or not.
>
> The most detections for a single person in the less timespan you
> will
> find in the log, the more likely he is using a triggerbot.
>>>

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
He should atleast force a tag into sv_tags when this plugin is
installed so i can avoid all those servers

2012/9/10 ics :
> Like i said you wouldn't even care if you didn't know about such feature
> existed on this plugin. Anakin isn't some mojo from backalley who tries to
> exploit everyone. Plugin takes screenshots that reveal cheaters. Nothing
> else. Granted, you don't know that for sure as it isn't open source but
> that's what it does.
>
> I¨'m all in for extra tools to get cheaters out as we ban more cheaters than
> VAC catches (if we look back 2 months after ban was issued by us, VAC
> doesn't get nearly all of them). I'm even helping with reporting every
> single cheater through Steamcommunity because i know it also helps.
>
> -ics
>
> 10.9.2012 17:54, Drogen Viech kirjoitti:
>
>> The difference is that it's common knowledge that punkbuster takes
>> screenshots, whereas it is done in some obscure and hidden way in
>> anakins plugin, i really hope these exploits are going to be fixed
>>
>> 2012/9/10 ics :
>>>
>>> I know what it does and i'm fine with it. Open Source isn't always best
>>> solution especially on anticheat systems as cheat developers can see what
>>> it
>>> does and do countermeasures. I'm also pretty sure Valve will do something
>>> that kills the screenshot feature as they did long ago to server plugins
>>> that were able to execute commands on clients.
>>>
>>> -ics
>>>
>>> 10.9.2012 17:40, Ross Bemrose kirjoitti:
>>>
 (I added hlds to the To list as well, since this affects both Windows
 and
 Linux servers)

 The problem is that it appears to be running client commands that the
 server isn't supposed to have access to.  AND uploading files from a
 client's machine back to the server.  AND sending them to the author of
 the
 plugin; you did catch that part, right?

 The plugin's author won't even send the source code to the admins of
 ETF2L, let alone anyone else.  Which means, unless you decompile it, you
 have no idea what it's doing.  Heck, even if you DO decompile it, you
 may
 have no idea what it's doing... decompilation isn't exactly the easiest
 thing to read.

 So... you have Security by Obscurity that is itself bypassing the game
 client's security.

 On 9/10/2012 10:35 AM, ics wrote:
>
> Presumably it's all there in the SDK and i have to say it's an awesome
> feature. If i would have to guess, Valve propably uses same thing on
> VAC as
> extra proof of cheating.
>
> No one wouldn't even be alarmed if they didn't know such feature exists
> on this plugin or on the server they play on. I tested this yesterday
> and
> already got 1 cheater caught. Besides, it only takes screenshots. No
> desktop
> shots, just ingame footage.
>
> -ics
>
> 10.9.2012 16:47, Drogen Viech kirjoitti:
>>
>> What the hell? Servers can tell the client to take screenshots *and*
>> tell them to upload them to the server? Whatever happened about
>> privacy?
>>
>> 2012/9/8 lwf :
>>>
>>>
>>>
>>> http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
>>>
>>> This is absolutely brilliant, great job! Now just imagine having
>>> something like Greenlight to go through those...
>>>
>>> I'm not even going to bother asking you to open source it but please,
>>> at least consider releasing a "stable" version with that doesn't open
>>> connection (no auto-update or reports to you or anywhere else, no
>>> offense) and has no undocumented features (now or later). I'd really
>>> like to use this, we should have had this long ago.
>>>
>>> On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn . 
>>> wrote:

 Hi,

 As Valve is too lazy to do anything about hacks, I started working
 back in January on a plugin that can detect:
 - POTENTIAL triggerbotters
 - Prediction hacks (crit hacks/no spread hacks)
 - An anti-speedhack bypass exploit

 Triggerbots:
 To make it clear as some people I gave it to didn’t understand, the
 detection is kind of “heuristic” (I won’t explain in detail, if I do
 then the cheat coders will bypass it in no time), so it’s not
 because
 someone got detected that he is surely cheating. It’s just a tool to
 help you find people that can potentially cheat and you can just
 check
 the STV demos then to confirm that they cheat or not.

 The most detections for a single person in the less timespan you
 will
 find in the log, the more likely he is using a triggerbot.

 Prediction hacks:
 I guess this is what will interest most people on this list, it
 detects the crit hacks that does 100% crits all the time which is an
 engine exploit which has been ad

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread ics
Like i said you wouldn't even care if you didn't know about such feature 
existed on this plugin. Anakin isn't some mojo from backalley who tries 
to exploit everyone. Plugin takes screenshots that reveal cheaters. 
Nothing else. Granted, you don't know that for sure as it isn't open 
source but that's what it does.


I¨'m all in for extra tools to get cheaters out as we ban more cheaters 
than VAC catches (if we look back 2 months after ban was issued by us, 
VAC doesn't get nearly all of them). I'm even helping with reporting 
every single cheater through Steamcommunity because i know it also helps.


-ics

10.9.2012 17:54, Drogen Viech kirjoitti:

The difference is that it's common knowledge that punkbuster takes
screenshots, whereas it is done in some obscure and hidden way in
anakins plugin, i really hope these exploits are going to be fixed

2012/9/10 ics :

I know what it does and i'm fine with it. Open Source isn't always best
solution especially on anticheat systems as cheat developers can see what it
does and do countermeasures. I'm also pretty sure Valve will do something
that kills the screenshot feature as they did long ago to server plugins
that were able to execute commands on clients.

-ics

10.9.2012 17:40, Ross Bemrose kirjoitti:


(I added hlds to the To list as well, since this affects both Windows and
Linux servers)

The problem is that it appears to be running client commands that the
server isn't supposed to have access to.  AND uploading files from a
client's machine back to the server.  AND sending them to the author of the
plugin; you did catch that part, right?

The plugin's author won't even send the source code to the admins of
ETF2L, let alone anyone else.  Which means, unless you decompile it, you
have no idea what it's doing.  Heck, even if you DO decompile it, you may
have no idea what it's doing... decompilation isn't exactly the easiest
thing to read.

So... you have Security by Obscurity that is itself bypassing the game
client's security.

On 9/10/2012 10:35 AM, ics wrote:

Presumably it's all there in the SDK and i have to say it's an awesome
feature. If i would have to guess, Valve propably uses same thing on VAC as
extra proof of cheating.

No one wouldn't even be alarmed if they didn't know such feature exists
on this plugin or on the server they play on. I tested this yesterday and
already got 1 cheater caught. Besides, it only takes screenshots. No desktop
shots, just ingame footage.

-ics

10.9.2012 16:47, Drogen Viech kirjoitti:

What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?

2012/9/8 lwf :


http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387

This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...

I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.

On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:

Hi,

As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just check
the STV demos then to confirm that they cheat or not.

The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.

The detections get printed to a log called TriggerBotDetections.log in
tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/c

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
The difference is that it's common knowledge that punkbuster takes
screenshots, whereas it is done in some obscure and hidden way in
anakins plugin, i really hope these exploits are going to be fixed

2012/9/10 ics :
> I know what it does and i'm fine with it. Open Source isn't always best
> solution especially on anticheat systems as cheat developers can see what it
> does and do countermeasures. I'm also pretty sure Valve will do something
> that kills the screenshot feature as they did long ago to server plugins
> that were able to execute commands on clients.
>
> -ics
>
> 10.9.2012 17:40, Ross Bemrose kirjoitti:
>
>> (I added hlds to the To list as well, since this affects both Windows and
>> Linux servers)
>>
>> The problem is that it appears to be running client commands that the
>> server isn't supposed to have access to.  AND uploading files from a
>> client's machine back to the server.  AND sending them to the author of the
>> plugin; you did catch that part, right?
>>
>> The plugin's author won't even send the source code to the admins of
>> ETF2L, let alone anyone else.  Which means, unless you decompile it, you
>> have no idea what it's doing.  Heck, even if you DO decompile it, you may
>> have no idea what it's doing... decompilation isn't exactly the easiest
>> thing to read.
>>
>> So... you have Security by Obscurity that is itself bypassing the game
>> client's security.
>>
>> On 9/10/2012 10:35 AM, ics wrote:
>>>
>>> Presumably it's all there in the SDK and i have to say it's an awesome
>>> feature. If i would have to guess, Valve propably uses same thing on VAC as
>>> extra proof of cheating.
>>>
>>> No one wouldn't even be alarmed if they didn't know such feature exists
>>> on this plugin or on the server they play on. I tested this yesterday and
>>> already got 1 cheater caught. Besides, it only takes screenshots. No desktop
>>> shots, just ingame footage.
>>>
>>> -ics
>>>
>>> 10.9.2012 16:47, Drogen Viech kirjoitti:

 What the hell? Servers can tell the client to take screenshots *and*
 tell them to upload them to the server? Whatever happened about
 privacy?

 2012/9/8 lwf :
>
>
> http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
>
> This is absolutely brilliant, great job! Now just imagine having
> something like Greenlight to go through those...
>
> I'm not even going to bother asking you to open source it but please,
> at least consider releasing a "stable" version with that doesn't open
> connection (no auto-update or reports to you or anywhere else, no
> offense) and has no undocumented features (now or later). I'd really
> like to use this, we should have had this long ago.
>
> On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:
>>
>> Hi,
>>
>> As Valve is too lazy to do anything about hacks, I started working
>> back in January on a plugin that can detect:
>> - POTENTIAL triggerbotters
>> - Prediction hacks (crit hacks/no spread hacks)
>> - An anti-speedhack bypass exploit
>>
>> Triggerbots:
>> To make it clear as some people I gave it to didn’t understand, the
>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>> then the cheat coders will bypass it in no time), so it’s not because
>> someone got detected that he is surely cheating. It’s just a tool to
>> help you find people that can potentially cheat and you can just check
>> the STV demos then to confirm that they cheat or not.
>>
>> The most detections for a single person in the less timespan you will
>> find in the log, the more likely he is using a triggerbot.
>>
>> Prediction hacks:
>> I guess this is what will interest most people on this list, it
>> detects the crit hacks that does 100% crits all the time which is an
>> engine exploit which has been added into many hacks lately. It's also
>> used for various no spread/low spread hacks.
>>
>> The detections get printed to a log called TriggerBotDetections.log in
>> tf/ (and are also sent to me) on EVERY MAP change or when all players
>> have disconnected from the server. It’s important to note this
>> otherwise you could loose all the detections (especially if your
>> server automatically restarts every night). There is a simple reason
>> for this: writing in a file while you play can cause lags, especially
>> if someone is getting detected a lot.
>>
>> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>>
>> --
>> Best regards,
>> AnAkIn
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
> ___
> To unsubscribe, edit your list preferen

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread ics
I know what it does and i'm fine with it. Open Source isn't always best 
solution especially on anticheat systems as cheat developers can see 
what it does and do countermeasures. I'm also pretty sure Valve will do 
something that kills the screenshot feature as they did long ago to 
server plugins that were able to execute commands on clients.


-ics

10.9.2012 17:40, Ross Bemrose kirjoitti:
(I added hlds to the To list as well, since this affects both Windows 
and Linux servers)


The problem is that it appears to be running client commands that the 
server isn't supposed to have access to.  AND uploading files from a 
client's machine back to the server.  AND sending them to the author 
of the plugin; you did catch that part, right?


The plugin's author won't even send the source code to the admins of 
ETF2L, let alone anyone else.  Which means, unless you decompile it, 
you have no idea what it's doing.  Heck, even if you DO decompile it, 
you may have no idea what it's doing... decompilation isn't exactly 
the easiest thing to read.


So... you have Security by Obscurity that is itself bypassing the game 
client's security.


On 9/10/2012 10:35 AM, ics wrote:
Presumably it's all there in the SDK and i have to say it's an 
awesome feature. If i would have to guess, Valve propably uses same 
thing on VAC as extra proof of cheating.


No one wouldn't even be alarmed if they didn't know such feature 
exists on this plugin or on the server they play on. I tested this 
yesterday and already got 1 cheater caught. Besides, it only takes 
screenshots. No desktop shots, just ingame footage.


-ics

10.9.2012 16:47, Drogen Viech kirjoitti:

What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?

2012/9/8 lwf :
http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387 



This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...

I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.

On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:

Hi,

As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just 
check

the STV demos then to confirm that they cheat or not.

The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.

The detections get printed to a log called 
TriggerBotDetections.log in

tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_lin

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread TOM -

how can i install this plugin ?

  
  
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Ross Bemrose
(I added hlds to the To list as well, since this affects both Windows 
and Linux servers)


The problem is that it appears to be running client commands that the 
server isn't supposed to have access to.  AND uploading files from a 
client's machine back to the server.  AND sending them to the author of 
the plugin; you did catch that part, right?


The plugin's author won't even send the source code to the admins of 
ETF2L, let alone anyone else.  Which means, unless you decompile it, you 
have no idea what it's doing.  Heck, even if you DO decompile it, you 
may have no idea what it's doing... decompilation isn't exactly the 
easiest thing to read.


So... you have Security by Obscurity that is itself bypassing the game 
client's security.


On 9/10/2012 10:35 AM, ics wrote:
Presumably it's all there in the SDK and i have to say it's an awesome 
feature. If i would have to guess, Valve propably uses same thing on 
VAC as extra proof of cheating.


No one wouldn't even be alarmed if they didn't know such feature 
exists on this plugin or on the server they play on. I tested this 
yesterday and already got 1 cheater caught. Besides, it only takes 
screenshots. No desktop shots, just ingame footage.


-ics

10.9.2012 16:47, Drogen Viech kirjoitti:

What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?

2012/9/8 lwf :
http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387 



This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...

I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.

On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:

Hi,

As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just check
the STV demos then to confirm that they cheat or not.

The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.

The detections get printed to a log called TriggerBotDetections.log in
tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list 
archives, please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:

https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Asher Baker
On Mon, Sep 10, 2012 at 3:35 PM, ics  wrote:
> Presumably it's all there in the SDK and i have to say it's an awesome
> feature.

The file transfer stuff is, the plugin is using an (likely now very
short lived, I'd be surprised if it made the end of the week) exploit
to take the actual screenshot.

On Mon, Sep 10, 2012 at 3:35 PM, ics  wrote:
> Presumably it's all there in the SDK and i have to say it's an awesome
> feature. If i would have to guess, Valve propably uses same thing on VAC as
> extra proof of cheating.
>
> No one wouldn't even be alarmed if they didn't know such feature exists on
> this plugin or on the server they play on. I tested this yesterday and
> already got 1 cheater caught. Besides, it only takes screenshots. No desktop
> shots, just ingame footage.
>
> -ics
>
> 10.9.2012 16:47, Drogen Viech kirjoitti:
>
>> What the hell? Servers can tell the client to take screenshots *and*
>> tell them to upload them to the server? Whatever happened about
>> privacy?
>>
>> 2012/9/8 lwf :
>>>
>>>
>>> http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
>>>
>>> This is absolutely brilliant, great job! Now just imagine having
>>> something like Greenlight to go through those...
>>>
>>> I'm not even going to bother asking you to open source it but please,
>>> at least consider releasing a "stable" version with that doesn't open
>>> connection (no auto-update or reports to you or anywhere else, no
>>> offense) and has no undocumented features (now or later). I'd really
>>> like to use this, we should have had this long ago.
>>>
>>> On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:

 Hi,

 As Valve is too lazy to do anything about hacks, I started working
 back in January on a plugin that can detect:
 - POTENTIAL triggerbotters
 - Prediction hacks (crit hacks/no spread hacks)
 - An anti-speedhack bypass exploit

 Triggerbots:
 To make it clear as some people I gave it to didn’t understand, the
 detection is kind of “heuristic” (I won’t explain in detail, if I do
 then the cheat coders will bypass it in no time), so it’s not because
 someone got detected that he is surely cheating. It’s just a tool to
 help you find people that can potentially cheat and you can just check
 the STV demos then to confirm that they cheat or not.

 The most detections for a single person in the less timespan you will
 find in the log, the more likely he is using a triggerbot.

 Prediction hacks:
 I guess this is what will interest most people on this list, it
 detects the crit hacks that does 100% crits all the time which is an
 engine exploit which has been added into many hacks lately. It's also
 used for various no spread/low spread hacks.

 The detections get printed to a log called TriggerBotDetections.log in
 tf/ (and are also sent to me) on EVERY MAP change or when all players
 have disconnected from the server. It’s important to note this
 otherwise you could loose all the detections (especially if your
 server automatically restarts every night). There is a simple reason
 for this: writing in a file while you play can cause lags, especially
 if someone is getting detected a lot.

 Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

 --
 Best regards,
 AnAkIn

 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list archives,
>>> please visit:
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread ics
Presumably it's all there in the SDK and i have to say it's an awesome 
feature. If i would have to guess, Valve propably uses same thing on VAC 
as extra proof of cheating.


No one wouldn't even be alarmed if they didn't know such feature exists 
on this plugin or on the server they play on. I tested this yesterday 
and already got 1 cheater caught. Besides, it only takes screenshots. No 
desktop shots, just ingame footage.


-ics

10.9.2012 16:47, Drogen Viech kirjoitti:

What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?

2012/9/8 lwf :

http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387

This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...

I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.

On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:

Hi,

As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just check
the STV demos then to confirm that they cheat or not.

The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.

The detections get printed to a log called TriggerBotDetections.log in
tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Ross Bemrose
Not only that, but it sounds like there's a way for servers to force 
clients to execute commands not marked FCVAR_SERVER_CAN_EXECUTE, which 
would be a security hole.


On 9/10/2012 9:47 AM, Drogen Viech wrote:

What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?

2012/9/8 lwf :

http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387

This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...

I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.

On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:

Hi,

As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just check
the STV demos then to confirm that they cheat or not.

The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.

The detections get printed to a log called TriggerBotDetections.log in
tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-10 Thread Drogen Viech
What the hell? Servers can tell the client to take screenshots *and*
tell them to upload them to the server? Whatever happened about
privacy?

2012/9/8 lwf :
> http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387
>
> This is absolutely brilliant, great job! Now just imagine having
> something like Greenlight to go through those...
>
> I'm not even going to bother asking you to open source it but please,
> at least consider releasing a "stable" version with that doesn't open
> connection (no auto-update or reports to you or anywhere else, no
> offense) and has no undocumented features (now or later). I'd really
> like to use this, we should have had this long ago.
>
> On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:
>> Hi,
>>
>> As Valve is too lazy to do anything about hacks, I started working
>> back in January on a plugin that can detect:
>> - POTENTIAL triggerbotters
>> - Prediction hacks (crit hacks/no spread hacks)
>> - An anti-speedhack bypass exploit
>>
>> Triggerbots:
>> To make it clear as some people I gave it to didn’t understand, the
>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>> then the cheat coders will bypass it in no time), so it’s not because
>> someone got detected that he is surely cheating. It’s just a tool to
>> help you find people that can potentially cheat and you can just check
>> the STV demos then to confirm that they cheat or not.
>>
>> The most detections for a single person in the less timespan you will
>> find in the log, the more likely he is using a triggerbot.
>>
>> Prediction hacks:
>> I guess this is what will interest most people on this list, it
>> detects the crit hacks that does 100% crits all the time which is an
>> engine exploit which has been added into many hacks lately. It's also
>> used for various no spread/low spread hacks.
>>
>> The detections get printed to a log called TriggerBotDetections.log in
>> tf/ (and are also sent to me) on EVERY MAP change or when all players
>> have disconnected from the server. It’s important to note this
>> otherwise you could loose all the detections (especially if your
>> server automatically restarts every night). There is a simple reason
>> for this: writing in a file while you play can cause lags, especially
>> if someone is getting detected a lot.
>>
>> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>>
>> --
>> Best regards,
>> AnAkIn
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives, 
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-09-08 Thread lwf
http://etf2l.org/forum/general/topic-21038/page-24/?recent=406717#post-406387

This is absolutely brilliant, great job! Now just imagine having
something like Greenlight to go through those...

I'm not even going to bother asking you to open source it but please,
at least consider releasing a "stable" version with that doesn't open
connection (no auto-update or reports to you or anywhere else, no
offense) and has no undocumented features (now or later). I'd really
like to use this, we should have had this long ago.

On Wed, Apr 11, 2012 at 7:23 PM, AnAkIn .  wrote:
> Hi,
>
> As Valve is too lazy to do anything about hacks, I started working
> back in January on a plugin that can detect:
> - POTENTIAL triggerbotters
> - Prediction hacks (crit hacks/no spread hacks)
> - An anti-speedhack bypass exploit
>
> Triggerbots:
> To make it clear as some people I gave it to didn’t understand, the
> detection is kind of “heuristic” (I won’t explain in detail, if I do
> then the cheat coders will bypass it in no time), so it’s not because
> someone got detected that he is surely cheating. It’s just a tool to
> help you find people that can potentially cheat and you can just check
> the STV demos then to confirm that they cheat or not.
>
> The most detections for a single person in the less timespan you will
> find in the log, the more likely he is using a triggerbot.
>
> Prediction hacks:
> I guess this is what will interest most people on this list, it
> detects the crit hacks that does 100% crits all the time which is an
> engine exploit which has been added into many hacks lately. It's also
> used for various no spread/low spread hacks.
>
> The detections get printed to a log called TriggerBotDetections.log in
> tf/ (and are also sent to me) on EVERY MAP change or when all players
> have disconnected from the server. It’s important to note this
> otherwise you could loose all the detections (especially if your
> server automatically restarts every night). There is a simple reason
> for this: writing in a file while you play can cause lags, especially
> if someone is getting detected a lot.
>
> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>
> --
> Best regards,
> AnAkIn
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-12 Thread daniel jokiaho
But does the plugin ban or log?
On 12 Apr 2012 11:57, "ics"  wrote:

> It should be just that as sourcebans is plugin under sourcemod.
>
> -ics
>
> - Alkuperäinen viesti -
> > Only the prediction hack detections and anti speedhack exploit could
> > be banned for. What do you mean with sourcebans compatibility? Is it
> > just sending a sm_ban command into the server console?
> >
> > Le 12 avril 2012 10:31, Thomas K  a écrit :
> > > Can you make compatible with sourcebans from sourcemod?!
> > >
> > > Am 12.04.2012 um 10:13 schrieb "AnAkIn ." :
> > >
> > > > What kind of issues? There might be 1-2 small bugs that will be fixed
> > > > in the next update AFAIK, but the main detections work fine.
> > > >
> > > > Le 12 avril 2012 04:22, daniel jokiaho  a
> > > > écrit :
> > > > > Any issues with dblocker?
> > > > > On 11 Apr 2012 19:49, "AnAkIn ."  wrote:
> > > > >
> > > > > > No, I don't think it will, I have not tested though.
> > > > > >
> > > > > > Le 11 avril 2012 19:46, Andrew DeMerse  a
> > > > > > écrit :
> > > > > > > I'll check it out, and let you know if I see anything weird.
> > > > > > >
> > > > > > > I assume this shouldn't conflict with SMAC?
> > > > > > >
> > > > > > > On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .
> > > > > > >  wrote:
> > > > > > >
> > > > > > > > No, I just posted that on a competitive forum so far.
> > > > > > > >
> > > > > > > > Le 11 avril 2012 19:36, Oskar Levin 
> > > > > > > > a écrit :
> > > > > > > > > Ah, I see! Seems like a good plugin though :)
> > > > > > > > >
> > > > > > > > > Best regards
> > > > > > > > > Oskar Levin
> > > > > > > > > os...@dataviruset.com
> > > > > > > > >
> > > > > > > > > -Ursprungligt meddelande-
> > > > > > > > > Från: hlds_linux-boun...@list.valvesoftware.com
> > > > > > > > > [mailto:hlds_linux-boun...@list.valvesoftware.com] För
> > > > > > > > > AnAkIn . Skickat: den 11 april 2012 19:34
> > > > > > > > > Till: Half-Life dedicated Linux server mailing list
> > > > > > > > > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit
> > > > > > > > > hack/No spread) detection plugin
> > > > > > > > >
> > > > > > > > > It doesn't send a mail, it's sent through HTTP.
> > > > > > > > >
> > > > > > > > > Le 11 avril 2012 19:31, Oskar Levin
> > > > > > > > >  a écrit :
> > > > > > > > > > It would be nice if one could decide if it should be
> > > > > > > > > > sent to somebody else or at all ;) By the way, how does
> > > > > > > > > > it send mail? Connecting through port 25 seems a bit
> > > > > > > > > > lazy as ISPs block that nowadays...
> > > > > > > > > >
> > > > > > > > > > Best regards
> > > > > > > > > > Oskar Levin
> > > > > > > > > > os...@dataviruset.com
> > > > > > > > > >
> > > > > > > > > > -Ursprungligt meddelande-
> > > > > > > > > > Från: hlds_linux-boun...@list.valvesoftware.com
> > > > > > > > > > [mailto:hlds_linux-boun...@list.valvesoftware.com] För
> > > > > > > > > > AnAkIn . Skickat: den 11 april 2012 19:30
> > > > > > > > > > Till: Half-Life dedicated Linux server mailing list
> > > > > > > > > > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit
> > > > > > > > > > hack/No
> > > > > > spread)
> > > > > > > > > > detection plugin
> > > > > > > > > >
> > > > > > > > > > Yes, it was originally made for league purposes. I could
> > > > > > > > > > add a cvar
> > &g

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-12 Thread ics
It should be just that as sourcebans is plugin under sourcemod.

-ics

- Alkuperäinen viesti -
> Only the prediction hack detections and anti speedhack exploit could
> be banned for. What do you mean with sourcebans compatibility? Is it
> just sending a sm_ban command into the server console?
> 
> Le 12 avril 2012 10:31, Thomas K  a écrit :
> > Can you make compatible with sourcebans from sourcemod?!
> > 
> > Am 12.04.2012 um 10:13 schrieb "AnAkIn ." :
> > 
> > > What kind of issues? There might be 1-2 small bugs that will be fixed
> > > in the next update AFAIK, but the main detections work fine.
> > > 
> > > Le 12 avril 2012 04:22, daniel jokiaho  a
> > > écrit :
> > > > Any issues with dblocker?
> > > > On 11 Apr 2012 19:49, "AnAkIn ."  wrote:
> > > > 
> > > > > No, I don't think it will, I have not tested though.
> > > > > 
> > > > > Le 11 avril 2012 19:46, Andrew DeMerse  a
> > > > > écrit :
> > > > > > I'll check it out, and let you know if I see anything weird.
> > > > > > 
> > > > > > I assume this shouldn't conflict with SMAC?
> > > > > > 
> > > > > > On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .
> > > > > >  wrote:
> > > > > > 
> > > > > > > No, I just posted that on a competitive forum so far.
> > > > > > > 
> > > > > > > Le 11 avril 2012 19:36, Oskar Levin 
> > > > > > > a écrit :
> > > > > > > > Ah, I see! Seems like a good plugin though :)
> > > > > > > > 
> > > > > > > > Best regards
> > > > > > > > Oskar Levin
> > > > > > > > os...@dataviruset.com
> > > > > > > > 
> > > > > > > > -Ursprungligt meddelande-
> > > > > > > > Från: hlds_linux-boun...@list.valvesoftware.com
> > > > > > > > [mailto:hlds_linux-boun...@list.valvesoftware.com] För
> > > > > > > > AnAkIn . Skickat: den 11 april 2012 19:34
> > > > > > > > Till: Half-Life dedicated Linux server mailing list
> > > > > > > > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit
> > > > > > > > hack/No spread) detection plugin
> > > > > > > > 
> > > > > > > > It doesn't send a mail, it's sent through HTTP.
> > > > > > > > 
> > > > > > > > Le 11 avril 2012 19:31, Oskar Levin
> > > > > > > >  a écrit :
> > > > > > > > > It would be nice if one could decide if it should be
> > > > > > > > > sent to somebody else or at all ;) By the way, how does
> > > > > > > > > it send mail? Connecting through port 25 seems a bit
> > > > > > > > > lazy as ISPs block that nowadays...
> > > > > > > > > 
> > > > > > > > > Best regards
> > > > > > > > > Oskar Levin
> > > > > > > > > os...@dataviruset.com
> > > > > > > > > 
> > > > > > > > > -Ursprungligt meddelande-
> > > > > > > > > Från: hlds_linux-boun...@list.valvesoftware.com
> > > > > > > > > [mailto:hlds_linux-boun...@list.valvesoftware.com] För
> > > > > > > > > AnAkIn . Skickat: den 11 april 2012 19:30
> > > > > > > > > Till: Half-Life dedicated Linux server mailing list
> > > > > > > > > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit
> > > > > > > > > hack/No
> > > > > spread)
> > > > > > > > > detection plugin
> > > > > > > > > 
> > > > > > > > > Yes, it was originally made for league purposes. I could
> > > > > > > > > add a cvar
> > > > > to
> > > > > > > > > disable that though.
> > > > > > > > > 
> > > > > > > > > Le 11 avril 2012 19:28, Oskar Levin
> > > > > > > > >  a écrit
> > > > > :
> > > > > > > > > > Wait what? Is the log file sent to you automatically?
> > > > > > >

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-12 Thread AnAkIn .
Only the prediction hack detections and anti speedhack exploit could
be banned for. What do you mean with sourcebans compatibility? Is it
just sending a sm_ban command into the server console?

Le 12 avril 2012 10:31, Thomas K  a écrit :
> Can you make compatible with sourcebans from sourcemod?!
>
> Am 12.04.2012 um 10:13 schrieb "AnAkIn ." :
>
>> What kind of issues? There might be 1-2 small bugs that will be fixed
>> in the next update AFAIK, but the main detections work fine.
>>
>> Le 12 avril 2012 04:22, daniel jokiaho  a écrit :
>>> Any issues with dblocker?
>>> On 11 Apr 2012 19:49, "AnAkIn ."  wrote:
>>>
>>>> No, I don't think it will, I have not tested though.
>>>>
>>>> Le 11 avril 2012 19:46, Andrew DeMerse  a écrit :
>>>>> I'll check it out, and let you know if I see anything weird.
>>>>>
>>>>> I assume this shouldn't conflict with SMAC?
>>>>>
>>>>> On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .  wrote:
>>>>>
>>>>>> No, I just posted that on a competitive forum so far.
>>>>>>
>>>>>> Le 11 avril 2012 19:36, Oskar Levin  a écrit :
>>>>>>> Ah, I see! Seems like a good plugin though :)
>>>>>>>
>>>>>>> Best regards
>>>>>>> Oskar Levin
>>>>>>> os...@dataviruset.com
>>>>>>>
>>>>>>> -Ursprungligt meddelande-
>>>>>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>>>>>> Skickat: den 11 april 2012 19:34
>>>>>>> Till: Half-Life dedicated Linux server mailing list
>>>>>>> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>>>>>> detection plugin
>>>>>>>
>>>>>>> It doesn't send a mail, it's sent through HTTP.
>>>>>>>
>>>>>>> Le 11 avril 2012 19:31, Oskar Levin  a écrit :
>>>>>>>> It would be nice if one could decide if it should be sent to somebody
>>>>>>>> else or at all ;) By the way, how does it send mail? Connecting
>>>>>>>> through port 25 seems a bit lazy as ISPs block that nowadays...
>>>>>>>>
>>>>>>>> Best regards
>>>>>>>> Oskar Levin
>>>>>>>> os...@dataviruset.com
>>>>>>>>
>>>>>>>> -Ursprungligt meddelande-
>>>>>>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>>>>>>> Skickat: den 11 april 2012 19:30
>>>>>>>> Till: Half-Life dedicated Linux server mailing list
>>>>>>>> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
>>>> spread)
>>>>>>>> detection plugin
>>>>>>>>
>>>>>>>> Yes, it was originally made for league purposes. I could add a cvar
>>>> to
>>>>>>>> disable that though.
>>>>>>>>
>>>>>>>> Le 11 avril 2012 19:28, Oskar Levin  a écrit
>>>> :
>>>>>>>>> Wait what? Is the log file sent to you automatically?
>>>>>>>>>
>>>>>>>>> Best regards
>>>>>>>>> Oskar Levin
>>>>>>>>> os...@dataviruset.com
>>>>>>>>>
>>>>>>>>> -Ursprungligt meddelande-
>>>>>>>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>>>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>>>>>>>> Skickat: den 11 april 2012 19:23
>>>>>>>>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
>>>>>>>>> dedicated Linux server mailing list
>>>>>>>>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>>>>>>>> detection plugin
>>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> As Valve is too lazy to do anything about hacks, I started working
>>>>>>>>> back 

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-12 Thread Thomas K
Can you make compatible with sourcebans from sourcemod?!

Am 12.04.2012 um 10:13 schrieb "AnAkIn ." :

> What kind of issues? There might be 1-2 small bugs that will be fixed
> in the next update AFAIK, but the main detections work fine.
> 
> Le 12 avril 2012 04:22, daniel jokiaho  a écrit :
>> Any issues with dblocker?
>> On 11 Apr 2012 19:49, "AnAkIn ."  wrote:
>> 
>>> No, I don't think it will, I have not tested though.
>>> 
>>> Le 11 avril 2012 19:46, Andrew DeMerse  a écrit :
>>>> I'll check it out, and let you know if I see anything weird.
>>>> 
>>>> I assume this shouldn't conflict with SMAC?
>>>> 
>>>> On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .  wrote:
>>>> 
>>>>> No, I just posted that on a competitive forum so far.
>>>>> 
>>>>> Le 11 avril 2012 19:36, Oskar Levin  a écrit :
>>>>>> Ah, I see! Seems like a good plugin though :)
>>>>>> 
>>>>>> Best regards
>>>>>> Oskar Levin
>>>>>> os...@dataviruset.com
>>>>>> 
>>>>>> -Ursprungligt meddelande-
>>>>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>>>>> Skickat: den 11 april 2012 19:34
>>>>>> Till: Half-Life dedicated Linux server mailing list
>>>>>> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>>>>> detection plugin
>>>>>> 
>>>>>> It doesn't send a mail, it's sent through HTTP.
>>>>>> 
>>>>>> Le 11 avril 2012 19:31, Oskar Levin  a écrit :
>>>>>>> It would be nice if one could decide if it should be sent to somebody
>>>>>>> else or at all ;) By the way, how does it send mail? Connecting
>>>>>>> through port 25 seems a bit lazy as ISPs block that nowadays...
>>>>>>> 
>>>>>>> Best regards
>>>>>>> Oskar Levin
>>>>>>> os...@dataviruset.com
>>>>>>> 
>>>>>>> -Ursprungligt meddelande-
>>>>>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>>>>>> Skickat: den 11 april 2012 19:30
>>>>>>> Till: Half-Life dedicated Linux server mailing list
>>>>>>> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
>>> spread)
>>>>>>> detection plugin
>>>>>>> 
>>>>>>> Yes, it was originally made for league purposes. I could add a cvar
>>> to
>>>>>>> disable that though.
>>>>>>> 
>>>>>>> Le 11 avril 2012 19:28, Oskar Levin  a écrit
>>> :
>>>>>>>> Wait what? Is the log file sent to you automatically?
>>>>>>>> 
>>>>>>>> Best regards
>>>>>>>> Oskar Levin
>>>>>>>> os...@dataviruset.com
>>>>>>>> 
>>>>>>>> -Ursprungligt meddelande-
>>>>>>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>>>>>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>>>>>>> Skickat: den 11 april 2012 19:23
>>>>>>>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
>>>>>>>> dedicated Linux server mailing list
>>>>>>>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>>>>>>> detection plugin
>>>>>>>> 
>>>>>>>> Hi,
>>>>>>>> 
>>>>>>>> As Valve is too lazy to do anything about hacks, I started working
>>>>>>>> back in January on a plugin that can detect:
>>>>>>>> - POTENTIAL triggerbotters
>>>>>>>> - Prediction hacks (crit hacks/no spread hacks)
>>>>>>>> - An anti-speedhack bypass exploit
>>>>>>>> 
>>>>>>>> Triggerbots:
>>>>>>>> To make it clear as some people I gave it to didn’t understand, the
>>>>>>>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>>&g

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-12 Thread AnAkIn .
What kind of issues? There might be 1-2 small bugs that will be fixed
in the next update AFAIK, but the main detections work fine.

Le 12 avril 2012 04:22, daniel jokiaho  a écrit :
> Any issues with dblocker?
> On 11 Apr 2012 19:49, "AnAkIn ."  wrote:
>
>> No, I don't think it will, I have not tested though.
>>
>> Le 11 avril 2012 19:46, Andrew DeMerse  a écrit :
>> > I'll check it out, and let you know if I see anything weird.
>> >
>> > I assume this shouldn't conflict with SMAC?
>> >
>> > On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .  wrote:
>> >
>> >> No, I just posted that on a competitive forum so far.
>> >>
>> >> Le 11 avril 2012 19:36, Oskar Levin  a écrit :
>> >> > Ah, I see! Seems like a good plugin though :)
>> >> >
>> >> > Best regards
>> >> > Oskar Levin
>> >> > os...@dataviruset.com
>> >> >
>> >> > -Ursprungligt meddelande-
>> >> > Från: hlds_linux-boun...@list.valvesoftware.com
>> >> > [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> >> > Skickat: den 11 april 2012 19:34
>> >> > Till: Half-Life dedicated Linux server mailing list
>> >> > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> >> > detection plugin
>> >> >
>> >> > It doesn't send a mail, it's sent through HTTP.
>> >> >
>> >> > Le 11 avril 2012 19:31, Oskar Levin  a écrit :
>> >> >> It would be nice if one could decide if it should be sent to somebody
>> >> >> else or at all ;) By the way, how does it send mail? Connecting
>> >> >> through port 25 seems a bit lazy as ISPs block that nowadays...
>> >> >>
>> >> >> Best regards
>> >> >> Oskar Levin
>> >> >> os...@dataviruset.com
>> >> >>
>> >> >> -Ursprungligt meddelande-
>> >> >> Från: hlds_linux-boun...@list.valvesoftware.com
>> >> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> >> >> Skickat: den 11 april 2012 19:30
>> >> >> Till: Half-Life dedicated Linux server mailing list
>> >> >> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
>> spread)
>> >> >> detection plugin
>> >> >>
>> >> >> Yes, it was originally made for league purposes. I could add a cvar
>> to
>> >> >> disable that though.
>> >> >>
>> >> >> Le 11 avril 2012 19:28, Oskar Levin  a écrit
>> :
>> >> >>> Wait what? Is the log file sent to you automatically?
>> >> >>>
>> >> >>> Best regards
>> >> >>> Oskar Levin
>> >> >>> os...@dataviruset.com
>> >> >>>
>> >> >>> -Ursprungligt meddelande-
>> >> >>> Från: hlds_linux-boun...@list.valvesoftware.com
>> >> >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> >> >>> Skickat: den 11 april 2012 19:23
>> >> >>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
>> >> >>> dedicated Linux server mailing list
>> >> >>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> >> >>> detection plugin
>> >> >>>
>> >> >>> Hi,
>> >> >>>
>> >> >>> As Valve is too lazy to do anything about hacks, I started working
>> >> >>> back in January on a plugin that can detect:
>> >> >>> - POTENTIAL triggerbotters
>> >> >>> - Prediction hacks (crit hacks/no spread hacks)
>> >> >>> - An anti-speedhack bypass exploit
>> >> >>>
>> >> >>> Triggerbots:
>> >> >>> To make it clear as some people I gave it to didn’t understand, the
>> >> >>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>> >> >>> then the cheat coders will bypass it in no time), so it’s not
>> because
>> >> >>> someone got detected that he is surely cheating. It’s just a tool to
>> >> >>> help you find people that can potentially cheat and you can just
>> >> >>> check 

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread daniel jokiaho
Any issues with dblocker?
On 11 Apr 2012 19:49, "AnAkIn ."  wrote:

> No, I don't think it will, I have not tested though.
>
> Le 11 avril 2012 19:46, Andrew DeMerse  a écrit :
> > I'll check it out, and let you know if I see anything weird.
> >
> > I assume this shouldn't conflict with SMAC?
> >
> > On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .  wrote:
> >
> >> No, I just posted that on a competitive forum so far.
> >>
> >> Le 11 avril 2012 19:36, Oskar Levin  a écrit :
> >> > Ah, I see! Seems like a good plugin though :)
> >> >
> >> > Best regards
> >> > Oskar Levin
> >> > os...@dataviruset.com
> >> >
> >> > -Ursprungligt meddelande-
> >> > Från: hlds_linux-boun...@list.valvesoftware.com
> >> > [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> >> > Skickat: den 11 april 2012 19:34
> >> > Till: Half-Life dedicated Linux server mailing list
> >> > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> >> > detection plugin
> >> >
> >> > It doesn't send a mail, it's sent through HTTP.
> >> >
> >> > Le 11 avril 2012 19:31, Oskar Levin  a écrit :
> >> >> It would be nice if one could decide if it should be sent to somebody
> >> >> else or at all ;) By the way, how does it send mail? Connecting
> >> >> through port 25 seems a bit lazy as ISPs block that nowadays...
> >> >>
> >> >> Best regards
> >> >> Oskar Levin
> >> >> os...@dataviruset.com
> >> >>
> >> >> -Ursprungligt meddelande-
> >> >> Från: hlds_linux-boun...@list.valvesoftware.com
> >> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> >> >> Skickat: den 11 april 2012 19:30
> >> >> Till: Half-Life dedicated Linux server mailing list
> >> >> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No
> spread)
> >> >> detection plugin
> >> >>
> >> >> Yes, it was originally made for league purposes. I could add a cvar
> to
> >> >> disable that though.
> >> >>
> >> >> Le 11 avril 2012 19:28, Oskar Levin  a écrit
> :
> >> >>> Wait what? Is the log file sent to you automatically?
> >> >>>
> >> >>> Best regards
> >> >>> Oskar Levin
> >> >>> os...@dataviruset.com
> >> >>>
> >> >>> -Ursprungligt meddelande-
> >> >>> Från: hlds_linux-boun...@list.valvesoftware.com
> >> >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> >> >>> Skickat: den 11 april 2012 19:23
> >> >>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
> >> >>> dedicated Linux server mailing list
> >> >>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> >> >>> detection plugin
> >> >>>
> >> >>> Hi,
> >> >>>
> >> >>> As Valve is too lazy to do anything about hacks, I started working
> >> >>> back in January on a plugin that can detect:
> >> >>> - POTENTIAL triggerbotters
> >> >>> - Prediction hacks (crit hacks/no spread hacks)
> >> >>> - An anti-speedhack bypass exploit
> >> >>>
> >> >>> Triggerbots:
> >> >>> To make it clear as some people I gave it to didn’t understand, the
> >> >>> detection is kind of “heuristic” (I won’t explain in detail, if I do
> >> >>> then the cheat coders will bypass it in no time), so it’s not
> because
> >> >>> someone got detected that he is surely cheating. It’s just a tool to
> >> >>> help you find people that can potentially cheat and you can just
> >> >>> check the STV demos then to confirm that they cheat or not.
> >> >>>
> >> >>> The most detections for a single person in the less timespan you
> will
> >> >>> find in the log, the more likely he is using a triggerbot.
> >> >>>
> >> >>> Prediction hacks:
> >> >>> I guess this is what will interest most people on this list, it
> >> >>> detects the crit hacks that does 100% crits all the time which is an
> >

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread AnAkIn .
No, I don't think it will, I have not tested though.

Le 11 avril 2012 19:46, Andrew DeMerse  a écrit :
> I'll check it out, and let you know if I see anything weird.
>
> I assume this shouldn't conflict with SMAC?
>
> On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .  wrote:
>
>> No, I just posted that on a competitive forum so far.
>>
>> Le 11 avril 2012 19:36, Oskar Levin  a écrit :
>> > Ah, I see! Seems like a good plugin though :)
>> >
>> > Best regards
>> > Oskar Levin
>> > os...@dataviruset.com
>> >
>> > -Ursprungligt meddelande-
>> > Från: hlds_linux-boun...@list.valvesoftware.com
>> > [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> > Skickat: den 11 april 2012 19:34
>> > Till: Half-Life dedicated Linux server mailing list
>> > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> > detection plugin
>> >
>> > It doesn't send a mail, it's sent through HTTP.
>> >
>> > Le 11 avril 2012 19:31, Oskar Levin  a écrit :
>> >> It would be nice if one could decide if it should be sent to somebody
>> >> else or at all ;) By the way, how does it send mail? Connecting
>> >> through port 25 seems a bit lazy as ISPs block that nowadays...
>> >>
>> >> Best regards
>> >> Oskar Levin
>> >> os...@dataviruset.com
>> >>
>> >> -----Ursprungligt meddelande-
>> >> Från: hlds_linux-boun...@list.valvesoftware.com
>> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> >> Skickat: den 11 april 2012 19:30
>> >> Till: Half-Life dedicated Linux server mailing list
>> >> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> >> detection plugin
>> >>
>> >> Yes, it was originally made for league purposes. I could add a cvar to
>> >> disable that though.
>> >>
>> >> Le 11 avril 2012 19:28, Oskar Levin  a écrit :
>> >>> Wait what? Is the log file sent to you automatically?
>> >>>
>> >>> Best regards
>> >>> Oskar Levin
>> >>> os...@dataviruset.com
>> >>>
>> >>> -Ursprungligt meddelande-
>> >>> Från: hlds_linux-boun...@list.valvesoftware.com
>> >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> >>> Skickat: den 11 april 2012 19:23
>> >>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
>> >>> dedicated Linux server mailing list
>> >>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> >>> detection plugin
>> >>>
>> >>> Hi,
>> >>>
>> >>> As Valve is too lazy to do anything about hacks, I started working
>> >>> back in January on a plugin that can detect:
>> >>> - POTENTIAL triggerbotters
>> >>> - Prediction hacks (crit hacks/no spread hacks)
>> >>> - An anti-speedhack bypass exploit
>> >>>
>> >>> Triggerbots:
>> >>> To make it clear as some people I gave it to didn’t understand, the
>> >>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>> >>> then the cheat coders will bypass it in no time), so it’s not because
>> >>> someone got detected that he is surely cheating. It’s just a tool to
>> >>> help you find people that can potentially cheat and you can just
>> >>> check the STV demos then to confirm that they cheat or not.
>> >>>
>> >>> The most detections for a single person in the less timespan you will
>> >>> find in the log, the more likely he is using a triggerbot.
>> >>>
>> >>> Prediction hacks:
>> >>> I guess this is what will interest most people on this list, it
>> >>> detects the crit hacks that does 100% crits all the time which is an
>> >>> engine exploit which has been added into many hacks lately. It's also
>> >>> used for various no spread/low spread hacks.
>> >>>
>> >>> The detections get printed to a log called TriggerBotDetections.log
>> >>> in tf/ (and are also sent to me) on EVERY MAP change or when all
>> >>> players have disconnected from the server. It’s important to note
>> >>> this otherwise you could loose all the detections (espec

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread Andrew DeMerse
I'll check it out, and let you know if I see anything weird.

I assume this shouldn't conflict with SMAC?

On Wed, Apr 11, 2012 at 1:37 PM, AnAkIn .  wrote:

> No, I just posted that on a competitive forum so far.
>
> Le 11 avril 2012 19:36, Oskar Levin  a écrit :
> > Ah, I see! Seems like a good plugin though :)
> >
> > Best regards
> > Oskar Levin
> > os...@dataviruset.com
> >
> > -Ursprungligt meddelande-
> > Från: hlds_linux-boun...@list.valvesoftware.com
> > [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> > Skickat: den 11 april 2012 19:34
> > Till: Half-Life dedicated Linux server mailing list
> > Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> > detection plugin
> >
> > It doesn't send a mail, it's sent through HTTP.
> >
> > Le 11 avril 2012 19:31, Oskar Levin  a écrit :
> >> It would be nice if one could decide if it should be sent to somebody
> >> else or at all ;) By the way, how does it send mail? Connecting
> >> through port 25 seems a bit lazy as ISPs block that nowadays...
> >>
> >> Best regards
> >> Oskar Levin
> >> os...@dataviruset.com
> >>
> >> -Ursprungligt meddelande-
> >> Från: hlds_linux-boun...@list.valvesoftware.com
> >> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> >> Skickat: den 11 april 2012 19:30
> >> Till: Half-Life dedicated Linux server mailing list
> >> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> >> detection plugin
> >>
> >> Yes, it was originally made for league purposes. I could add a cvar to
> >> disable that though.
> >>
> >> Le 11 avril 2012 19:28, Oskar Levin  a écrit :
> >>> Wait what? Is the log file sent to you automatically?
> >>>
> >>> Best regards
> >>> Oskar Levin
> >>> os...@dataviruset.com
> >>>
> >>> -----Ursprungligt meddelande-
> >>> Från: hlds_linux-boun...@list.valvesoftware.com
> >>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> >>> Skickat: den 11 april 2012 19:23
> >>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
> >>> dedicated Linux server mailing list
> >>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> >>> detection plugin
> >>>
> >>> Hi,
> >>>
> >>> As Valve is too lazy to do anything about hacks, I started working
> >>> back in January on a plugin that can detect:
> >>> - POTENTIAL triggerbotters
> >>> - Prediction hacks (crit hacks/no spread hacks)
> >>> - An anti-speedhack bypass exploit
> >>>
> >>> Triggerbots:
> >>> To make it clear as some people I gave it to didn’t understand, the
> >>> detection is kind of “heuristic” (I won’t explain in detail, if I do
> >>> then the cheat coders will bypass it in no time), so it’s not because
> >>> someone got detected that he is surely cheating. It’s just a tool to
> >>> help you find people that can potentially cheat and you can just
> >>> check the STV demos then to confirm that they cheat or not.
> >>>
> >>> The most detections for a single person in the less timespan you will
> >>> find in the log, the more likely he is using a triggerbot.
> >>>
> >>> Prediction hacks:
> >>> I guess this is what will interest most people on this list, it
> >>> detects the crit hacks that does 100% crits all the time which is an
> >>> engine exploit which has been added into many hacks lately. It's also
> >>> used for various no spread/low spread hacks.
> >>>
> >>> The detections get printed to a log called TriggerBotDetections.log
> >>> in tf/ (and are also sent to me) on EVERY MAP change or when all
> >>> players have disconnected from the server. It’s important to note
> >>> this otherwise you could loose all the detections (especially if your
> >>> server automatically restarts every night). There is a simple reason
> >>> for this: writing in a file while you play can cause lags, especially
> >>> if someone is getting detected a lot.
> >>>
> >>> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
> >>>
> >>> --
> >>> Best regards,
> >>> AnAkIn
> >>>
> >

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread AnAkIn .
No, I just posted that on a competitive forum so far.

Le 11 avril 2012 19:36, Oskar Levin  a écrit :
> Ah, I see! Seems like a good plugin though :)
>
> Best regards
> Oskar Levin
> os...@dataviruset.com
>
> -Ursprungligt meddelande-
> Från: hlds_linux-boun...@list.valvesoftware.com
> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> Skickat: den 11 april 2012 19:34
> Till: Half-Life dedicated Linux server mailing list
> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> detection plugin
>
> It doesn't send a mail, it's sent through HTTP.
>
> Le 11 avril 2012 19:31, Oskar Levin  a écrit :
>> It would be nice if one could decide if it should be sent to somebody
>> else or at all ;) By the way, how does it send mail? Connecting
>> through port 25 seems a bit lazy as ISPs block that nowadays...
>>
>> Best regards
>> Oskar Levin
>> os...@dataviruset.com
>>
>> -Ursprungligt meddelande-
>> Från: hlds_linux-boun...@list.valvesoftware.com
>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> Skickat: den 11 april 2012 19:30
>> Till: Half-Life dedicated Linux server mailing list
>> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> detection plugin
>>
>> Yes, it was originally made for league purposes. I could add a cvar to
>> disable that though.
>>
>> Le 11 avril 2012 19:28, Oskar Levin  a écrit :
>>> Wait what? Is the log file sent to you automatically?
>>>
>>> Best regards
>>> Oskar Levin
>>> os...@dataviruset.com
>>>
>>> -Ursprungligt meddelande-
>>> Från: hlds_linux-boun...@list.valvesoftware.com
>>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>>> Skickat: den 11 april 2012 19:23
>>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
>>> dedicated Linux server mailing list
>>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>>> detection plugin
>>>
>>> Hi,
>>>
>>> As Valve is too lazy to do anything about hacks, I started working
>>> back in January on a plugin that can detect:
>>> - POTENTIAL triggerbotters
>>> - Prediction hacks (crit hacks/no spread hacks)
>>> - An anti-speedhack bypass exploit
>>>
>>> Triggerbots:
>>> To make it clear as some people I gave it to didn’t understand, the
>>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>>> then the cheat coders will bypass it in no time), so it’s not because
>>> someone got detected that he is surely cheating. It’s just a tool to
>>> help you find people that can potentially cheat and you can just
>>> check the STV demos then to confirm that they cheat or not.
>>>
>>> The most detections for a single person in the less timespan you will
>>> find in the log, the more likely he is using a triggerbot.
>>>
>>> Prediction hacks:
>>> I guess this is what will interest most people on this list, it
>>> detects the crit hacks that does 100% crits all the time which is an
>>> engine exploit which has been added into many hacks lately. It's also
>>> used for various no spread/low spread hacks.
>>>
>>> The detections get printed to a log called TriggerBotDetections.log
>>> in tf/ (and are also sent to me) on EVERY MAP change or when all
>>> players have disconnected from the server. It’s important to note
>>> this otherwise you could loose all the detections (especially if your
>>> server automatically restarts every night). There is a simple reason
>>> for this: writing in a file while you play can cause lags, especially
>>> if someone is getting detected a lot.
>>>
>>> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>>>
>>> --
>>> Best regards,
>>> AnAkIn
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list
>>> archives, please visit:
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>>
>>>
>>> ___
>>> To unsubscribe, edit your list preferences, or view the list
>>> archives,
>> please visit:
>>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>>
>>
>> --
>> Best regards,
>> AnAkIn
>>
>> 

Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread Oskar Levin
Ah, I see! Seems like a good plugin though :)

Best regards
Oskar Levin
os...@dataviruset.com

-Ursprungligt meddelande-
Från: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
Skickat: den 11 april 2012 19:34
Till: Half-Life dedicated Linux server mailing list
Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
detection plugin

It doesn't send a mail, it's sent through HTTP.

Le 11 avril 2012 19:31, Oskar Levin  a écrit :
> It would be nice if one could decide if it should be sent to somebody 
> else or at all ;) By the way, how does it send mail? Connecting 
> through port 25 seems a bit lazy as ISPs block that nowadays...
>
> Best regards
> Oskar Levin
> os...@dataviruset.com
>
> -Ursprungligt meddelande-
> Från: hlds_linux-boun...@list.valvesoftware.com
> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> Skickat: den 11 april 2012 19:30
> Till: Half-Life dedicated Linux server mailing list
> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
> detection plugin
>
> Yes, it was originally made for league purposes. I could add a cvar to 
> disable that though.
>
> Le 11 avril 2012 19:28, Oskar Levin  a écrit :
>> Wait what? Is the log file sent to you automatically?
>>
>> Best regards
>> Oskar Levin
>> os...@dataviruset.com
>>
>> -Ursprungligt meddelande-
>> Från: hlds_linux-boun...@list.valvesoftware.com
>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> Skickat: den 11 april 2012 19:23
>> Till: Half-Life dedicated Win32 server mailing list; Half-Life 
>> dedicated Linux server mailing list
>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
>> detection plugin
>>
>> Hi,
>>
>> As Valve is too lazy to do anything about hacks, I started working 
>> back in January on a plugin that can detect:
>> - POTENTIAL triggerbotters
>> - Prediction hacks (crit hacks/no spread hacks)
>> - An anti-speedhack bypass exploit
>>
>> Triggerbots:
>> To make it clear as some people I gave it to didn’t understand, the 
>> detection is kind of “heuristic” (I won’t explain in detail, if I do 
>> then the cheat coders will bypass it in no time), so it’s not because 
>> someone got detected that he is surely cheating. It’s just a tool to 
>> help you find people that can potentially cheat and you can just 
>> check the STV demos then to confirm that they cheat or not.
>>
>> The most detections for a single person in the less timespan you will 
>> find in the log, the more likely he is using a triggerbot.
>>
>> Prediction hacks:
>> I guess this is what will interest most people on this list, it 
>> detects the crit hacks that does 100% crits all the time which is an 
>> engine exploit which has been added into many hacks lately. It's also 
>> used for various no spread/low spread hacks.
>>
>> The detections get printed to a log called TriggerBotDetections.log 
>> in tf/ (and are also sent to me) on EVERY MAP change or when all 
>> players have disconnected from the server. It’s important to note 
>> this otherwise you could loose all the detections (especially if your 
>> server automatically restarts every night). There is a simple reason 
>> for this: writing in a file while you play can cause lags, especially 
>> if someone is getting detected a lot.
>>
>> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>>
>> --
>> Best regards,
>> AnAkIn
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list 
>> archives, please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list 
>> archives,
> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
>
> --
> Best regards,
> AnAkIn
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, 
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread AnAkIn .
It doesn't send a mail, it's sent through HTTP.

Le 11 avril 2012 19:31, Oskar Levin  a écrit :
> It would be nice if one could decide if it should be sent to somebody else
> or at all ;)
> By the way, how does it send mail? Connecting through port 25 seems a bit
> lazy as ISPs block that nowadays...
>
> Best regards
> Oskar Levin
> os...@dataviruset.com
>
> -Ursprungligt meddelande-
> Från: hlds_linux-boun...@list.valvesoftware.com
> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> Skickat: den 11 april 2012 19:30
> Till: Half-Life dedicated Linux server mailing list
> Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
> detection plugin
>
> Yes, it was originally made for league purposes. I could add a cvar to
> disable that though.
>
> Le 11 avril 2012 19:28, Oskar Levin  a écrit :
>> Wait what? Is the log file sent to you automatically?
>>
>> Best regards
>> Oskar Levin
>> os...@dataviruset.com
>>
>> -Ursprungligt meddelande-
>> Från: hlds_linux-boun...@list.valvesoftware.com
>> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
>> Skickat: den 11 april 2012 19:23
>> Till: Half-Life dedicated Win32 server mailing list; Half-Life
>> dedicated Linux server mailing list
>> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
>> detection plugin
>>
>> Hi,
>>
>> As Valve is too lazy to do anything about hacks, I started working
>> back in January on a plugin that can detect:
>> - POTENTIAL triggerbotters
>> - Prediction hacks (crit hacks/no spread hacks)
>> - An anti-speedhack bypass exploit
>>
>> Triggerbots:
>> To make it clear as some people I gave it to didn’t understand, the
>> detection is kind of “heuristic” (I won’t explain in detail, if I do
>> then the cheat coders will bypass it in no time), so it’s not because
>> someone got detected that he is surely cheating. It’s just a tool to
>> help you find people that can potentially cheat and you can just check
>> the STV demos then to confirm that they cheat or not.
>>
>> The most detections for a single person in the less timespan you will
>> find in the log, the more likely he is using a triggerbot.
>>
>> Prediction hacks:
>> I guess this is what will interest most people on this list, it
>> detects the crit hacks that does 100% crits all the time which is an
>> engine exploit which has been added into many hacks lately. It's also
>> used for various no spread/low spread hacks.
>>
>> The detections get printed to a log called TriggerBotDetections.log in
>> tf/ (and are also sent to me) on EVERY MAP change or when all players
>> have disconnected from the server. It’s important to note this
>> otherwise you could loose all the detections (especially if your
>> server automatically restarts every night). There is a simple reason
>> for this: writing in a file while you play can cause lags, especially
>> if someone is getting detected a lot.
>>
>> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>>
>> --
>> Best regards,
>> AnAkIn
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
>> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>>
>>
>> ___
>> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
>> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
>
> --
> Best regards,
> AnAkIn
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



-- 
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread Oskar Levin
It would be nice if one could decide if it should be sent to somebody else
or at all ;)
By the way, how does it send mail? Connecting through port 25 seems a bit
lazy as ISPs block that nowadays...

Best regards
Oskar Levin
os...@dataviruset.com

-Ursprungligt meddelande-
Från: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
Skickat: den 11 april 2012 19:30
Till: Half-Life dedicated Linux server mailing list
Ämne: Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread)
detection plugin

Yes, it was originally made for league purposes. I could add a cvar to
disable that though.

Le 11 avril 2012 19:28, Oskar Levin  a écrit :
> Wait what? Is the log file sent to you automatically?
>
> Best regards
> Oskar Levin
> os...@dataviruset.com
>
> -Ursprungligt meddelande-
> Från: hlds_linux-boun...@list.valvesoftware.com
> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> Skickat: den 11 april 2012 19:23
> Till: Half-Life dedicated Win32 server mailing list; Half-Life 
> dedicated Linux server mailing list
> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) 
> detection plugin
>
> Hi,
>
> As Valve is too lazy to do anything about hacks, I started working 
> back in January on a plugin that can detect:
> - POTENTIAL triggerbotters
> - Prediction hacks (crit hacks/no spread hacks)
> - An anti-speedhack bypass exploit
>
> Triggerbots:
> To make it clear as some people I gave it to didn’t understand, the 
> detection is kind of “heuristic” (I won’t explain in detail, if I do 
> then the cheat coders will bypass it in no time), so it’s not because 
> someone got detected that he is surely cheating. It’s just a tool to 
> help you find people that can potentially cheat and you can just check 
> the STV demos then to confirm that they cheat or not.
>
> The most detections for a single person in the less timespan you will 
> find in the log, the more likely he is using a triggerbot.
>
> Prediction hacks:
> I guess this is what will interest most people on this list, it 
> detects the crit hacks that does 100% crits all the time which is an 
> engine exploit which has been added into many hacks lately. It's also 
> used for various no spread/low spread hacks.
>
> The detections get printed to a log called TriggerBotDetections.log in 
> tf/ (and are also sent to me) on EVERY MAP change or when all players 
> have disconnected from the server. It’s important to note this 
> otherwise you could loose all the detections (especially if your 
> server automatically restarts every night). There is a simple reason 
> for this: writing in a file while you play can cause lags, especially 
> if someone is getting detected a lot.
>
> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>
> --
> Best regards,
> AnAkIn
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, 
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread AnAkIn .
Yes, it was originally made for league purposes. I could add a cvar to
disable that though.

Le 11 avril 2012 19:28, Oskar Levin  a écrit :
> Wait what? Is the log file sent to you automatically?
>
> Best regards
> Oskar Levin
> os...@dataviruset.com
>
> -Ursprungligt meddelande-
> Från: hlds_linux-boun...@list.valvesoftware.com
> [mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
> Skickat: den 11 april 2012 19:23
> Till: Half-Life dedicated Win32 server mailing list; Half-Life dedicated
> Linux server mailing list
> Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection
> plugin
>
> Hi,
>
> As Valve is too lazy to do anything about hacks, I started working back in
> January on a plugin that can detect:
> - POTENTIAL triggerbotters
> - Prediction hacks (crit hacks/no spread hacks)
> - An anti-speedhack bypass exploit
>
> Triggerbots:
> To make it clear as some people I gave it to didn’t understand, the
> detection is kind of “heuristic” (I won’t explain in detail, if I do then
> the cheat coders will bypass it in no time), so it’s not because someone got
> detected that he is surely cheating. It’s just a tool to help you find
> people that can potentially cheat and you can just check the STV demos then
> to confirm that they cheat or not.
>
> The most detections for a single person in the less timespan you will find
> in the log, the more likely he is using a triggerbot.
>
> Prediction hacks:
> I guess this is what will interest most people on this list, it detects the
> crit hacks that does 100% crits all the time which is an engine exploit
> which has been added into many hacks lately. It's also used for various no
> spread/low spread hacks.
>
> The detections get printed to a log called TriggerBotDetections.log in tf/
> (and are also sent to me) on EVERY MAP change or when all players have
> disconnected from the server. It’s important to note this otherwise you
> could loose all the detections (especially if your server automatically
> restarts every night). There is a simple reason for this: writing in a file
> while you play can cause lags, especially if someone is getting detected a
> lot.
>
> Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip
>
> --
> Best regards,
> AnAkIn
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives,
> please visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
>
>
> ___
> To unsubscribe, edit your list preferences, or view the list archives, please 
> visit:
> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux



-- 
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


Re: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread Oskar Levin
Wait what? Is the log file sent to you automatically?

Best regards
Oskar Levin
os...@dataviruset.com

-Ursprungligt meddelande-
Från: hlds_linux-boun...@list.valvesoftware.com
[mailto:hlds_linux-boun...@list.valvesoftware.com] För AnAkIn .
Skickat: den 11 april 2012 19:23
Till: Half-Life dedicated Win32 server mailing list; Half-Life dedicated
Linux server mailing list
Ämne: [hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection
plugin

Hi,

As Valve is too lazy to do anything about hacks, I started working back in
January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do then
the cheat coders will bypass it in no time), so it’s not because someone got
detected that he is surely cheating. It’s just a tool to help you find
people that can potentially cheat and you can just check the STV demos then
to confirm that they cheat or not.

The most detections for a single person in the less timespan you will find
in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it detects the
crit hacks that does 100% crits all the time which is an engine exploit
which has been added into many hacks lately. It's also used for various no
spread/low spread hacks.

The detections get printed to a log called TriggerBotDetections.log in tf/
(and are also sent to me) on EVERY MAP change or when all players have
disconnected from the server. It’s important to note this otherwise you
could loose all the detections (especially if your server automatically
restarts every night). There is a simple reason for this: writing in a file
while you play can cause lags, especially if someone is getting detected a
lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

--
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux


[hlds_linux] TriggerBot/Prediction hack(Crit hack/No spread) detection plugin

2012-04-11 Thread AnAkIn .
Hi,

As Valve is too lazy to do anything about hacks, I started working
back in January on a plugin that can detect:
- POTENTIAL triggerbotters
- Prediction hacks (crit hacks/no spread hacks)
- An anti-speedhack bypass exploit

Triggerbots:
To make it clear as some people I gave it to didn’t understand, the
detection is kind of “heuristic” (I won’t explain in detail, if I do
then the cheat coders will bypass it in no time), so it’s not because
someone got detected that he is surely cheating. It’s just a tool to
help you find people that can potentially cheat and you can just check
the STV demos then to confirm that they cheat or not.

The most detections for a single person in the less timespan you will
find in the log, the more likely he is using a triggerbot.

Prediction hacks:
I guess this is what will interest most people on this list, it
detects the crit hacks that does 100% crits all the time which is an
engine exploit which has been added into many hacks lately. It's also
used for various no spread/low spread hacks.

The detections get printed to a log called TriggerBotDetections.log in
tf/ (and are also sent to me) on EVERY MAP change or when all players
have disconnected from the server. It’s important to note this
otherwise you could loose all the detections (especially if your
server automatically restarts every night). There is a simple reason
for this: writing in a file while you play can cause lags, especially
if someone is getting detected a lot.

Download: http://tftrue.redline-utilities.net/TriggerBotDetector.zip

-- 
Best regards,
AnAkIn

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux