Tired of scripters? How about being accused of scripting?

[=X=Master HeX]

With the release of xMod v1.1.5 we have been working on new features for 1.2.0. One of the main features, script detection, is almost ready for the final version. If you are interested in what exactly it does, join our dedicated server (146.20.43.156:28070) with autodownloading enabled.

 

You should see a message when you connect that you have the detection part downloaded. And if you type \gc secure you will see a list of the others on the server with the detection client mod.

 

xMod website: http://xmod.cat5camp.com

[Break_dF]

Press 1. There, you've just turned your saber on. Press it again. Woah, look, it's off. One button served 2 functions. What stops this so-called mod from recording in-game scripts?...

[FK|FallenOne]

Yes break would really want to know how this works as he's been accused of being an extremely big scripter apparently. Also, I'm wondering how Savant is gonna play on your server now Hex?

[Unnamed Jed1]

Originally posted by FK|FallenOne

Also, I'm wondering how Savant is gonna play on your server now Hex?

 

Ouch...

 

 

I would imagine it searches for "specific" binds.

90% of all players use some type of script, be it a model changer, saber color changer or even name/model binds, so it will have to have some variables or allowed scripts.

[Emon]

Searching specifically is bad because people can easily add a slight alteration to get around it. Doing it vaguely is also bad because people could be using something harmless like a name and model change combo, or a script to make the saber to a spin in the player's hand by switching to the next weapon and back really fast (I like to use this one often).

 

I would imagine the only effective way would be to search for binds with more than 4-6 commands. Harmless stuff should never use anything past that, and harmful stuff should never use anything under that. Stuff like scripts to cleanly zoom with any weapon, which can be dozens of lines, won't work. It would also be a good idea to check cvars like the cg_fov or whatever that one is that lets you "zoom" by changing the field of view.

 

It certantly wouldn't elimate all cheap scripts, but definatly the ones with a significant advantage.

 

Also, another idea; all of JO's binds only using one command. The weapon 1 command toggles the saber on and off. You could have the mod display a list of all binds that use two or more commands. This would allow the admin to take a look at what the player has and determine if it's harmless or harmful. It could also be used in conjuction with the above idea.

[=X=Master HeX]

Basically it works like this:

 

The client side is always monitoring your binds.. it searches each bind for the use of a word. For example for a kick script it looks for +moveup 2 times and -moveup once. Lunge, etc.. is found out in the same mannor. Then when a script is found the client side notifies the server that the client is scripting, and the server drops them.

 

Currently the client side detects kick scripts, lunge, DFA, and alias use. If you have another script you would like me to add to the ban list, let me know. Right now I didn't add color changer scripts or anything because they don't really change the gameplay. There are prolly gun scripts I'm missing, however, I don't really ever play with them so I wouldn't know.

 

You can see on non pure servers who has the client side by doing \gc secure. This will list the people who are using the client mod.

 

p.s. Savant still plays on xCTF with the detection part downloaded and is still as good as ever.

[Break_dF]

Originally posted by FK|FallenOne

Yes break would really want to know how this works as he's been accused of being an extremely big scripter apparently. Also, I'm wondering how Savant is gonna play on your server now Hex?

 

Someone's jealous.

 

Anyway, I'd be glad to dl this just to prove to the noob community that I don't script.

[Emon]

That method looks like it would work well for automated scripting. However, I think it still would be great for the admins to type a command and it'll search all the players who have scripts with two commands or over (searching could be done with the semicolons, the detection part), and have it display that user and those binds he has.

[DeTRiTiC-iQ]

I use quite a few legitimate scripts with lots of commands. My demo script uses about 5 I think. My CTF-Comms script runs about 15 commands sequentially.

[=X=Master HeX]

I had most of that in mind when I started. I have a few double binds (light and dark on one key) binds. Also have demo binds, all of which are not detected.

[Break_dF]

So...I have to have x mod to run this?...that's ghey.

[=X=Master HeX]

I guess.. xMod does everything that is important in adminmod.. and has a butload of other stuff. When more server admins start running it just having the client side downloaded will let the server know you are script protected.

[Break_dF]

So there's no way the mod would work w/ vanilla? I think that'd be a much more popular program...

[Break_dF]

I tried to connect but I was kicked...Umm, I'm running a demo script. As far as binds go, I have a /kill me and a /reconnect bind along w/ screenshot, a skin and 2 names. Umm... that's it.

Now, why exactly was I kicked?

[.:Silver:.]

Guess this is better than the old method you had Hex. In the old days, you'd just accuse us of cheating and ban us without any proof of scripting at all.

 

Progress is good.

[FK|FallenOne]

Silver dude, are you ever gonna come by our server? IRC? What's up dude?

[.:Silver:.]

Look for me on Saturday.

[FK|FallenOne]

We have a match saturday night and SiN, me and special have a 3v3 XTGL CTF GUns tourney match tomorrow night vs RA. It's going to be VIDCAST woot. So anyone who has windows media player can watch. I'll post the info on our forums. Don't forget to come and post on em. Just follow the links from the site.

fallenknightsclan.com

[razorace]

Wouldn't it be a more perm. solution be to just fixe the script explotable code instead of spending all that time to make a script scan?

[=X=Master HeX]

Break_dF

 

I saw you trying to connect earlier... The script monitor currently looks for vstr use until I find a way to scan vars created on the fly. There is no real need to use vstr in demo scripts, etc... Just remove any use of the word vstr in your configs.

[BlackDove]

I play on your CTF server all the time, it's very good, I like it, kinda the equivalent to gamesdomain.com on which I usually play. Good to know that nobody can use scripts there.

[ksk h2o]

Originally posted by =X=Master HeX

Break_dF

 

I saw you trying to connect earlier... The script monitor currently looks for vstr use until I find a way to scan vars created on the fly. There is no real need to use vstr in demo scripts, etc... Just remove any use of the word vstr in your configs.

 

Thats a bummer, there are lots of uses for different VSTR's.

 

My config has multiple game modes set into the F keys. I'f I'mplaying CTF/Duel/FFa promod/jedimod/if'im a gunner, etc/ light side/dark side.

 

I just press the according F1-F6 key (which is displayed at the top of the screen using a vstr called info) and the said set of control binds is set. I have no intricate combo scripts running, but my config script will probably not go through your filter.

 

Also as for additional scripts you should block, you should try looking for saberattackcycle's in binds as well. One can easily pull a lunge in red stance or the yellow DFA while in red stance, using these scripts.

[=X=Master HeX]

To get around the use of vstr stuff, I would suggest making seperate config files and just exec them. Works sorta the same way.

[Break_dF]

Erm...yeah ok... soo, I should just go delete ****? Sounds...yeah.

[Unnamed Jed1]

seta sensitivity "50"

 

seta cg_fov "90"

 

seta cg_drawCrosshair "2"

 

seta cg_hudFiles "1"

 

seta cg_drawTimer "1"

 

seta cg_drawTeamOverlay "1"

 

set p-1 "set forcepowers 7-2-030330320000032332;echo;forcechanged;bind END vstr p-2"

set p-2 "set forcepowers 7-2-030330320000032332;echo;forcechanged;bind END vstr p-1"

set powers "vstr p-1"

bind END "vstr powers"

 

set change3 "model stormpilot/red;bind PGUP vstr change4"

set change4 "color1 0;bind PGUP vstr change5"

set change5 "set name ^1SF^7-^1Unnamed;bind PGUP vstr change3"

bind PGUP vstr change3

 

set change6 "model stormpilot/default;bind PGDN vstr change7"

set change7 "color1 0;bind PGDN vstr change8"

set change8 "set name SF^1-^7Unnamed;bind PGDN vstr change6"

bind PGDN vstr change6

 

set change9 "model shadowtrooper/red;bind HOME vstr change10"

set change10 "color1 0;bind HOME vstr change11"

set change11 "set name ^1^^0Unnamed^1[sF];bind HOME vstr change9"

bind HOME vstr change9

 

 

 

 

That is from my autoexec.cfg ^

I got dumped the first time, but simply reconnected and played without trouble.