Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 14:13

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 
Author Message
 Post subject: Major Punkbuster bug
PostPosted: 17 Sep 2008 01:46 

Joined: 16 Aug 2007 06:25
Posts: 367
Edit: After a little further reading, it looks like the bug isn't an official punkbuster bug, but a problem with the third party service PBBans (which use their own ban list). So not as interesting as I previously thought, but a lot of servers still use and stream to PBBans. But the post on that website seems to blame Evenbalance and Punkbuster for the problems, which confuses me as I don't know why it would be their fault. Anyways, my original post is below:
--
Supposedly these guys found a major Punkbuster bug that allows anyone to ban players with the following command:

banbf2 /name Player1 /ip 127.0.0.1 /viol AIMBOT 50087 abcdef1234567890abcdef1234567890

Here is a link to the thread made 3 days ago with more info: http://www.artificialaiming.net/forum/g ... -lulz.html

Not sure if it has been fixed and what not, I'm still reading the thread. But interesting, nonetheless.


Top
 Profile  
 
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 17 Sep 2008 05:52 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm nothing new but moreover doesn't give real advantages because as far as I know pbbans requires a login and all the guids banned by your server are tracked, that's why pbbans has easily removed all the fake bans made by their server.

instead is a bit more interesting to force the banning of guids on the PB servers.
theorically it's enough to modify the source code of my pbguidcheck with the "formats" specified on http://forum.netcoders.cc/general/15056 ... post161806 but in practice doesn't work because there is something missing (maybe the "authorization" made by the client) or the format there is incomplete or not fully clear and I don't have an example ban packet to look at.


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 17 Sep 2008 08:34 

Joined: 16 Aug 2007 06:25
Posts: 367
It would be interesting to see how the server sends a ban to the pb master ban lists.

If the pb-enabled server is the one making the final decision of whether or not the client is cheating, then it should be possible to spoof the ban packets. Though I don't happen to have sample packets =(


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 17 Sep 2008 12:54 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
i never tought about it actually. i mean that its possible to PBban somebody without reason lol, but if i think about it, it seems quite possible. i didnt read those linked articles, because i havent done any research on it myself. i simply hate PB...its one piece of junk and thts all it will ever be. it crashes, lags, has fuck-ups ..etc. and it also conflicted with zonealarm.


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 17 Sep 2008 21:08 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
an anti-cheat which runs with two system services... scary


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 17 Sep 2008 22:02 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
well as some ppl here knows, im do not do so advanced research on programs like Luigi does it. so i really don't know that much about PB, but yes it does run 2 system services. some PB.A and PB.B .. dont remember service names exactly. but it has A and B lol.

well what i know about it. . is that i played ''warrock'' and it had this shitty PB on. i simply blocked one of them with my zonealarm's program control. i mean i prevented it from running at all and nothing happend. i was able to join servers and play online. i also used some hacks and nothing happend, but then i messed around with game and stuff..and it kind a fucked up. crashed or something and never got it working the same way. it either booted me and said PB service failed or i got banned lol.

also real stupid about PB is that those services always run .. they never quit. but i guess thats why they are system services lol. waste of space, waste of memory and waste of money (money they pay for ppl who develope it). i'd say trash this PB..


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 18 Sep 2008 02:36 

Joined: 05 Oct 2007 01:20
Posts: 402
Location: Florida
PnkBstrA.exe is always running on my system... i do not know why it opens itself when the computer starts, but if i exit it i cannot play on any PB servers on any game ^_^

i say we protest on even balance's territory! and start the hippie era 1 mo' again... down with the anti cheat corporations! :P


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 19 Sep 2008 12:50 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
ah yes
PnkBstrA.exe and PnkBstrB.exe, those were the services. maybe A scans for ''hack'' tools all the time lol ?! either way its retarded..


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 03 Oct 2008 14:31 

Joined: 16 Aug 2007 16:44
Posts: 24
aluigi wrote:
I don't have an example ban packet to look at.


Thats easy enough to generate - I can capture that if you're interested in doing this?


Top
 Profile  
 
 Post subject: Re: Major Punkbuster bug
PostPosted: 03 Oct 2008 14:51 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm in reality I have no interest in this matter, anyway if you can capture this and the first udp packet received by the PB server (which contains the XOR key) would be useful


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 10 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron