Hey all. I was moderating my demo servers today, and noticed that a player was jumping around the track, meaning he could finish the lap very quickly. BL1 - FBM. When the player started to back straight on blackwood, his car seemed to teleport to the end of the straight, and he would finish the lap in about 50secs.

See the replay attached.

Replay: BlackWood Standard - FBM

Whether this is unrelated or not, i also noticed that i was unable to log in the game server with the admin password that i set. I checked the password several times via remote desktop, and in the end had to ban him from the console on the server.

Thanks
Dan.

"FILE FAILED HEADER CHECK" ??

Did his name start with R and end with L?

Then it's the same idiot as last time. :thumbsdow

his name was Dza.

NOTE: that player "makus admin fusion" was not a fusion admin.. too many people like to pretend

Quote from mcgas001 :

"FILE FAILED HEADER CHECK" ??

works fine here...

The replay you attached is actually a zipped up HTML file of a 404 error from a windows web server. The filesize is a tell-tale too - only 2kb for an .mpr?

link updated.. file appeared to have uploaded incorrectly.

HOLY CRAP.... after watching that replay....thats some freaky stuff. He seems to be able to warp the main straight on BL1 in about 1 millisecond......

Sounds like someone's running a specially designed proxy, which intercepts the LFS packets, and rewrites the positioning ones, which allows for a "teleportation".

Something I've thought was possible, but never actually tested myself.

That sounds about right tbh. I remember Scawen saying somewhere about he use's UDP for position packets as if there is lag, you dont want to correct it you just want the new position. Something along those lines anyway. I guess all they do is somehow force a new position packet or change the one thats about to be sent...

sigh.

I also noticed that, at the start of video, other FBM was on his/her way and it just went trough it, other FBM just flew off.

Quote from ussbeethoven :

Yes, and he had no damage at all, neither body or suspension.

He actually lost the damage when he did that hack.

He had some suspension damage at the front left but just before he teleported, it disappeared.

Quote from zeugnimod :

He actually lost the damage when he did that hack.

He had some suspension damage at the front left but just before he teleported, it disappeared.

Sounds about right. All depends on what the position packet contains if thats how this hack works.

At least it sounds like it's not that easy to do without the knowledge so I hope we won't see too much of that.

Some lightweight encryption scheme would be best to counter this, and I hope it will be implemented rather soon, because packet injection is seriously easy.

How in the...?
wtf?

Dan, about the admin issues, are you sure the /admin setting isn't commented (//). It is by default.

i just encountered some guy doing that same thing

Quote from larswey :

i just encountered some guy doing that same thing

On a demo or S2 server?

If it was a S2 server you should send the replay to the devs IMO.

Quote from felplacerad :

Dan, about the admin issues, are you sure the /admin setting isn't commented (//). It is by default.

nope it was right... all my other servers where fine at the time. I just rebooted the server (game server) and it was fine.

Quote from zeugnimod :

On a demo or S2 server?

If it was a S2 server you should send the replay to the devs IMO.

This was on demo.

Looking at my server now, it seems someone else (possibly the same guy with a different name) is doing the same thing. *sigh*

EDIT: It appears that this has happened again, where i am unable to log into the server with the admin password. I think something is wrong here. my dedi settings are fine nothing wrong with them. I am hosting many servers on my box, and this is the only problem server... needless to say the only server that the "hack" has been found on.

EDIT 2: From where i am sat, its a wild idea, but maybe you l33t programmers amongst us can figure out if its possible or not. My idea is that the "hacker" is able to change the admin password of the server, meaning that all admins cannot connect with that password / change the password so there isn't one i.e comment it out in effect. I have to restart the server app to get the rights back, as it re-launches the initial config. I tried to connect LFS lapper to one of the demo servers other than my server #1, and it couldnt connect because the password was wrong, however i checked the inital config (server.cfg) and it was correct...
Any thoughts?

You could be right but it all depends on how much this hacker knows. Im guessing when the hacker connects to a server. If the admin pass is stored in some variable in the LFS.exe then he must be sending something to change that. Kinda in the same way hes hacking his way half way down the track. By sending 'extra' packets at LFS.exe. Im probley very wrong but thats just the way im seeing it. Sadly at the moment you cant stop the hacking.

Hmm. Personally i can stop the hacking.. at least on my servers. Im closing the Fusion Demo servers. I feel that if they race LFS so much, they should pay the small fee to buy the licensed content. The running of those servers are more trouble than they are worth to be fair. I refuse to pay for running those servers, when they are just being abused... would rather use my dedi servers resources elsewhere.

No i am not giving into the "hacker" threat, i just dont see the point in hosting as many demo servers as there are today. Plus those SillyProject servers.. what are all those about? Seems some guy wants to test out his new dedi to me... anyway thats a whole different story.

Sounds like a good idea tbh. No point hosting just for hackers... sigh

Quote from mcgas001 :

*sigh*

I think you should remove that.

It's like advertising for the idiots.

If all the idiots go there and leave proper racers alone, then I'm all for it.