Hi guys, I've found out some very disturbing facts about popular anticheat softwares that people have been using on their servers.
I'm not talking about official software here, I'm talking about the unofficially coded addons either bought or can be downloaded to put on ones server.
I have been hearing things that these "anticheats" scan people's computers without their permission. There is no disclaimer or agreement when you join the servers that it says that. Some anticheats are not just scanning gmod but scanning your pc! think about your personal files that you have on your machine and do you want a random teenager able to see them?
Also anticheats software goes against the spirit of gmod. anticheat software is made for games like tf2 and counter strike that require i and is put in by the developer.
On gmod you are allowed to use modules and lua scripts already and the developers haven't stopped this, instead people are taking a sandbox game into their own hands and putting further restrictions on people who want to modify the game to their own needs. After all it is called "Garrys MOD". There is no need for anticheats...
Another smashing point is that some anticheats are being used on servers with sv_allowcalua 1 which means lua scripts are permitted but you can be kicked/banned for attempting to use them! Also some server owners also steal the lua scripts from people's folders against their will. truly not in the good nature of the game!!!
Some anticheats will also send information to remote servers and databases with the lua scripts attached..... Very scary. What is even more scary is that innocent people are being banned by these home-made anticheats for simply making clientside modifications to the game... Aren't we supposed and encouraged to modify the game? Garrys mod is a mod itself!
In short this isn't some competitive game like tf2 so there's no need for silly homemade anticheats on a SANDBOX game....
Would going through someone's personal files with lua alone actually be possible?
Before you accuse ac's, do more research Mr 3 posts.
if gmod was ran as an administrator then it could technically see every file right?
If you give people unrestricted access to running stuff clientside, you're going to get some people who exploit it. While I am against servers with allowcslua 1 having an anti-cheat, many servers have it set to 0 so people can't aimbot, wallhack, etc. As far as I know you can't find files outside of the GMod directory by using ./ and 90% of servers using anti-cheats don't steal files.
Many Anticheats now use modules. These are the most dangerous Anticheats. A popular Anticheat will bypass SERVER_CAN_EXCECUTE to run unbindall and other commands on people on the server, also it will upload their lua folder to the website for people to steal the scripts. The same Anticheat in which reads people's folders OUTSIDE the root root directory ..
Anticheats are not needed on gmod I want to experiment without being banned
[editline]5th May 2015[/editline]
Anticheats use an exploit to see outside the gmod directory. Which has been reported many times but not patched for years...
[editline]5th May 2015[/editline]
Also have people ever heard of the data protection act?
[QUOTE=Hyperpower19;47662858]Many Anticheats now use modules. These are the most dangerous Anticheats. A popular Anticheat will bypass SERVER_CAN_EXCECUTE to run unbindall and other commands on people on the server, also it will upload their lua folder to the website for people to steal the scripts. The same Anticheat in which reads people's folders OUTSIDE the root root directory ..
Anticheats are not needed on gmod I want to experiment without being banned
[editline]5th May 2015[/editline]
Anticheats use an exploit to see outside the gmod directory. Which has been reported many times but not patched for years...
[editline]5th May 2015[/editline]
Also have people ever heard of the data protection act?[/QUOTE]
Does serverwatch have babies?
[QUOTE=Exploderguy;47662877]Does serverwatch have babies?[/QUOTE]
??
And are you an anti cheat producer/exporter?
[QUOTE=Hyperpower19;47662884]??
And are you an anti cheat producer/exporter?[/QUOTE]
I'm just not a retard.
[QUOTE=Hyperpower19;47662858]Many Anticheats now use modules. These are the most dangerous Anticheats. A popular Anticheat will bypass SERVER_CAN_EXCECUTE to run unbindall and other commands on people on the server, also it will upload their lua folder to the website for people to steal the scripts. The same Anticheat in which reads people's folders OUTSIDE the root root directory ..
Anticheats are not needed on gmod I want to experiment without being banned
[editline]5th May 2015[/editline]
Anticheats use an exploit to see outside the gmod directory. Which has been reported many times but not patched for years...
[editline]5th May 2015[/editline]
Also have people ever heard of the data protection act?[/QUOTE]
If you can name the source and the AC then I'm sure me and most other people will believe you. The only AC that I heard of fucking with people was HeX's and I'm pretty sure that doesn't work anymore.
Serverwatch, go away
Hex still works, and it is more crazy than ever recently my friend got banned from his server for no apparent reason. There are some other anticheats to watch out for Eg cake anticheat and QAC.
Also I am not serverwatch My name is hyperpower19 read the name beside the post .
You type like serverwatch, you rant like serverwatch, and you appeared shortly after serverwatch's last Alt was banned. You are fooling nobody
Without modules being installed, you're pretty much safe from these "anti-cheats" which only really check code you have ran in the first place. Only any type of module would allow outside access of the garrysmod directory. And even if an anticheat that was not anything like VAC or put in by the developer and had the access to all your files, I wouldn't use it.
stop spewing your bullshit when clearly you're ignorant in every aspect of this topic.
[QUOTE=Hyperpower19;47662858]Many Anticheats now use modules. These are the most dangerous Anticheats. A popular Anticheat will bypass SERVER_CAN_EXCECUTE to run unbindall and other commands on people on the server, also it will upload their lua folder to the website for people to steal the scripts. The same Anticheat in which reads people's folders OUTSIDE the root root directory ..[/QUOTE]
a. do you honestly think that anticheats can bypass the command blacklist? In order to use the modules you're speaking of the client would need to install them themself.
[quote=Hyperpower19;47662858]Anticheats are not needed on gmod I want to experiment without being banned[/quote]
b. if you want to fucking experiment with code experiment on your own fucking server.
[quote=Hyperpower19;47662858]Anticheats use an exploit to see outside the gmod directory. Which has been reported many times but not patched for years...[/quote]
c. all known filesystem exploits have been patched over a year ago, found a new one? [B]REPORT IT.[/B]
[quote=Hyperpower19;47662858]Also have people ever heard of the data protection act?[/quote]
[URL]http://en.wikipedia.org/wiki/Data_Protection_Act_1998[/URL]
d. that law only applies in the UK, which your flag indicates you're not a part of. (or are you? serverwatch was from england, shoot yourself in the foot?)
To me it sounds like a kid who is against anti-cheats because he wants to cheat.
[QUOTE=DevShinx;47663989]To me it sounds like a kid who is against anti-cheats because he wants to cheat.[/QUOTE]
no its just serverwatch angry that he gets banned from darkrp servers for trying to use his pro propkill scripts :v:
Even if it got outside of your running gmod folder, it isn't going to get outside of Steam's running directory. Any methods to do so by overflowing Steam's memory stack was patched years ago.
[QUOTE=TylerB;47663676]stop spewing your bullshit when clearly you're ignorant in every aspect of this topic.
a. do you honestly think that anticheats can bypass the command blacklist? In order to use the modules you're speaking of the client would need to install them themself.
b. if you want to fucking experiment with code experiment on your own fucking server.
c. all known filesystem exploits have been patched over a year ago, found a new one? [B]REPORT IT.[/B]
[URL]http://en.wikipedia.org/wiki/Data_Protection_Act_1998[/URL]
d. that law only applies in the UK, which your flag indicates you're not a part of. (or are you? serverwatch was from england, shoot yourself in the foot?)[/QUOTE]
You most certainly CAN bypass the blacklist with a module WITHOUT the client having to install the module. As soon as you join a server with it they can bind you without you having to download or run anything.
[QUOTE=C3peo;47665182]You most certainly CAN bypass the blacklist with a module WITHOUT the client having to install the module. As soon as you join a server with it they can bind you without you having to download or run anything.[/QUOTE]
Oh please. You can't even get a player to connect to another server using serverside code only, let alone do anything malicious through concommand.
[QUOTE=James xX;47665375]Oh please. You can't even get a player to connect to another server using serverside code only, let alone do anything malicious through concommand.[/QUOTE]
Well you can use SendLua to send a clientside command, I'm pretty sure I did that once a while ago
[QUOTE=James xX;47665375]Oh please. You can't even get a player to connect to another server using serverside code only, let alone do anything malicious through concommand.[/QUOTE]
I can demonstrate this to you. I can add you on Steam and show you on my private server.
[QUOTE=Hyperpower19;47662884]??
And are you an anti cheat producer/exporter?[/QUOTE]
Yes. Here at facepunch, we export and deal in 100% pure anti-cheat (none of that cheap stuff from that guy in your local alleyway). Come to us for the purest shit you'll ever have. We'll even give first-timers a free anti-cheat sample on the house.
A server can take whatever client side addons you have... boohoo suck it up that's been known for a while, even QAC was able to do that. Please name a public anticheat, so far the popular ones seem to be pretty honest about what they do. Even if they did run unbindall it isn't that hard to fix, lastly gamemodes like TTT really benefit from an anticheat because having an aimbotting, T knowing, hacker ruins the fun.
Let's all assume Garry's Mod and the Source engine are secure because that way we can make fun of OP.
[QUOTE=YourStalker;47665495]A server can take whatever client side addons you have... boohoo suck it up that's been known for a while, even QAC was able to do that.
Also please name a public anticheat, so far the popular ones seem to be pretty honest about what they do.
Lastly the worst command they can really run is unbindall, which isn't that hard to fix.[/QUOTE]
There's a few posts (recent) on MPGH and one here about users not being able to fix keybinds despite deleting cfg files and even reinstalling Gmod. I assume that since most of them were on MPGH that it was an anti cheat that did it. I have an idea of how someone could have performed this but I do not 100% know how.
[QUOTE=C3peo;47665523]There's a few posts (recent) on MPGH and one here about users not being able to fix keybinds despite deleting cfg files and even reinstalling Gmod.[/QUOTE]
That tends to happen when people forget to disable cloud when reinstalling gmod.
[QUOTE=James xX;47665533]That tends to happen when people forget to disable cloud when reinstalling gmod.[/QUOTE]
That makes a lot of sense. Well it proves potent against the script kiddies when they get rebounded for cheating. I want to see that in action but I don't know the server has it.
[QUOTE=Willox;47665506]Let's all assume Garry's Mod and the Source engine are secure because that way we can make fun of OP.[/QUOTE]
blaming reputable anticheats for shitty servers doing shitty things is not the way to get exploits fixed?
Am I the only one who thinks that Hyperpower19 and C3peo are the same person?
Sorry, you need to Log In to post a reply to this thread.
