[QUOTE=sebi99;34212499]what if player stood behind a wall with small hole in it.[/QUOTE]
Plug the hole.
[QUOTE=Nexus435;34212662]You just had a huge contradiction in that post. Clientside prediction of bullet spread uses a pseudorandom generated from the seed received in CUserCMD.[/QUOTE]
What if you sent the clients a fake spread amount and kept the real one only for the server? Might look screwy, but they shouldn't be able to predict without knowing the proper spread angle.
[QUOTE=Cardcapture1;34216596]What if you sent the clients a fake spread amount and kept the real one only for the server? Might look screwy, but they shouldn't be able to predict without knowing the proper spread angle.[/QUOTE]
That should work. In fact, it might even be possible to do with gm_sourcenet3 - all you have to do is replace the seed in CUserCMD with a random number.
[QUOTE=ethile_2;34210726]Still acting like you know what you're talking about..
Children never learn.[/QUOTE]
I'm not sure if you are out to get me, or what, but that is exactly how he does it. Try and prove me wrong.
[QUOTE=Aide;34206761]I doubt this statement. Even if you spoof your leaving a trail.[/QUOTE]
It's near impossible to have something client sided that you cannot spoof.
[lua]
local old_gt=hook.GetTable
local old_gi=debug.getinfo
function hook.GetTable()
//filter results here
return //said results
end
function debug.getinfo(func,what)
if type(func)=="function" then
if func==hook.GetTable then
return old_gi(old_gt,what)
elseif func==debug.getinfo then
return old_gi(old_gi,what)
end
end
return old_gi(func,what)
end
[/lua]
[QUOTE=Cushie;34229365]Last one decided to use Devnull.[/QUOTE]
"dsl-185-141-48.dynamic.wa.co.za"
Home address.
[QUOTE=Cushie;34229365]Last one decided to use Devnull.[/QUOTE]
oh god why
I can confirm I had sethhack until Seth removed my access, because the sole reason I bought it, was to have an anticheat made for my server (that got DDoSed out of existence)
why am I on that list
[QUOTE=Maagiline;34240861]oh god why
I can confirm I had sethhack until Seth removed my access, because the sole reason I bought it, was to have an anticheat made for my server (that got DDoSed out of existence)
why am I on that list[/QUOTE]
Because you used SH on another server that detects it ;p ?
Best thing you can do to defeat DevNull is host a server in a DC and get a nice little software firewall that detects the packets then send an email to the DC asking them to block the incoming stuff at the ISP level, most DCs will comply with this and have the ability to. I know this as I work at a DC and we've had requests of this type of thing, not directly DevNull yet xD
[QUOTE=Maagiline;34240861]oh god why
I can confirm I had sethhack until Seth removed my access, because the sole reason I bought it, was to have an anticheat made for my server (that got DDoSed out of existence)
why am I on that list[/QUOTE]
As its says you were one of the first people picked up :v: Afaik you joined and left shortly after.
-snip-
[QUOTE=frosty802;34245029]Because you used SH on another server that detects it ;p ?
Best thing you can do to defeat DevNull is host a server in a DC and get a nice little software firewall that detects the packets then send an email to the DC asking them to block the incoming stuff at the ISP level, most DCs will comply with this and have the ability to. I know this as I work at a DC and we've had requests of this type of thing, not directly DevNull yet xD[/QUOTE]
A software firewall isn't going to do anything, might as well pop off wireshark every few minutes to record an interval of inbound packets and ask them to block specific source ports if possible, but you'll be lucky to find a host who will be willing to block thousands of random source ports without a nice monthly price.
You would need physical layer filtering to deal with an attack of that magnitude either way, no offense but if you worked at a datacenter you would know that portions are generally leased and the clients that lease them rarely have any clue what they're doing at a physical layer, and even if they did, they wouldn't do it for your standard dedicated/colocated machine contract.
And if you're not lying about working in a datacenter, you're working for a reseller whose name would be nice because my community gets attacked with 2-5gigabit attacks every 2 weeks, and smaller attacks in between, if you can offer that kind of service at a physical layer, hell I'm on board.
[QUOTE=Cushie;34247797]As its says you were one of the first people picked up :v: Afaik you joined and left shortly after.[/QUOTE]
oh, that might have been me seeing if it works :/
Just thought of something for an anticheat..
[lua]
function hook.Call(type,gm,...)
local tbl=hook.GetTable()[type]
for k,v in pairs(tbl) do
//calling non-sense
end
end
//check hook.GetTable for hooks you don't like
[/lua]
This way you can spoof hook.GetTable's results all you want, but it's gonna suck when you want that hook called..
[QUOTE=rokrox;34271255]A software firewall isn't going to do anything, might as well pop off wireshark every few minutes to record an interval of inbound packets and ask them to block specific source ports if possible, but you'll be lucky to find a host who will be willing to block thousands of random source ports without a nice monthly price.
You would need physical layer filtering to deal with an attack of that magnitude either way, no offense but if you worked at a datacenter you would know that portions are generally leased and the clients that lease them rarely have any clue what they're doing at a physical layer, and even if they did, they wouldn't do it for your standard dedicated/colocated machine contract.
And if you're not lying about working in a datacenter, you're working for a reseller whose name would be nice because my community gets attacked with 2-5gigabit attacks every 2 weeks, and smaller attacks in between, if you can offer that kind of service at a physical layer, hell I'm on board.[/QUOTE]
Well its UK based, started out as a DSL provider back in the dial-up age (good times). Since 2006 we have our own DC and to any colo person or client that required dos migration then we do it. I merly said a nice software firewall to log the packets such as wireshark as it costs more to have a hardware firewall in a DC (U charges).
If your interested PM myself I can hook you up with the sales team, we have put stuff in our DC or our private section at various DCs around london (to name a few Telehouse, Telecity, (one at heathrow forget its name).
We used to provide collocation for a company called "Peer 1" until December 2011 when they built there own DC in the UK, during that time they had about 30racks 10 of which were full of nvidia GPU powered servers (huge power draw and heat lol) which were dealing with EA systems during the release of their latest games. Our prices are slightly higher but we allocate way higher power to each server than others do.
I hope that answers your questions and any doubts ;p
Wouldnt it be possible for Garry to add versions of those functions which are protected and cant be overwritten?
That way even if they were spoofed, anticheats could just use the protected version.
[QUOTE=Cushie;34308080]Wouldnt it be possible for Garry to add versions of those functions which are protected and cant be overwritten?
That way even if they were spoofed, anticheats could just use the protected version.[/QUOTE]
Why has this never been done?
[QUOTE=Cushie;34308080]Wouldnt it be possible for Garry to add versions of those functions which are protected and cant be overwritten?
That way even if they were spoofed, anticheats could just use the protected version.[/QUOTE]
In Lua, functions are stored in plain old variables just like any other data type. Read-only variables are impossible (unless you use some metatable magic, but even then there are ways around it).
[QUOTE=thomasfn;34308198]In Lua, functions are stored in plain old variables just like any other data type. Read-only variables are impossible (unless you use some metatable magic, but even then there are ways around it).[/QUOTE]
Can he not do it in the same way that keywords like if, then, do, and, or, etc are protected?
[QUOTE=Drakehawke;34308257]Can he not do it in the same way that keywords like if, then, do, and, or, etc are protected?[/QUOTE]
Binary module would easily override it; meaning the anticheat developer is out of luck; while the cheater can cheat.
[QUOTE=Drakehawke;34308257]Can he not do it in the same way that keywords like if, then, do, and, or, etc are protected?[/QUOTE]
Doing so would be impossible without changing how most of the internals of Lua work. The amount of effort is not worth the benefit, plus it will make adding new bindings more difficult.
[QUOTE=Bawbag;34308291]Binary module would easily override it; meaning the anticheat developer is out of luck; while the cheater can cheat.[/QUOTE]
Binary modules can't change how Lua works. Not without alot of detouring and such, but even that would trigger VAC.
It was just a thought, annoying that there is no way to copy functions if the cheat loads before.
package.loaded.concommand = nil
require("concommand")
forcibly reload the package at autorun
[QUOTE=Cushie;34308522]It was just a thought, annoying that there is no way to copy functions if the cheat loads before.[/QUOTE]
If the cheat loads before and it modifies a function, there is no way for a script afterwards to tell if the function was modified or not, as long as the cheat covers it's tracks. The only way is to have your anti-cheat load before the cheat, or block the cheat from loading entirely.
[editline]20th January 2012[/editline]
[QUOTE=DylanWilson;34308710]package.loaded.concommand = nil
require("concommand")
forcibly reload the package at autorun[/QUOTE]
And what's stopping the cheat from overriding require?
[QUOTE=thomasfn;34308436]Binary modules can't change how Lua works. Not without alot of detouring and such, but even that would trigger VAC.[/QUOTE]
Seen as garry never flags anything detected as a cheat (with the exception of baconbot); I highly doubt it.
[editline]20th January 2012[/editline]
Plus you can vtable hook it and VAC would be none-the-wiser.
[QUOTE=thomasfn;34308836]And what's stopping the cheat from overriding require?[/QUOTE]
be a dick and put gamemode functions in the concommand module
you no let me require, I no let you see chat
[QUOTE=DylanWilson;34309519]be a dick and put gamemode functions in the concommand module
you no let me require, I no let you see chat[/QUOTE]
Please make an anticheat I need a good laugh
[QUOTE=DylanWilson;34309519]be a dick and put gamemode functions in the concommand module
you no let me require, I no let you see chat[/QUOTE]
Still, I could override require, tell it to require the concommand module as normal, then override the new concommand functions it just loaded with my own.
For a Lua-based anticheat to properly work, it needs to load before the cheat, and it needs to override [i]any[/i] function which could potentially bypass the anticheat or do any sneaky stuff. This includes pretty much most globals, the debug library etc. And there will still be a sneaky way to bypass the anticheat which the author missed.
Best way to not get yourself ddosed and your anticheat patched is to simply flag SteamIDs and manually ban people either after they leave or while they are in the server for breaking whatever rules that they most likely will (99% of them have no recoil on and dont toggle off if you spectate them, its so easy to see)
If you go ahead and ban some kiddy with the reason 'Sethhack', he is just gonna come back and try to show you who is 'boss'. Out of the 60+ SteamIDs I put a page or two ago, only the very latest one actually hit us with Devnull, and guess what? I banned him with the reason Sethhack.
Sorry, you need to Log In to post a reply to this thread.
