"Relay" and Graal
 

Unholy Nation has been having a lot of trouble with cheaters using Relay. We can't seem to get rid of them, they continuously come back, and insist on dropping what appears to be bombs that disconnect multiple players in a single level. Modifying attributes they shouldn't be able to, eg. setting a hat to their player, spawning EP or money, and even setting warps.

My question is, what are our options? How can we stop these cheaters from returning? How can we prevent new cheaters from exploiting this?

We've been trying to deal with it for a while now. Working on detection and making changes to prevent these cheaters from coming right back so quickly. But nothing seems to be working thus far.

Advice?

Keep adding new hack detection over and over as if a circle of life. You add new detection, they get around it, you add new, they get around it.

the problem with having just one set of detection and then trying to disconnect or server warp a relay user is that they can just block the packets from reaching the server

i find the best thing to do is have multiple sets of detection, and if one set finds that another set has been removed, crash the suckers client!

unholy nation however is in the unfortunate situation where someone can remove all weapons from themself (and thus detection) and still interact with the game fairly normally, i think it also has the disadvantage where it can not use the server option for disabling putbomb as it still uses default bombs?

ideally this would be tackled within a new client version

I guess there aren't many options for normal playerworld users except getting custom systems as jakov kinda suggested, but I'm not too sure as I'm more used to developing on the mobile servers and adding protections against hackers on there (including relay users)

let's put it this way: it's easy to track down most of the putbomb functions being called and just replace them with a custom one, the time would be worth it if it could stop causing troubles

Yeah, oldbies are going to hate it, but disabling default bombs and replacing them with custom ones is the way to go.

EDIT: If they're really spawning EP or Gralats, there's a security issue with one of the systems on the server. Best of luck tracking that down.

Thanks for the advice.

I've been told that these cheaters are using Testbed to test the cheats. Is there no whitelisting for Testbed?

I think this works on UC servers. Sadly, the player could simply change their internal IP on their router and in their host file, defeating the purpose. There's no real way to block against Relay users, as they'll always have the ability to change packets (including scripts), thus defeating many detection attempts.

Please note that I haven't coded in GS2 for about a year or two, so this code may not work. It's the general idea, however.

To sway the relay player away, it'd be best to hide this code in a weapon they wouldn't / couldn't block. For example, their display, a door, or something else.

I've been figuring a solution a few days ago which seems to work just fine. As I've been gone I couldn't test it any further but now that I'm back I'll continue my work :) already offered my help to some servers

similar versions are used by many servers, doesnt seem to help at all. maybe to filter out the players trying out relay the first time

if anybody wants to know how to go about crashing a relay users client rather than attempting to disconnect them, pm me

Email [email protected] if you don't find a solution. He came on my server and set up a full detection system. Works like a charm!!

The one you're having is mine btw :) Great to hear that it's working like a charm

^^^^^

Rep+ for an amazing system.

hello!

i have seen the detection being discussed here and think there is a chance for false-positives to occur, particularly when a player logs in to a server for the first time and has a slow machine, poor connection or there is a server lag spike

So far we havent experienced that

If such were to happen, they should redirect themselves to the support page for assistance. Or contact the server manager.

The support page is useless, especially since we don't have pwas

I find it quiet useful- assisted me throughout my problems I have had.

im glad if thats true but how can you be sure of this?

has every person that has triggered the detection on each server it was added to been proven decisively as a relay user, and not an unfortunate victim of a lag spike?

expecting players to go out of their way to get themself unbanned after a false-positive is ridiculous, certainly if i was new to the game and logged on to a server during a graal ddos attack and then got disconnected ~10 seconds later for "hacking", i would never log on to it again

plus many new players would in fact not immediately know how to contact support, and even older players would not necessarily know who is staff

Error message can be edited - it's just one way to help forcing the majority of relay users to enable clientside actions, the actual punishment is up to the server. The protection itself is barebone and every server needs to check on their own if and how they want to modify it

in that case i would recommend it as a warning method rather than a sure way of detecting relay

some other potential problems are that the ~10 seconds or so delay would not hinder those who drop client-crashing bombs, and any knowledgeable hacker would also be able to spoof a trigger to the server without actually having the relevant clientside actions enabled

If anything were to happen, im sure the script can be edited for prevention in the future.

to prevent the problems i am referring to you need a different method of detection altogether

Preferably, I'd rather not get my account banned as a player with relay has gone undetected and used the relay- all honesty, i'd rather have more people banned even if they didn't do it then having people go undetected, if people get banned on a server then by all means, contact the owner for assistance.

You won't agree but it's what I believe is reasonable.

would you believe it were reasonable if you logged on to a server for the first time with an unusually terrible connection and ended up getting disconnected and banned, while at the same time a knowledgeable hacker sends a spoofed trigger to the server to bypass the detection and goes un-noticed?

keep in mind that the vast majority of relay users can already be detected with 100% certainty using simple methods

I agree with jakov, It's just a bad experience to log onto a server for the first time and get banned.