UT99.org | Unreal Tournament Community

This will be the final tut and will probably close out my participation in the day to day discussions. This one is very near and dear to my heart and although it's probably the simplest one to understand and use, it's very likely the one you will encounter the most.

Many of you played a map I made for MH called 'MH-MHMVillage-fixed'. Next time you play it open a console and enter

mutate warpme

You'll see that no matter where you are at you will be instantly moved to inside the clan village. There's no teleport effect or any warning to other players, you just are one place then another. This is done by a map enbedded actor hidden within called smpv6. This is short for 'Send Me Packing', a mod I'd developed to allow players to teleport inside their own homes in the village. It was a way of allowing houses to be locked to anyone else except the owner. This is the code for the warp: So you can see that by subclassing mutator it's easily possible to make all kinds of things inside the map available for use that no one would know about. You can teleport back and forth from the flag bases, reload yourself with ammo, etc.

So how to catch this? Well the easiest way is to watch the server logs. When a map loads watch to see the mods and if one loads you don't recognize it's time to start digging. Keep a whitelist of the mods you know are OK and add to that as you find new ones. Maps that seem suspicious to you mean you should probably load the actor list and see if there's something strange in it, something that you don't recognize. A common trick is to set the drawscale of the cheat actor to very small and/or to bHidden so don't be afraid to tear into the map to find things. Select all actors and look to see if drawscale is not 1 on everything. That's a good sign that something is hidden.

In summary, as a server admin you have the responsibility to make sure the maps you run are clean. If you suspect someone is cheating on a particular map then take a bit and see if something stands out in an inspection of the map itself. The methods and procedures would take all day to list so consider the above a super simple example but one that you need to be very keen on watching for.

OK guys, that'll do it. I'm going to log out and do other things. If anyone needs me please don't hesitate to email. Good luck and thanks for letting me put all this stuff out here for discussion. Hopefully it starts something that benefits everyone involved.

Damn Jack, You are Evil!!!!

But seriously, even though I keep my "White Hat" on as far as coding, these "Black Tutorials" should all
be made a sticky somewhere or another.

The techniques shown in all are very interesting and could be used for a variety of Non-Evil purposes as well.

One of Siege's previous coders plagued some of his maps with these.
While the use of these mutators is great for unlocking map features, advancing past a coop/mh point faster for showcase reasons or teleporting yourself to the skybox for the lulz, he was using it to cheat in live games.

Higor wrote:One of Siege's previous coders plagued some of his maps with these.
While the use of these mutators is great for unlocking map features, advancing past a coop/mh point faster for showcase reasons or teleporting yourself to the skybox for the lulz, he was using it to cheat in live games.

I want to see a map where people, who try to activate a cheat get teleported into a room with dimmed light and sexy arousing music ...and they get gently humped by a Titan.

Higor wrote:One of Siege's previous coders plagued some of his maps with these.

Oh, do I remember this: http://www.unrealadmin.org/forums/showt ... hp?t=30051

It infuriated me that so many people just didn't understand what he was doing. That disconnect is why it stuck with me that we should be talking so much more openly than we do. I should have taken a YT vid of the map while using the cheats and then I think people would have understood way better. Instead he desperately tried (and succeeded) in devolving things to stupid clan drama which let the real issue get lost.

Anyway this stuff exists in other maps too. I saw it in a couple of the CTF maps made for the jets mods. It just something that needs to be brought into the light of day because as coders we all know how easily this stuff can be done but I really think the average player has no idea and the average server admin falls somewhere in between those two extremes.

With a hidden mutator like this, it would be easy to become an admin bypassing the login and even to take possess of the entire server and inject data inside the host machine.
If you would find out one of these secrets in your map, it could be too late lol.

PrinceOfFunky wrote:With a hidden mutator like this, it would be easy to become an admin bypassing the login

Does this really work? Is a sample of this available somewhere?

Sample? You don't want me to be "creative"... However I was "forgetting" some stuff to breath outside (passwords - G00gle knows... ) just because if anyone wants to do some crap in a sort of server like mine, actually he won't do too much damage and I will know some... Origins... Main files are read-only + I have backups, I had even people able to be full admin and I did not have problems with them - nice people, RESPECT for them.
Each morning server was fresh and no changes took in account. When things are in your yard you have a better control over everything that moves around. Rental services keeps your hands away and you are unable to get what's wrong at a random moment. Trust me, if you can pay an expensive connection is better to have all stuff hosted by yourself (+ electricity and your time taken - sorta prison)...

Barbie wrote:

PrinceOfFunky wrote:With a hidden mutator like this, it would be easy to become an admin bypassing the login

Does this really work? Is a sample of this available somewhere?

Using a dll maybe?
Bringing you to a webpage that sends you malicious data and closes the page as soon as possible so that when the UT window closes to give focus to the browser, you don't see any weird page open.

PrinceOfFunky wrote:Using a dll maybe?

If I can execute native programs (and a DLL can contain native code) on clients computers, I already have won. ;o)
No, I meant gaining UT administrative rights by a map embedded mutator only without knowing the password - hooking ModifyPlayer() or ModifyLogin() or such for example.

Barbie wrote:

PrinceOfFunky wrote:Using a dll maybe?

If I can execute native programs (and a DLL can contain native code) on clients computers, I already have won. ;o)
No, I meant gaining UT administrative rights by a map embedded mutator only without knowing the password - hooking ModifyPlayer() or ModifyLogin() or such for example.

Thanks, that works like a charm!
For me it is a major security hole that has to be fixed ASAP: Overwrite GameInfo/BaseMutator's AddMutator() to allow adding only map specific white listed mutators? Periodically check if Level.Game.BaseMutator is still the one I've put there?

<EDIT>spell fix</EDIT>

I ain't putting any more new maps on my servers.........

They live here with me. I am a prisoner and I need more electricity.

papercoffee wrote:I want to see a map where people, who try to activate a cheat get teleported into a room with dimmed light and sexy arousing music ...and they get gently humped by a Titan.

Ah, the "editactor class=" is one of the most dangerous commands IMO, it actually works, but you can't modify anything, just see, and that's already illegal, if someone uses this command then give a "debug gpf" to the player.

Welp, I'm guess I'm going all on on this one. This is the very hardest crash I've ever seen. Kicked me all the way back to desktop, it was just nasty. In the client mod add this function to the info class: In the server mod you want to spawn the previous info mod onto a player right before you punish them. It's done like this example: That little bit of code is just horrible so don't just indiscriminately punish people with it. We used it in the UTP stuff to hard ban/crash people who would not stop hammering the server once they were banned. They won't keep that up for very long when you do this.

About the map embedded logins...that was something I have never talked publicly about but something that concerns me very deeply. I've never SEEN one in a map but yeah, it's certainly possible. In fact you could do all kinds of shit to the server. Adding a temp admin login for yourself wouldn't be hard. That's just the tip of the problem though. You could make server setting changes, etc. even if there wasn't the person doing the cheating there. Trust me guys, for years I've been ripping apart mods and maps watching out for this type of thing. If I ever saw anything out of place I always sounded the warning bell. As a community we've actually been pretty lucky. The only serious offenders I have seen were private mods and that was almost always taken care of with an email threat if it wasn't removed.