Jump to content

Simple Check for Scripts Filter Bypass


icomrade

Recommended Posts

I've finally had time to build the Hive extension with a custom player check for a scripts bypass. it's rather basic but may still be quite effective for the majority of those bypassing the scripts filter.

To start you must download this custom HiveExt.dll (includes virtual garage calls) and edit your HiveExt.ini as in the one in the linked repo (add the Battleye section to your Hive.ini). https://github.com/icomrade/icomradeHiveEpoch/tree/master/Pre-Compiled

 

Some client side code is required, you can place it inside the !isDedicated check of init.sqf: https://github.com/EpochModTeam/DayZ-Epoch/blob/Release_1.0.6.2/Server Files/MPMissions/DayZ_Epoch_11.Chernarus/init.sqf#L81

	waitUntil {(getPlayerUID player) != ""};
	LogMyLogin = [getPlayerUID player]; publicVariableServer "LogMyLogin";

 

You also need to have a line which you log in scripts.txt. the simplest way to get 1 line per login is by adding a textLog to one vehicle's init line

for example add an object with an init line to your mission.sqm, or append you desired textLog line to it (this example uses textLog 'Amadeus Amadeus log me Amadeus'; )

	class Vehicles {
		class Item0
		{
			position[]={6391.9619, -0.29052943, 7790.3203};
			azimut=487.7664;
			id=0;
			side=EMPTY;
			vehicle="TK_GUE_WarfareBLightFactory_base_EP1";
			init="this setPos [6391.9619, 7790.3203, -0.29052943]; textLog 'Amadeus Amadeus log me Amadeus';";
			skill=1;
		};
		items=1;
	};

 

Server side code is also required, in server_functions.sqf add after the Server_hiveWrite compile! https://github.com/EpochModTeam/DayZ-Epoch/blob/Release_1.0.6.2/SQF/dayz_server/init/server_functions.sqf#L172

DZE_LegitPlayers = [];
DayZ_LegitCheck = {
	private ["_closeEnough","_index"];
	_closeEnough = false;
	_index = -1;
	{
		private ["_PUID","_lastCheckTime"];
		_PUID = _x select 0;
		_lastCheckTime = _x select 1;
		if (_PUID == _this select 0) exitWith {
			if ((_lastCheckTime + 60) > diag_tickTime_) then {
				_closeEnough = true;
			} else {
				_index = _forEachIndex;
			};
		};
	} forEach DZE_LegitPlayers;
	if (!_closeEnough) then {
		if (_index >= 0) then {
			DZE_LegitPlayers set [_index, [(_this select 0), Diag_TickTime]];
		} else {
			DZE_LegitPlayers set [(count DZE_LegitPlayers), [(_this select 0), Diag_TickTime]];
		};
		_key = format["CHILD:777:%1:",_this select 0];
		_key call server_hiveWrite;
	};
};
"LogMyLogin" addPublicVariableEventHandler {(_this select 1) call DayZ_LegitCheck;};

Finally be sure to add the log line to your battleye filter: scripts.txt!!!

for example

//check one thing at login
1 "Amadeus"

 

Edit: You may want to manually review these bans, or not idc, but there are sometimes false positives. i.e. the scripts.txt filter fails to log and a legit player will not show up in the scripts.log, subsequently resulting in a ban (strange behavior, probably an issue with the scripts filter on battleye's end). I've observed failure to log on myself when testing, so I use a temp list and transfer overto my real ban list after review

Link to comment
Share on other sites

This won't work because they can simply enable the scripts.txt bypass a bit later ingame 

I have been there and tried that

the only way that works is to have random variables popup in scripts.txt every xxx seconds but that, since BE is the biggest shit, lags out arma to a point where you like to have hackers more than this pathetic performance :sad:

Link to comment
Share on other sites

35 minutes ago, IknowYou said:

This won't work because they can simply enable the scripts.txt bypass a bit later ingame 

I have been there and tried that

the only way that works is to have random variables popup in scripts.txt every xxx seconds but that, since BE is the biggest shit, lags out arma to a point where you like to have hackers more than this pathetic performance :sad:

This method works fine for older revisions of the "hack" which is still very widely used.

Link to comment
Share on other sites

1 hour ago, IknowYou said:

This won't work because they can simply enable the scripts.txt bypass a bit later ingame 

I have been there and tried that

the only way that works is to have random variables popup in scripts.txt every xxx seconds but that, since BE is the biggest shit, lags out arma to a point where you like to have hackers more than this pathetic performance :sad:

Like you said, you can execute the 777 call at any point in the game. if you are clever as an admin you could periodically or manually ping players with an embedded client side event handler then execute the 777 call; this is just the framework for more advanced methods of detection which can be as frequent or sparse as you like if performance is bad from your scripts filter

 

I've had success just doing it at login, but like Merlijn said some new version that won't suffice. I mean IMO Infistar lags the game hard and doesn't do anything to stop educated hackers, but it stops your common cheater, and people still use it? This is the same, albeit much much more light weight (and free)

The OP was written to be drag and drop for admins who don't want to make their own way of implementing the tool, and probably isn't the most complete overview or use guide of it. Also I should note you will need to rotate your scripts.log (preferably every restart) and make sure you don't have excessive logging in it as a large file size will greatly slow down the scanner and probably your server

Link to comment
Share on other sites

But Icomrad the exact same thing was done by infiSTAR more than a year ago and as I said it doesn't really help as there is only 2-3 hacks by people who actively watch things like this forum and simply changed the point of bypass to whenever the hacker decides.  I mean you are a 100% right it might stop some who for whatever reason run older cheats or what not but the main problem here- IMO is that BattlEye is supposed to do a fairly easy job and bloody failing at doing so

isn't it possible for you as a part of the mod team here to reach out to BE and simply ask them to get some kind of heartbeat going? I don't know but something that doesn't require us to make sure that BE writes a log if we force it to do so?
 

*edit
sorry did read your post before wrongly, that's great mate!

But still leaves the problem with BE lagging out the server if you were to do it with like 30+ people on like once a minute you will get into BE killing the fps for everybody (at least last time I tried)

Link to comment
Share on other sites

2 hours ago, IknowYou said:

But Icomrad the exact same thing was done by infiSTAR more than a year ago and as I said it doesn't really help as there is only 2-3 hacks by people who actively watch things like this forum and simply changed the point of bypass to whenever the hacker decides.  I mean you are a 100% right it might stop some who for whatever reason run older cheats or what not but the main problem here- IMO is that BattlEye is supposed to do a fairly easy job and bloody failing at doing so

isn't it possible for you as a part of the mod team here to reach out to BE and simply ask them to get some kind of heartbeat going? I don't know but something that doesn't require us to make sure that BE writes a log if we force it to do so?
 

*edit
sorry did read your post before wrongly, that's great mate!

But still leaves the problem with BE lagging out the server if you were to do it with like 30+ people on like once a minute you will get into BE killing the fps for everybody (at least last time I tried)

I'm not sure if BE even cares about ArmA 2 any more, not to mention BIS is the one paying the BE developers, not me, so my input is worthless and will probably be ignored.

I don't know the methodology infistar uses to detect a scripts filter bypass, if it's an external library (dll) like the hive extension I fail to see a severe performance impact for logging a single line... this assumes you rotate your filters so the tool isn't searching a several MB log file and you're not trying to log something intensive. Also with infistar, the script filter is so weak and open I'm not sure you even need a bypass; i.e. when people just modify their mission file in a special way. But at the end of the day, not every hack needs a script filter bypass and doesn't even need to be based on SQF. So in that case, then obviously it won't prevent it, but it's a free extra layer of protection.

Also logging every minute is excessive, something like every 30 minutes is probably alright

Link to comment
Share on other sites

2 hours ago, SmokeyBR said:

i assume "LogMyLogin" needs an exception on publicvariable.txt else you´ll get kicked...

Would anyone share something for checking every 30 minutes ?

Yeah it needs an exception in publicvariable.txt.

to execute every 30 minutes you just need to execute LogMyLogin = [getPlayerUID player]; publicVariableServer "LogMyLogin"; in a loop + uisleep 1800;

in the most basic example

[] spawn {
  while {1 == 1} do {
    LogMyLogin = [getPlayerUID player]; publicVariableServer "LogMyLogin";
    uisleep 1800;
  };
};

 

Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Advertisement
  • Discord

×
×
  • Create New...