Anti cheat
#1

As we know plugins are not allowed to mod client side, maybe it could be possible to only read client side without modding it. Now for example it would read whatever files are modded, gta_sa.exe, weapon.dat, handling.dat etc. That would be good way to detect if player is hacking or not.

Reading processes would be useful aswell. As long as it wouldn't effect gameplay. It would print only.
Reply
#2

I remember once, there was SAC on 0.2, which I believe it had its reason to be taken off during 0.2X or so. I'm not telling to bring SAC back, the only thing I want you to bring back is the motivation in building another anticheat that could keep the cheaters off for good, with constant updates.
Reply
#3

It would be too much work for them, if my idea would work, then people would just make their own anti cheats, trying to read what files are modded.
Reply
#4

There was DracoBlue's Anticheat requiring clientside add-on that was doing exactly that, project died because of lack of PR and willing to use it by clans
Reply
#5

Matrix, i think you are mistaken. A plugin cannot do anything client side. It cannot access anything outside of the scriptfiles folder on a server.. There are no client sided plugins, and if you were to check the validity of these files, a 3rd party client would be needed (to communicate via sockets) or included SA-MP functions, negating the need for a plugin.

..That is if i am correct in your meaning.
Reply
#6

Yeah but we don't need to mod anything outside scriptfiles, we need only to read/print.

Quote:
Originally Posted by DiDok
View Post
There was DracoBlue's Anticheat requiring clientside add-on that was doing exactly that, project died because of lack of PR and willing to use it by clans
Not really, he is just busy with work and barely is online. He was making the anti cheat for his own server not for clans.
Reply
#7

DFairPlay was made for everyone and its intention was to be used on lots of servers
Reply
#8

Quote:
Originally Posted by Pghpunkid
View Post
Matrix, i think you are mistaken. A plugin cannot do anything client side. It cannot access anything outside of the scriptfiles folder on a server.. There are no client sided plugins, and if you were to check the validity of these files, a 3rd party client would be needed (to communicate via sockets) or included SA-MP functions, negating the need for a plugin.

..That is if i am correct in your meaning.
A plugin can access the whole of the server.
Reply
#9

Quote:
Originally Posted by MaTrIx4057
View Post
Yeah but we don't need to mod anything outside scriptfiles, we need only to read/print.
Any how do you propose to do that without client side interaction?
How do you propose to accurately establish whether these files have been modified?
Reply
#10

Quote:
Originally Posted by Jay_
View Post
Any how do you propose to do that without client side interaction?
How do you propose to accurately establish whether these files have been modified?
I could imagine some crazy comparison statement, something like: if(!strcmp(source, source2)) or something that would take a very long time to complete.

If this were possible, with efficiency in mind, I would support it, but as of now; it seems like a load of words to me.
Reply
#11

Quote:
Originally Posted by Jay_
View Post
Any how do you propose to do that without client side interaction?
How do you propose to accurately establish whether these files have been modified?
Same way as ESL wire anti cheat works. It does have client side interaction, but it isn't modding client in any ways.

It is still possible to make anti cheat with client side modifying aswell, but that would break sa-mp rules, thats why i'm trying to find a way without breaking rules.
Reply
#12

There's a simple reason for cheaters to use the program. Make it like Incognito's Audio Plugin for example, it has a function to check if the player has the tool connected together with the server hes playing on. If he doesn't have the tool connected he gets automatically kicked from the server, in case the server is forcing anticheat.


In ESL's case, they have a server taking care of anticheat stuff, logs etc, and in every match setup it says which players used the anticheat and it creates a log of what programs were open, closed, anything.. plus it also takes a random amount of basic screenshots from the game (between accepted values), compresses the whole thing into a ZIP/RAR and sends to ESL's server. The logs and encrypted text get automatically read by the server to search for hacking.
In case of doubt, a manual check is done by the Admins to the suspected player's ZIP, checks the screenshots taken by the tool and sees if theres anything to see.
Also, if the player attempts to edit anything on that ZIP pack, ESL easily detects it because Windows has a feature to check if the file was modified prior to creation. If the ZIP doesn't get uploaded by the player, he gets eventually punished with a few weeks ban from the entire gaming corp hes inserted on ESL.
But that's ESL case, just an example.

DFairplay could've been successful, but for lack of time and lack of cooperation he (DracoBlue) didn't finish it and decided to put it apart, since he worked on it alone. I'm sure if he had 1-2 coders on his side, we would be using DFairplay at the moment.
Anticheats get beyond checking files. It goes through memory scans, hooks, etc. It's not as simple as checking if a player modded weapon.dat or has s***** files on his GTA folder. Remember there are tons of hacks for this old game, so they need to be blocked by general methods, not one by one.
Reply
#13

A Server side plugin cant get file information off the client side. I am still sure that Matrix is thinking of terms of 'localhost'.

192.168.1.100 (client) cannot be examined by 55.118.whatever.whatever (server) without the use of an external application.

Like ****** said, why bother with said program, when people could potentially compromise it?

And previous poster, They could packet sniff if it was in plain text.. and if using SSL, well thats a bit overkill here don't you think?

Why not just use the old fashioned method of Pawn? If you observe things correctly, you can make an effective Pawn based anticheat.
Reply
#14

Quote:
Originally Posted by Pghpunkid
View Post
Why not just use the old fashioned method of Pawn? If you observe things correctly, you can make an effective Pawn based anticheat.
Maybe you should release yours
Reply
#15

Quote:
Originally Posted by ******
View Post
That relies on the cheater correctly reporting that they don't have it installed. What's to stop them writing something else to say they have the client installed when they don't so the server lets them on?



Again, you're relying on the client being honest - what's to stop someone writing a program which detects the command to take a screenshot and send back some utter rubbish? There's no reason the hackers would take a real screenshot.



That is INCREDIBLY easy to bypass!



At one point SA:MP did have a very good AC system, but it was based on being updated for every new hack and was very difficult to maintain.
To correctly protect the tool's safety, a server is needed to make sure the AC is not edited in any way nor anything else is blocking the path of the AC processes. While the AC is still on, constant data is being transmitted to the AC server, if the transmission for some reason stops or fails, the player gets disconnected from the gaming server or whatsoever the rules and script runs on that specific server.
The player must not only have the AC installed, he must boot it manually and it needs to be connected to the AC server.
That applies for any false statements that hacks may give to the server receipter, either for false installation messages, as well as for faulty screenshot bypass and other stuff.
This is only possible with a server constantly transmitting data to a client, else it will fail.

Also, as soon as the player's game crashes or closes, the AC tool automatically transmits the data to the AC server to procceed with analisys. Everything is done automatically and in the background, unless exceptional situations where AC Admins have to intervein, using other resources which one of them are the screenshots that got taken from the player's game.

Remember no Anticheat is perfect, but no hack is perfect either. Both complement themselves.
A good anticheat will block any hacker for a few months until some smartass discovers a way to bypass, but by the time he tries to figure out a way to bypass the anticheat, it was already updated and patched, although this requires a team constantly looking for bugs and spots on the anticheat to prevent it being bypassed, lurking on popular hack-release forums, etc.

Also, if the AC eventually fails on 1 or 2 cases, which I doubt it will, the human hand can resolve. Matter of fact, the cheater count would get drastically reduced and the gameplay more enjoyable.

Maintaining such AC server costs money, but since it's a Global Tool and if SA-MP team would officially have one of theirs, since it's a standalone program, the Dev team could easily charge server owners if they want to have the AC running on their server. But here comes the question: "Is the AC worth and efficient enough? Does it get updated frequently?"

These are just mere words, but can be taken into actions if the Developers decide to unite their efforts and actually start working on it and see how far it gets but shouldn't expect an easy task because the road is long and large, full of rocks and traps.
This community has lots of talented people in programming, and also lots of masterminds which can contribute with a piece, but some of them work for the individual, which is why many big plans which require bigger organization tend to fail.
Reply
#16

Quote:
Originally Posted by Diablosrouge
View Post
To correctly protect the tool's safety, a server is needed to make sure the AC is not edited in any way nor anything else is blocking the path of the AC processes. While the AC is still on, constant data is being transmitted to the AC server, if the transmission for some reason stops or fails, the player gets disconnected from the gaming server or whatsoever the rules and script runs on that specific server.
The player must not only have the AC installed, he must boot it manually and it needs to be connected to the AC server.
That applies for any false statements that hacks may give to the server receipter, either for false installation messages, as well as for faulty screenshot bypass and other stuff.
This is only possible with a server constantly transmitting data to a client, else it will fail.

Also, as soon as the player's game crashes or closes, the AC tool automatically transmits the data to the AC server to procceed with analisys. Everything is done automatically and in the background, unless exceptional situations where AC Admins have to intervein, using other resources which one of them are the screenshots that got taken from the player's game.

Remember no Anticheat is perfect, but no hack is perfect either. Both complement themselves.
A good anticheat will block any hacker for a few months until some smartass discovers a way to bypass, but by the time he tries to figure out a way to bypass the anticheat, it was already updated and patched, although this requires a team constantly looking for bugs and spots on the anticheat to prevent it being bypassed, lurking on popular hack-release forums, etc.

Also, if the AC eventually fails on 1 or 2 cases, which I doubt it will, the human hand can resolve. Matter of fact, the cheater count would get drastically reduced and the gameplay more enjoyable.

Maintaining such AC server costs money, but since it's a Global Tool and if SA-MP team would officially have one of theirs, since it's a standalone program, the Dev team could easily charge server owners if they want to have the AC running on their server. But here comes the question: "Is the AC worth and efficient enough? Does it get updated frequently?"

These are just mere words, but can be taken into actions if the Developers decide to unite their efforts and actually start working on it and see how far it gets but shouldn't expect an easy task because the road is long and large, full of rocks and traps.
This community has lots of talented people in programming, and also lots of masterminds which can contribute with a piece, but some of them work for the individual, which is why many big plans which require bigger organization tend to fail.
Why not just write a client sided plugin that is usefull and in background it is a anti cheat

I'm plannin to test out some good ban system with client sided plugins, something like: GET the serial id of the HD or MAC (but even those can be changed) and ban on them.
I will make it when I reach that skill level ;P And By The Way, why not just cheeck for the existance of loaded dll's to gta_sa.exe (ofcourse there are thousands of the, but most of them are windows dll's or directx dlls).




Anyway The best option is just to make a plugin that detects ALL KEYS THAT ARE pressed and then use pawn, your brain and some smart logic to detect cheats.
Reply
#17

Quote:
Originally Posted by gamer_Z
View Post
Anyway The best option is just to make a plugin that detects ALL KEYS THAT ARE pressed and then use pawn, your brain and some smart logic to detect cheats.
Tadaaaaaaaaa, we have a winner!
Reply
#18

Quote:
Originally Posted by Famalamalam
View Post
Maybe you should release yours
lol, like i said in other topics, it would be more hurt than help.. people would break it.


Quote:
Originally Posted by gamer_Z
View Post
Anyway The best option is just to make a plugin that detects ALL KEYS THAT ARE pressed and then use pawn, your brain and some smart logic to detect cheats.
That is a really good idea, very simple to make... at least on Windows for me.
Reply
#19

Quote:
Originally Posted by gamer_Z
View Post
Anyway The best option is just to make a plugin that detects ALL KEYS THAT ARE pressed and then use pawn, your brain and some smart logic to detect cheats.
The worst option is the one above.

What if someone accidently press that key?
What if someone binded that key to another application?
What if someone CHANGED THE KEY for their cheats, which is easily done...

-_-
Reply
#20

Quote:
Originally Posted by Mike Garber
View Post
The worst option is the one above.

What if someone accidently press that key?
What if someone binded that key to another application?
What if someone CHANGED THE KEY for their cheats, which is easily done...

-_-
Its just a client/server application to get any key.. not a hard coded Anticheat. The anticheat will be coded with pawn, but will help determine what the user is doing. It could also be used for other applications, besides anticheat.


Quote:
Originally Posted by gamer_Z
View Post
Wine is a emulator and if the keys would not be 'the same' the gta should not work on WINE, I'm heavily surrounded by emulation industries (Vmware, ps3Emu 0.2 (Yes playstation), and ofcourse wine, nintendo emu's , and I can go on with the shit on my laptop )
Anyway the point is : how do people want to run gta sa if it's not windows? (and not the same 'mechanical keys'). you just get the keys sent to GTA_SA, that's not hard to do? :P just hooking a dll like in audio plugin.
Seeing as im on Windows XP, I don't think i have the slightest clue about other OS's emulation for Windows Games. The project would need to be only Windows supported, as its about 95% of the players in SA-MP.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)