Clark Posted May 1, 2017 Report Share Posted May 1, 2017 server is getting hacked every 5 mins and nothing is showing up in infinstar they come in game and tp all players and kill every one delete all bases can any one help Link to comment Share on other sites More sharing options...
salival Posted May 1, 2017 Report Share Posted May 1, 2017 I would be checking your are running your scripts.txt filters correctly. The infistar ones seem to not catch much compared to the epoch ones Clark 1 Link to comment Share on other sites More sharing options...
Clark Posted May 1, 2017 Author Report Share Posted May 1, 2017 we have not added any thing to the scripts filter so maybe thats why thank you Link to comment Share on other sites More sharing options...
Relentless Posted May 1, 2017 Report Share Posted May 1, 2017 In the infistar provided files the filters are almost useless. Clark 1 Link to comment Share on other sites More sharing options...
BigEgg Posted May 1, 2017 Report Share Posted May 1, 2017 Having good BattlEye filters is essential. Infistar doesn't really do much for antihack, it is more an admin tool now. Most of the stuff in it is useless. Use the Epoch scripts.txt, the devs put a nice selection of variables in it to filter. DieTanx and Clark 2 Link to comment Share on other sites More sharing options...
Clark Posted May 2, 2017 Author Report Share Posted May 2, 2017 we just got hacked again lol like the 6th time the day :( can you link me to get some good filters Link to comment Share on other sites More sharing options...
BigEgg Posted May 2, 2017 Report Share Posted May 2, 2017 3 minutes ago, Clark said: we just got hacked again lol like the 6th time the day :( can you link me to get some good filters In the default Epoch server files, open the BattlEye folder, then find the scripts.txt Link to comment Share on other sites More sharing options...
LunatikCH Posted May 2, 2017 Report Share Posted May 2, 2017 Having decent BE filters is essential, it will filter out like 90% of the script kids but then there are the realy strange ppl, who are able to do stuff like giving everyone speedhack, spawning in weapons which are set to 5 in addweaponcargo.txt, massteleport players, wipe all bases, writing as a fake "(Global Admin)" and all this without leaving a piece of a trace behind them. So having good battleye filters is nice but ppl are still able to do stuff without getting logged in them, kinda reminds me of this "bug" that should have been "fixed" in the betapatch: https://dev.withsix.com/issues/75896 Link to comment Share on other sites More sharing options...
Shak Posted May 2, 2017 Report Share Posted May 2, 2017 People are STILL cheating in this game? It's like 7 years old now lol. EditedSnowHD 1 Link to comment Share on other sites More sharing options...
Shawn Posted May 2, 2017 Report Share Posted May 2, 2017 @LunatikCH sums it up really, decent battleye filters will help with those that are coming straight from unknowncheats and other forums. Clark asked me to come on his teamspeak after all the bases on his server were getting deleted, and deletevehicle.log and publicvariable.log were getting spammed by the script kiddies. A good idea is to have one of those log scanners made in python, and have them instantly ban anyone that uses any blacklisted code. Also, if anyone uses infistar, be careful because it's really quite easy to hijack the RE that is used on the admin menu. Link to comment Share on other sites More sharing options...
Anhor Posted May 2, 2017 Report Share Posted May 2, 2017 Easy going. Database save every 24 hours. Let them hack ....... it´s anoying for a hacker too when his "work" dosen´t matter Link to comment Share on other sites More sharing options...
lwbuk Posted May 3, 2017 Report Share Posted May 3, 2017 24 hours? I had backups every 15 minutes and players still moaned like little girls when someone hacked and I had to roll back. LunatikCH 1 Link to comment Share on other sites More sharing options...
kingpapawawa Posted May 3, 2017 Report Share Posted May 3, 2017 yea i backup every 15 minutes too and they still cry. I had 2 rollbacks last night due to the same issue. TP everyone and blow up bases. Its easier to roll back then to try and fight the very confusing battleye configuration. personally i think of the hackers as North Korea. never know when they might do something shitty like delete all bases. Its a feature not a bug! just to compare notes, was it these idiots? 76561198385493429 (Steam ID, 17 hours ago) 882edfd4d0528954da2ecaee37c9f809 (BattlEye GUID, 17 hours ago) f8f11e760dbb4e2457207b7b6f70ecfd (BattlEye GUID, 16 hours ago) 76561198047135962 (Steam ID, 16 hours ago) e9c1b4fcf6ba68073a4f0a5aa943cd10 (BattlEye GUID, 12 hours ago) 76561198074925233 (Steam ID, 12 hours ago) 882edfd4d0528954da2ecaee37c9f809 (BattlEye GUID, 17 hours ago) 76561198385493429 (Steam ID, 17 hours ago) abd60ed9cc54f330817fab9412404fff (BattlEye GUID, 3 days ago) 76561198384250901 (Steam ID, 3 days ago) Link to comment Share on other sites More sharing options...
Shawn Posted May 3, 2017 Report Share Posted May 3, 2017 What I do is find public menu's that are around, such as this: https://pastebin.com/Ta6Jv5N2 And then filter for specific stuff in them. I set it to log instead of kick so i can get chunks of code that these guys use. Most of the guys that go around deleting all the bases on servers are using the same menu.. Clark 1 Link to comment Share on other sites More sharing options...
kingpapawawa Posted May 3, 2017 Report Share Posted May 3, 2017 8 minutes ago, Shawn said: What I do is find public menu's that are around, such as this: https://pastebin.com/Ta6Jv5N2 And then filter for specific stuff in them. I set it to log instead of kick so i can get chunks of code that these guys use. Most of the guys that go around deleting all the bases on servers are using the same menu.. someone will ask so might as well be me... how to block this? Link to comment Share on other sites More sharing options...
Shawn Posted May 3, 2017 Report Share Posted May 3, 2017 In scripts.txt, you can filter for stuff that is usually used in menu's. I recommend filtering for stuff like playableUnits, allUnits, FunctionsManager, addWeapon, execVM, etc. There are a lot more, just look through public menu's and find out what most of them use. To actually add it, what i do is add this into the scripts.txt for example 1 execVM And then let the server log all the legit code, so that i make make an exception for them. Then I use: http://137.74.172.109/BEF.php Which works by you pasting the log quote mark to quote mark, and it will create the exception which you can then paste onto the end of the line. Then when a script kiddie comes along, and tries to execute something that isn't in the exception, it logs like this: 02.05.2017 11:33:37: Negan (45.32.158.187:57668) 4c10e157b302cda8f11254fe13240df0 - #32 "[] execVM "Hashtag2\basewipe.sqf"; if (!isNil 'reRunCheck') then { endMission 'loser'; };" That was someone that deleted all the bases on my friends server, so go ahead and ban him, if you want of course. JasonTM 1 Link to comment Share on other sites More sharing options...
Relentless Posted May 3, 2017 Report Share Posted May 3, 2017 21 minutes ago, Shawn said: In scripts.txt, you can filter for stuff that is usually used in menu's. I recommend filtering for stuff like playableUnits, allUnits, FunctionsManager, addWeapon, execVM, etc. There are a lot more, just look through public menu's and find out what most of them use. To actually add it, what i do is add this into the scripts.txt for example 1 execVM And then let the server log all the legit code, so that i make make an exception for them. Then I use: http://137.74.172.109/BEF.php Which works by you pasting the log quote mark to quote mark, and it will create the exception which you can then paste onto the end of the line. Then when a script kiddie comes along, and tries to execute something that isn't in the exception, it logs like this: 02.05.2017 11:33:37: Negan (45.32.158.187:57668) 4c10e157b302cda8f11254fe13240df0 - #32 "[] execVM "Hashtag2\basewipe.sqf"; if (!isNil 'reRunCheck') then { endMission 'loser'; };" That was someone that deleted all the bases on my friends server, so go ahead and ban him, if you want of course. God damn it, you are a genius. Link to comment Share on other sites More sharing options...
Anhor Posted May 4, 2017 Report Share Posted May 4, 2017 Report GUID´s from Hackers here would be useful too .............. Link to comment Share on other sites More sharing options...
kingpapawawa Posted May 4, 2017 Report Share Posted May 4, 2017 4 hours ago, Anhor said: Report GUID´s from Hackers here would be useful too .............. Link to comment Share on other sites More sharing options...
friendlyfire Posted May 5, 2017 Report Share Posted May 5, 2017 On 5/4/2017 at 2:45 PM, kingpapawawa said: pretty pointless having a list of hackers seeing as a2 goes on sale and its quite cheap to get a copy from other websites. Link to comment Share on other sites More sharing options...
kingpapawawa Posted May 5, 2017 Report Share Posted May 5, 2017 7 minutes ago, friendlyfire said: pretty pointless having a list of hackers seeing as a2 goes on sale and its quite cheap to get a copy from other websites. if you report them on steam and they lose their account they lose access to a lot more than arma2 DieTanx and juandayz 2 Link to comment Share on other sites More sharing options...
juandayz Posted May 6, 2017 Report Share Posted May 6, 2017 @Clark also remember change the pass in BEserver.cfg RConPassword password123 MaxPing 450 if u left the default pass. anyone can join to your server using your ip/port with for example DaRT and kick/ban players Link to comment Share on other sites More sharing options...
DieTanx Posted May 7, 2017 Report Share Posted May 7, 2017 Does anybody have any filters they would be willing to share. For battle eye. Or any that I should add to help log check. Link to comment Share on other sites More sharing options...
BigEgg Posted May 7, 2017 Report Share Posted May 7, 2017 16 minutes ago, DieTanx said: Does anybody have any filters they would be willing to share. For battle eye. Or any that I should add to help log check. Figured I would go with the basics first: Get Battlemetrics Rcon.... I cannot stress this enough. Create a trigger that kicks all players on vpns and those accounts that are younger than 30 days old. Then: Throw in the default mpeventhandler.txt, remotecontrol.txt, remoteexec.txt, setdamage.txt, setpos.txt, teamswitch.txt, waypointcondition.txt, and waypointstatement.txt filters from the Epoch server files. These should require very minimal tuning if any at all. Then for the scripts.txt, I would recommend starting off with a clean file (throwing in all the defaults and filtering for them is a lot of work if you don't know what you're doing). I would start with this at the top: //new2 4 dedicatedServerInterface 4 openDSInterface !="a _lbindex;\n};\n\nif (_lbselected == \"DSInterface\") then {openDSInterface;};\nif (isMultiplayer) then {player createDiarySubject [\"" This keeps people from opening server controls etc from in game. Then, add the following below that and filter them out: 1 execVM !"\z\addons\dayz_code" 1 playableUnits 1 onMapSingleClick 1 setDamage 1 modelToWorld 1 displayAddEventHandler 1 reveal 1 allUnits 1 showCommandingMenu Once you have it to where they are no longer throwing logs, turn them from a 1 to a 5 - this will then kick them and log them for you to see. Then, slowly add variables from the default scripts.txt and filter them out. I use the awesome tool BEM to filter my scripts.txt: http://bem.themeq.xyz/ Just paste them in and it does all the work for you! Once again though, half the work is taken care of with Battlemetrics. It is a must have tool. Relentless, looter809, DieTanx and 3 others 6 Link to comment Share on other sites More sharing options...
DieTanx Posted May 7, 2017 Report Share Posted May 7, 2017 10 hours ago, BigEgg said: Figured I would go with the basics first: Get Battlemetrics Rcon.... I cannot stress this enough. Create a trigger that kicks all players on vpns and those accounts that are younger than 30 days old. Then: Throw in the default mpeventhandler.txt, remotecontrol.txt, remoteexec.txt, setdamage.txt, setpos.txt, teamswitch.txt, waypointcondition.txt, and waypointstatement.txt filters from the Epoch server files. These should require very minimal tuning if any at all. Then for the scripts.txt, I would recommend starting off with a clean file (throwing in all the defaults and filtering for them is a lot of work if you don't know what you're doing). I would start with this at the top: //new2 4 dedicatedServerInterface 4 openDSInterface !="a _lbindex;\n};\n\nif (_lbselected == \"DSInterface\") then {openDSInterface;};\nif (isMultiplayer) then {player createDiarySubject [\"" This keeps people from opening server controls etc from in game. Then, add the following below that and filter them out: 1 execVM !"\z\addons\dayz_code" 1 playableUnits 1 onMapSingleClick 1 setDamage 1 modelToWorld 1 displayAddEventHandler 1 reveal 1 allUnits 1 showCommandingMenu Once you have it to where they are no longer throwing logs, turn them from a 1 to a 5 - this will then kick them and log them for you to see. Then, slowly add variables from the default scripts.txt and filter them out. I use the awesome tool BEM to filter my scripts.txt: http://bem.themeq.xyz/ Just paste them in and it does all the work for you! Once again though, half the work is taken care of with Battlemetrics. It is a must have tool. You sir, are a legend. Whomever made this program, is a legend. Yall are amazing! this is exactly what i needed!!!!! I plan on regutting all my filters from stock and redoing them on my test server. THANK YOU!!!!!! BigEgg 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now