Updates on Security, Master Server, Stats and Email

**legacy-DrSiN** · 03-30-2004, 03:23 PM

UTSecure2K4 1.10 is now available. This version should close all known uscript holes in the game. If anyone out there finds a way to bypass it feel free to email me how. I have also published an update to the master server that should accept UTSecure and Anti-TCC as part of the default packages.

Click on this download link to download it.

Work continues on the master server. We are experiencing a rather larger load and we are working to accommodate it. We are trying to keep downtime to a minimum and during slow periods. Also, the cdkey generation system for dedicated servers is still down. Keys are being generated, but until we finish fixing our email system, they just drop in to the void. I'll make a post as soon as it's back up (should be in the next 24 hours).

However, in order to reduce the load, we have temporarily shut down stats tracking. As soon as we finish this round of changes, it will be enabled. Please bare with us.

Finally, personal email is back here at Epic, however the mods and server admin mailing lists have not been restored yet. I have no ETA other than as soon as possible.

!! Again, keep this tread on topic or be removed !!

**legacy-vS.fallen** · 03-30-2004, 03:46 PM

I mailed a suspicious looking "optimizer" to you guys. Alot of people used this program. It has since been removed from many sites and the main download site is no longer up. Wondering if you've had a chance to look at it, and is it a CDkey stealer? If so, what can be done to those who used it? I'd say litterally 100's used it.

**legacy-Myth|TWL** · 03-30-2004, 04:18 PM

I can confirm that this program does in fact access the internet. I still have it on my computer if you need a copy of it to look at it and find out if it is in fact a CD Key stealer.

I know a lot of people used it. There was a post about it on the TeamWarfare forums linking to a site that had it linked in their files section, which has now been taken down.

**legacy-Buffy Summers** · 03-30-2004, 04:27 PM

Here is another warning: there is a file thats called UT2004-TTM-v1 (or something similar) thats nothing but a CDkey stealer. Don't install it, and if you want to be on the safe side only download TTM (if and when its released) from www.planetunreal.com/ttm

Btw, whats the difference between AntiTCC and UTSecure? They seem quite similar, and if so, which is the best one to use?

**legacy-DrSiN** · 03-30-2004, 04:47 PM

Can someone send me the TTM backdoor so I can look at it please.

**legacy-Phamous** · 03-30-2004, 05:08 PM

Originally posted by DrSiN
Can someone send me the TTM backdoor so I can look at it please.

I have demos of known speedhackers and I'm wondering should I send the demos in or save it cause its a waste of time. If I should send them in then could you please post the email address. Thank You...

Please Server Admins load up UTSecure... It can only benefit your server.

Phamous ~1~

**legacy-Myth|TWL** · 03-30-2004, 05:21 PM

Not trying to get this thread off topic but this is what Nortons picked up as the file accessed the internet.

At 6:13 PM on 30/03/2004, the following communication was detected:

Application: C:\Documents and Settings\Myth\Desktop\UT2K4opt.exe
Protocol: TCP (Outbound)
Remote Address: 216.232.251.47 : http (80)
Local Address: Service port 4795

This file is not infected with a virus. There is no autoconfiguration data for this application. This application does not contain company information. This application does not have a digital signature or the digital signature is invalid.

**legacy-J4K0BYT3** · 03-30-2004, 05:22 PM

UTSecure uploaded the the SHAOLIN T3MPLE OF BLOODRIGHTS

Seems to work with the server lovely, no discernable lag on authorization , unlike Anti-TCC, im sure my players will be pleased about that

Thanks Dr Sin.
I also have a few GUID's of a couple of the ELF lot and XLC if anybody is interested in adding them to the Banned ID List of their servers

SHAOLIN T3MPLE OF BLOODRIGHTS
217.64.127.6:7727

**legacy-Spidah** · 03-30-2004, 05:39 PM

Well, at least I know why the stats are down. Tis cool. Fix up the important things then get the 'fluff' working too.

Have a nice day.

**legacy-DrSiN** · 03-30-2004, 06:44 PM

I also have a few GUID's of a couple of the ELF lot and XLC if anybody is interested in adding them to the Banned ID List of their servers

This goes to everyone. While I'm happy to take id's of suspected cheaters and manually add them to a watch list (or verify against a list of who we are already tracking) don't expect them to be instantly banned. We manually verify each ban before we make it. I'm making the system a little more automatic (right now, I have to be watching for an alert, in the future, it will be IM'd right to me the moment we lock on to one of them).

**legacy-Socio** · 03-30-2004, 06:48 PM

It says in the in the readme:

Defeats the current public hacks

Does this include the speed hacks I hope?

**legacy-SealClubber** · 03-30-2004, 06:53 PM

I guess this might be he reason for the stuttering on 16 man and under game servers then.

I like these updates that you keep giving, please do keep us posted.

**legacy-Cainslair** · 03-30-2004, 06:57 PM

Hi Dr. S,

1) Does UTSecure still remove our servers from the "Standard Servers List ??? I'm guessing you fixed that ??

2) Does UT Secure take noticeable server CPU cycles to run??

3) Why does the zip contain a zip, within the Zip?? What is in that other Zip, it looks like the same files <scratching head> ??

Thx!!

-- Cain

**legacy-vS.fallen** · 03-30-2004, 07:03 PM

DrSIN
Did you get my e-mail regarding that UT Optimizer and it's possibility of being a CD Key stealer? Lotsa people used it. I mean, LOTS. Just wondering what measure's can be taken to ensure people's key's are protected.

**legacy-dirt101** · 03-30-2004, 07:13 PM

the no-DVD hack?

**legacy-Dubious** · 03-30-2004, 07:17 PM

If you use the default install of UTSecure, the following things (among others) will trigger an insecure client:

- client-side brightskins
- hacked clients that unlocked the hidden characters

I also have reports of people restoring their default xplayersx.upl files and STILL not being able to reconnect. Dr. SiN - why is this and how can someone "restore" their client?

If you want (or need) to allow client-side brightskins and clients that unlocked the hidden characters, remove these two lines from the UTSecure2k4.ini file (** WARNING - this may open your server to allow malicious skins such as black skins, triggerbot skins, and aimbot skins **):

Code:

Checks=(FName="xplayersl1.upl",MD5="18e217ed49e980c98c0c44444cc0d228",MD5Type=2)
Checks=(FName="xplayersl2.upl",MD5="30e5f5645bdd7c67bb7edea2bb22d3dd",MD5Type=2)

Oh - and I hope the Server Admin list comes back soon. Withdrawl sucks.

**legacy-Xipher** · 03-30-2004, 07:20 PM

Originally posted by Dubious
- hacked clients that unlocked the hidden characters

What do you mean by this, please expand?

**legacy-Cainslair** · 03-30-2004, 07:25 PM

Question anyone can answer for me please....

Regarding the UTSecure2K4.ini file.

Do we copy and paste the contents of this file into our server's ut2004.ini, or does this exist as a stand-alone file residing in the \system folder that somehow gets read automatically ???

I seem to remember in the earliest days of UTSecure for UT2K3 that we copied and pasted this file into our UT2004.ini, but the help for this version does not mention that, and seems to refer to it as a stand-alone .ini file.

Help, please ..

-- Cain

**legacy-Dubious** · 03-30-2004, 07:27 PM

There was a method floating around that unlocked the hidden characters in the game without having the user complete the single player missions. If someone used this method to unlock the characters and joins a server using a default UTSecure-110 install, they will be labeled as an insecure client.

Which makes me wonder if UTSecure-110 will also label those who unlocked the characters legitimately as insecure. No idea. Not that anyone actually did this.

**legacy-Dubious** · 03-30-2004, 07:28 PM

Do we copy and paste the contents of this file into our server's ut2004.ini, or does this exist as a stand-alone file residing in the \system folder that somehow gets read automatically ???

Its stand-alone this time around. No pasting needed.

**legacy-Cainslair** · 03-30-2004, 07:33 PM

Sweet !!

Thanks Dubious, Thx Dr. S. for that feature.

One more question from an "old skool" UT99 Admin.

Where exactly do the bans go now?? Are they still in the Ut20o4.ini (if so, where), or are they contained elsewhere in a diffeent file ??

I want UTSecure to log for now, then I plan to manually go back and ban the ones that look like outright hacks, so I need to know where to place the UIDs I want to ban.

Thanks for the help!!

-- Cain

**legacy-Xipher** · 03-30-2004, 07:38 PM

Originally posted by Dubious
There was a method floating around that unlocked the hidden characters in the game without having the user complete the single player missions. If someone used this method to unlock the characters and joins a server using a default UTSecure-110 install, they will be labeled as an insecure client.

Which makes me wonder if UTSecure-110 will also label those who unlocked the characters legitimately as insecure. No idea. Not that anyone actually did this.

Doh

I did this myself.
And your correct, my lan box boots me after about a minute of play, with no warning or any thing. I am going to try something quick, see if I can fix it.

**legacy-vS.fallen** · 03-30-2004, 08:07 PM

Originally posted by Dubious
There was a method floating around that unlocked the hidden characters in the game without having the user complete the single player missions. If someone used this method to unlock the characters and joins a server using a default UTSecure-110 install, they will be labeled as an insecure client.

Which makes me wonder if UTSecure-110 will also label those who unlocked the characters legitimately as insecure. No idea. Not that anyone actually did this.

I assume this is why I am now getting this...

This Image Was Automatically Resized by using the Screenshot Tag. Click to view the full version

Personally, I think this sucks. I didn't buy the game for the single player aspect. I bought it for the multiplayer and feel I should have access to all the models online. I don't use the brightskins hacks, the only thing I've edited aside of graphics stuff is the three lines in the ini regarding these characters. How the heck can that make it "unsecure"? So I have to beat the damn game to get them to work right? Grrr.

As for my previous post, any word on that DrSiN? I e-mailed you some more info, let me know if you're getting it or not.

-Josh

**legacy-Xipher** · 03-30-2004, 08:14 PM

I MAY have found a fix for it not allowing the locked characters online if you didnt complete the SP, although I wasn't getting the ban message like above so it might have been a different problem.
Try adding the same lines into the User.ini at the server that you had to add for your personal game, its working for me, but I also have a little problem when I am the only user on the server and the initial count down is stuck, but if I leave and reconnect it completes the count down. Might just be that its waiting for other players.

**legacy-DrSiN** · 03-30-2004, 08:39 PM

Does this include the speed hacks I hope?

No, speed hacks require a native server side fix and that will be included in the first patch.

1) Does UTSecure still remove our servers from the "Standard Servers List ??? I'm guessing you fixed that ??

That should be fixed. Same for Anti-TCC provided I got his mutator name right.

2) Does UT Secure take noticeable server CPU cycles to run??

It shouldn't. It does run a 10second time per player but that shouldn't be noticable.

3) Why does the zip contain a zip, within the Zip?? What is in that other Zip, it looks like the same files <scratching head> ??

Oops.. was wondering where it went. Funny story. I zipped it and was like shoot.. where did I put it.. so I rezipped it. Sorry. Just delete the one in the \system dir.

Did you get my e-mail regarding that UT Optimizer and it's possibility of being a CD Key stealer? Lotsa people used it. I mean, LOTS. Just wondering what measure's can be taken to ensure people's key's are protected.

Yes, but with all the mail server problems, I haven't had time to get a secured PC setup (in case of viruses,etc). Hopefully I'll be able to examine it tomorrow.

If you use the default install of UTSecure, the following things (among others) will trigger an insecure client:

- client-side brightskins
- hacked clients that unlocked the hidden characters

Yep.. don't cheat.

And before everyone in the brightskins camp gets up in a tiff.. (A) bring the discussion here and I'll ban you and (B) Brightskins when made available by a server-side mod like TTM are not cheating (they are just lame). Brightskins you hack in to your game ARE cheating.

But in the end, it's an option that admins can just disable.

I also have reports of people restoring their default xplayersx.upl files and STILL not being able to reconnect. Dr. SiN - why is this and how can someone "restore" their client?

They aren't restore it right I guess. Tell them to just copy the original file from the CD.

If you want (or need) to allow client-side brightskins and clients that unlocked the hidden characters, remove these two lines from the UTSecure2k4.ini file (** WARNING - this may open your server to allow malicious skins such as black skins, triggerbot skins, and aimbot skins **):

Yes, it will but it's the admin's choice.

Oh - and I hope the Server Admin list comes back soon. Withdrawl sucks.

Working on it. And yes, it really sucks. But at least I have email back so I'm giving thanks hourly.

Do we copy and paste the contents of this file into our server's ut2004.ini, or does this exist as a stand-alone file residing in the \system folder that somehow gets read automatically ???

Stand alone.

Which makes me wonder if UTSecure-110 will also label those who unlocked the characters legitimately as insecure. No idea. Not that anyone actually did this.

That's a good point. I should probably check that tomorrow

Personally, I think this sucks. I didn't buy the game for the single player aspect. I bought it for the multiplayer and feel I should have access to all the models online. I don't use the brightskins hacks, the only thing I've edited aside of graphics stuff is the three lines in the ini regarding these characters. How the heck can that make it "unsecure"? So I have to beat the damn game to get them to work right? Grrr.

I'm pretty sure there is a proper way to hack the game to get all the models.. not adjust the upls (which is always a bad idea).

**legacy-vS.fallen** · 03-30-2004, 08:42 PM

I reset the three models "menu's" back to original and was able to connect. Anyone know of another way to do it. The Xan model is teh shiz, part of the reason I was so amped for this game.

Anyways, let me know SiN what you guys come up with about that .exe I sent you. I know I'm hoping it didn't steal the keys properly, as a ton of people on www.teamwarfare.com downloaded it.

**legacy-Xipher** · 03-30-2004, 08:46 PM

Originally posted by DrSiN
I'm pretty sure there is a proper way to hack the game to get all the models.. not adjust the upls (which is always a bad idea).

I didn't adjust the upls, just added the TotalUnlockedCharater lines in the User.ini and the server would disconnect me, but without a ban message at all. I added the same line to the User.ini on the servers side and it had no problems. If some one else could confirm this, I would appreciate it though.

**legacy-Myth|TWL** · 03-30-2004, 08:47 PM

I'd say there is a good chance it did something on the matter, seeing as how when I checked the ip it actually outbounds to a telus hostname, even though all it 'says' its doing is changing settings on your computer. Not to mention the 'site' that had it up (ut2k4something.tk) is now completely gone.

**Yoshiro** · 03-30-2004, 08:53 PM

Thanks for keeping us up to date Dr. Sin. Sending word out now.

**legacy-Iceboy2003** · 03-30-2004, 09:14 PM

Dr. Sin,

Where are these mailing lists that you talk about? I've been wondering how to get on them as I run a server and I was wondering how to keep up to date on stuff.

Can anyone clue me in on this, i've looked high and low for information?

**legacy-Cainslair** · 03-30-2004, 10:02 PM

Thx Dr. Sin,

I can confirm that it is using VERY little CPU cycles..

And it is a tiny download, with no noticeable in-game effects, thank you again.

Thx again,

- Cain

**legacy-Xipher** · 03-30-2004, 10:05 PM

Originally posted by Cainslair
Thx Dr. Sin,

I can confirm that it is using VERY little CPU cycles.. And it is a tiny download, with no noticeable in-game effects, thank you again.

One problem. I know it is working, I see it at server start-up and I see it popping folks at the server's console, BUT it is not logging people it catches anywhere.. that I can find.

I used the default .ini and made only one change and that was to allow a longer timeout period.

Where is the log going?? Was I supposed to make a different log name??

Thx again,

- Cain

You might enable the custom logging.

**legacy-fiLa** · 03-30-2004, 10:13 PM

Originally posted by fallen_fk
DrSIN
Did you get my e-mail regarding that UT Optimizer and it's possibility of being a CD Key stealer? Lotsa people used it. I mean, LOTS. Just wondering what measure's can be taken to ensure people's key's are protected.

if you are talking about my ini editor i can tell you that it is 100% no key stealer, some stupid german brought up this rumor.

**legacy-SpazzTic** · 03-30-2004, 10:37 PM

Can I load this mut in the demo?

[EDIT]

Not to be a pest -- but out of about 20 public servers that we run, at least 4 are the demo. I have been asked repeatedly about the feasibility of using this mutator on the demo, or whether another solution is being developed. Thanks!

**legacy-vS.fallen** · 03-30-2004, 10:56 PM

Originally posted by fiLa
if you are talking about my ini editor i can tell you that it is 100% no key stealer, some stupid german brought up this rumor.

It's not an ini editor. It's an "optimizer" that just runs in a DOS window and then that's it. Has some percent done with "analyzing ut2k4 settings", then "analyzing windows video settings", then "making changes".

**legacy-Xipher** · 03-30-2004, 11:43 PM

Any chance we will be seeing the security mutator on the offical Atari/Epic servers?

**legacy-DrSiN** · 03-30-2004, 11:45 PM

Yes.

**Frogger** · 03-31-2004, 12:34 AM

Trying to understand how unlocking players by adding lines to user.ini can be one of highest online security concerns

**legacy-BigByrd** · 03-31-2004, 01:12 AM

Originally posted by frogger187
Trying to understand how unlocking players by adding lines to user.ini can be one of highest online security concerns

This is not what this version disallow... UTSecure checks the .upl files, so if someone edited the .upl to unlock the extra characters, then the MD5 will not match and the player will be kicked. If you edited the USER.INI to get the extra characters, no issue there, it will still work. Anyway, still works fine here with the USER.INI tweak.

**legacy-vS.fallen** · 03-31-2004, 01:21 AM

Originally posted by BigByrd
This is not what this version disallow... UTSecure checks the .upl files, so if someone edited the .upl to unlock the extra characters, then the MD5 will not match and the player will be kicked. If you edited the USER.INI to get the extra characters, no issue there, it will still work. Anyway, still works fine here with the USER.INI tweak.

Everywhere I've seen how to do it is through the upl files. I really don't feel like going through the single player game at this time. I usually reserve that for a rainy day should my cable go out. PM me how to do it through the user.ini please. Thx