This is one of the things that has bothered me since I released the first version of project Cataclysm. It is as well one of the things known for most server crashes in the past and can still be seen today. It is mostly done by newbies who learned it a moment ago and want to show their new 1337 cheating skills online by lasering servers and/or crashing them on purpose. It has just recently happened to me while I was hosting an idle server. Fortunately I was watching at the screen when some foo joined my empty server, looked if anyone was in it and then started to laser it. I quickly typed ban and reached for enter... BOOM! My server crashed just a moment before I pressed enter. It's just sick if there's no way to prevent this. No wonder all dedicated servers are gone. Hopefully there will be more servers if someone puts a stop to this crashing once and for all!
I know. I should have used anticrash but according to my knowledge that doesn't fully help. The thing is to detect the laser user and ban him immediately before causing any damage.

So does anyone in any way know or have any ideas how to detect if a user is using laser shield? For normal shields I would simply look at the shield memory address and see if it is non-zero:
Fire shield = 1
Water shield = 2
Plasma shield = 3
The problem is that when a client uses laser shield the server would simply not see it as the shield memory address remains at 0 instead of changing to 4. Cataclysm was programmed to detect the laser shield this way but this is the reason it doesn't work.

According to my currend knowledge detecting laser shield is possible (I said it's possible but we don't yet know how) via memory editing. There must be an address that changes when a laser is fired. Yes. There must be at least one or server and all other players would not see laser at all. But finding this address is the tricky part as I would have to freeze the entire jj2 exactly when I see a laser shot so the address doesn't change and can be picked by a memory searcher. I have no luck so far. The second way of detecting it would be looking onto the packets from each player and finding the "laser" packets. This is again challenging as there are countless packets to analyze.

These are my ideas but there may be more ways than just this. Has anyone ever succeeded in detecting laser shield (I mean by using a program, not just looking at jj2 display, doh)? I would like to upgrade Cataclysm to detect laser shields but I need a way "how to" first. Yes. I'm asking for a bit of help. Is anyone willing to do any research on this?

If the memory editing way fails, the packet editind would have to do. I would prefer the packet editing way as it can be upgraded to filter out other evil and dangerous packets.

I should've posted this topic long time ago.
Well?

What would be even cooler would be if you could code so once it detected the lezer shield user, it kicks/bans that user as soon as it is fired.

I think that's what Cataclysm does Teej.

Wow...really? I didn't know that.

Seriously, I didn't. I think I should be more informed on these things before I open my big gob

I guess if the player data doesn't indicate the sheild, probably the only thing that is different are the shots fired. Shots are far too dynamic to be able to find in memory, I would think, and so reading the network packets would work best. Most likely it would be with the shot-fired packet, but I don't know how much of the networking (if any) you have figured out to be able to find those.

Quote:

Originally Posted by Monolith

I guess if the player data doesn't indicate the sheild, probably the only thing that is different are the shots fired. Shots are far too dynamic to be able to find in memory, I would think, and so reading the network packets would work best. Most likely it would be with the shot-fired packet, but I don't know how much of the networking (if any) you have figured out to be able to find those.

You're probably right, Monolith. Packet analyzing would be the easiest way.
Yes, I know some networking with winsock so far. I wrote a part of code for the JazzForce, allowing you to join passworded levels by entering the password right into JazzForce I was the one who analyzed the password packets and figured out the checksum pattern/algorithem. The hard one that is :P Spazzyman did the easy one.
So packet analyzing would not be a problem for me. The problem is that I need to intercept the packets and analyze/filter them before they reach jj2. To do that I would require a packet filtering code (which I have no idea how to do in Visual Basic).

I've attempted to analyze the packets JJ2 uses for gameplay without success. There are just too many (hundreds every minute) to really isolate anything. I haven't had much time to try recently though, so maybe if I looked at it again I could do something.

How long are you back for, Overlord? We should probably talk about this further.

Does JJ2 use both TCP and UDP for game packets? I wonder if it would transmit shots being fired over the TCP connection since they'd want to make sure those packets get transmitted. If that's so, then they might be easier to find as there should be less TCP packets. Otherwise you'll just need to start filtering packet types until you could be able to see the different packet upon firing a shot. Ideally there are unique identifiers for each type of packet, so you could easily filter out the often-sent non-shot ones. And hopefully the packets aren't compressed, which could be possible if their networking is anything like their file formats.

Finding out how to prevent people from using lasers is very neccasary now that most people have Windows XP. AntiCrash doesn't work with XP. =(

Quote:

Originally Posted by Monolith

Does JJ2 use both TCP and UDP for game packets? I wonder if it would transmit shots being fired over the TCP connection since they'd want to make sure those packets get transmitted. If that's so, then they might be easier to find as there should be less TCP packets. Otherwise you'll just need to start filtering packet types until you could be able to see the different packet upon firing a shot. Ideally there are unique identifiers for each type of packet, so you could easily filter out the often-sent non-shot ones. And hopefully the packets aren't compressed, which could be possible if their networking is anything like their file formats.

JJ2 uses both TCP and UDP. Unfortunately, shots and all other gameplay events are transmitted over UDP (only chat and essential data like levels and people joining are sent over TCP). I don't know if the UDP packets are compressed or not. They are at most 10-20 bytes each, so I don't think compressions would make a major difference. As for identifiers, I didn't look really closely but I don't remember noticing anything. There seemed to be a huge difference in what the packets looked like. I'm not even sure if there were response or verification packets. If these can be decoded though, it would be a major breakthrough.

If you could, Link or Overlord or someone, post a chunk of recorded packets somewhere, I'd take a look at it and see if I could find anything. Guessing from how simple it's been to mess up multiplayer already, I wouldn't think they had put too much effort into obscuring or securing the packets.

Quote:

Originally Posted by Link

I've attempted to analyze the packets JJ2 uses for gameplay without success. There are just too many (hundreds every minute) to really isolate anything. I haven't had much time to try recently though, so maybe if I looked at it again I could do something.

How long are you back for, Overlord? We should probably talk about this further.

I am back for this weekend then gone for a week, back for a month and gone again until summer holidays .

On topic:
Yes. I have noticed that there are 2 types of packets that are transmitted between server and a client during the game. I didn't know they are TCP and UDP. I thought they use the same protocol tho something didn't feel right in Winsock Packet Editor (shortly WPE from now on) as some packets had a "Send To" signature while most other had only a "Send" signature. Or was that vice-versa? Anyway I think the Send To are TCP ones - the first (2) ones a client sends to a server when joining a game. These can be fairly easily analyzed as they appear to be unencrypted. But it is the other ones (UDP) that contain player information and stuff. I haven't been able to find a pattern here so far either but I'll look a little deeper into the code once I get back home next week :P Until then, Monolith, I suggest you get a packet editor like WPE (for XP you will need WPE Pro Alpha).

Analyzing the packets is just the first step towards our goal. Next step is to find a way to filter these packets and log them. A program in VB would be nice. C++ too but more people appear to know VB better than C so I would not be very much of use in C++ coding.

Let's proceed with the first step. First things first!

Quote:

Originally Posted by LAb RaT kiD

Finding out how to prevent people from using lasers is very neccasary now that most people have Windows XP. AntiCrash doesn't work with XP. =(

Where can I get AntiCrash?

I'm one of the few lucky people who doesn't use XP. (It sucks, just plain sucks.)

-RoW

Quote:

Originally Posted by RoW_Odin314

Where can I get AntiCrash?

I'm one of the few lucky people who doesn't use XP. (It sucks, just plain sucks.)

-RoW

Have you tried the J2O download section?
http://www.jazz2online.com/downloads

Spazzyman has a long time ago maked a prog to show the weapon of the other players maybe can modifed version of this prog detect laser shield and ban the shield user

Quote:

Originally Posted by RoW_Odin314

XP. (It sucks, just plain sucks.)

-RoW

I actually like XP.

project omega also sees what weapon is used, you can use a tag to say like:
My -blaster- is better than your -toaster-!!! if the value for detecting the weapon can be sent trough to cataclysm you can kick/ban em if it is -laser-.

whatever, i hardly do HTML so dont expect help from me.

-Scatman

Quote:

Originally Posted by scatman

project omega also sees what weapon is used, you can use a tag to say like:
My -blaster- is better than your -toaster-!!! if the value for detecting the weapon can be sent trough to cataclysm you can kick/ban em if it is -laser-

That would be a good way but since there is no "-laser-" option it is impossible.

Quote:

Originally Posted by Overlord

That would be a good way but since there is no "-laser-" option it is impossible.

Shields are done slightly differently than weapons. But would it be possible to just look at the shield values for other players? Or are they not present for the server and other clients?

Quote:

Originally Posted by Link

Shields are done slightly differently than weapons. But would it be possible to just look at the shield values for other players? Or are they not present for the server and other clients?

They are always present except for the laser shield.

TOPIC REVIVE >(((((((

Actually, it's good that the topic is back in life, because it's like this:


SOMEONE HAS AN IDLE SERVER ON

SOME FIEND COMES AND LASERS IT

BYE BYE, IDLE SERVER


That shall be stopped =(

That was the worst reason for a revive ever.

I didn't quite revive it. It was still on the first page.

Well I only know a little C++ and barely any Java, but my idea is this: Instead of trying to discover the lazer shield values in the packets or whatever, what if you write some code that finds out that they don't have the fire shield, water shield, etc, or no shield on? Then, when it finds that none of those values are met, the lazer shield would be the only option left and it can safely ban the player. I imagine you've thought of that already and there's some reason it won't work...

Quote:

Originally Posted by Overlord

Fire shield = 1
Water shield = 2
Plasma shield = 3
The problem is that when a client uses laser shield the server would simply not see it as the shield memory address remains at 0 instead of changing to 4. Cataclysm was programmed to detect the laser shield this way but this is the reason it doesn't work.

there you've got yer reason!

Ok, I thought I read the reason earlier up there. Ah well.

k.
I think I got it.

Address [pm2Overlord.A] shows what weapon they use, so if they changed the weapon instead of getting the shield, that would stop it.

The other way is to check [pm2Overlord.B] and see if there is any time on their shield timer, and then check if [pm2Overlord.C] says if it is shield one, two or three. If not, then they are using either a lazer shield or a negitive shield. Both are ban material.

`N0

Quote:

Originally Posted by the WINNER

TOPIC REVIVE >(((((((

Actually, it's good that the topic is back in life, because it's like this:


SOMEONE HAS AN IDLE SERVER ON

SOME FIEND COMES AND LASERS IT

BYE BYE, IDLE SERVER


That shall be stopped =(

WINNER don't take this to heart but your not funny, just kind of annoying.

Quote:

Originally Posted by Sun Fun Dude

WINNER don't take this to heart but your not funny, just kind of annoying.

I have two things to say..

That post was a personal attack

And could you just stay on topic?

I think N0 is right with the no_weapon+no_shield=ban_material method
i only think of when you join, youll have no weapon selected yet so you will be banned immidiatly (probably im wrong but hey i cant even write proper HTML) i think N0` s idea is worth giving a try.

Nah, it's more like no_shield+yes_shieldtime=ban

If you are using a shield, your weapon is the blaster (Weapon numba 1)

Quote:

Originally Posted by N0B0DY

k.
I think I got it.

Address [pm2Overlord.A] shows what weapon they use, so if they changed the weapon instead of getting the shield, that would stop it.

The other way is to check [pm2Overlord.B] and see if there is any time on their shield timer, and then check if [pm2Overlord.C] says if it is shield one, two or three. If not, then they are using either a lazer shield or a negitive shield. Both are ban material.

`N0

The problem is that whenever the variable that indicates the shield type is set to 4 (laser shield) the server will see it as 0 and even IF the client has some time left on its shield it will appear to server as he has none. This is exactly why Cataclysm fails to detect laser shields.
I have been doing some research on the packets recently and I think I know how to detect not if a user has the laser shield but when a user fires it. The thing now is to make a packet filter in VB that would analyze the packets from each client and because I believe packets don't contain any data from which client they come the filter would somehow have to find the source IP of the packet (where they came from) and compare it to the client IP database found in jj2 memory. This would allow me to get the client number and BANG!
This user has been banned. Have a nice day.

Done a little testing... And it seems that when you look at a client with a lazer shield, both [pm2overlord.b] and [.c] both equal zero. When they don't have a sheild, B = -4 and C = 0

I now know that lazer time works with shields 1-3, but not 4.

Uh, I know nothing about packets, so if it works, inform us, ok?

`N0

Quote:

Originally Posted by N0B0DY

Nah, it's more like no_shield+yes_shieldtime=ban

If you are using a shield, your weapon is the blaster (Weapon numba 1)

durnit end of my plan.... gotta think of something else to be able to help you.