beta richochet fork #148
beta richochet fork #148
Conversation
Only slight changes occurred to this file. Some of these will make more sense as I make more commits.
... that I forgot to put in the last commit!
I don't know how to handle copyright. A lot of the code in here isn't mine, or is based off of another person's code. This was never meant to be a public project, but I'm doing this to contribute to the "greater good". Credits to shavit and Rusty.
Alright, here this goes.
The developer of StAC is working on making the anticheat invisible... But what's the point if cheaters can find out that it's running on the server just by getting banned or seeing someone else get banned? They can just come back and bypass the anticheat on an alt account if that happens.
So, ban messages should be as simple as possible ("Banned from server"), and all other players on the server should just see that as well. If they have questions or want to know why, just tell them that the player who was banned was cheating.
The only people who should have any idea of what is going on with the anticheat are any admins, moderators, or anyone who can be trusted. Regular players should not ever know that the anticheat is running on the server, or at the very least, shouldn't know what anticheat is running on the server or what detections there are.
A lot of these will go unused, I never did feel like removing the ones that are unused. Feel free to!
Required for my modification to SBP.
Our replacement to the default adminhelp, which would leak StAC commands. Not a perfect solution, but the only thing I can really care to do, since it's simple. Conflicts with the Sourcemod bundled adminhelp.sp/smx.
This is my fork of sbp. It is incompatible with the regular sbp, but also required in order to prevent the plugins from showing up in the plugin list. I guarantee a better solution than this exists, but this worked for me. Won't work for all servers since some might actually use the plugins we impersonate, creating duplicate entries.
Necessary for protection stuff.
| } | ||
| case 1: | ||
| { | ||
| Format(OS, sizeof(OS), "Linux/MacOS (Most likely Cathook)"); |
There was a problem hiding this comment.
The idea behind this was to notify what cheat someone would be using, which I wanted to implement when Cathook had cvars queryable, but they got rid of those, so I went with the next best thing, statistics.
I would have included a list of cheats for Windows, but there are so many on there, it is ridiculous.
I rarely ever had false positives so these were just useful notifications for when detections happened, both for debugging and the likelyhood of someone cheating.
| // this kick client might not be needed - you get kicked by "being added to ban list" | ||
| // KickClient(Cl, "%s", reason); | ||
| } | ||
|
|
||
| MC_PrintToChatAll("%s", pubreason); | ||
| // MC_PrintToChatAll("%s", pubreason); This still isn't happening. Why should we notify all clients WHY they were banned? Bad idea. | ||
| PrintToImportant("%s", pubreason); // This may be redundant. Testing needed. | ||
| StacLog("%s", pubreason); | ||
| } |
| @@ -621,7 +801,8 @@ void psilentCheck(int userid) | |||
| // doing this might make it harder to detect legitcheaters but like. legitcheating in a 12 yr old dead game OMEGALUL who fucking cares | |||
| if | |||
| ( | |||
| aDiffReal >= 1.0 && fuzzy >= 0 | |||
| //aDiffReal >= 0.5 && fuzzy >= 0 // I care about legitcheating in a 12 yr old "dead game". I want a fair game. If a client triggers this consistently, especially at a consistent angle value, they are almost certainly cheating. The anticheat handles false positives already. | |||
There was a problem hiding this comment.
This check is in there because anything lower than 1.0 i found to almost always just be bunk and a legit player
There was a problem hiding this comment.
I think there is a better way to handle this situation but I have not made it yet.
| @@ -244,8 +250,8 @@ stock void PlayerRunCmd | |||
| if | |||
| ( | |||
| // make sure client isnt using a spin bind | |||
| buttons & IN_LEFT | |||
| || buttons & IN_RIGHT | |||
| buttons & IN_LEFT // Almost certainly an easy bypass. | |||
There was a problem hiding this comment.
these probably need to be removed or clients need to have their IN_LEFT/IN_RIGHT cmds ignored (aka they are not allowed to input them)
| @@ -226,10 +232,10 @@ stock void PlayerRunCmd | |||
| if | |||
| ( | |||
| // make sure client doesn't have invalid angles. "invalid" in this case means "any angle is 0.000000", usually caused by plugin / trigger based teleportation | |||
| !HasValidAngles(Cl) | |||
| !HasValidAngles(Cl) // This is actively abused to bypass, according to untrustworthy sources! But, I do see it as very possible. | |||
There was a problem hiding this comment.
Untrustworthy? I find that very insulting.
| @@ -47,10 +50,13 @@ public Action OnPlayerRunCmd | |||
| OnPlayerRunCmd_jaypatch(Cl, buttons, impulse, vel, angles, weapon, subtype, cmdnum, tickcount, seed, mouse); | |||
|
|
|||
| // sanity check, don't let banned clients do anything! | |||
| // This lets them know something is up immediately, removing the point of the banqueue. | |||
There was a problem hiding this comment.
This was originally a hack to prevent double bans. Need testing to determine if this is still relevant
There was a problem hiding this comment.
The only reason I commented this out was for my ban queueing system, if that isn't merged, this commenting out of code probably shouldn't be either.
There was a problem hiding this comment.
I should clear up, my ban queue system is different from the userBanQueued[Cl] bool here, I had a proper system that would make it harder for cheaters to determine why they were banned. It would wait 15-60 seconds (by default) after they had been banned, before actually issuing the ban.
A better idea would be to have ban-waves like VAC, but I don't know if that's a good idea when it comes to community servers where we'd rather have a cheater out within the time of the match. Different people will have different opinions.
| @@ -37,6 +37,44 @@ public Action OnClientSayCommand(int Cl, const char[] command, const char[] sArg | |||
| return Plugin_Continue; | |||
| } | |||
|
|
|||
| Action joinTeam(int Cl, const char[] command, int argc) | |||
There was a problem hiding this comment.
Need more comments on what exactly this is supposed to be checking
There was a problem hiding this comment.
This checks for auto-class/team join cheats. It was very experimental but I never had it false positive, the 2.5 seconds was a bit below what I could manage spamming to get onto a team and select a class as fast as possible. It just notifies admins.
| @@ -441,6 +479,12 @@ Action Timer_CheckClientConVars(Handle timer, int userid) | |||
| // query all cvars and netprops for userid | |||
| void QueryCvarsEtc(int userid, int i) | |||
| { | |||
| // No point in running this if only one player is on. | |||
There was a problem hiding this comment.
Good, been meaning to implement this for a while
| { | ||
| PrintToImportant("{hotpink}[StAC]{white} Client %N attempted to use %s, blocked access." , callingCl, arg0); | ||
| StacLogSteam(GetClientUserId(callingCl)); | ||
| StacGeneralPlayerNotify(GetClientUserId(callingCl), "Client %N attempted to use %s, blocked access!", callingCl, arg0); | ||
| return Plugin_Handled; | ||
| return Plugin_Continue; // Return this instead. This causes non-admins to get an "Unknown Command" message, further disguising the anticheat. |
There was a problem hiding this comment.
Discussed in DMs, but this is here for some reason that i dont remember
There was a problem hiding this comment.
I never had issues returning Plugin_Continue instead of Plugin_Handled, it only brought benefits.
| @@ -0,0 +1,107 @@ | |||
| "Games" | |||
There was a problem hiding this comment.
Not going to bundle the adminhelp/bara plugins, way too heavy and overintrusive, sorry
There was a problem hiding this comment.
This is the best way I found to hide certain plugins with my fork of SBP, but there are more simple things you could do, or just not do this at all.
|
See #175 |
No description provided.