extDB2 Exploit And Why You Should Use SQL_CUSTOM_V2

May 8, 2017 Lystic 0

If you run a Life Server you probably use extDB2. It is a wonderfully optimized and amazingly useful plugin used for Database connectivity. The problem with many life servers is they use SQL_RAW (mode 2), which take a string from SQF and executes it in the mySQL database. This inherently […]

ArmA 3 UI Execution Exploit – In Detail

November 4, 2016 Lystic 2

EDIT: The latest patch (0.66) has fixed these issues. This post should now be used to learn how to better prevent these forms of exploits from appearing in your missions and mods. Now that BI has fixed the issue in its latest Dev Patch I wanted to go over, in […]

Blocking Scripted Remote Execution

October 15, 2016 Lystic 0

Recently, there have been a lot of server file leaks. The way cheaters obtain server files has always been the same. Remote Execute some code up to the server that retrieves data and returns it back to the cheater’s client. Upon receiving data the cheater writes it to their log […]

Server password bruteforcing

August 27, 2016 Lystic 1

I spent the last two days working on a method for stealing server admin passwords. I figured if I used the altis life database injection that I talked about in my previous post I could inject a server and have the bruteforce run for weeks on end until it finds […]

What do cheaters use on ArmA 3 servers?

August 22, 2016 Lystic 0

This post comes after I asked /r/ArmADev for suggestions and subsequently got down voted to hell for what, in my opinion, is a fair dislike towards me in the community. I will be responding to the suggestion posted by /u/otherworldlyBuffoon Here is the post. So what kind of attacks do […]

How to detect hint menus

May 24, 2016 Lystic 0

The worst nightmare for any anticheat developer is coming across a cheat that is nearly impossible to detect. Hint menus are one such cheat. There is no way to disable the “hint” command and no way to detect what is being displayed in the current hint. So how would an […]

How do Anticheats work?

May 21, 2016 Lystic 0

A lot of people don’t understand how scripted anticheats like Infistar AntiHack work. The idea behind scripted anticheats is simple and effective. They rely on three key features. Randomizing variables Using local variables effectively Sending code to clients in a randomized heartbeat fashion Randomizing Variables Any variables that can be […]

Securing publicVariableEventHandlers

May 21, 2016 Lystic 0

A big issue with most game modes in ArmA 3 is how they handle network messages. Most servers I have come across do nothing to protect publicVariableEventHandlers and remoteExec calls. Now before I get started I will mention that there are many different ways to secure network messages and I […]