Space Station 13 and Its successors communities - Lolcows and milk... In spess

  • 🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.
I know around 2023 there was a modded byond client that could bypass most sticky ban detection methods just not password or IP and came with some basic cheats(barely functional aimbot and X-ray that only worked on older codebases) it was super fucking shady though. Wonder if it's still a thing.
 
That reminds me, any future modded clients should pay attention to byond's binding of mouse enter/exit/hover/client events for certain objects.

Admins detect cheated clients by round modifying their ghost to be 99% transparent, 1000% size, and give it the super matter component so any clicks by humans kills them, then they hover their suspect and look for a gibbing.

We'll also do this but make the ghost visible to the suspect to confirm they aren't using a cheated client to block clicks to ghosts
 
  • Thunk-Provoking
Reactions: Clown, Mound Dweller, putabangindonkonit and 2 others
A Bear In The Woods said:
Oh, btw, since i no longer run a server that uses stickybans or otherwise have any reason to give a fuck:

View attachment 6885256
I saw this in the /v/ thread about my spergout, and like, no. byond is not that smart.

There are two things used here on byond, Computer ID (CID) is your system hard drive serial number as reported by smart. (or volume id of the system partition if this can't be fetched.). This gets md5'ed by the client and byondcrc'ed(crc algo but with some magic numbers changed) by the server.

And stickybans, a special ban type that can detect evaders, which just tracks and follows based on login history, ip/cid history, and most importantly, byond account password.

Yes. byond does not salt passwords and uses this fact to match stickybans based on password.

This is why stickybans tend to work so well, evaders fucking using the same password on their alt accounts.
Click to expand...
Don't stickybans also use hidden cookies as a result of the IE8 dependency?

Google.com said:
I know around 2023 there was a modded byond client that could bypass most sticky ban detection methods just not password or IP and came with some basic cheats(barely functional aimbot and X-ray that only worked on older codebases) it was super fucking shady though. Wonder if it's still a thing.
Click to expand...
The biggest cheat always has been and still is href exploits. The semi-retarded way BYOND handles HTML communication that allows basically any player to ping the server with a byond://[reference to admin panel object];banplayer=[yourid] right from the console. BYOND itself, of course, does not sanitize or authenticate shit, so every Topic proc has to be sanity checked before it is run through. If it's important, at least.
 
Controlled Demolition said:
Don't stickybans also use hidden cookies as a result of the IE8 dependency?
Click to expand...
oh.. oh god, i forgot about telemetry.

this is ss13 code, its all public, im too lazy to find a link, but Javascript in the chat window stores a local storage jsonblob that includes the last 5 or so ckey/cid/ip you have logged in with.

its shared by all servers and codebases that use /tg/'s flavor of goonchat/fancy chat and is not authenticated in any way and can be used to ensnare other users into your ban with spoofed records. as well as make servers that when joined modifies this list to contain fake data
 
  • Informative
  • Winner
Reactions: Clown, Mound Dweller, Moths and 2 others
A Bear In The Woods said:
oh.. oh god, i forgot about telemetry.

this is ss13 code, its all public, im too lazy to find a link, but the chat window stores a local storage jsonblob that includes the last 5 or so ckey/cid/ip you have logged in with.

its shared by all servers and is not authenticated in any way and can be used to ensnare other users into your ban with spoofed records. as well as make servers that when joined modifies this list to contain fake data
Click to expand...
I know that it's one of the main advantages of Goonchat & co. that they also manipulate cookies. The old (and currently used on riviera) chat system doesn't do this. The way to get around this is wiping specifically the IE8 cache, but it's kind of a pain in the ass to do and may require regedit. But like you said, it's a double-edged sword and some funny fellas could use it to get innocents banned off other servers just through association.
There's also custom .dlls that certain servers use that can do worse shit. At this point I'm surprised that someone hasn't embed a cryptominer in some random server.
 
the /tg/ anti-ddos system just uses this simple trick to avoid forwarding connections to the server that aren't byond valid:

Code: 
{% for gameserver in gameservers %}
frontend game-{{gameserver.name}}-in
    bind                    0.0.0.0:{{gameserver.in_port}} name 0.0.0.0:{{gameserver.in_port}}
    mode                    tcp
    log                     global
    maxconn                 5000
    backlog                 100


    acl valid_byond_start_length req.len gt 3
    acl valid_byond_start req.payload(0,3) -m bin 000100
    acl valid_byond_topic req.payload(0,2) -m bin 0083
    tcp-request inspect-delay 5s
    tcp-request content accept if valid_byond_start_length valid_byond_start
    tcp-request content accept if valid_byond_start_length valid_byond_topic
    tcp-request content silent-drop
   
    default_backend game-{{gameserver.name}}-out

....
To clarify:
Code: 
    acl valid_byond_start req.payload(0,3) -m bin 000100
is the key line im just looking for the first 3 bytes of the byond hello packet (the 4th is a length byte so i can't match on it)

edit:
The way to get around this is wiping specifically the IE8 cache, but it's kind of a pain in the ass to do
Click to expand...
Somebody could setup a byond server that when joined wiped the local storage field this is stored in. it truly is shared by all servers.
 
Last edited:
  • Informative
Reactions: Clown, Mound Dweller, putabangindonkonit and 1 other person
I was on #4chan and getting glined from rizon during the first chrischan era, I know how the internet works. I'm not looking for a personal army, just to remove every advantage ss13 servers have in defending against trolls like you guys that I was involved in either creating or spreading awareness among hostchat about.

I recently got sent a massive dump of how hostchat (and coderchat) has been talking about me since I left and so fuck em I don't care about them anymore.
 
  • Mad at the Internet
  • Winner
  • Autistic
Reactions: Darkholme's Dungeon, George Costanza™, Clown and 7 others
A Bear In The Woods said:
I was on #4chan and getting glined from rizon during the first chrischan era, I know how the internet works. I'm not looking for a personal army, just to remove every advantage ss13 servers have in defending against trolls like you guys that I was involved in either creating or spreading awareness among hostchat about.

I recently got sent a massive dump of how hostchat (and coderchat) has been talking about me since I left and so fuck em I don't care about them anymore.
Click to expand...
The farms doesn't DDoS people nigger! You look like a faggot for trying to ruin an entire game ecosystem because you're asshurt.
 
  • Agree
  • Like
Reactions: Chunky Salsa, Google.com and Drone
I don't expect the forum users here to do so, but all of our tricks require secrecy and "opsec" this is the place to dump the secret forbidden knowledge so here it is.
 
  • Autistic
Reactions: Mound Dweller
A Bear In The Woods said:
I don't expect the forum users here to do so, but all of our tricks require secrecy and "opsec" this is the place to dump the secret forbidden knowledge so here it is.
Click to expand...
You realise that if someone is as spiteful as you are, your entire career in being a sysadmin is over right? You're leaking critical security information because you're ass mad over a fucking videogame! Enjoy McDonalds, stalker manchild.
 
  • Mad at the Internet
  • Agree
  • Optimistic
Reactions: Darkholme's Dungeon, Ham Sandwich, PS2 Nishiki and 2 others
You're leaking critical security information
Click to expand...

The many href to RCE exploits (most requiring admin/+debug) i know about are critical security information.

Talking about the internal workings and known and accepted security pitfalls of systems I was not paid to produce nor required under contract to keep quiet about is not.
 
  • Like
  • Winner
Reactions: ifxztykgdnfvmsdjhfbSD, Daily Happenings, putabangindonkonit and 1 other person
Some Spaceman said:
You realise that if someone is as spiteful as you are, your entire career in being a sysadmin is over right? You're leaking critical security information because you're ass mad over a fucking videogame! Enjoy McDonalds, stalker manchild.
Click to expand...
Bro is NOT moralfagging about a space game built on a dogshit insecure engine

MSO most of the shit you're leaking is already known by cheaters, please give us more juicy details like leaking hostchat.
 
  • Like
Reactions: Clown, Mound Dweller, Nickolas Gurr and 4 others
show me the sweet hostbus gossip
 
You must log in or register to reply here.
Back