Cheat Windows

[Stowen]

Is there a way I can detect if a player has a hacking tool open? I know there is this for server options, but im not quite sure it works:

NPC Code:

---

cheatwindows=GraalRelay,Relay6,Relay,CheatEngine,A  rtMoney,DeadGraal

---

I guess what I am trying to ask, is there a scripting command I can use to detect specific programs being open? I'm trying to script a detection system for a server. We all know Relay injects packets/weapons to the client. Also, is there a command that would be helpful to find out if a weapon has been injected?

[cbk1994]

No, you can't see what programs a person has open. In theory you can use cheatwindows (may or may not still work, I know Stefan added a global list a while back) but in reality it's a waste of time because recent tools will easily evade this.

Look at a player's list of weapons (clientside). Are there weapons you don't recognize and that aren't from Login? There are plenty of other ways to inject code, though, so don't waste your time here either.

[scriptless]

Quote:

Originally Posted by cbk1994

No, you can't see what programs a person has open. In theory you can use cheatwindows (may or may not still work, I know Stefan added a global list a while back) but in reality it's a waste of time because recent tools will easily evade this.

Look at a player's list of weapons (clientside). Are there weapons you don't recognize and that aren't from Login? There are plenty of other ways to inject code, though, so don't waste your time here either.

You can add weapons that aren't on the server?? I did not know this. I know many ways to "cheat" graal. What's funny is Cheat Engine has the capability of editing the window title of itself.. so it's pretty much not detectable if you don't want it to be.. while opening a folder named "Cheat Engine" or a webpage, that uses that title.. could screw you over royally.. We used to link people in PM's to websites with those titles just to DC them.. lmao.. gotta love Stefans support for abusive technology. Tho it's been many years... 2 or 3 since we did that.. I know just the other day I opened OllyDbg and graal closed on me.. o_o all I wanted to do was open the RC with it and dig around to figure out the error I was having with the font being displayed as rectangles instead of actual text.

Back on topic of preventing hacking.. you can impliment many checks.. like if a players distance has moved to much in too short of a time they are more then likely speed hacking.. you could log it and keep an eye on them.. also, you could or should log triggeractions that could be abused since people cannot inject serverside code but clientside code and trigger those actions still.. it really depends on your server, how things work, and what your trying to do as to how to help cut down on hacking.

[Crono]

Quote:

Originally Posted by scriptless

You can add weapons that aren't on the server??

Yeah, downsider uses Era weapons on Zodiac. @_@

[scriptless]

Quote:

Originally Posted by Crono

Yeah, downsider uses Era weapons on Zodiac. @_@

How? o.O I can't think of any way possible to have weapons from other servers.. or at least serverside weapons.. And im not sure of any way to have weapon names themself from other servers.. I only know hot to inject clientside code and that doesn't require adding new weapons.. the old old way from back in the day was to use artmoney and search for text like for classic bomb and bow.. and just alter it in memory..there are new ways now.. but im surprised.

[BlueMelon]

Best protection would be use use serverside validation, I know on era some old scripts (even some new scripts *cough*) have been exploited by sending a negative number to server side and then this happens.
player.rupees -= -(xrupees); which results in a positive number.
This can easily be avoided using simple checks, or even abs(num).
But what can you expect, people make mistakes.

[scriptless]

Quote:

Originally Posted by BlueMelon

Best protection would be use use serverside validation, I know on era some old scripts (even some new scripts *cough*) have been exploited by sending a negative number to server side and then this happens.
player.rupees -= -(xrupees); which results in a positive number.
This can easily be avoided using simple checks, or even abs(num).
But what can you expect, people make mistakes.

We did that with the money transfer item on N-Pulse when Moonie was manager.. if I remember correctly I gave moonie like negative 3 million rupees.. LOL don't know if she ever found out tho. <3 moonie (dont be mad)

[Stowen]

I remember that money transfer script, alot of people used to abuse that before they fixed it lmao. But thanks guys, I'm definitely going to try out the clientside weapons check. I already have a movement speed logger, thanks for the idea though.

[Tim_Rocks]

I hacked Chris' virginity once.

[Stowen]

Nevermind I don't have a movement speed logger lol I was thinking of Staff Boots log for some reason. How would I go about doing this? I figure it would require some math and some temp.x and .y variables and such. Any ideas on how I should go about this?

[BlueMelon]

Some methods include tiles/second

[scriptless]

You can use a timeout, every second or so.. save temp positions for x and y.. but before saving those variables.. check current and calculate distance..

[Stowen]

Quote:

Originally Posted by scriptless

You can use a timeout, every second or so.. save temp positions for x and y.. but before saving those variables.. check current and calculate distance..

So that would include determining players direction, correct? I tried the calculating distance, but I cant really figure out an efficient formula without figuring the players direction. Could somebody help me on a formula?

Quote:

Originally Posted by BlueMelon

Some methods include tiles/second

How would I figure the tiles/second?

[scriptless]

direction doesnt matter.

as i said.. compare last x/y to current x/y every second..

PHP Code:

temp.distancex = abs(temp.ox - player.x);
temp.ox = player.x 


for example..

I use ABS for because we want the absolute value (non negative number)... if u move to the right.. it will be a negative number.. move to the left it will be positive.. making it abs will make it always positive.

[Stowen]

Ah alright. Ill give this a go, and let you know how it works. Thanks man!