[QUOTE=Ideal-Hosting;24458322]I can confirm that Serenity is back.
Avaster will release it for sale in the next days...
Edit:
Some people already bought it...[/QUOTE]
I can also confirm it, avaster told me and someone I know bought it and confirmed that it worked.
[QUOTE=CombineGuru;24499262][url]http://www.skiddiecentral.us/[/url][/QUOTE]
That was sure informative. Good choice of music.
I don't like music you cant turn off on webpages.
[quote]UniqueID[/quote]
I actually meant UserID. When I avoided using IP bans to respond...I was hoping you would give me leeway.
[quote]You misunderstand me. I don’t care only about being able to instantly identify a banned player, I also care about not granting a player any authority in the absence of authoritative identification.[/quote]
A public/private key solution solves both of those problems.
[quote]I don’t care only about being able to instantly identify a banned player[/quote]
[quote]A two party solution would be vulnerable to gaming[/quote]
[quote]You misunderstand me.[/quote]
I never said you exclusively care about gaming the system. In fact, I responded to your other concerns as well as your concerns for gaming.
And if you have no other objections, it appears that we already agree that a public/private key solution works!
[quote]At this point, if you do want to keep banned players out, you are simply out of luck without the use of either ip bans or a third party, either of which can be unreliable.[/quote]
So, you're saying the Steam backend is flawed to the point where people can have enough time to exploit it. This means that the Steam backend is flawed to the point where it can affect legitimate users. But then you say the Steam backend is not flawed to the point where it can affect legitimate users. Do you understand why I'm confused?
[quote]This is a case where that 20-30 second timeout becomes more attractive.[/quote]
In a public/private key system, you will have access to the player's playing history if you choose to record it. If, say, a player has logged fuckknowsit hours on a server, he can probably be trusted - and if he can't, he can lose that record very easily. Hell, if a player has a record from last week, we could justifyably trust him. ...and once the Steam backend kicks in, you've verified the player's SteamID and can link spoofers' accounts together for appropriate action.
This could all be managed by an admin mod. Some scripters have a hard-on for creating complex administration tools. Hell, I could argue that public/private key gets people sexually stimulated.
[quote]...it does seem to follow around certain users...[/quote]
Can we arbitrarily dismiss one set of legitimate consumers to ensure the security of the whole community? Excuse me, sir, but in accordance with a bill passed last month, you've been randomly selected for your 25th strip-search.
[quote]...some alternative form of loading data for a user...[/quote]
Yes, and I know just how to identify the people that want this. Add a radio button in the settings menu:
Action for when Steam backend doesn't respond: [ ] Disconnect from server [ ] Use private key
[quote]...serious problem...[/quote]
In the context of a game where the goal is to have fun, anything that impedes "fun" is a serious problem. Blah-blah-persistent data-blah-blah.
[quote]private key is compromised, it’s game over[/quote]
[ ] Disconnect from server
If they can't handle a key, can they handle a password? We've addressed the issue of read/write exploits, it just requires assistance from garry.
[quote]from [b][i]every[/b][/i] server[/quote]
(Emphasis mine)
If the servers have to store a public key for every client, why not make the client store a public and private key for every server? How can we protect this from attack? The server needs its own public/private key to authenticate itself to the client. We already do this every time we log on to Gmail. To our bank's website. To the php script that one 12-year old programmed a month back in his spare time.
[quote]disastrous worst case scenario[/quote]
[code]codybarz: is admihn on?
supershake: yep.
codybarz: can i haz my stuff back i gt hacked
supershake: how?
[/code]
codybarz got his stuff back and grew up to be a veternarian. He learned a valuable lesson about keeping his passwords safe.
[quote]source engine mechanisms for data access[/quote]
...I thought the Steam backend was made for anti-piracy and banning people?
[quote]an alternative storage solution can be gleaned[/quote]
I like solutions.
[quote]still significant[/quote]
Addressed above. Yay, parallel response.
[quote]up to two minutes[/quote]
*eats desk*
[quote]Alternative:[/quote]
But what if the player uses their bank or e-mail password? The addon would need to implement a system of public/private keys on the server. To prevent people that use their e-mail password from being suspect to packet sniffing, the client would need to encrypt their password before transmission and salt it to prevent replay attacks. And assuming the Source engine is susceptible to read/write exploits, the server would need to salt all its passwords.
[quote]keep track of[/quote]
Wait, fuck, what if the server is impersona...oh, right, wait, what, fuck, yeah, what, oh, right
Yeah, the Client will be responsible for determining if the server they've connected to is legitimate. Perhaps the client should keep a key file of the servers it has authenticated with in the past.
Wait, [highlight]fuck[/highlight]. What if an impersonating server or a server working with the impersonating server alters a client's key file before the client inspects it? Then the client's security depends solely on the user... Remember the thing about read/write exploits? This would require garry's assistance to fix.
Perhaps we don't need a key file for this...but...
If a user isn't smart enough to keep their key file safe, are they smart enough to figure out that "Official GMT Lobby" is not the official GMOD Tower Lobby?
[quote]implement it right now[/quote]
Your first homework assignment is to implement SHA-256 in Lua. Here's a serializer script to get you started (ripped from Joystick module):
[lua]
local serials = string.Explode("",[[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz,.<>?:[]{}\|1234567890-=!@#$%^&*()_+]])
local deserials = {}
for k,v in pairs(serials) do
deserials[v] = k
end
//88 chars
//6 bits
//64 used up to \+|, 1+2 not used
genBuffer = {}
genSerialize = function(a,b,c,d,e,f)
//Input:
// 0 thru 64 //Although this is technically 7 bits, I like having things center (g, or 33, is center)
// or
// bool,bool,bool,bool,bool,bool
if tonumber(a) then
if a < 0 then
error("Integer greater than or equal to 0 expected.")
elseif a > 64 then
error("Integer less than or equal to 64 expected.")
end
return serials[a+1]
else
//Six bools
local out = 0
if a then
out = out + 1
end
if b then
out = out + 2
end
if c then
out = out + 4
end
if d then
out = out + 8
end
if e then
out = out + 16
end
if f then
out = out + 32
end
return serials[out+1]
end
end
genDeSerialize = function(n,bool)
local cur = deserials[n]
if not bool then
return cur
else
cur = cur-1
//Six bools
local a,b,c,d,e,f
//Little-endian format
f = cur-32 >= 0
cur = cur%32
e = cur-16 >= 0
cur = cur%16
d = cur-8 >= 0
cur = cur%8
c = cur-4 >= 0
cur = cur%4
b = cur-2 >= 0
cur = cur%2
a = cur-1 >= 0
return a,b,c,d,e,f
end
end
[/lua]
[quote]Very few users are familiar with removing public keys that belong to a compromised keypair.[/quote]
Make a "Reset Password" button! Reset data! Unbeknownst to the client, the reset only assigns them a new key, and access to/deletion of their compromised data is only revoked/performed once the Steam backend verifies that they own it.
[quote]change in how data is stored[/quote]
Yes. But if you deal in multiple logins (for spoofers creating accounts), then your idea does this too.
[quote]evenly[/quote][quote]installed[/quote]
Yes.
[quote]Even if a user’s password were compromised[/quote]
Which could be a bank password.
[quote]access[/quote]
Yes, but when quantified to GMOD. People like to use [quote]the same password[/quote]. Many people that would give away their password probably fall into that category as well. Swap password with key and re-read.
[quote]neither of us will be in charge[/quote]
Think like an amicus brief or whatever.
[quote]Wow, this post ended up a lot longer than I intended.[/quote]
It kind of makes you all warm and fuzzy inside.
[QUOTE=|FlapJack|;24493383]Got past mine or still stuck with the extreme obfuscation?[/QUOTE]
Hes still trying to get past mine :V
[Warning] Baconbot Detected > Àvàster > STEAM_0:0:31211320 > 71.142.63.194:27005[ 27005 ] >
I know this is unrelated, but why do people such as ComWalk and VoiDeD go through Avaster to sell their hacks when they can cut him out of the picture and make loads more revenue. It's silly tbh.
[QUOTE=Adamm;24509531]Hes still trying to get past mine :V
[Warning] Baconbot Detected > Àvàster > STEAM_0:0:31211320 > 71.142.63.194:27005[ 27005 ] >
I know this is unrelated, but why do people such as ComWalk and VoiDeD go through Avaster to sell their hacks when they can cut him out of the picture and make loads more revenue. It's silly tbh.[/QUOTE]
Think of the people who buy it? By having Avaster they don't have to deal with support and public relations.
There was a huge 5 page reply to night-eagle here but this is enough of a derail that it's been taken to PMs. If you really, really care PM me or something.
Well, as of revision 301 of the gmodgame repository all the functions necessary to do this will be a part of garrysmod so a quickly hacked gatekeeper will no longer be required.
The use of the fix posted in the op can be replaced with (roughly) the following after the update:
[lua]
hook.Add("PlayerInitialSpawn", "antitranq", function(ply)
timer.Simple(10, function()
if not IsValid(ply) then return end
if not ply:IsFullyAuthenticated() then
ply:Kick("SteamID validation failed (timeout)")
end
end)
end)
[/lua]
That code should work without modifications once the update is live and is a good starting point for any customizations to it you'd like to make on your own, though I haven't tested it.
The only real 'gotcha' is that this doesn't cope at all with disconnections from the backend; for the duration of the disconnection all newly connected players will be kicked. This already happens in some cases with the fix in the OP (to be specific: if you're disconnected from the backend and change the level, the fix in the op assumes you are connected and kicks players accordingly even though no connection exists), but with this proper garrysmod solution it will always be the case (the game isn't notified of backend disconnections).
Proof that Serenity 2.5 is out.
[url]http://img831.imageshack.us/img831/8168/serenity25program.png[/url]
I had a screen longer before, Avaster didn't want that I post it.
Apparently, I'm on his "Shitlist" so I don't mind posting it.
I'm also banned from the Simplex forums but that won't stop me >:)
[QUOTE=Awakened;24513412]Proof that Serenity 2.5 is out.
[url]http://img831.imageshack.us/img831/8168/serenity25program.png[/url][/QUOTE]
Seeing my server in that list makes me feel loved. Also I swear someone else posted the exact screenshot.
Also it seems whoever was DDOSing his webserver stopped, what a shame !
[QUOTE=Adamm;24513547]Seeing my server in that list makes me feel loved. Also I swear someone else posted the exact screenshot.
Also it seems whoever was DDOSing his webserver stopped, what a shame ![/QUOTE]
I got it from the Simplex Hacks forums.
Proof that any idiot with access to a packet analyzer and programming language compiler / interpreter can do it:
[url=http://imgur.com/C3MoT.png]Huge Image 1[/url]
[url=http://imgur.com/rFYte.jpg]Huge Image 2[/url]
My UI may not be as flashy, but oh well.
q3k now go and sell it and buy a camera too. lol.
[QUOTE=Ideal-Hosting;24517231]q3k now go and sell it and buy a camera too. lol.[/QUOTE]
Nah, I'm not that kind of person.
[QUOTE=q3k;24517521]Nah, I'm not that kind of person.[/QUOTE]
It was a joke, and why would he buy a camera...?
[QUOTE=Awakened;24518632]It was a joke, and why would he buy a camera...?[/QUOTE]
I know it was a joke, but it was also an excellent moment for me to say I am against selling cheats. I would probably release this one publicly, but I don't want to unleash hell.
And the camera part was there because our favourite script kiddie got himself a camera for all the money he got of other script kiddies that bought.
I'd wait until the gmod update mentioned above is sent out before releasing.
What Lexic said. This needs to abused to hell and back to make server owners aware of the new code.
[QUOTE=ComWalk;24513154]Well, as of revision 301 of the gmodgame repository all the functions necessary to do this will be a part of garrysmod so a quickly hacked gatekeeper will no longer be required.
The use of the fix posted in the op can be replaced with (roughly) the following after the update:
[lua]
hook.Add("PlayerInitialSpawn", "antitranq", function(ply)
timer.Simple(10, function()
if not IsValid(ply) then return end
if not ply:IsFullyAuthenticated() then
ply:Kick("SteamID validation failed (timeout)")
end
end)
end)
[/lua]
That code should work without modifications once the update is live and is a good starting point for any customizations to it you'd like to make on your own, though I haven't tested it.
The only real 'gotcha' is that this doesn't cope at all with disconnections from the backend; for the duration of the disconnection all newly connected players will be kicked. This already happens in some cases with the fix in the OP (to be specific: if you're disconnected from the backend and change the level, the fix in the op assumes you are connected and kicks players accordingly even though no connection exists), but with this proper garrysmod solution it will always be the case (the game isn't notified of backend disconnections).[/QUOTE]
It's arbitrary and Draconian. Although that is how I sometimes run my servers, I don't think it should be the standard.
It's arbitrary because for factors uncontrollable by the player: It can take 2 minutes to authenticate. Longer authentication times can "follow" a legitimate player, and they can be locked out of persistent data. I really don't think we should kick players like this since Valve tried to avoid kicking players with the system we're using...to do this.
Valve must have realized that their system is significantly unreliable and that kicking players so frequently would cause a fuss.
[lua]_R.Player.IsOldAdmin = _R.Player.IsAdmin
function _R.Player:IsAdmin()
return self:IsFullyAuthenticated() and self:IsOldAdmin() or false
end[/lua]
If you don't want to kick someone, for whatever reason.
[QUOTE=|FlapJack|;24519397]What Lexic said. This needs to abused to hell and back to make server owners aware of the new code.[/QUOTE]
I'll gladly make a n00b-proof utility to help accomplish that :v:.
[QUOTE=|FlapJack|;24520011][lua]_R.Player.IsOldAdmin = _R.Player.IsAdmin
function _R.Player:IsAdmin()
return self:IsFullyAuthenticated() and self:IsOldAdmin() or false
end[/lua]
If you don't want to kick someone, for whatever reason.[/QUOTE]
But how do we restrict spoofers?
[QUOTE=Night-Eagle;24520376]But how do we restrict spoofers?[/QUOTE]
IsFullyAuthenticated is powered by the GSClientApprove_t callback so it's not generally going to be spoofed. There aren't any good alternatives right now; you can either be very lax and only protect privileged stuff from spoofing or you can be a draconian jerk and eject everybody who doesn't authenticate quickly
One thing I forgot to mention when I talked about following certain people around: it was affecting the same user for periods of around five minutes. It's not like this had a habit of happening for days on end to the same peple.
You are correct, it can be a pain, but it's the best solution we have at the moment and the best one that can be made with what we currently have at hand. This shouldn't be the standard, but I'm only providing the code to show what needs to be done. Anybody who doesn't want the draconian solution can adapt it to suit their needs.
The one remaining flaw is protecting against the edge case where the attacker uses the ticket so quickly that a new token has't been generated causing a GSClientApprove_t to be issued where it shouldn't be. We will need to wait for Steam to get a backend update to stop this.
[QUOTE=ComWalk;24523667]Anybody who doesn't want the draconian solution can adapt it to suit their needs.[/QUOTE]
Can?
Anybody *wanting* to not use a Draconian solution [i]can[/i] write a module that stores and secures a list of keys for server verification and authentication, then force every client to trust and download an extra module to implement said system? Or, could they just restrict clients' abilities to the point where ban-averting griefers can do no damage?
Are you implying that I can distribute said module? Or did you just want me to implement GeoForts with a 5-minute no-fort-building/dismantling rule. I think the latter is rather arbitrary, but then again, I can't write and distribute said module to every client. So which is it?
Keep in mind that we can't send the client a hashing algorithm in Lua. A malicious server could override the call and just implement a 1:1 hash. There goes your password.
[quote]at the moment[/quote]
And I don't have a problem with that. There is no other way without distributing clientside binaries at the moment, and I don't think I see anyone in this thread that disagrees with this sentiment, so lay out a standard and take a vote on it. But is this a permanent measure or a temporary kludge?
[QUOTE=Night-Eagle;24527840]Can?
Anybody *wanting* to not use a Draconian solution [i]can[/i] write a module that stores and secures a list of keys for server verification and authentication, then force every client to trust and download an extra module to implement said system? Or, could they just restrict clients' abilities to the point where ban-averting griefers can do no damage?
Are you implying that I can distribute said module? Or did you just want me to implement GeoForts with a 5-minute no-fort-building/dismantling rule. I think the latter is rather arbitrary, but then again, I can't write and distribute said module to every client. So which is it?
Keep in mind that we can't send the client a hashing algorithm in Lua. A malicious server could override the call and just implement a 1:1 hash. There goes your password.
And I don't have a problem with that. There is no other way without distributing clientside binaries at the moment, and I don't think I see anyone in this thread that disagrees with this sentiment, so lay out a standard and take a vote on it. But is this a permanent measure or a temporary kludge?[/QUOTE]
This has never been more than a temporary solution until spoofing is fixed, that's covered in the OP. That's why this thread exists, and that's what the code I've implemented is there to fix. My code is a much simpler implementation of the code in the OP, and nothing more.
Guess what the most common use of the steamid spoofing is? It's ban evasion. Guess what my code exists to address? Ban evasion, and nothing else. This is a drop-in solution that people can use until the issue is addressed by Valve. Yes, it will hit some innocent players, but the people using the fix have decided that its preferable to being unable to ban people, and it's their decision to make.
I don't care what you do with GeoForts; this solution is optional for a reason. A lot of people find the ban evasion a huge pain to deal with and I'm giving them a way to cope with it without making changes to their gamemodes.
Let me rephrase my position: if you want to do more than restrict gameplay to players who can be verified by the backend until it gets fixed, roll your own solution.
-snip-
[QUOTE=Night-Eagle;24527840]Keep in mind that we can't send the client a hashing algorithm in Lua. A malicious server could override the call and just implement a 1:1 hash. There goes your password.[/QUOTE]
And since when could you not write hashing algorithms in pure lua?
So, this is going to be released? Aw..
Sorry, you need to Log In to post a reply to this thread.
