|
Well I was a little bored today and I saw something in starcraft news that reminded me about a hacker investigation several months ago that was never proven so I decided to watch some of his more recent replays and see if I could find any "proof." I actually sort of enjoy trying to be like a detective seeing if I can prove or debunk accusations, normally I can come up with a conclusion that I am very confident with but I just keep it to myself because it is not completely concrete and would just spark a ton of opinionated speculation.
Well I thought I enjoyed it, but I actually found something that is concrete proof and now I feel obligated to write a report. It turns out the search was fun but now I am dreading the "reward", aka getting people banned and having to explain in detail my methods. Another reason this is not going to be fun, is because once I announce this, hackers will stop using this method, thus I feel obligated to not only accuse this person, but seek out all others who can be caught in the same fashion. But I guess I am not obligated to do this because most old replays will probably stay in existence on the internet for a long time so they can be caught at anytime.
This really should be a lesson for all hackers or potential hackers (or even real life criminals), time and time again they thought they wouldn't be caught, but much later new methods come about which can be applied to old replays (or blood for example). So sure you might get away with hacking for now, but more likely than not you will eventually be caught.
And note this person is not in TSL, but there might be others catchable by the same method in the TSL. I am not saying who for now, because I do not want to make an accusation without proof (and I have provided no proof yet), I will do that tomorrow or soon.
Question, to try and automate finding hackers, I need two things: 1) A massive database of replays from matches where people should not be hacking (online tournaments, clan wars, or whatever) or just well known players (no point in showing some complete noob hacks). 2) Some command line tool to analyze replay information or maybe source code to bwchart or the like. Does anyone know where to get either of those? Or maybe it would be better to just announce the method and hope many people will check many random replays making it not needed to be automated.
 
|
http://www.iccup.com/iccclanleague/
1) Pick the team with the player you're curious about.
2) Find a Clan War that player played in by clicking Details.
3) Replays of all games are available.
Although I am curious as to your method, if you don't want to make it public could you at least PM me with it :p
|
infinity21
Canada6683 Posts
Don't do it, he's mafia!!
|
You should announce the method. There are some skilled and talented coders here, and maybe you can get one of them interested in helping you automate your process. Also, if you announce the method, we can discuss it, and perhaps refine it.
|
i suppose compiling a list of these coders and allowing him to PM them would fare better as to not release the method? :3
dono
|
Braavos36362 Posts
Or, you could just PM the admins of TSL (cough, us) and let us know, because we have all the replay packs of all the people in the top 48.
|
*has a feeling its the split on 5 5 5 5 5 5 5 5*
If it isnt I will be extremely impressed.
|
Suspense is killing me please post i need to know if its the 5 split or something new. I would go ape shit crazy if its something new i need to knowwwww
|
On April 15 2008 13:04 infinity21 wrote:
Don't do it, he's mafia!!
haha nice,
on topic good job, hackers ruin starcraft
|
yeah i am also wondering if this really is something knew or just the worker split at timestamp 5.
If you are searching for replays try out this:
http://rapidshare.com/users/VM6FPA
Thats from Col_Drake and he gathered a lot of replays. You could search in the latest wgt clanleague and iccup clanleague packs. There you will find replays of all known clans.
|
Thanks for tips, I guess it is just best if I tell TL.net the method and let them decide what to do about it. It isn't autosplit, it is something new, but its nothing complicated, I wouldn't be surprised if it hasn't been discovered before although I saw no mention of it anywhere.
Edit: Also I really don't think this will have much effect on TSL because as far as I know ICCup andti hack is good.
|
yeah but the players could still hack outside of tsl and i think they would still get banned if they get caught hacking in wgtcl now.
|
Germany2896 Posts
Features which obviously betray a hacker:
All exploits(minhack,set enemy rally etc)
Auto-features(mine,queue,unally,etc)
Multicommand&selectionhack
Stay Alive
Selecting/attacking enemy units under the fog without safeclick on
Other than that I can't think of anything.
So anybody using just a maphack+safeclicks should be safe. And good players probably don't use the autofeatures or exploits ofter.
edit: You can use the BWLib (download eiter from the BWChart site or Taiches site). Taiches version is compatible with newer versions of VisualStudio.
|
Calgary25951 Posts
Oh God tell me. I can keep a secret!
|
Thanks MasterOfChaos, also the thing isn't on the list, all those things are actions that can only be done with hack, but this is actually something that can happen to even non hackers, but its about as close as you can get to hard proof like autosplit. In a game over 10 mins, if you are using a certain hack (possibly more than a certain one not sure), this will happen to you 100% of the time, but if you are not using it, it will happen about 2% of the time. So if say last 5 games were with this property then chance of you not being a hacker is 0.02**5 = about 1 in 300 million.
Hot_bid has asked me not to share it yet, so Chill talk to him for details.
Also another thing you didn't mention MasterOfChaos, but this is not it, is you can detect multicommand hack too, although this is pretty obvious so I doubt anyone not wanting to get caught uses it.
|
Canada7170 Posts
|
So if say last 5 games were with this property then chance of you not being a hacker is 0.02**5 = about 1 in 300 million.
5 consecutive games. I only say that because I just know people would go through a pack of 1000 replays, and calculate the odds all wrong. Although I guess that kind of hurts your detection method, since a knowledgeable hacker could just only hack one game a series. IIII dunno. I'm always really sceptical of these anti-hack systems. I remember the old BWLauncher with that plug-in that kept pausing the replay because a unit out of vision was selected. People would think someone was hacking, up until the point where the realised about half of their own replays did this to them too (since it was more like something you already had selected going out of vision or something).
Well, hopefully your system is good, but if it's a 2% chance (2% for all players? Or will certain playing styles increase that drastically?) of being a false accusation, it sounds really subjective, and frankly bad.
|
Germany2896 Posts
I always assumed safeclicks work correctly. I'm surprised the hackers made such a simple mistake. The disadvantage is, that it will be fixed with the next update 
btw do only zyn's hacks have this clientside click bug, or all of them?
Safe clicks
Undetected (Client-sided) left clicks on anything you wouldn't normally have vision of.
So the description was wrong.
Good catch finding this safeclickbug. 
|
bump
more people should see this
|
flag needs a detective's magnifying glass as his icon
|
|
|
|
|
|
EPT
