|
Germany2896 Posts
HackDetector 0.2c for 1.15.3
by MasterOfChaos
Atm it finds the following exploits
-Zerg Mineralhack
-Nuke anywhere
-Multicommand
-Automine at the start of the game
-Rally exploit
Additionally it has a experimental antispoof integrated and allows you to drop pausehackers.
Multicommand
It now checks for a command alternating with select. If this happens at least 3 times(corresponds to 3 control groups being commanded) it displays a message.
There are some false positives, so you should only accuse your opponent if you get this message often.
Automine
Automine consists of fours selects alternating with gaters/moves to different targets in the first possible frame(5 on bnet, 2 on LAN). Detecting these is similar to multicommand, except moves with different target are also considered here.
Nuke anywhere
Whenever an opponent selects a nuke you get a message. As selecting a nuke is required for nuke anywhere exploit and not possible without a hack it should work reliably.
Zerg mineralhack
It shows a message if a CancelTrain command is given to a zerg larva. There might be other variants of this hack (related to muta->guard/devourer and hyd->lurker), so if you find a replay where a minhack is not detected post it here.
Set enemy Rallypoint
AdvLoader 2.0 allowed observers to change the rallypoints of enemy buildings. For 1.15.2 there are hacks which allow the same for every player/observer. I have added detection for this exploit, but I have only one replay with it, so I'm not entirely sure if it works correctly.
Spoof detector:
Sends whois commands to bnet to find out if the players are really in the game they are. There are sometimes false postives caused by bnet lag. So you should check with /whois if it finds a spoofer. In games with korean names it does not work correctly (at least with a non korean windows locale) as the result of /whois is empty.
And you might get banned by bnet for the flood of /whois you send. So I have disabled it by default.
Anti-Pausehack:
Enables the dropbutton even if the opponent pausehacks. I think in a two player game both players get a disconnect, with more players the game should continue normally.
Thanks to Python_Max from ICCup for this method.
Debug logging:
Press Ctrl+Shift+D in the config dialog to show an additional tab with debug features. Allows to log all actions in a game. This extensive logging might slow down the game a bit.
If you have a replay where the opponent uses an exploit which is not detected by this detector please post a replay here. Rigged UMS maps do not count as an exploit.
Download and usage
Now it is a plugin. Copy it to your Launcher folder and check it in the plugin list.
http://winner.cspsx.de/Starcraft/Tool/HackDetector.zip
As usual blizzard might ban you for using this. The chance for that is a bit higher that with chaosplugin, and about the same as LatencyChanger or any of the AdvLoader plugins.
|
Wow this is incredible. Thanks so much dude!
|
5390 Posts
Can't wait for the plugin version. We appreciate all the work you do on Chaos!
|
Hey this is really cool. One idea to make it so there are less false positives with multicommand hack is to check the form of the several actions on same frame. As far as I know it is always a select then command, select then command, etc. And the command will always use the exact same coordinates too?
|
Nice work 
|
|
|
nice one masterofchaos. this is sick.
|
Power of MasterOfChaos, thanks for you work. Always appreciate what you give to the community.
|
nicely done, now.... to detect maphackers. >____<
|
|
|
On August 06 2008 04:20 Raithed wrote:
nicely done, now.... to detect maphackers. >____<
Well one can assume that if they use these hacks they maphack too. But I guess the "smart" hackers just use maphack without the extras.
EDIT:I'm suprised how many still use automine hack since it has been detectable with bwchart for a long time. And even players with tousands of games use it. Good that they dont know it so I can ban them from games if they join again. Just hard to remember all the names.
|
On August 06 2008 04:36 Eatme wrote:Show nested quote +On August 06 2008 04:20 Raithed wrote:
nicely done, now.... to detect maphackers. >____< Well one can assume that if they use these hacks they maphack too. But I guess the "smart" hackers just use maphack without the extras. EDIT:I'm suprised how many still use automine hack since it has been detectable with bwchart for a long time. And even players with tousands of games use it. Good that they dont know it so I can ban them from games if they join again. Just hard to remember all the names.
same with multihack because it shows them not using hotkeys.
|
The split detector is going to be so usefull. So many noobs still use it.
TYTY
|
On August 06 2008 05:39 jimminy_kriket wrote:
The split detector is going to be so usefull. So many noobs still use it.
TYTY
What you do is make 4v4 FMP NR 20mins NO NOOBS! and see how many times it goes off
|
Wow zerg mineral hack detecter, thanks!!
|
Thank you, now I don't have to resort to cursing them out in korean.
|
Thank you
You are a saint to the sc community
|
iNfeRnaL
Germany1908 Posts
The maphack itself is undetectable tho right?
Don't get me wrong, your work for the community is great, but it would be so much more helpful especially at competitive level if we were able to detect maphacks.
Cause ever since the last big catch with Exe/his ally/Localhost etc we all know that even a few of the "recent" top users are actually hacking.
And as someone mentioned already, you cannot catch the "smart" hackers who just use "ONLY" the maphack (that sounds so retarded, as if that wasn't even enough already?!)
|
awesome, thanks!
The ADVLoader plugins already come with a zerg mineral hack detector, Highways.
|
This will be very useful for USEAST
|
|
|
chaos launcher already detects mineral hack :O
|
wow really good work man nice!! definatly will use this
|
|
|
Awesome like always
any way to block lag/pause hackers where it stays on the drop screen?
|
What bnet players really need is a a hack detector + dropper. So what if you're alerted the other guy mineral hacks or nukes anywhere. What can you do about it? Nothing... And it's not like the hacker even cares that you know. They don't care, in fact they will accuse you of hacking because you detected their hack. The hacker is proud of his hacks while the non-hacker is angry at the relation to them. On top of this, the hacker can easily spoof his name.
I don't even bother with detectors because it only annoys you. It notifies you that the other person hacks, but you can't do anything about it anyway. Better off not knowing and suspect something and check the replay later, meanwhile you can play more games and enjoy the game. There are almost no consequences for hacking, and there should be. Which is why I miss the KM9v104 program.
|
Great work, MasterofChaos. As always.
Regarding mineral hack, I have heard there are even more variations of it, e.g. Hatchery to Lair. But I cannot confirm this, has anyone seen this one?
What would be really great is if you could create a plug-in version of the banlist hack (?) for ppl who play outside of Iccup, this would be useful, imo.
On August 06 2008 17:49 vnlegend wrote:
What bnet players really need is a a hack detector + dropper. So what if you're alerted the other guy mineral hacks or nukes anywhere. What can you do about it? Nothing... And it's not like the hacker even cares that you know. They don't care, in fact they will accuse you of hacking because you detected their hack. The hacker is proud of his hacks while the non-hacker is angry at the relation to them. On top of this, the hacker can easily spoof his name.
I don't even bother with detectors because it only annoys you. It notifies you that the other person hacks, but you can't do anything about it anyway. Better off not knowing and suspect something and check the replay later, meanwhile you can play more games and enjoy the game. There are almost no consequences for hacking, and there should be. Which is why I miss the KM9v104 program.
QFE
|
On August 07 2008 10:43 meathook wrote:Show nested quote +On August 06 2008 17:49 vnlegend wrote:
What bnet players really need is a a hack detector + dropper. So what if you're alerted the other guy mineral hacks or nukes anywhere. What can you do about it? Nothing... And it's not like the hacker even cares that you know. They don't care, in fact they will accuse you of hacking because you detected their hack. The hacker is proud of his hacks while the non-hacker is angry at the relation to them. On top of this, the hacker can easily spoof his name.
I don't even bother with detectors because it only annoys you. It notifies you that the other person hacks, but you can't do anything about it anyway. Better off not knowing and suspect something and check the replay later, meanwhile you can play more games and enjoy the game. There are almost no consequences for hacking, and there should be. Which is why I miss the KM9v104 program. QFE
What did that do?
|
why don't you just download oblivion and use that rally hack yourself and record it?
|
Is it possible for this to drop the hackers? Or will this just detect it? Because if you confront hackers with drophack or something they can just drop you 
Ugh this reminded me of a game I played a week ago, got me pissed as hell.
3v3, my friend + 2 of his friends, I don't know them, both Oblivion hackers, one is ridiculously BM, I join the game on the other team, do a Speedling build. I counter non-BM hacker's Rax/Bunker contain with lings and my ally proceeds to kill him. I go for BM hacker's base and he obviously gets pissed and drops me. Really irritates me :-/
|
On August 06 2008 17:49 vnlegend wrote:
What bnet players really need is a a hack detector + dropper. So what if you're alerted the other guy mineral hacks or nukes anywhere. What can you do about it? Nothing... And it's not like the hacker even cares that you know. They don't care, in fact they will accuse you of hacking because you detected their hack. The hacker is proud of his hacks while the non-hacker is angry at the relation to them. On top of this, the hacker can easily spoof his name.
I don't even bother with detectors because it only annoys you. It notifies you that the other person hacks, but you can't do anything about it anyway. Better off not knowing and suspect something and check the replay later, meanwhile you can play more games and enjoy the game. There are almost no consequences for hacking, and there should be. Which is why I miss the KM9v104 program.
I wholeheartedly support this post.
|
On August 07 2008 11:38 Equinox_kr wrote:Show nested quote +On August 06 2008 17:49 vnlegend wrote:
What bnet players really need is a a hack detector + dropper. So what if you're alerted the other guy mineral hacks or nukes anywhere. What can you do about it? Nothing... And it's not like the hacker even cares that you know. They don't care, in fact they will accuse you of hacking because you detected their hack. The hacker is proud of his hacks while the non-hacker is angry at the relation to them. On top of this, the hacker can easily spoof his name.
I don't even bother with detectors because it only annoys you. It notifies you that the other person hacks, but you can't do anything about it anyway. Better off not knowing and suspect something and check the replay later, meanwhile you can play more games and enjoy the game. There are almost no consequences for hacking, and there should be. Which is why I miss the KM9v104 program. I wholeheartedly support this post.
I wholeheartedly disagree with that post. I want to be notified if my opponent is hacking, so I can just quit and not waste my time trying to beat some guy with unlimited resources.
|
it would be great if there was a way to store their ID in a database, and then autoban anyone in that database from your games.
|
i hope it doesnt detect my lan latency hack :p
|
|
|
I mean detectors, plugins are already in the shady realms. When you start dropping people with detectors, you might as well just load up your own hacks and drop hackers manually.
Btw, I tested it, it seems to work great. It's amazing how many more "silent" hackers with multicommands.
|
Nice, thanks. But does it have a chance of viruses? I think I got some from chaos
|
On August 07 2008 11:52 Luddite wrote:
it would be great if there was a way to store their ID in a database, and then autoban anyone in that database from your games.
That's what we need, BanList on BW.
|
On August 07 2008 12:52 il0seonpurpose wrote:
Nice, thanks. But does it have a chance of viruses? I think I got some from chaos
I remember reading (somewhere in TL.net) that Chaos was detected as a virus by the antivirus, because of the way it works (autoupdater and replacing files etc).
But it really isn't. Don't believe me much though. I might be wrong~~;
|
Dakota_Fanning
Hungary2349 Posts
Hi MasterofChaos!
Really good job! I've been waiting for this for so long...
I know how to detect the zerg moneyhack variants as I implemented it in BWHF.
If you're interested, PM me. I can lend the Java source codes too if u want them.
|
Wait...so the Zerg min hack detector alerts you if a zerg cancels a larva? It's that simple? That doesnt sound right...right?
|
On August 07 2008 12:57 funkie wrote:Show nested quote +On August 07 2008 12:52 il0seonpurpose wrote:
Nice, thanks. But does it have a chance of viruses? I think I got some from chaos I remember reading (somewhere in TL.net) that Chaos was detected as a virus by the antivirus, because of the way it works (autoupdater and replacing files etc). But it really isn't. Don't believe me much though. I might be wrong~~;
moc said that and i trust him
|
Germany2896 Posts
I finished converting it to a bwl plugin(Version 0.1).
Improved the multicommand detection. It should show fewer false positives.
Banlist is not that easy because of spoofers. Afaik there is no way to find the real acc for a player who is in your game. But detecting that he is spoofing should definatly be possible using the whois command. Also shared banlists are problematic because you cannot trust the reports.
On August 07 2008 20:00 PH wrote:
Wait...so the Zerg min hack detector alerts you if a zerg cancels a larva? It's that simple? That doesnt sound right...right?
The CancelTrain command not the CancelMorph command. This command is used to cancel units from a queue of a Terran/Protoss production. Sending it to a zerg larva/egg can be used to get minerals.
|
Dakota_Fanning
Hungary2349 Posts
Can u incorporate a very simple spoof checking and warning?
To execute a /whois or /whereis command to all the players, and if it results in a different game name (or tells the player name is invalid or he is offline) than our own player's, then it's a spoof.
|
The way blacklist works is that it stores the IP address of every player youve been in a lobby with. Then when you ban /bladd them it ip bans them from your games. Pretty foolproof of spoofers afaik, unless they wanna reset their modem or something.
|
On August 08 2008 02:19 jimminy_kriket wrote:
The way blacklist works is that it stores the IP address of every player youve been in a lobby with. Then when you ban /bladd them it ip bans them from your games. Pretty foolproof of spoofers afaik, unless they wanna reset their modem or something.
omg i need this BADLY D:
|
does this actually work? whos tried this?
|
On August 08 2008 03:54 memmypoker wrote:
does this actually work? whos tried this?
If Masterofchaos made it ... it works
|
Nice work MasterOfChaos, you've created some absolutely awesome stuff for this game ^^
Christ I didn't even know there was a Nuke Anywhere hack, that's ridiculous
|
On August 07 2008 22:37 MasterOfChaos wrote:I finished converting it to a bwl plugin(Version 0.1). Improved the multicommand detection. It should show fewer false positives. Banlist is not that easy because of spoofers. Afaik there is no way to find the real acc for a player who is in your game. But detecting that he is spoofing should definatly be possible using the whois command. Also shared banlists are problematic because you cannot trust the reports. Show nested quote +On August 07 2008 20:00 PH wrote:
Wait...so the Zerg min hack detector alerts you if a zerg cancels a larva? It's that simple? That doesnt sound right...right? The CancelTrain command not the CancelMorph command. This command is used to cancel units from a queue of a Terran/Protoss production. Sending it to a zerg larva/egg can be used to get minerals.
Oh, I see.
Thanks for putting this together, man. As soon as the plugin version comes out, I'll be all over it. (:
|
Germany2896 Posts
Updated to 0.1b fixing a bug which showed an integer overflow message on startup.
@PH it is already a plugin
On August 08 2008 03:54 memmypoker wrote:
does this actually work? whos tried this?
It works on my comp. But I haven't tested very many hackreplays and on no other computers, so it might still have bugs.
|
is there a way to disable a certain hack detector? I'm probably just nitpicking, but the ADVloader plugins already have a zerg mineral hack detector, and it might be kinda redudant to have two on at the same time. Anyways, great work on this, I'm gonna go play some pub bgh and fastest games to try these out
|
Austin10831 Posts
MasterOfChaos just wondering, my ADV plugin only works about 1 in every 10 times i use chaos, the other times it simply doesn't load, same for my friend. Any reason you can think of that this might happen?
EDIT: I moved them from the plugins folder to the launcher folder and it seems to be working better now.
EDIT2: Actually not, seems to be just random again.
|
you're so awesome. it is my goal one day to be able to program as well as you.
|
Give the man some donations.
Thank you MOC. Very much.
|
On August 08 2008 02:54 Equinox_kr wrote:Show nested quote +On August 08 2008 02:19 jimminy_kriket wrote:
The way blacklist works is that it stores the IP address of every player youve been in a lobby with. Then when you ban /bladd them it ip bans them from your games. Pretty foolproof of spoofers afaik, unless they wanna reset their modem or something. omg i need this BADLY D:
There is one available already, and it is quite good even, problem is that it also bans ppl from rooms where you are not host, including the real hosts of said rooms. This might be fun for you personally (I know I lold a few times) but it sort of does not work in the long run.
MasterofChaos, is it possible for you to implement some sort of spoof protection then? Even basic one like against colour spoofers. I even saw a couple on iccup yesterday, haha. . .
|
Austin10831 Posts
This is giving alot of false positives on multi command. It's called me a multicommander in atleast 4 games today =[
|
just played a 2v2 fastest, where all 3 other players hacked. I killed one on my opponents, they convinced me to backstab my hacking partner, then resumed finishing off the last opponent. So the only "non-hacker" wins the game. Hack detector seems to work quite well.
|
United States17042 Posts
Nice work - Thank you so much.
I think that the ipban list would be a little heavyhanded, seeing that most people don't tend to have static ip's (mine changes every 24 hours on command from the isp). having something to automatically check /whois might work well though. Just my $0.02
|
On August 06 2008 17:49 vnlegend wrote:
What bnet players really need is a a hack detector + dropper. So what if you're alerted the other guy mineral hacks or nukes anywhere. What can you do about it? Nothing... And it's not like the hacker even cares that you know. They don't care, in fact they will accuse you of hacking because you detected their hack. The hacker is proud of his hacks while the non-hacker is angry at the relation to them. On top of this, the hacker can easily spoof his name.
I don't even bother with detectors because it only annoys you. It notifies you that the other person hacks, but you can't do anything about it anyway.
Nope, wrong go die.
Thats like saying, the counter to hacking, is more hacking. Better hacking. Faster hacking. Smarter hacking. Drop hack them before they drop hack you.
The true counter to hacking is knowledge.
If you require a drophack, you're just `another hacker`.
The consequence for hacking is the majority of these players will never truly develop their potential in the game. They sacrifice long-term skill development, for a short-run kick. Their consequence is never having a clear conscience. Their consequence is a subconscious concept that they are a sub-par player.
Better off not knowing and suspect something and check the replay later, meanwhile you can play more games and enjoy the game. There are almost no consequences for hacking, and there should be. Which is why I miss the KM9v104 program.
`Ignorance is bliss bitch.`
|
Germany2896 Posts
On August 08 2008 10:16 BroOd wrote:
This is giving alot of false positives on multi command. It's called me a multicommander in atleast 4 games today =[
Are you using the dll version or the bwl version?
|
I received a false positive as well with the multi-command hack. I'm using the version that works directly with CL as a plugin, so I guess not the dll.
|
Germany2896 Posts
can you post a replay then?
|
I have been trying this out today, the .bwl version that is, and I think it showed at least one false positive for Multicommand hack. . . I dont have that replay, but I have one where one player was using oblivion with autosplit and it did not alert about it.
Here is rep.
Overall seems to have somewhat sketchy performance.
|
Germany2896 Posts
When I play that replay it reports automine.
|
On August 09 2008 04:03 reasonOK wrote:
I received a false positive as well with the multi-command hack. I'm using the version that works directly with CL as a plugin, so I guess not the dll.
I've noticed that if a game experiences a laggy period, and you keep spamming while it's frozen, it'll claim multi-command.
Other than that this thing is awesome. It allows me to avoid playing with cheaters pretty well.
Thanx.
|
Germany2896 Posts
On August 09 2008 19:20 Dromar wrote:
I've noticed that if a game experiences a laggy period, and you keep spamming while it's frozen, it'll claim multi-command.
Can you post a replay of that? So I can check if there are any differences to a real multicommand which I can detect to remove this false positive.
|
On August 09 2008 17:42 MasterOfChaos wrote:
When I play that replay it reports automine.
Actually, I have played with several oblivion users and so far it has only reported automine once.
|
Germany2896 Posts
Does it report automine if you watch the replay?
|
I have to agree, multi command is still faulty. I have played 3v3 hunters, where the anti hack tool identified me as the multi command user (TWICE), which of course is not true. There was a minor lag in the game but I presume that the detection method cannot hold true to this. Here is the replay: http://rapidshare.com/files/136198608/multi_command.rep.html
Please fix this.
|
can u implement this into chaos launcher?
edit : nvm
|
Not sure if it works cuz it hasnt reported any hackers lately o.o
wondering if im lucky that there is no hacker im playing with :D
|
Finally we have something that detects automining and multicommand. I tested it already many times and it works very well.
May I suggest to MasterofHouse to install the ingame on/off feature of this detector. Otherwise the screen is full of multicommand messages in 3 out of 5 games on battle.net . Veeeeery annoying.......:S:S:S:S:S
|
Germany2896 Posts
The last days I worked on spoof detection. It's a bit unreliable, but it works now with some restrictions.
Players which have been verified are white. Players which are probably spoofs are red. Greeen means not scanned yet, or the scan did not work for some reason. And blizzard might ban for sending so many whois commands, but it did not happen in my tests.
* Only english BW or on ICCup. This is because BNet sends the response to the /whois as plaintext which I have to parse
* No korean gamenames, at least if your comp is not set to korean. This is because for some reason I get an empty response to the whois command in that case.
* As there is no clear indication to which player a certain response refers to it sometimes mixes the responses up if the next response from bnet is not for the /whois sent by the spoofdetector. This can lead to wrong smurf detections or cases where the scan fails.
I have not uploaded this version yet, because it is not tested enough.
Next thing I will work on is grouping the hack detection messages in the game, so you are not spammed if your opponent uses a hack repeatedly. I might group the messages of 30secs together, so you only get one message stating how often the hack was used in this interval.
On August 10 2008 12:56 Schnake wrote:
I have to agree, multi command is still faulty. I have played 3v3 hunters, where the anti hack tool identified me as the multi command user (TWICE), which of course is not true. There was a minor lag in the game but I presume that the detection method cannot hold true to this.
I only get two messages for that replay:
Automine: toss_salad in frame 5
MultiCommandHack(3): dediCation-ALP in frame 18525
The first one is clearly correct. The second one is quite close to the pattern MBS creates. I'm not sure if that one can be removed without removing many correct messages. I don't think I can do sth about that, except stating more clearly in the OP that multicommand can show some false positives. Because unlike the exploits multicommand does nothing the player could not do himself if he were extremly fast.
A few multicommand messages a game don't mean much. In case of a true multicommand user you usually get spammed with them.
|
Do people really care that some one on bnet random hacks? I bet over 20% of ppl hack in 3v3 bgh games.
|
Austin10831 Posts
On August 10 2008 18:40 Person514cs wrote:
Do people really care that some one on bnet random hacks? I bet over 20% of ppl hack in 3v3 bgh games.
Including you, asshole.
|
On August 10 2008 18:40 Person514cs wrote:
Do people really care that some one on bnet random hacks? I bet over 20% of ppl hack in 3v3 bgh games.
It depends if you care about the integrity of the game.
It feels really shitty to put all your effort into winning, only to get cheated. If you don't really try, or you don't really care if you win or lose, then maybe it's not such a big deal. But then why even play?
|
any way to turn off only multicommand detect and leave others on?
|
Very nice work MasterofChaos! I waited for this a long time.
Next thing I will work on is grouping the hack detection messages in the game, so you are not spammed if your opponent uses a hack repeatedly. I might group the messages of 30secs together, so you only get one message stating how often the hack was used in this interval.
but the spams are the best indicator that it is not a false detection.. maybe u can show a message like "..used multicommand 15 times in the last 10 seconds"
Maybe u can also implement a feature that warns you of players in a edditable database.
So that it informs you when the player joins a game that he is in the database.
So everyone might use his own blacklist.
This would be a very nice feature!
Maybe its also a good idea to check spoofs at the point when a player enters a game.
mfg
rOoT
|
I think this program will be incredibly useful in phasing the obvious hacks out for battle.net players. This is like a reincarnation of the penguin plug!
As for the hack detection I believe the autosplit is accurate at battle.net latency, because any action at 5 frames on battle.net latency (and I stress that part) is inmo a hack, and 2 actions at 5 frames is even more distinguishable as a hack, because on battle.net latency it records a dropped person at the 10th frame. Also, I have a series of replays from someone A- and my own 1000 replays and earliest for both is at the 10 frame. The 3 hacks that allow someone to achieve a 5 frame action are
A) full autosplit
B) Worker Creation but no autosplit
C) Latency hack that nobody but hacker has
Multiselection false claims with lag would be noticed by all players that a laggy moment occured, however it should be noted there is a hack that allows people to issue commands while the game is in pause screen and furthermore there are distinguishable traits of multiselect that do not occur naturally in bwchart regardless of lag.
As far as spoof detection goes I hope that it /whois anyone that gets detected, as I've had broodwar uninstalled for a while and haven't had the opportunity to try this program out.
Anyway, this program will be a strong deterrent against flagrant hacking and will allow us to backstab hackers and make 100% correct "hacker!!" accusations. This is something a lot of us have been waiting for, and I hope that masterofchaos continues to improve upon this program. Sehr gut!
|
I've been playing more and more Starcraft ever since this came out and I have a question. Mainly and most importantly, does this drop hackers? I know when this FIRST came out as a BWL plugin I saw a guy using Oblivion in a 3v3 Hunters game. However, a week later or so (not sure if there was an update during this time), a known hacker (sadly one of my friend's friends) tried joining a Phantom game and he got dropped immediately. Same went for a few other 1/1 LT games on East. There was about a 50/50 chance that the person would get dropped, not sure if this is a flaw of the plugin or intentional?
|
Is the hack detector completely out of date now that Zynastor updated?, because some guy just nuked my entire base without ghosts -_-
|
Germany2896 Posts
@Equinox_kr
This detector doesn't drop the hacker. But Oblivion hs autodrop for some of the exploits. So probably one hacker dropped the other hacker.
@Rotodyn
Replay please.
|
|
|
I just used the hack detector in a game of Phantom and it was lagging a bit. When I was spamming, it detected me using Multicommand. Is this because of the lag? It also happened in some other defense UMS game where I was spamming 1t2t3t4t for Stim.
EDIT: I also want to add that it detected some guy's automine in Phantom. haha
|
lag will cause false positives
|
Nice job Master of Chaos.
|
i love this so much.. 90% of map hackers seem to use automine too, so it kinda detects both in that sense =P
|
Someone splitting during lag in the beginning of the game will cause a false positive? Isn't that an overzealous method of absolute detection?
Correct me if I am mistaken.
|
No, it's impossible to split that fast, even during extreme lag. Lag doesn't start in the game until at least 15-20 frames in the game, and in thousands of games I've never been able to issue any command at frame 5, let alone four or five different mining commands.
|
MasterOfChaos... many thanks for another much needed program. We can finally get some peace of mind in public games. I joined the first 4v4 FMP game I saw and it detected 6 hackers.
There is no real need for a ban list, between name spoofing and IP address changes. Being detected is enough to deter most hackers.
The only thing we could possibly want is drop hack protection. Obviously there is no simple way of doing this without access to the drop hack source code.
|
On August 24 2008 11:14 Terranesque wrote:
Someone splitting during lag in the beginning of the game will cause a false positive? Isn't that an overzealous method of absolute detection?
Correct me if I am mistaken.
yeah like hunter said, there is no such thing as an automine false positive.. i think that there might be multicommand false positives though cuz ive seen it pop up a few times in the beginning of the game in the first 4 minutes when ppl are minning minerals.. i dont see why theyd use multicommand for that at all.
|
Yes - hack detected me using multicommand hack. And I was just highlighting my workers while there was a bit of lag...
|
yes it's been established that lag can cause false positives for multicommand hack
|
On August 20 2008 04:44 MasterOfChaos wrote:
@Equinox_kr
This detector doesn't drop the hacker. But Oblivion hs autodrop for some of the exploits. So probably one hacker dropped the other hacker.
@Rotodyn
Replay please.
Huh? That's pretty strange, I doubt anybody else was hacking, my best friend came up as multicommanding but so did I 
How does that explain the random people dropping too? Is that just a coincidence then?
|
Am I the only one having noticed a steep decling in people using automine as in 5fram detection? Is the hack updated or are even the "out of tuch" hackers knowing that it can be detected and have thus turned it off?
|
Germany2896 Posts
Multicommand has some false positives.
Version 0.2 published. I haven't tested it much because I'll be off for the next 1-2 weeks. So if you encounter problems simply download the old version again.
HackDetector 0.1
HackDetector 0.2
- Added a config where you can enable/disable specific dections. Group messages does not work yet, this will be added in the next version.
- Added an experimental Antispoof using /whois.
Sends whois commands to bnet to find out if the players are really in the game they are. There are sometimes false postives caused by bnet lag. So you should check with /whois if it finds a spoofer. In games with korean names it does not work correctly (at least with a non korean windows locale) as the result of /whois is empty.
And you might get banned by bnet for the flood of /whois you send
- Removed one specific false positive from Multicommand detection. There are still other false positives. If you get the message only seldom it probably is a false positive. When playing a real multicommand user you get repeatedly (every time he moves 3 control groups / 25 or more units)) at once which is typically quite often.
- Added Set enemy Rallypoint detection
AdvLoader 2.0 allowed observers to change the rallypoints of enemy buildings. For 1.15.2 there are hacks which allow the same for every player/observer. I have added detection for this
exploit, but I have only one replay with it, so I'm not entirely sure if it works correctly.
- Added Anti-Pausehack:
Enables the dropbutton even if the opponent pausehacks. I think in a two player game both players get a disconnect, with more players the game should continue normally.
Thanks to Python_Max from ICCup for this method.
-Added Debugfeatures which allow you to log all actions.
Press Ctrl+Shift+D in the config dialog to show an additional tab with debug features. Allows to log all actions in a game. This extensive logging might slow down the game a bit.
|
thanks moc, youre awesome =D
|
great job!!! 
|
if we can get drop hackers it will be the best :D
Hack Detector is awesome :D
|
Fuck yeah!
I've been 2v2ing for the last couple of days with this on us east, and over half of the people we play against use either automine or mineral hack or both.
I've never caught anyone for multicommand or the nuke anywhere hack yet tho.
gonna download v0.2, thanks again :D
|
Thanks a lot man, this is great!
|
Thanks man, this is great.
Perhaps the anti-spoof should be disabled by default, but activates in-game in response to a command (like /spoof).
|
its discouraging seeing how many people really hack
|
I just ran into a zerg mineral hack that was NOT detected by KM9 (first instance ever). MasterOfChao's hack detector DID detect it.
|
|
|
This is amazing. Thanks a lot!
|
I have downloaded the hackdetection plugin and copied it to iccup launcher folder, but i when i start the launcher i dont get the plugin in the list so i cant turn it on. Anyone had the same problem? Or am i doing something completely wrong
|
iccup launcher is not chaos launcher.
|
Germany2896 Posts
Update:
0.2c works on 1.15.3
|
Is this reason of cdkey bans that happend recently ?
|
for anti pausehack im not sure how it works for 2 player games? If both players get dropped will the winner get a win?
|
There is a plug in that will ban "forever" players for you.
It is called Blacklist, current version 3.1, from ulliklliwi
I will not post the DL link, you know why.
When u ban a player, you ban the nickname AND Ip Adress
When a banned player try to join to a game u've created, it will automatilly be banned.
|
This is an INCREDIBLE tool, thank you, I am going to forward my team to it, since we have had hacker problems in our past, this should be able to detect most of it. Good for use during our trial process.
|
On October 02 2008 04:06 TossRage wrote:
There is a plug in that will ban "forever" players for you.
It is called Blacklist, current version 3.1, from ulliklliwi
I will not post the DL link, you know why.
When u ban a player, you ban the nickname AND Ip Adress
When a banned player try to join to a game u've created, it will automatilly be banned.
Can this be added to the plugin? or as a function on ChaosLauncher?
|
so nice to use this, i always laugh when ppl hacks. Cause it's so simple to detect it nowdays.
|
Yeah, a blacklist feature would be pretty awesome! Also, could the anti-spoofer check the accounts without a potential flooding? For instance, checking them in the game?
|
You should get a program that can detect maphack, that would be so nice. Cause i believe there is alot of maphackers out there.
|
This has worked great for me so far. I've found hackers and can now ban them from all of my games. This has saved me a lot of trouble and hassle of playing with people who have an unfair advantage. Thanks again Chaos.
|
On October 02 2008 19:29 SassO wrote:
You should get a program that can detect maphack, that would be so nice. Cause i believe there is alot of maphackers out there.
You come up with a way to detect maphackers and you will be the most famous person on the starcraft scene.
|
On October 02 2008 04:25 funkie wrote:Show nested quote +On October 02 2008 04:06 TossRage wrote:
There is a plug in that will ban "forever" players for you.
It is called Blacklist, current version 3.1, from ulliklliwi
I will not post the DL link, you know why.
When u ban a player, you ban the nickname AND Ip Adress
When a banned player try to join to a game u've created, it will automatilly be banned. Can this be added to the plugin? or as a function on ChaosLauncher?
If ChaosLaunchers functions are .dll files, yes
|
Like many others i worship chaoslauncher and most of all the hackdetection.
... so thank you chaos for the great contribution to the starcraft community!
At the moment the chaos launcher is a great tool for detection, and if ignoring the MBS, it is also a fairly accurate detection at that...
Like many people says in previous posts there is one addition that could be made that would enhance the chaoslauncher greatly! Blacklist.
I realize the contributors have spent sooo much time already. But none the less if someone would implement a simple blacklist that would be such a leap forward. And considering the previously added plugins this one is simpler.
possible features:
- a blacklist in its simplest form
- when cheater joins a game. issue a warning. unless autoban then warning + ban. (warning before banning so the cheater clearly sees he is being banned for cheating.)
- possible commands
/l /list list cheaters and resp. cheat
/c /clear clear list
/a /add add a cheater
/r /remove remove a cheater
/autoban on/off
- disallow manual additions or if manual additions are allowed a reason still have to be provided (for not putting non-cheaters on the list just for bad language, which is quite common) <-- maybe not appritiated by the majority.
these are just suggestions and i have full understanding that this would take time. i can contribute with suggestions/testing/basic c/c++ coding.
anyone else think its a good idea? flaws? improvements? remember. keep it simple for starters...
|
Sorry for rising this thread again but can some1 give working link to the hack detector pls :S
|
afaik this one is for 1.15.3 only and there is no such thing for 1.16.1 yet
|
|
|
Please upgrade to this patch 1.16.1. Thanks.
|
On September 07 2011 03:33 Coach wrote:
Please upgrade to this patch 1.16.1. Thanks.
That would be pretty sweet I agree..... ^^
|
10387 Posts
|
Germany2896 Posts
It wouldn't be very useful. Most of the stuff it detects have been patched. This leaves Automine and Multicommand.
Multicommand occasionally has false-positives which leads to people accusing their opponent of hacking because they don't understand this and thus don't check the replay manually. So updating alone wouldn't be enough here. I would need to improve it.
Automine worked fine, but from what I heard current auto-mine hacks don't send all workers in the first frame of the game anymore. Instead they spread it out slightly over time, so it becomes harder to distinguish it from a normal split. Thus in its current form it wouldn't be very useful either.
If it were useful in its current form I would have updated it long ago, since purely updating is very simple. But I'm too lazy atm to make any improvements to the detection algorithms.
Are there any common hacks that can be detected from a replay? i.e. does BWHF find hacks in a significant number of games?
This is a remote detector. So it can only detect hacks which leave a trace in the game itself. This means that maphack, stathack etc. can't be detected with this method. To detect those you need to run the anti-hack on the computer of the hacker.
Antihacks such as the ICCup AntiHack must run on the hackers computer. This is of course only possible if you can punish people for not using it, for example by giving them less points on a private server or requiring them to use it for a tournament.
|
|
|
|
|
|
|
|
EPT
