26

Re: Official Aimbot Discussion

Yep.
Teeworlds is open-source, so you can delete the condition and just say to the server.
"Clear, connect me."

Every idea which concern client isn't good, cause it can be modified.

|ZPote| buffer[]'s posterous

27 (edited by Lanta 2009-05-25 20:13:43)

Re: Official Aimbot Discussion

buffer[] wrote:

Yep.
Teeworlds is open-source, so you can delete the condition and just say to the server.
"Clear, connect me."

Every idea which concern client isn't good, cause it can be modified.

so my idea is good? big_smile
it will be an external app with closed source

Support Staff - ESL.eu Teeworlds Admin

28

Re: Official Aimbot Discussion

Woaw,
Detecting perfectly a bot is _theorically_ impossible, so why are you searching for pratical possibilities ?
I don't get it

Play ctf_fall if you dare!

29

Re: Official Aimbot Discussion

azmeuk wrote:

Woaw,
Detecting perfectly a bot is _theorically_ impossible, so why are you searching for pratical possibilities ?
I don't get it

if mouse movements are different from cursor movement there must be a cheat... !!!
so IT IS POSSIBLE to detect bots... ^^

Support Staff - ESL.eu Teeworlds Admin

30 (edited by buffer[] 2009-05-25 20:37:20)

Re: Official Aimbot Discussion

And how do you get it form the server ?
So he's right.

And you can make cursor and mouse move. ^^

|ZPote| buffer[]'s posterous

31 (edited by Lanta 2009-05-25 21:07:23)

Re: Official Aimbot Discussion

buffer[] wrote:

And how do you get it form the server ?
So he's right.

what!?!?!? XD if the clients detect that mouse movement is different from cursor movement, it call the server tool that ban for x minutes the Ip of the client...

buffer[] wrote:

ìAnd you can make cursor and mouse move. ^^

If you have a bot, mouse movement/key pressing is different from the real. So it can be detected.

I had only the idea, it is possible to make it, it will take a lot of work but it is possible...

Support Staff - ESL.eu Teeworlds Admin

32

Re: Official Aimbot Discussion

mrlantastic wrote:

what!?!?!? XD if the clients detect that mouse movement is different from cursor movement, it call the server tool that ban for x minutes the Ip of the client...

And what can prevent me to do my own client that don't call the server ?

mrlantastic wrote:

If you have a bot, mouse movement/key pressing is different from the real. So it can be detected.

How can you prove it's different from the real ? Some bots don't even use the game interface you know ...

Play ctf_fall if you dare!

33

Re: Official Aimbot Discussion

Hi!

What do you think about this concept?

My tool would detect known aimbots through detecting injected/manipulated code and the injectors

http://lipski.co.at/images/twac.png

After finishing my current project, I could try to realize this one big_smile

34

Re: Official Aimbot Discussion

so if i combine 2 popular client mods which arent for cheating i would be banned? ^^

uptee - a simple web interface for hosting and maintaining teeworlds servers
teerace - a website gathering results of trusted Race-mod servers providing global ranking and statistics
*gV* rox ^^

35

Re: Official Aimbot Discussion

Detecting perfectly a bot is _theorically_ impossible, so why are you searching for pratical possibilities ?

We are not agree with you, because on our servers we coded auto-anti-cheater systems, and they were about to be correct. But it is hard to make them 100 % reliable, and we don't want to ban honest players, even just one time.

And stop incredible and no open-source projects !!! TeeWorlds is a free game, else make a fork with your own servers which can be played only with your binary client !!!

36

Re: Official Aimbot Discussion

mccae wrote:

Hi!

What do you think about this concept?

My tool would detect known aimbots through detecting injected/manipulated code and the injectors

http://lipski.co.at/images/twac.png

After finishing my current project, I could try to realize this one big_smile

The problem is what happens when some one hacks the TWAC client? Remember, anything on the client can be modified. Any traffic that is going over the network can be modified. Here is the reason why I haven't done anything to prevent the cheating. It's a hopeless battle and is even more hopeless with open source because hacking around the anti-cheat is simple. It takes more time to develop the anti-cheat then to develop the cheat.

37

Re: Official Aimbot Discussion

matricks wrote:
mccae wrote:

Hi!

What do you think about this concept?

My tool would detect known aimbots through detecting injected/manipulated code and the injectors

http://lipski.co.at/images/twac.png

After finishing my current project, I could try to realize this one big_smile

The problem is what happens when some one hacks the TWAC client? Remember, anything on the client can be modified. Any traffic that is going over the network can be modified. Here is the reason why I haven't done anything to prevent the cheating. It's a hopeless battle and is even more hopeless with open source because hacking around the anti-cheat is simple. It takes more time to develop the anti-cheat then to develop the cheat.

You can't decompile native compiled code (you would get a shitload of assembler commands)

There are serval techniques to prevent packet manipulation, manipulations of the client and to detect self written fake anti cheat clients which could send for example MD5 sums which are always OK.

Take a look at the anti cheat tool Punkbuster by Evenbalance which is used for the most multiplayergames from EA (electronic arts). It works perfectly,...

38

Re: Official Aimbot Discussion

Hello,

I haw a ide smile they shod make a searching program that starts to search for aim bot wen tee world starts to lode tongue like in wow so no one can bot xD

Don't Think Before Shooting Just Shoot  smile

,,,JOIN MY CLAN smile  <[The-G]>

39

Re: Official Aimbot Discussion

Bobo-G wrote:

Hello,

I haw a ide smile they shod make a searching program that starts to search for aim bot wen tee world starts to lode tongue like in wow so no one can bot xD

Did you even read 1 post in this thread? You can just modifiy the client so it doesn't search for the aimbot...

Hooker's collection of the most Tee-ish skins!
http://www.teeworlds.com/forum/viewtopic.php?pid=39896

40

Re: Official Aimbot Discussion

Why they make TW not more Open Source. And they can sell TW-Bots that it can used for 1 Month for 15$ or like that.
Thats my idea.

41

Re: Official Aimbot Discussion

mccae wrote:
matricks wrote:
mccae wrote:

Hi!

What do you think about this concept?

My tool would detect known aimbots through detecting injected/manipulated code and the injectors

http://lipski.co.at/images/twac.png

After finishing my current project, I could try to realize this one big_smile

The problem is what happens when some one hacks the TWAC client? Remember, anything on the client can be modified. Any traffic that is going over the network can be modified. Here is the reason why I haven't done anything to prevent the cheating. It's a hopeless battle and is even more hopeless with open source because hacking around the anti-cheat is simple. It takes more time to develop the anti-cheat then to develop the cheat.

You can't decompile native compiled code (you would get a shitload of assembler commands)

There are serval techniques to prevent packet manipulation, manipulations of the client and to detect self written fake anti cheat clients which could send for example MD5 sums which are always OK.

Take a look at the anti cheat tool Punkbuster by Evenbalance which is used for the most multiplayergames from EA (electronic arts). It works perfectly,...

There are people able to read this assembly, and there is packet sniffer. It will take much more time, as matricks said, to write that protection that to break it. And you can not persuade people to use such a tool.
There was spend many $$ to develop protection that will prevent people from ripping of DVDs, and guess what, it got broken few hours after release by 17 years old boy...

Drowning dwarves lately

42 (edited by Lanta 2009-05-26 18:12:55)

Re: Official Aimbot Discussion

azmeuk wrote:
mrlantastic wrote:

what!?!?!? XD if the clients detect that mouse movement is different from cursor movement, it call the server tool that ban for x minutes the Ip of the client...

And what can prevent me to do my own client that don't call the server ?

mrlantastic wrote:

If you have a bot, mouse movement/key pressing is different from the real. So it can be detected.

How can you prove it's different from the real ? Some bots don't even use the game interface you know ...

I will answer your 2 questions in 1:
I've just begin developing and it will work. Now i'm developing the bot detection and i'm at a good point. After this i will develop the connection between server app and client tool, so i will introduce some system to prevent bypassing the anti-cheat system. Be sure it will work, because the source will be closed so they won't be able to read how client and server communicate. If your client app don't contact the server tool, it will not be allowed to join the server... XD

They will read my assembly? ... no ... there is only a remote possibility ...
They will use a packet sniffer? ... no... read mccae answer

And if you make me more question about this system, i will no answer detailed. It's because i don't want to suggest cheaters how to bypass my system before making it big_smile

Support Staff - ESL.eu Teeworlds Admin

43

Re: Official Aimbot Discussion

mrlantastic wrote:
azmeuk wrote:
mrlantastic wrote:

what!?!?!? XD if the clients detect that mouse movement is different from cursor movement, it call the server tool that ban for x minutes the Ip of the client...

And what can prevent me to do my own client that don't call the server ?

mrlantastic wrote:

If you have a bot, mouse movement/key pressing is different from the real. So it can be detected.

How can you prove it's different from the real ? Some bots don't even use the game interface you know ...

I will answer your 2 questions in 1:
I've just begin developing and it will work. Now i'm developing the bot detection and i'm at a good point. After this i will develop the connection between server app and client tool, so i will introduce some system to prevent bypassing the anti-cheat system. Be sure it will work, because the source will be closed so they won't be able to read how client and server communicate. If your client app don't contact the server tool, it will not be allowed to join the server... XD





OMFG!! Thats a good ide smile

Don't Think Before Shooting Just Shoot  smile

,,,JOIN MY CLAN smile  <[The-G]>

44

Re: Official Aimbot Discussion

mrlantastic wrote:
azmeuk wrote:
mrlantastic wrote:

what!?!?!? XD if the clients detect that mouse movement is different from cursor movement, it call the server tool that ban for x minutes the Ip of the client...

And what can prevent me to do my own client that don't call the server ?

mrlantastic wrote:

If you have a bot, mouse movement/key pressing is different from the real. So it can be detected.

How can you prove it's different from the real ? Some bots don't even use the game interface you know ...

I will answer your 2 questions in 1:
I've just begin developing and it will work. Now i'm developing the bot detection and i'm at a good point. After this i will develop the connection between server app and client tool, so i will introduce some system to prevent bypassing the anti-cheat system. Be sure it will work, because the source will be closed so they won't be able to read how client and server communicate. If your client app don't contact the server tool, it will not be allowed to join the server... XD
They will read my assembly? ... no ... there is only a remote possibility ...
They will use a packet sniffer? ... no... read mccae answer

Do you think it is possible to write such a tool? So why is it possible to download software worth hundreds of bucks from torrents? And, it is possible to edit that md5 sum-packets too smile

Drowning dwarves lately

45

Re: Official Aimbot Discussion

"Those Who Sacrifice Liberty For Security Deserve Neither" - Ben Franklin.

Who the hell wants to run proprietary crap because of a few cheaters? I'd rather play on private servers with people I trust only. And by the way -- as a professional software developer, I'm telling you: if someone wants to cheat, they will find a way around your system. You are only wasting your time, but heh, everyone needs a hobby.

46

Re: Official Aimbot Discussion

Magnet wrote:

"Those Who Sacrifice Liberty For Security Deserve Neither" - Ben Franklin.
You are only wasting your time, but heh, everyone needs a hobby.

Ok... i've wasted too much time... xD
i leave space to mccae and to his idea.. XD

Support Staff - ESL.eu Teeworlds Admin

47

Re: Official Aimbot Discussion

mrlantastic wrote:
Magnet wrote:

"Those Who Sacrifice Liberty For Security Deserve Neither" - Ben Franklin.
You are only wasting your time, but heh, everyone needs a hobby.

Ok... i've wasted too much time... xD
i leave space to mccae and to his idea.. XD

smile

Creating such a tool is not easy...

The netcode will base on already written classes of my older private projects,...
Monitoring memory etc. and integrating the serverside app into the teeworlds server will be the hardest part.

But I don't know if other players would download a extra tool to join protected servers. This depends on how much serverproviders would use this anti cheat app

48

Re: Official Aimbot Discussion

I don't think that many people will use the tool.
[Well, it's not official.]

The most bots are working like this:
Enemy in reach -> lock target -> shoot

If we take the time between aiming and fire or the moved way between two ticks[??], it would be possible to detect a couple of aimbots.
[The most ones are so fast, they kill in 1/10 second..]

I don't know if it would work, but I don't know why anybody uses a Aimbot too.

We never will win the fight it is impossible.
We can try it, we can detect a couple of bots, but they can update the bots faster or program the behavior so randomly that it will be harder again and again.

To put it all in a nutshell:
We can win a battle, but we can't win the war!

Do you search for a low ping Teeworlds-Server within seconds?
Here you can find it:
>> www.Teeworlds-Server.de

49

Re: Official Aimbot Discussion

Although it is certainly true that the developers can update their bots a lot faster then we can counteract them, it are rarely the developers that actually use the bots. Last month's uprising of bots was mainly caused because some developers made their bots leak making them spread pretty fast among the community. Many people who never had the intention of using bots gained free access due to posts that stayed open for a few hours and uncontrolled IRC spam. Now the not so good players all of sudden could give themselves the illusion that they had become good, and at the same time get the attention which they hope to achieve with their childish behavior.

Now if we would at least try to disable some of these bots, and while the developers would eventually develop new ones, it would still take quite some time before this spread among the community. Moderators could monitor the official forum a bit better in order to prevent bot leaks, and fansites should take their responsibilities as well. The IRC channels related to Teeworlds should ban anyone who gives links to host sites. Yes, in time those that want bots will gain access to them by means of other ways, but this could take a while and can only be done by those that actually want to invest their time into tracing, contacting and accessing the developers. As long as the community controls the distribution paths (forum, websites, irc) we should be able to gain some kind of an advantage on those that develop this software.

50

Re: Official Aimbot Discussion

I really don't like the idea of making a closed source solution because it defeats the purpose of Teeworlds being open source. If TWAC is also open source, it will be very very easy to circumvent it as well. Secondly, security by obscurity (reading assembler) is not security, it's just foolishness.

EDIT: I would go so far as saying that servers that requires closed source client or client software to connect to would be banned from the master servers.