Client control mod

[UT99.org]

Sorry, replying to thedane. I thought I had already told him name of a private mod that is on some pub redirects which does this I guess he never read the message or forgot. QValidate and UTDC have the same method, altho UTDC code is hidden. It would be a lot of work for the hacker and in such a dead game people should notice something like this quickly. You would see people complaining about being ACE kicked, or admins asking about the message "unknown loaded DLL 'insert name here'"

[RocketJedi]

Yes, I'm freaking tired of servers constantly adding themselves and their 'friend' servers to my Favorites every time I join them. I have like 25 servers in favorites and 5 that I actually play on.

or deleting your favs in place of theirs as well

[Wises]

Cool idea , indeed. will force certain admins to remove some of the malware they have in there servers > Billybill

actually can you go on his server's and see if anything malicious is there..

ty.

[UT99.org]

That was funny, but seriously do people even check and prove things any more. Or do we all scream about servers that show fake players that really aren't really fake players. Or in Wises's case people implanting viruses on your pc. This stuff is quite easy to prove were it true, so before making these claims what about some proof? Since there is none in this case, I look forward to laughing at you for whatever you think is proof. So please go ahead and post it and stop leaving us all in suspense over supposed evidence. No, thank *you*

[Wises]

well you were stealing NexGen ID's like 2-3 years ago using similar methods described by Kelly up there ^

which is why something like this would be good.

[UT99.org]

haha yeah, well reading and writing to ini files are different things, even if you stop them making changes you've still got problems that are harder to solve. I have yet to see what he's talking about with 'reading all ini settings', it would require different types of reading, including localised variables, many of which I thoguht were only engine accessible. Try setting your language or a lot of other settings by console command for example it's a good indication. What Higor has is the best way to go about it, bring more privacy to mod menu items and everything else. And Ferali's dream of having different folders for each server for it's own config settings and files. You could have different individual keybinds for DM & BT for example. I hate it how people tacticially suicide in DM or CTF when they get a bad spawn or want to go after the flag carrier right after they take the flag, but in BT you need to suicide every time you make a mistake if you play for records or make an unrecoverable mistake. In DM you can easily type suicide in your console instead of waiting to die, but doing it on every bad spawn is just pathetic. And yeah nexgen IDs to ban people, or to give admin to people, it was never secure to start with. And ACE ids are even easier to retrieve since they are sent directly to the log of every ACE server they play on regardless if nexgen is there (plus nexgen encryption key is somewhat hidden in ini files). lol

[papercoffee]

@Wises
LAST WARNING!
every other post not on topic will be deleted!

[Spectra]

Very interesting topic.
However I am noob in terms of Client side or Server-Side mods.

Here what I have got the idea: If a client joins a unknown server for the first time and if this mod "Adrian" detects that the server is doing something stuffs like adding friend servers to Favorites, then Adrian should notify the Client (even if Client is in server or offline) by opening like Pop-up box.

In Pop-up box or something it write the following like:

IP: (IP of Server you are currently playing or played)
IP(n): (IP of another server added by the original server (where 'n' is no. IP of friend server))
Admin Name: (This is optional that who is the admin of that server)

As I said above, this is just an idea about this mod.

[JackGriffin]

Yes, that's it exactly. Added functionality could always be put in openly because the servers cannot influence what we are detecting on the client so the project could (in theory) remain openly coded. It would be up to you as the user whether or not you wanted to run the program each time you went server hopping and will not affect your online experience at all since it only watches things on your end.

I have yet to see what he's talking about with 'reading all ini settings', it would require different types of reading, including localised variables, many of which I thoguht were only engine accessible. Try setting your language or a lot of other settings by console command for example it's a good indication.

Changing variables is much different than reading them. Same thing with pathnodes on a map: I can see all the nodes, read their values, get everything about them but you cannot change them. BTW, I'll explain in private to you but you don't grab ini's line-by-line. You grab them whole

[Wises]

I have yet to see what he's talking about with 'reading all ini settings', it would require different types of reading, including localised variables, many of which I thoguht were only engine accessible. Try setting your language or a lot of other settings by console command for example it's a good indication.

Changing variables is much different than reading them. Same thing with pathnodes on a map: I can see all the nodes, read their values, get everything about them but you cannot change them. BTW, I'll explain in private to you but you don't grab ini's line-by-line. You grab them whole

Seriously...^?

[TheDane]

Come on people, grabbing ini's has been done since I joined the game back in ... Ehm ... was it 2003? not sure .... but I guess that it has been done a lot earlier than that too.

The question is not how it's done, the question is WHAT it will be used for. Therefore I urge each and every player to NOT assign keybinds to anything you don't want to share with the server administrator of the servers you visit. Things like various admin logins should never be keybinded!

I'm iddling right now and am fiddling a little with a client side project that will do this:

- Lock/unlock ini file by console command so you can choose what servers can write to it while beeing online
- Notify if server attempt to read/write ti ini file, including option to auto disconnect when server try to add/delete in favorites
- Tell if a server you browse has fake players, including option to not list them at all
- Check if server auto-redirect you to play on another server, tricky because of mapvote, client switches etc... but I got a good idea in the mixer right now
- and a few other thoughts I need to test before posting further...

[UT99.org]

I'm guessing you mean like some sort of file transfer where it can be parsed line by line on the other end. It's beyond what I thought UScript itself could do with raw files anyway. I assumed you meant going through the vars and arrays one by one, which shouldn't be able to retrieve private vars. And you'd need a different command for localized vars. I still believe you cannot access a whole lot of them. It could be holding me up a little, but please do not share it to me it will make Wises upset And I don't want to see Wises tears

[papercoffee]

I don't know if this is really a good thing to talk in public the mechanics of grabbing user information.
The bad guys know this already... but bad guy aspirants shouldn't get this knowledge that easy.
So explain please, why I shouldn't close this thread and move it into the trash section.

[UT99.org]

Why you shouldn't close thread: I think it's a bluff, if not they keep it in private. The thread was started to gather interest in the idea, and the large amount of responses say there is, now we discuss the projects more

[Dr.Flay]

I just re-read the first post to remind myself of the point of the thread.
Jack is doing well at avoiding certain specifics (hence his offer of a PM), and yes Dane maybe these grabbing techniques are old and well known, but this thread is not the place to reveal them to those that don't know.
And I would thank people to stop baiting Jack into discussing the specifics here.

This thread needs to stick to recruitment/publicity, and direct those with something useful to say, to your work thread, or the future for this thread is more red writing and locking.
The problem with these topics and trying to discuss them in a vague manner because of the public nature, is that some people miss-understand what it is for or what they do, which leads to accusations of foul-play.