[Zuthara]

Current Version: 1.1.2 | Last Updated: August 26th, 2016
NO LONGER UPDATED

What is Sprunkbuster?
Sprunkbuster is a system designed to keep cheaters out of your server. It is a robust system designed on top of a reliable anti-cheat system to ban players for cheating and keep them out, while also reducing the risks of false bans. In 2010, the original Sprunk Buster project was launched by Woet - the project failed due to DNS range banning and a poor structure. This project has taken into account many of the problems with the old Sprunk Buster and fixed them.

• Built-in Anticheat System (Nex-AC) monitors known cheats on the server-side, and reports back to the master server.
• Cheaters which are identified are instantly banned from your server... and from every other server which has Sprunkbuster installed properly.
• Fast and robust system with most of the work done in the cloud.
• Accurate system of identifying individual players, avoiding false bans for innocent players.

How does Sprunkbuster work?
When a cheater is detected by the system, a ban request is sent to the master server (Sprunkbuster's server) to globally ban that player. If the master server acknowledges the request and bans the player, the player is then disconnected from your server.

By default, bans last 24 hours. Our staff reviews evidence for each ban and determines if it is enough to justify a permanent global ban. Even if a player gets unbanned after the 24 hours, we retain records and logs. Sometimes, we won't be able to review all requests within 24 hours - but rest assured, we will eventually get to it and that cheater will be banned.

If you wish, you can enforce local bans through other tools, in order to keep cheaters off of your server who you identify yourself. Sprunkbuster works hard to ensure that no player is global-banned without a good reason - we want to reduce the number of false global bans to effectively zero.

What if I ban myself or an admin gets banned by the system?
The anticheat system is a solid one - it does not have many false positives. However, if you get banned due to using commands (i.e. admin-fly, admin-teleport, etc.), make sure to take a screenshot or save a Shadowplay clip so we can investigate. We review all bans that come into the system to verify the evidence logged by our system.

If you believe you have been wrongly banned, you can appeal on our website: abstractiondev.net - requests usually take between 24 and 48 hours to review, and are typically reviewed during regular business hours, except in emergencies.

If you want to keep your admins from getting banned, use the following function in your script:

Code:

SB_ExemptPlayer(playerid,exemption_state);
* Playerid is the ID of the player you want to exempt or unexempt.
* exemption_state is a 1 or 0: (1) if you want to prevent the player from getting banned, (0) for everyone else.

Supported Operating Systems:
Windows
Linux (CentOS)

How do I use Sprunkbuster? - UPDATED 8/26/2016
Sprunkbuster is fairly simple to use. Simply follow the instructions below and you'll be ready to get started with Sprunkbuster. Please follow these instructions carefully, so you can use this tool properly...

1. Download the latest files for Sprunkbuster - DOWNLOAD
2. Unzip the files into your server folder (where samp_server.exe is).
3. Add the following line at the top of your Gamemode Script:
   Code:

   #include <sprunkbuster>

4. Add the following line at the top of your Filterscripts:
   Code:

   #include <nex-ac>

5. Add the following lines to your server.cfg:
   Code:

   filterscripts sprunk
   plugins SAMPSON

Where do I download Sprunkbuster?
Read the instructions above, then go here:

Download Now!
(Mirror by SA-MP Forums)

Want to be a Sprunkbuster Moderator or Developer?
Send me a private message if you want to be a Sprunkbuster Moderator or Developer. I'm looking for reliable developers and moderators to help out with maintaining the project as it goes on. Moderators review evidence and unban innocent players, developers work on making the project even better.

Changelog
1.1.2
+ Default bans have been changed to 24 hours until confirmation. Sprunkbuster Staff will now need to confirm the evidence before the ban becomes permanent. (24 hours is a verification period)
+ Servers which issue excessive false bans (no evidence to back up the ban) will now be blacklisted.
+ Restructured some code and added some remote calls for better efficiency of filterscript.
+ Released everything as open source.
1.1.1
+ Made logging more efficient.
+ Restructured HTTP requests (breaks older versions)
1.1.0
+ Restructured callback hooking and made system easier to install. Users no longer need to edit their Gamemode other than adding the include (add the include and you're done).
+ Added security checks and enhanced tracking on the server side.
+ Fixed 2 bugs causing false bans (hill bug and admin fly bug)
+ Added Exemptions (server owners can now exempt their admins from getting banned by Sprunkbuster)
+ Restructured Violation Level tracking.
+ Released beginning of panel with basic features.
1.0.1
+ Initial Release

Development Team
Zuthara
MSX

Credits
Nex Anticheat - Developed by Nexius
SAMPSON Plugin - Developed by KingHual

[Flaw]

Nice job !!! - Rep Lv Up

[Zuthara]

Update 1.0.1.1

• Security updates to backend.

You do not have to download a new include file to receive this update, it is entirely server-sided.

[TreePuncher]

From what I read, I'll assume all reports are sent straight to the master server, no exceptions.
With that assumption in mind, I think it'd be nice to have a callback where you decide whether that report is sent to the master server or just dropped.
As you said, it's possible to have your admin banned accidentally by using admin commands, and the reason I am giving this idea is because, if that were to happen, the server could just go through whatever logical operation it was programmed to go through and drop the report if the admin was really using his commands, that way, the admin wouldn't have to go off duty for 24/48 hours, and you wouldn't have to review that appeal.

Now that suggestion was just in case the plugin doesn't work like that, I did not have time to look at it. Sad, really.

[Max_Andolini]

Add nex-ac_en.lang

[Zuthara]

Quote:

Originally Posted by TreePuncher From what I read, I'll assume all reports are sent straight to the master server, no exceptions. With that assumption in mind, I think it'd be nice to have a callback where you decide whether that report is sent to the master server or just dropped. As you said, it's possible to have your admin banned accidentally by using admin commands, and the reason I am giving this idea is because, if that were to happen, the server could just go through whatever logical operation it was programmed to go through and drop the report if the admin was really using his commands, that way, the admin wouldn't have to go off duty for 24/48 hours, and you wouldn't have to review that appeal. Now that suggestion was just in case the plugin doesn't work like that, I did not have time to look at it. Sad, really.

That is already developed on the 1.2 development branch. Hoping to push out an update either tonight or tomorrow morning with some added features for handling ban exceptions (applying exceptions to certain players). There are also a few bugs identified which i'm going to fix in the development branch - only one of them could possibly result in false bans (going at high speed at a speed incline could trigger a fly-hacking flag).

The 1.2 branch will have a number of features gearing the system toward a panel, so that admins can reverse bans issued by their own server. So, if an admin identifies a false ban issued on their server, they can go and reverse this on the panel. I expect the panel to be finished by around 1.3 - 1.4, along with the web API.

Also new in the 1.2 branch on the master-server side will be the beginnings of a web API so that servers can check players for sprunkbuster bans on their own websites and UCP applications. This will likely be released around the 1.3 - 1.4 point.

Also, i'm going to fix the nex-ac lang files to the include shortly. Apologies for the errors, guys.

[Spmn]

Quote:

Originally Posted by TreePuncher From what I read, I'll assume all reports are sent straight to the master server, no exceptions. With that assumption in mind, I think it'd be nice to have a callback where you decide whether that report is sent to the master server or just dropped. As you said, it's possible to have your admin banned accidentally by using admin commands, and the reason I am giving this idea is because, if that were to happen, the server could just go through whatever logical operation it was programmed to go through and drop the report if the admin was really using his commands, that way, the admin wouldn't have to go off duty for 24/48 hours, and you wouldn't have to review that appeal. Now that suggestion was just in case the plugin doesn't work like that, I did not have time to look at it. Sad, really.

I took a quick look at source code and it seems that only bans issued by NexAC are sent to master server.


Here's a couple of suggestions:
- call a callback when a global banned player connects instead of auto kicking it (maybe some server owners want to whitelist certain cheaters?)
- hook callbacks used by your library, especially OnCheatDetected because scripters might want to use that callback in their scripts too

I see you allow servers to issue global bans since they are registered on your master server. What if some malicious SA-MP servers send fake global bans? You should reject all bans unless issuer is trustable.

[Zuthara]

Quote:

I took a quick look at source code and it seems that only bans issued by NexAC are sent to master server.

At the present moment, I don't have the ability to write an entire anticheat system from scratch.

Quote:

call a callback when a global banned player connects instead of auto kicking it

The whole idea behind Sprunkbuster is to create a blacklist of who the cheaters are in the SA-MP community. I have a plan to implement local whitelisting, but it may take a little while before it's ready because i'm trying to move all of that sort of stuff to a control panel.

Quote:

I see you allow servers to issue global bans since they are registered on your master server. What if some malicious SA-MP servers send fake global bans? You should reject all bans unless issuer is trustable.

I was hoping to keep this ambiguous, but I guess i'll elaborate a little bit on how this works.

Basically, all bans are sent into a review queue before they are permanently enforced. All bans can be traced back to individual servers by an API key unique to the server. Servers which send false bans (by triggering one of many tracking systems) get their API Key automagically suspended by the system. As of the present moment, any ban that is issued and added to the review queue is a 12 month ban (which will change once the review system is activated).

Future updates will issue a 48 hour ban to any player suspected of cheating and submit the global ban request to a review queue. The requests in the queue will be reviewed by a human, and either approved (made permanent) or rejected (reversed). The next big task is to make the proper panel.

Quote:

I took a quick look at source code and it seems that only bans issued by NexAC are sent to master server.

Once multiple cheating attempts are logged, the player is globally banned. The idea is to automate the system while also preventing as many false bans as possible. At the current moment, I can guarantee that most bans issued by the system are correct based on information gathered during testing. As of now, admin fly commands result in a ban, and driving too fast uphill can result in a ban - these will be fixed tonight.


---

So, based on above suggestions, i've compiled the following list of things i'm going to be doing tonight for the 1.2 development branch:
TO DO List:
- Add nex-ac language files into the downloadable package.
- Add a callback for handling bans
- Add local whitelisting
- Add a hook for OnCheatDetected
- Security updates to prevent flooding.
- Fix two bugs resulting in false bans.
- Start on Sprunkbuster cloud panel.

[Zuthara]

Just pushed the update. 1.1 is now released, please update your files if you have not done so already. If you do not update, your server key will not be able to send ban requests to the master server.

[TheMallard]

Sprunkbuster sucks!

[Kimble]

Just wanted to say good luck, this looks promising.

[markparker12]

Looks kewl, keep up the good work.

[Zuthara]

thanks guys

[Zuthara]

Project inactive due to technical limitations imposed by the web host. If anyone is interested in maintaining this, contact me.

[blackyprox]

Is this like VAC in SA-MP?
not gonna lie this looks really good.

[SyS]

shouldnt be it in Includes section?
nice one however.

[azzerking]

You seemed to have put a lot of effect into this, however I feel this sort of stuff would be better as a plugin that sits client side. As this would allow more positives ways to detect and properly ban players.

I feel that some servers would be happy with this, however they are the people who are not experienced programmers or scripters and without understand how the system works, I feel they might lead themselves into problems.

An example of this is if an admin is to ban someone by mistake, or because they saw something which later was proven to be legit, well I doubt both parties would always be recording or have proof at the time, and since you state you need proof to be removed I feel this will cause a lot of issue and may hold back your project.

Plus how many staff members do you have? To manage this kind of service you would need more then a 100 people reading through ban reports and sorting each case out. This takes a lot of time and I would assume the people may or may not be paid for doing it? I may be wrong but I feel your way over your head?

Nice, code though. I like the system and the way you done things, however I just don't think it should be a include and more a client sided plugin.

[AssadMota]

The link is broken

[Yukie]

Fix the link please

[Yukie]

fix the link please