Hacking/glitching

Users who are viewing this thread

william2401

Banned
I don't know if this is hacking or glitching, but people randomly start spazzing out in multiplayer and holding their arms out like they are on a cross or something. whatever this is, I don't think it can be explained by the fact that it was beta tested in a different version. fix this, now pls.
 
This is not a hack. It's usually caused by players having a different version than the server or some of the graphic files are a bit wrong.
 
are you telling me that every of the 80 players on the server I was just on have different version? cause everyone just started dancing
 
did anyone else in the server complain about it?
And no, it does not need to be those player's fault. It could be just you, or it could be the server.
edit:
Would you mind to not multipost and edit your post instead? Additionally, your link does not seem to work for me. Could you try linking the image directly?
 
I heard it i due to somebody hacking the server...

MaHuD said:
did anyone else in the server complain about it?
And no, it does not need to be those player's fault. It could be just you, or it could be the server.
edit:
Would you mind to not multipost and edit your post instead? Additionally, your link does not seem to work for me. Could you try linking the image directly?

I was on a server yesterday, it happened there and several players were complaining about it...
 
http://cloud-4.steampowered.com/ugc/31854036007851303/B3DF32C8FF475AFEA2DB7B5E8E930390318CA843/
I present to you mount and blade warband:Just dance dlc

this link should work
 
1024x0.resizedimage

1024x0.resizedimage

1024x0.resizedimage
 
I just got of the official EU naval server, this happened just as we were stepping of. Almost everybody complained about it, and those that didn't left the server...
 
Hmm.
Both the Deluge and Víkingr have suffered from this form of exploiting. Players would find themselves with weapons not even available to the admin panel, avatars would move around the map in unpredictable ways to be followed by the server eventually collapsing in of itself. Our last event in the Deluge, as the Lucky Dogs, was cancelled due to someone dicking around with these exploits before we had even begun.
 
Leifr Eiríksson said:
Hmm.
Both the Deluge and Víkingr have suffered from this form of exploiting. Players would find themselves with weapons not even available to the admin panel, avatars would move around the map in unpredictable ways to be followed by the server eventually collapsing in of itself. Our last event in the Deluge, as the Lucky Dogs, was cancelled due to someone dicking around with these exploits before we had even begun.

#badcode ?
 
In the case of the Deluge and Víkingr, the attacker(s) exploited WSE vulnerabilities. Could be similar vulnerabilities have been worked into VC's code. There's been some reports about it both here and in the Support forum, but it seems they've been largely ignored.

(To be fair, though, this kind of thing is best ignored in public and quickly and vigorously dealt with behind the scenes)
 
Here is the exploit:
Code:
script_game_receive_network_message:
(else_try),
      (eq, ":event_no", 122),
      (store_script_param, ":sub_event", 3),
      (try_begin),
        (eq, ":sub_event", 1),
        (store_script_param, ":agent_id", 4),
        (store_script_param, ":animation_id", 5),
        (store_script_param, ":channel_no", 6),
        (try_begin),
          (agent_is_active, ":agent_id"),
          (agent_is_alive, ":agent_id"),
          (agent_set_animation, ":agent_id", ":animation_id", ":channel_no"),
        (try_end),

And here is how you can use the exploit:
Code:
(multiplayer_send_4_int_to_server, 122, 1, <agent_id>, <anim_id>, [channel_no]),

FIX IT!

Why is the client allowed to do that? Can't you make it server side (of course you can but my question is why making it client side?) ?
 
The_dragon, it's already been fixed in the code. It should be fine with next official update.

Also, I am to blame for that mess. It's an old part of code, I just didn't though much about security back then, since I never had problems with 'hackers' in M&B. I'm double-checking everything now.
 
Here are the security bugs that I found:
- the horn, warcry, shield taunt; all have the conditions client side
- the sub events from the event 120: 5, 6, 7, 8, 9, 10, 12, 13, 14, 15 (I think these should all be client side)
- the event 121 (should be client side)
- the sub events from the event 122: 1, 3, 4, 5, 6, 8 (thor hammer/armor; should be client side)
- the event 123 (should be client side)
- all sub events from the event 124 (should be client side)
- the event 125 (contains visual things; should be client side)


Also optimize the mission templates triggers...there are lots and lots of generalized triggers, so that's why there is an infernal lag in multiplayer; also there are SP triggers in MP. Also there are some mistakes like running server side operation on client side (like agent set wielded weapon) (that is because of the generalized triggers).

I also found this: "(ti_on_agent_spawn, 0, ti_once, " - ti_once will do nothing (because it is a special trigger)... or maybe it will do but why running that block of code only after the first agent spawned???
 
Yes. It is pretty easy to write a couple of hacks.
Please fix that. Also fix all those horrible horrible loops in your code, frame checks and useless checks. It adds on server performance quite significantly.
 
Back
Top Bottom