superlube
Member
Hey everyone.
I doubt I'm the only one who has noticed this and want to get some other peoples opinion on it.
While I was manually parsing though some logs after a server wide "gangnam style" hack, I came across something interesting: (Search "caught" in script.log")
Over the past few days, I have had up to 190 of these lines or similar. Sometimes the "hackername" portion is just "1%" which I am assuming means that the hacker is using a bypass. In the logs, after the lines mentioned above, every "playername" would spam a whole lot of foreign logs which resembles some form of hack defense - similar to monkey monitor. I've also noticed that when a hacker causes the whole server to be kicked, a few players remain on the server - same as the ones listed in the logs as catching the hacker.
A quick google shows Rustler Anti-hack is part of a hack pack (which I will obviously not link in this forum). I've also seen Wizard anti-hack in my logs as well.
I've had up to 23 people with this log some nights at once reporting one hacker, few of which I assumed were legit players. The reported hackers have been actual hackers which I had banned myself manually via other evidence.
My question is, would every player listed in the log be using the Rustler hack or could it only be one person and notifying other players that a hacker has been caught? (Which could be why they are executing the script). I personally have never seen a message like this in-game but I also don't play on my own servers.
The reason I'm asking is because I was going to add a kick rule for anyone getting this message but don't want to cause any inconveniences for actual players.
Cheers
I doubt I'm the only one who has noticed this and want to get some other peoples opinion on it.
While I was manually parsing though some logs after a server wide "gangnam style" hack, I came across something interesting: (Search "caught" in script.log")
Code:
21.01.2013 22:03:16: Playername1 (00.000.00.000:2304 abcdefghijklmnopqrstuvwxyz - #192 "['Rustler Anti-Hax', 'Caught: Hackername1', 'For: TP'] spawn BIS_fnc_infoText;"
21.01.2013 22:03:16: Playername2 (00.000.00.000:2304 abcdefghijklmnopqrstuvwxyz - #192 "['Rustler Anti-Hax', 'Caught: Hackername1', 'For: TP'] spawn BIS_fnc_infoText;"
21.01.2013 22:03:16: Playername3 (00.000.00.000:2304 abcdefghijklmnopqrstuvwxyz - #192 "['Rustler Anti-Hax', 'Caught: Hackername1', 'For: TP'] spawn BIS_fnc_infoText;"
21.01.2013 22:03:16: Playername4 (00.000.00.000:2304 abcdefghijklmnopqrstuvwxyz - #192 "['Rustler Anti-Hax', 'Caught: Hackername1', 'For: TP'] spawn BIS_fnc_infoText;"
21.01.2013 22:03:16: Playername5 (00.000.00.000:2304 abcdefghijklmnopqrstuvwxyz - #192 "['Rustler Anti-Hax', 'Caught: Hackername1', 'For: TP'] spawn BIS_fnc_infoText;"Over the past few days, I have had up to 190 of these lines or similar. Sometimes the "hackername" portion is just "1%" which I am assuming means that the hacker is using a bypass. In the logs, after the lines mentioned above, every "playername" would spam a whole lot of foreign logs which resembles some form of hack defense - similar to monkey monitor. I've also noticed that when a hacker causes the whole server to be kicked, a few players remain on the server - same as the ones listed in the logs as catching the hacker.
A quick google shows Rustler Anti-hack is part of a hack pack (which I will obviously not link in this forum). I've also seen Wizard anti-hack in my logs as well.
I've had up to 23 people with this log some nights at once reporting one hacker, few of which I assumed were legit players. The reported hackers have been actual hackers which I had banned myself manually via other evidence.
My question is, would every player listed in the log be using the Rustler hack or could it only be one person and notifying other players that a hacker has been caught? (Which could be why they are executing the script). I personally have never seen a message like this in-game but I also don't play on my own servers.
The reason I'm asking is because I was going to add a kick rule for anyone getting this message but don't want to cause any inconveniences for actual players.
Cheers
