News UnrealEd Files Mods FragBU Liandri Archives
BeyondUnreal Forums

Go Back   BeyondUnreal Forums > BeyondUnreal > Games > Unreal Tournament Series > Original Unreal Tournament

Reply
 
Thread Tools Display Modes
Old 19th Dec 2000, 09:33 PM   #1
thewalkingman
ssssssssssss bugger!
 
thewalkingman's Avatar
 
Join Date: Nov. 12th, 2000
Location: Quahog
Posts: 6,450
any clues when? how ?
Starting to become annoying psychological and competively.
__________________

Only IPv6 enabled browsers can see my posts
thewalkingman is offline   Reply With Quote
Old 19th Dec 2000, 09:51 PM   #2
garrett
dreaming lucidly
 
Join Date: Aug. 23rd, 2000
Posts: 1,227
probably give us a patch that messes something up
garrett is offline   Reply With Quote
Old 19th Dec 2000, 10:44 PM   #3
thewalkingman
ssssssssssss bugger!
 
thewalkingman's Avatar
 
Join Date: Nov. 12th, 2000
Location: Quahog
Posts: 6,450
Does cshp or instagib cause lag?
since I am force to play theses mutators....
__________________

Only IPv6 enabled browsers can see my posts
thewalkingman is offline   Reply With Quote
Old 19th Dec 2000, 11:00 PM   #4
Yellow5
Guest
 
Posts: n/a
Epic is busy working on Xbox stuff right now.

  Reply With Quote
Old 19th Dec 2000, 11:39 PM   #5
{950}Slayer|PuF
Master of the Paddle
 
{950}Slayer|PuF's Avatar
 
Join Date: Jul. 23rd, 2000
Location: Madison Wisconsin
Posts: 494
Nice to see you around here Y5!!

Nice picture there!! Very nice!!
__________________


{950}Slayer|PuF
visit us at http://www.clan950.org/ & http://www.myunreal.com/
{950}Slayer|PuF is offline   Reply With Quote
Old 20th Dec 2000, 09:04 AM   #6
JuiceEggsMcKenna
MC68060/50
 
Join Date: Aug. 31st, 2000
Location: Australia
Posts: 1,322
Quote:
Originally posted by thewalkingman
Does cshp or instagib cause lag?
since I am force to play theses mutators....
Nope they don't cause lag.

I don't know how well the petition was recieved (or maybe it's still open?) but I suspect Epic aren't going to do anything (directly) about the aimbot. I suspect breaking the 432 compatibility is just too much of a big no-no. Casual players could be more annoyed by that than the aimbot, and those of us who care are expected to seek out third-party (but supported) mutators.

Just my speculative opinion though; anything is possible.
__________________
Case took a pink handset from its cradle and punched a Hong Kong number from memory. He let it ring five times, then hung up. His buyer for the three megabytes of hot RAM in the Hitachi wasn't taking calls.
JuiceEggsMcKenna is offline   Reply With Quote
Old 20th Dec 2000, 09:38 AM   #7
Tetris L
Smartass
 
Tetris L's Avatar
 
Join Date: Feb. 15th, 2000
Location: Germany
Posts: 3,136
I think they'll continue to "leave it up to the community" (community = Mr.SiN) to fix the problem.
I don't think CSHP will be part of the next UT patch.
__________________
Tetris L The L-shaped Tetris Block, not the pansy 4x1 Block
Tetris L is offline   Reply With Quote
Old 20th Dec 2000, 09:43 AM   #8
Morety
The Farterator
 
Morety's Avatar
 
Join Date: Feb. 23rd, 2000
Location: Toronto
Posts: 12,237
You'd think that ngstats would at least support it and not place games played with it under the "Mod" headings. :/ That would certainly help Mr SiN, who can not receive enough kudos for his work and effort on CHSP.
__________________
]LoL[Morety|BuF

Morety is offline   Reply With Quote
Old 20th Dec 2000, 02:25 PM   #9
SimplyCosmic
ERGO. VIS A VIS. CONCORDANTLY.
 
Join Date: Dec. 25th, 1999
Location: Northeast Ohio
Posts: 6,311
Client side modifications have long been a problem with client-server based multiplayers games. Id's been working on the problem for a very long time and still hasn't come up with a "magic bullet" to prevent the cheats along the lines of "aimbots".

See, the problem is that this is something of an "arms race" between the cheaters and the anti-cheats.

When Quake client-side bots began to appear in ernest, there was a proposal to add the ability for a server to check for modified clients (the idea at the heart of "pure servers"), much like CSHP does currently. The problem is that the code monkeys went and created a client which returned false results fooling the server into thinking it was a clean client. So, better checksums were added, based on PGP encrpyption and whatnot. Again, the code monkeys responded with better exploits, inlcuding proxy bots which allow a clean client use aiming help. There was even talk about wild concepts like encrypting the connection to help prevent the proxy's, but this would come at a cost of bandwidth.

It's an extremely complicated battle, and very much similiar to the give and take war between (h)ackers and security professionals.

Unreal has been very lucky so far, in that the aimbot problem came about very late in the game (almost a year after release). The community is also very lucky that the bot is very unsophisticated and very easy to detect.

However, CSHP is already starting to crack as more sophisticated cheatbots are beginning to surface as the real war between the cheaters and anticheaters heats up.

Relying solely on one type of defense (CSHP) isn't going to rid the community of the problem, and even Epic jumping into the picture isn't going to help. It's going to take better software, as well as human alertness, to keep the problem controllable.

It will never completely go away.
__________________
.sig :: meisterplanet :: twitter :.
SimplyCosmic is offline   Reply With Quote
Old 20th Dec 2000, 03:27 PM   #10
usaar33
Un1337
 
usaar33's Avatar
 
Join Date: Mar. 25th, 2000
Location: Unknown
Posts: 808
nothing

they are going to do nothing. I've seen the e-mail. but ezteams v4 will come out soon with ultimate bot protection (only way to bypass will be some direct .u function hack or a c++ proxy).
even p0s will be stopped.
usaar33 is offline   Reply With Quote
Old 20th Dec 2000, 03:33 PM   #11
Kokensu
Fire in Ma Belly!
 
Kokensu's Avatar
 
Join Date: Jan. 4th, 2000
Location: Shut yo mouth!
Posts: 2,912
Red face

I wish Epic WOULD do something. But honestly is it really up to THEM? It's not their fault the bot is out. It's the community and the idiot cheaters in it that spawned the aimbot. I don't think it's Epic's responsibility to fix it in UT. They SHOULD try to prevent it in Unreal 2, but as it was said it's a war that will NEVER end. Somone will always come up with a cheat no matter how secure you make it.
__________________


Ignorance is bliss. Until you realize just how ignorant you are.
----------
"We are destined to gain knowledge from our wildest dreams, as deep as an ocean, as calm as a forest tree, my soul...is at last free...." - LTJ Bukem
Kokensu is offline   Reply With Quote
Old 20th Dec 2000, 03:33 PM   #12
Tack
Bomb Runner
 
Tack's Avatar
 
Join Date: Aug. 26th, 2000
Location: Monterey, CA
Posts: 203
Quote:
what is epic planning to do about aimbot?
The same thing that the French did about the Germans.

[DC]Tack


Tack is offline   Reply With Quote
Old 20th Dec 2000, 06:51 PM   #13
DrSiN
Registered User
 
Join Date: Mar. 11th, 2000
Posts: 31
Re: nothing

they are going to do nothing. I've seen the e-mail. but ezteams v4 will come out soon with ultimate bot protection (only way to bypass will be some direct .u function hack or a c++ proxy).
even p0s will be stopped.


Wanna bet? If ezt4 is Uscript based it can be bypassed, just as CSHP can be bypassed. The problem is we are trying to fix the hole in the Titanic. For each thing going for us, 10 things are going against us.

As for Epic and the "problem". The problem is it's not a real problem to them. Bots and hacks in reality affect maybe at best 5-10% of the people who own UT? It's more important to Epic to make sure the remaining 90-95% of the owners be able to go online and play anywhere without having to hunt down patches. I think this is a smart decision. This is why they have embraced CSHP. It's a small simple solution that takes only a few seconds to automatically replicate to a client.

Yes, I know. HL/CS and Q3 all force you to do the patch hunt and frankly, it sucks.

Morety

Actually NGStats is more than happy to support CSHP. It's a supported mod and new versions will be added when I need them too be.


DrSiN is offline   Reply With Quote
Old 20th Dec 2000, 07:03 PM   #14
optic_freeze
Frozen Solid
 
optic_freeze's Avatar
 
Join Date: Jul. 28th, 2000
Location: Somewhere In Time
Posts: 357
Exactly what the hell is this Aimbot I keep hearing about anyways??!

__________________



Soon, I discovered... that this 'rock' thing was true... Jerry Lee Lewis was the Devil... Jesus was an artitect previous to his career as a prophet... all of a sudden, I found myself in love with the world... so I found that there was only one thing that I could do... was ding-a-ding-dang my ding-a-long-ling-long... Jesus BUILT MY HOT ROD...



optic_freeze is offline   Reply With Quote
Old 20th Dec 2000, 10:30 PM   #15
usaar33
Un1337
 
usaar33's Avatar
 
Join Date: Mar. 25th, 2000
Location: Unknown
Posts: 808
ok...

an aimbot is a piece of code that sets the players viewrotation to face enemies. thus resulting in the player always aiming at the enemy and never missing.

DrSin, yes it can by bypassed, but only with a c++ program. why can't uscript hack it?

1. It actually looks for an unauthorized change of the viewrotation, not doing a foreach allactors scan on the client.
2. All tracking the data are defined as private (which makes it pretty damn hard to change :P). though set commands might bypass it, it is disabled client side on 432+, so just force clients to have 432+
3. To prevent source rips a fire texture will go in. It will be sent to the server as well as other stuff. Personally I don't think you can import firetextures directly (much less export them), thus it is immune. A hacked client would be missing the texture or have its properties screwed.

I challenge you, when it comes out, to break it. Really.

Oh it also stops message system hacking (i.e. use of broadcast and broadcastlocalized message client-side).
usaar33 is offline   Reply With Quote
Old 20th Dec 2000, 10:31 PM   #16
usaar33
Un1337
 
usaar33's Avatar
 
Join Date: Mar. 25th, 2000
Location: Unknown
Posts: 808
1 more thing.

I'd actually recommend that cshp is still used on servers. That way other cheats are mostly stopped (player lighting for one). This will just stop epic file hacking.
usaar33 is offline   Reply With Quote
Old 20th Dec 2000, 11:34 PM   #17
DrSiN
Registered User
 
Join Date: Mar. 11th, 2000
Posts: 31
Re: ok...

First let me say I wasn't trying to start a pissing match. I really hope DarkByte comes up with a magic Uscript solution. However don't expect me to even consider holding my breath.

And since you're not DarkByte and I love a good pissing match.. here..

an aimbot is a piece of code that sets the players viewrotation to face enemies. thus resulting in the player always aiming at the enemy and never missing.

1. It actually looks for an unauthorized change of the viewrotation, not doing a foreach allactors scan on the client.


That would all well and good, but A) Aimbots are the least trouble-some UScript hacks. I think the Flag Tracker is the worst, followed by enhanced huds and timers. You can physically SEE an aimbot. B) mathmatical solutions are easy to spoof. I assume you're talking about tracking the view rotation independant of the actual client and looking to see if changes fall within a tolerance. Of course.. nothing stops me from creating a bot that adds random jitter to keep it outside that tolerance. I looked in to this early on and this idea is the reason I built my aimbot. I decided not to go this route because it's too easy to bypass.

2. All tracking the data are defined as private (which makes it pretty damn hard to change :P). though set commands might bypass it, it is disabled client side on 432+, so just force clients to have 432+

I won't answer this as it gives too much information, but you can just throw this whole notion out the window.

3. To prevent source rips a fire texture will go in. It will be sent to the server as well as other stuff. Personally I don't think you can import firetextures directly (much less export them), thus it is immune. A hacked client would be missing the texture or have its properties screwed.

Man thanks for the chuckle, it's been a hard day here at work. There are so many things wrong with this idea. Let's just say I don't think you really understand how things are replicated/references in UT. This won't stop anything.

Actual textures are never replicated, only references to them so nothing stops me from creating a new texture called EZTeamsFireTexutre (or whatever you call it) and let it replicate the reference to you.

I challenge you, when it comes out, to break it. Really.

I won't need to. It took exactly 3 hours after CSHP became big before someone beat it (granted he was someone I trusted). You did it in how many hours? I don't need to break Darkbytes code. I'm fairly certain that CSHP cloaked cheats exist. Someone else will break EzTeams4.

I've said this 100x. CSHP isn't designed to stop cheating. That is impossible. CSHP is designed to stop WIDE SPREAD cheating. Frankly I don't really care of some elite uscript coder in some clan is cheating. I only care if he makes that cheat available to everyone.

Luckily for UT at least.. until WarDog (or some other moron in CaF) released the funbot to the net, the cheaters were keeping things close to the vest.

Oh it also stops message system hacking (i.e. use of broadcast and broadcastlocalized message client-side).

Groovy.. lot of people taking about this one. Haven't really gotten a chance to look at it yet.

I'd actually recommend that cshp is still used on servers. That way other cheats are mostly stopped (player lighting for one). This will just stop epic file hacking.

Unless you're doing a DLL solution, this will do nothing to stop file hacking. And if you do do a DLL solution, kiss off Linux and Mac players. At best this would help detect aimbots.
DrSiN is offline   Reply With Quote
Old 21st Dec 2000, 12:03 AM   #18
thewalkingman
ssssssssssss bugger!
 
thewalkingman's Avatar
 
Join Date: Nov. 12th, 2000
Location: Quahog
Posts: 6,450
catch my drift

Could you make cshp(or variant) a new download everytime you log in and make it a different version from the last time played?
__________________

Only IPv6 enabled browsers can see my posts
thewalkingman is offline   Reply With Quote
Old 21st Dec 2000, 12:28 AM   #19
usaar33
Un1337
 
usaar33's Avatar
 
Join Date: Mar. 25th, 2000
Location: Unknown
Posts: 808
Lightbulb hehehe. sorry man you didn't beat me, partially not fully

first of all ezteams v4 isn't just about security. It also will support stuff like client-side skin setting (where the server won't need the skin/model for clients to use it).
and darkbyte's cool admin interface.

now I'll take the liberty of rebuting some of your statements:

Quote:
That would all well and good, but A) Aimbots are the least trouble-some UScript hacks. I think the Flag Tracker is the worst, followed by enhanced huds and timers. You can physically SEE an aimbot. B) mathmatical solutions are easy to spoof. I assume you're talking about tracking the view rotation independant of the actual client and looking to see if changes fall within a tolerance. Of course.. nothing stops me from creating a bot that adds random jitter to keep it outside that tolerance. I looked in to this early on and this idea is the reason I built my aimbot. I decided not to go this route because it's too easy to bypass.
flag tracker? what the hell? that some drawportal or just a vector readout? Either way it'll be pretty damn hard to know exactly where it is. Hmm, I play more RA than CTF though, so I don't care :P. enhanced huds? like aimtrainer shoved in a console? uh, ok. and timers? ok. that's cool. how can you read destruction of inv items though???? oh well. play RA, like me Personally I like player lighting. The average person will get a 1% increase in FPH. and no, it has no tolerance stuff. What DB is doing is checking validy of the mouse inputs. simple state and location checks fix problems accociated with redeemer, teleporters, and respawing. I suppose you could fake the mouse axes, but that would be damn hard to do.

Quote:
I won't answer this as it gives too much information, but you can just throw this whole notion out the window.
I said it was vulnerable right? It just will stop all but the most experienced uscript hackers.

Quote:
Man thanks for the chuckle, it's been a hard day here at work. There are so many things wrong with this idea. Let's just say I don't think you really understand how things are replicated/references in UT. This won't stop anything.

Actual textures are never replicated, only references to them so nothing stops me from creating a new texture called EZTeamsFireTexutre (or whatever you call it) and let it replicate the reference to you.
Uh, duh! I've read Sweeny's docs. It's obvious as well (or you'd have connection data in the 5 meg + range). Nothing stops you? Hmm... lets add a fire texture in Ued. let's save. Oh no, now I get version mismatches! doesn't that suck? lets see, there is also no way to DIRECTLY import firetextures. You could do a package import, but then (assuming those guid's for classes actually work. I REALLY hope they do) the guid is changed for the class. Besides I'm sending the pallette too. (that's the reference, k!) I suppose you could crack it, but all I could say is that it would take forever and demonstrate that someone (the person who bypasses it) really doesn't have much of a life....

Quote:
I won't need to. It took exactly 3 hours after CSHP became big before someone beat it (granted he was someone I trusted). You did it in how many hours? I don't need to break Darkbytes code. I'm fairly certain that CSHP cloaked cheats exist. Someone else will break EzTeams4.
I'm sure they will. but everyone is getting po'ed at p0s. here's some nice defense against him. Oh and seeing that I never even heard of cshp for at least 12 days after it was released, I don't think the time factor has to do with anything (and I had no motive until I was kicked and banned due to oldskool).

Quote:
Unless you're doing a DLL solution, this will do nothing to stop file hacking. And if you do do a DLL solution, kiss off Linux and Mac players. At best this would help detect aimbots.
can dll's even be sent, like ut packages? no I'm not. that's why it would really be nice if epic added the checksum. It will do nothing? It will contain it for a couple of hours
usaar33 is offline   Reply With Quote
Old 21st Dec 2000, 04:06 AM   #20
DrSiN
Registered User
 
Join Date: Mar. 11th, 2000
Posts: 31
Re: no actually I did..

I'm tired and it's late so I'll be quick.

flag tracker? what the hell? that some drawportal or just a vector readout? Either way it'll be pretty damn hard to know exactly where it is. Hmm, I play more RA than CTF though, so I don't care :P. enhanced huds? like aimtrainer shoved in a console? uh, ok. and timers? ok. that's cool. how can you read destruction of inv items

A flag tracker gives you the location of both FC's at all time. It makes it really easy to find them. Kinda like Radar. As for the huds.. yea.. like AimTrainer. Here's an example from a cheat I've seen. It places a target retucle (sp?) around each player, combo and redeemers. It also changes the retucle when a combo shot is in a kill range. Oh, and because of the way replication works, you get a 1-6 seconds of see through wall time as well.

What DB is doing is checking validy of the mouse inputs. simple state and location checks fix problems accociated with redeemer, teleporters, and respawing. I suppose you could fake the mouse axes, but that would be damn hard to do.

So he's swapping to a new playerpawn. Interesting idea but still doesn't matter. If he's checking client-side it's 100% bypassable and if he's checking server side it's not accurate.

I said it was vulnerable right? It just will stop all but the most experienced uscript hackers.

Actually, this doesn't take much experiance to stop unfortunately.

Nothing stops you? Hmm... lets add a fire texture in Ued. let's save. Oh no, now I get version mismatches!
doesn't that suck?


See, you've lost yuorself. you have a version mismatch error until you conform the package. Then it doesn't matter anymore. GUID's are package based, not class based.

I can decompile your source and rebuild it. As long as I put any fire texture in there with the same name, the server will think it's right.

I'm sure they will. but everyone is getting po'ed at p0s. here's some nice defense against him. Oh and seeing that I never even heard of cshp for at least 12 days after it was released, I don't think the time factor has to do with anything (and I had no motive until I was kicked and banned due to oldskool).

I was kind of refering to how long it took when you decided to do it. I know people are ticked at POS. If I had time I'd stop him. I know how he's getting past CSHP and I'll close that particualar hole in the next release.

can dll's even be sent, like ut packages? no I'm not. that's why it would really be nice if epic added the checksum. It will do nothing? It will contain it for a couple of hours

No, but a dll is a possible solution for Clans where they don't mind pre-installing something. But it rules out linux and mac servers and players.
DrSiN is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 01:37 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Copyright ©1998 - 2012, BeyondUnreal, Inc.
Privacy Policy | Terms of Use
Bandwidth provided by AtomicGamer