pyBEscanner

Torndeco

Valued Member!
https://github.com/T...eco/pyBEscanner


README

pyBEscanner

A simple python application with goal of scanning arma2 + battlelog files.
This this not protect against people using a battleye bypass


Features:

* Multiple Servers ( No multi-threading support, it scans 1 server at a time )​
* Scans battlelogs​
* Whitelist + Blanlist + Kicklist filters with regrex features​
* Auto-purges logs as it scans, reduces need to re-scan​
* Makes backup logs files & splits them up into folders based on date​
* Makes actions logs i.e​
scripts-bans.txt /​
scripts-kicks.txt /​
scripts-unknown.txt.​
* Ability to pick per file different scan settings​
Standard - Ban only for blanlisted code...​
Standard+Kick - Ban only for blacklisted code​
+ kick for unknown code entries...​
Strict - Ban for everything not in​
whitelist filter​
* Ability to detect multiple attempts i.e user spamming an logfile​
i.e​
If u could ban a player than appears in setpos.log​
10 times in 5 seconds if u wanted to...​
Or​
U can also add in different triggers i.e different triggers for​
pipebombs / grenades etc...​

Directory Layout
<pyBEscanner install directory>pyBEscanner.py​
[Main Python Script.... This is what u run]​
<pyBEscanner install directory>/conf/servers.ini​
[Settings File, reloaded everytime before a log scan]​
<pyBEscanner install directory>/filters>​
[Filter file directorys, were filters are located.​
If u arent using Custom Filter Setting]​
<pyBEscanner install directory>/rcon/​
[Source code available for exe's in src directorys, read the readme.txts]​
<server battleye directory>/pyBEscanner/filters​
[Location of whitelist / kicklist / blacklist / spamlist filters]​
<server battleye directory>/Logs/Battle Logs - %Year-%Month-%Day​
[Location of archived battleye logs,​
also contains any bans/kicks/unknown logs]​


Installation
Copy conf/servers-example.ini -> conf/servers.ini​
Edit conf/servers.ini​
Start pyBEscanner.py​

Requirements
Python 2.7​
Mono + Wine (Only for Linux / Unix / BSD etc)​


Known Issues
* No python rcon networking code​
* There is no to very little exception handling code...​
So if u make a typo in filter files will cause app to crash​

Notes:-
* U can alter the settings & pyBEscanner filters & settings, while the​
program is running. Just avoid making any typo mistakes​
 

shinkicker

Administrator
Staff member
Sounds cool, moved your thread into a new home. If it picks up traction we will set up a sub forum for it (keep me updated).
 

MaRs

Well-Known Member
Yet another log scanner..... What about hackers with script bypassers ?
They can still hax to the max. Log scanning is just not enough.
 

shinkicker

Administrator
Staff member
Yet another log scanner..... What about hackers with script bypassers ?
They can still hax to the max. Log scanning is just not enough.
If someone has an undetected bypasser there is nothing no one can do. However they get detected soon enough which is when all the plebs are still trying to run it and so we get to pick them up and Ban them.
 

MaRs

Well-Known Member
Indeed. Not untill the standalone. arma coding is a mess. anti-cheat needs to memory scan or whatever. Not a simple log scanner. Thats just not enough.
 

Torndeco

Valued Member!
Yes this app only scans battleye logs

Its main purpose is to archive the logs based on day.
Scan at regular intervals i.e 10 seconds
Ban / Kick players based on filter settings...

But yes it will basicly never catch a player using a battleye bypass, never said it would.
If u wanted u could try & write some server code, and then output some code to the rpt logs & get app to banned based off that. But thats prob gonna cost u cpu wise, with v.limited payoff.

I just wrote the above to help reduce my admin workload, and to hopefully replace dayz anti-hax (as it is currently barely working for me).

warning:- This app is not quiet ready yet to replace dayz anti-hax.
 

Quarterbreed

Well-Known Member
i dont know why i can creat a thread.. its saying the code i put it to post is wrong.. even tho i did it 20 times and was correct...

anyways heres my problem with Anti Hacks can anyone help me

i dont know why it doesnt, unless their named something else in DB.. i looked at all sapwns and there isnt 1 motorcycle on it, and i have 55 vehicles on it..

and another note i installed anti hack on my server got it running but shows this code.. how do i fix it

WARNING: Failed to read from remoteexec.log!
The file may not exist as BE hasn't created it yet, you can ignore this message if
you make sure the executable is located in your server's '/BattlEye' directory!
WARNING: Failed to read from mpeventhandler.log!
The file may not exist as BE hasn't created it yet, you can ignore this message if
you make sure the executable is located in your server's '/BattlEye' directory!
 

Torndeco

Valued Member!
@ Quarterbreed
Kinda depends which server package u are running... default spawns that come with it, might not have all the vehicles on it.....


The warnings dayz ant-hax is just telling u the log file isnt there. Battleye wont create the log file till there is something to log in it...
Once u are running dayz-anti-hax in your battleye folder u should be ok... Try making an empty remoreexec.log & u should see the warning go away...


@ Everyone
Update news for anyone interested

Added kicklist filter & renamed existing filters, to make it easier & more flexiable
Its is now
*.banlist / *.kicklist / *.whitelist

Added parsing addmagazinecargo.log

Goal for weekend is to fix outstanding issues + added code for detecting of multiple entries in a short period.
 

Quarterbreed

Well-Known Member
ok so i made a remoreexec.log and a mpeventhandler.log when their empty and i run anti hax does this mean its working

Initialization complete. Waiting to execute first pass...
11/7/2012 4:54:01 PM - Starting pass #1...
11/7/2012 4:54:01 PM - Finding GUIDs to ban...
11/7/2012 4:54:01 PM - 0 GUIDs banned. Cleaning up...
11/7/2012 4:54:02 PM - Pass #1 complete.
11/7/2012 4:54:32 PM - Starting pass #2...
11/7/2012 4:54:32 PM - Finding GUIDs to ban...
11/7/2012 4:54:32 PM - 0 GUIDs banned. Cleaning up...
11/7/2012 4:54:32 PM - Pass #2 complete.
11/7/2012 4:55:02 PM - Starting pass #3...
11/7/2012 4:55:02 PM - Finding GUIDs to ban...
11/7/2012 4:55:03 PM - 0 GUIDs banned. Cleaning up...
11/7/2012 4:55:03 PM - Pass #3 complete.
11/7/2012 4:55:33 PM - Starting pass #4...
11/7/2012 4:55:33 PM - Finding GUIDs to ban...
11/7/2012 4:55:34 PM - 0 GUIDs banned. Cleaning up...
11/7/2012 4:55:34 PM - Pass #4 complete.
 

Torndeco

Valued Member!
@Quarterbreed
No don't do that...

Long version =
Battleye doesnt create any log files till there is something to put in it...
Dayz Anti-hax was just telling u it couldnt find 2 log files... because battleye didnt create them yet
Was nothing to worry about

Simple version = its working...
 

Quarterbreed

Well-Known Member
ok thx jsut wanted to be sure.. so once someone gets banned it will add it to its thing i c.. thx for the help.. and as for custom vehicles im gonna have to look that up now.. i added a suv to spawn and class but not surre what to put for the id
 

Torndeco

Valued Member!
@Quarterbreed
Ignore the warning, its the very same thing again...


@ Everyone else..
Tagged release 1.0, really should have called it 0.1 but oh well new to git...
Nothing has changed, just what i call stable minus the issues in README

The latest commits are aimed @ solving race conditions when battleye writes multiple lines when pyBEscanner is scanning at the same time.

Will see about get some standard examples of filters together tomorrow for app...
 

Torndeco

Valued Member!
Ok so a status update for anyone curious...

Been doing some polishing work, in regards to the setup file servers.ini
To make it easier to setup and getting a default set of filters together
Also been ironing out some parsing bugs...

Also added ability for server admins to customize the ban messages for example
Code:
Ban Message = DATE_TIME: PLAYER_NAME on SERVER_NAME

Assuming no last minute typos / bugs will tag this latest commits in afew hours

---------
---------

Hoping to get starting on added feature to detect when players spawn log files i.e createvehicles.log, sometime tomorrow...
 

Torndeco

Valued Member!
Already told Quaterbreed its safe to ignore those warnings, since there is nothing logged there is no log file...
Aud u shouldn't tick read-only, as battleye will need to write to the file to update the log file...

Also would be nice if people made up another thread for questions on dayz anti-hax...
 

Torndeco

Valued Member!
Another small weekly update...

Spam detection is basicly almost done, will finish it after i get some sleep :)

Basicly the new spam filters format =
<Number of detections> <elapsed time in seconds> <action> <regrex rule>

Other changes over the week were mainly small fixes & some small improvements to performance i.e using cPickle over pickle.

Also thx to k4n30 for making for updating the filters so they are actually usefull outof the box now :cool:
 
Top