Silence bug or hacking of silence feature
Silence bug or hacking of silence feature
I had what we'll call a disagreement with someone on peatcoal's Megafortress EU tonight. I silenced this person two times and, both times, within just a few minutes, he somehow became unsilenced. His comments suggest that he did this deliberately, however he may just be playing on a bug that did this automatically. Note that I have screenshots of what was said, if required.
So, it seems that there may be a bug with the silence feature. If so, does it affect the silence feature automatically or is it one that could allow someone to hack the feature? Of course, it's possible that another bug is being exploited to alter the silence feature. The server in question is running version 0.2.9-sty+ct_alpha_r787 unix dedicated. I'm running a recent 0.4 client.
So, it seems that there may be a bug with the silence feature. If so, does it affect the silence feature automatically or is it one that could allow someone to hack the feature? Of course, it's possible that another bug is being exploited to alter the silence feature. The server in question is running version 0.2.9-sty+ct_alpha_r787 unix dedicated. I'm running a recent 0.4 client.
Playing since December 2006
Re: Silence bug or hacking of silence feature
*Word wonders if it's the same person he had disagreements with earlier while Monkey was present*
Re: Silence bug or hacking of silence feature
Sounds to me that "Someone" has been bringing in "Someone2" leaving as "Someone" and becoming "Someone" then talking to you and you just haven't noticed.
Hope that wasn't confusing.
You surer that's not what's happened and he's just been playing on your failure to even notice it?
Screenshots go something like this?
Monkey : How are you talking to me when I've silenced you?
Someone: Hax
Hope that wasn't confusing.
You surer that's not what's happened and he's just been playing on your failure to even notice it?
Screenshots go something like this?
Monkey : How are you talking to me when I've silenced you?
Someone: Hax
Re: Silence bug or hacking of silence feature
In +ap I know that it seems to go by IP because someone can leave and come back and they're still silenced. Not sure about sty+ct though, maybe they were just leaving and coming back.Monkey wrote:I had what we'll call a disagreement with someone on peatcoal's Megafortress EU tonight. I silenced this person two times and, both times, within just a few minutes, he somehow became unsilenced. His comments suggest that he did this deliberately, however he may just be playing on a bug that did this automatically. Note that I have screenshots of what was said, if required.
So, it seems that there may be a bug with the silence feature. If so, does it affect the silence feature automatically or is it one that could allow someone to hack the feature? Of course, it's possible that another bug is being exploited to alter the silence feature. The server in question is running version 0.2.9-sty+ct_alpha_r787 unix dedicated. I'm running a recent 0.4 client.
You could try creating an instant chat to silence them everytime they leave and come back.
Re: Silence bug or hacking of silence feature
Yeah, do that because pressing escape and enter on player police can be such a pain.
Also you can say things like "be quiet or you'll be effin silenced".
Also you can say things like "be quiet or you'll be effin silenced".
Re: Silence bug or hacking of silence feature
I just assumed you were meaning admin silence, but based on what convict said, You're probably using the client feature. In that case, someone can definitely leave and come back to undo silencing since your client likely doesn't see IPs.Monkey wrote:I had what we'll call a disagreement with someone on peatcoal's Megafortress EU tonight. I silenced this person two times and, both times, within just a few minutes, he somehow became unsilenced. His comments suggest that he did this deliberately, however he may just be playing on a bug that did this automatically. Note that I have screenshots of what was said, if required.
So, it seems that there may be a bug with the silence feature. If so, does it affect the silence feature automatically or is it one that could allow someone to hack the feature? Of course, it's possible that another bug is being exploited to alter the silence feature. The server in question is running version 0.2.9-sty+ct_alpha_r787 unix dedicated. I'm running a recent 0.4 client.
EDIT: You can still make an instant chat since you're using an 0.4 client.
Re: Silence bug or hacking of silence feature
@Nelg
Yes, I was using the client silence feature. Also, I don't think that this guy left and then came back. Maybe I missed it...but twice? Really? I'm not convinced...
@Word
Lol, I think we have been having "disagreements" with the same person, yes. He who shall not be named
Yes, I was using the client silence feature. Also, I don't think that this guy left and then came back. Maybe I missed it...but twice? Really? I'm not convinced...
@Word
Lol, I think we have been having "disagreements" with the same person, yes. He who shall not be named
Playing since December 2006
Re: Silence bug or hacking of silence feature
I'm gonna just go ahead and say "yes, you must've missed it" because you're the only case I've ever heard of and I've tried testing it with 3 different versions...Monkey wrote:@Nelg
I don't think that this guy left and then came back. Maybe I missed it...but twice? Really? I'm not convinced...
Re: Silence bug or hacking of silence feature
Right, and I hate to bring it up, but if the player was using a hacked client then Monkey wouldn't have seen it. How do I know? Because Durf did the same thing to me on 7 Dec 2012. Coincidentally, this was my first introduction to the infamous Durf and it resulted in me silencing him for sexist comments within 30 minutes of playing AoT's "TRON Experience." I witnessed the same thing Monkey did. He would mysteriously unsilence himself at will. Upon inspecting the log file (I still have it) I noticed logout/login entries immediately following each other. And when I say immediately, I mean the switchover was instantaneous, much faster than a person could logout and login with a regular client. Yes, I know that sometimes you can logout/login to the same server quickly without returning to the server browser or custom connect, but you can't do that consistently and this was much faster — plus the logouts did not register in the client console, which is an important detail.ConVicT wrote:I'm gonna just go ahead and say "yes, you must've missed it" because you're the only case I've ever heard of and I've tried testing it with 3 different versions...
It's strange, until I saw this thread I thought it was all in my imagination. But here we are with more people confirming similar incidents.
-
- On Lightcycle Grid
- Posts: 27
- Joined: Sun Sep 06, 2015 3:02 am
Re: Silence bug or hacking of silence feature
This isnt knew. This guy comes in sub and does the same thing. I've made a post on my clans website Bs.
Not ZuLu Fam
Re: Silence bug or hacking of silence feature
Sinewav has pretty much covered it and yes, it was Durf. I say was but really it's is. It's incredibly annoying as he constantly PMs me with his usual crap and I can't silence him. As a result I now have to shout abuse at him in an attempt to get him to stop, or just leave the server that we're in.
Here is a screenshot where he admits (or seems to) that he's unsilencing himself.
Here is a screenshot where he admits (or seems to) that he's unsilencing himself.
Playing since December 2006
Re: Silence bug or hacking of silence feature
well, since this is public now and backed up by multiple sources, I'm not sure there needs to be implemented anything new to prevent this. just start a vote to kick him and refer to this thread if people don't believe that it's possible? of course I'd prefer a flawless silence option and that he's sanctioned, but I guess he'll always find a new way to annoy people for not getting what he wants, and this is at least more harmless than DDoS'ing servers. Perhaps leave, rename and re-enter?
(Again, I do agree that ideally something technical should be done about that, but I also don't think his actions merit even more attention by the devs. he's just a waste of time to deal with).
(but I do wonder whether he's behind the DDoS stuff too - didn't someone on arma forums recently claim that Durf helped him? well, there you go.)
edit: right, this guy did; though it seems impossible to say whether he's honest or not.
(Again, I do agree that ideally something technical should be done about that, but I also don't think his actions merit even more attention by the devs. he's just a waste of time to deal with).
(but I do wonder whether he's behind the DDoS stuff too - didn't someone on arma forums recently claim that Durf helped him? well, there you go.)
edit: right, this guy did; though it seems impossible to say whether he's honest or not.
Re: Silence bug or hacking of silence feature
I'd like to point out that he's in spectator mode so you cant see leaving and coming back in this server.Monkey wrote:Sinewav has pretty much covered it and yes, it was Durf. I say was but really it's is. It's incredibly annoying as he constantly PMs me with his usual crap and I can't silence him. As a result I now have to shout abuse at him in an attempt to get him to stop, or just leave the server that we're in.
Here is a screenshot where he admits (or seems to) that he's unsilencing himself.
Re: Silence bug or hacking of silence feature
It appears that I stand corrected.
When I was on good terms with him, he assured me on several occasions that he's never even looked at the code.
I wanted to know which files to edit before I built 0.4, so that I could make a bot to experiment with (not for cheating, I assure you that I'm better than a bot).
I'd expect lies from him now, but back when I asked about that, I wouldn't have expected a lie at all.
Maybe he thought I was up to something else.
But, Durf: "hasn't seen the code" and Durf: "The code is unreadable, the devs want to keep it that way".
That quote, or a quote to that effect is somewhere on forums (I can't find it).
I know the story about the help and where it was given, and what he told Swag (not rookie), wasn't anything you couldn't find by doing a quick google search.
Also, his servers, among others, were attacked last night.
This whole VPS went down:
I'm just sayin', I doubt he'd do it to his own servers; especially when he was in there chatting with his friends.
Anyway, getting sidetracked.
Just that I don't know what you mean by "much faster than a person could logout and login with a regular client."
I mean, are you saying that he's hacked his client to be able to send and receive information faster?
If that is what you're saying, I don't see a problem with that, if anything he should share it and we'd all be waiting less.
If he hacked the client, that means he's looked at the source, right?sinewav wrote:if the player was using a hacked client then Monkey wouldn't have seen it. How do I know? Because Durf did the same thing to me on 7 Dec 2012.
When I was on good terms with him, he assured me on several occasions that he's never even looked at the code.
I wanted to know which files to edit before I built 0.4, so that I could make a bot to experiment with (not for cheating, I assure you that I'm better than a bot).
I'd expect lies from him now, but back when I asked about that, I wouldn't have expected a lie at all.
Maybe he thought I was up to something else.
But, Durf: "hasn't seen the code" and Durf: "The code is unreadable, the devs want to keep it that way".
That quote, or a quote to that effect is somewhere on forums (I can't find it).
In his defence, that was rookie, and he was trolling.Word wrote: (but I do wonder whether he's behind the DDoS stuff too - didn't someone on arma forums recently claim that Durf helped him? well, there you go.)
edit: right, this guy did; though it seems impossible to say whether he's honest or not.
I know the story about the help and where it was given, and what he told Swag (not rookie), wasn't anything you couldn't find by doing a quick google search.
Also, his servers, among others, were attacked last night.
This whole VPS went down:
I'm just sayin', I doubt he'd do it to his own servers; especially when he was in there chatting with his friends.
Anyway, getting sidetracked.
Are you 100% that you couldn't have /logout, /login example@forums as instant chats?sinewav wrote:Upon inspecting the log file (I still have it) I noticed logout/login entries immediately following each other. And when I say immediately, I mean the switchover was instantaneous, much faster than a person could logout and login with a regular client.
Just that I don't know what you mean by "much faster than a person could logout and login with a regular client."
I mean, are you saying that he's hacked his client to be able to send and receive information faster?
If that is what you're saying, I don't see a problem with that, if anything he should share it and we'd all be waiting less.
Re: Silence bug or hacking of silence feature
The clientside silencing feature is purely tied to the ePlayerNetID object; the remote client controls the lifetime of that so we can support online splitscreen with on-the-fly changes of configuration. It's pretty trivial to modify a client to quickly destroy and recreate its ePlayerNetID, clearing all clientside flags. Maybe it's even possible without code hacks, by just using the splitscreen configuration in some way. As Nelg points out, if you're spectating, that does not trigger any messages on some (maybe most?) servers. The price to pay for the reset is that your score would typically be reset as well (there is a dormant feature that would keep the score intact, I don't know about its status on the various server code branches). Of course, if you're just spectating, you don't care about that.
Serverside silences keep track of players' IPs. I'll check sometime whether it's possible to propagate anonymized identity information from that tracked information to the clients.
Serverside silences keep track of players' IPs. I'll check sometime whether it's possible to propagate anonymized identity information from that tracked information to the clients.