Quantcast
Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
    1. Welcome to GTAForums!

    1. Red Dead Redemption 2

      1. PC
      2. Gameplay
      3. Missions
      4. Help & Support
    2. Red Dead Online

      1. Gameplay
      2. Find Lobbies & Outlaws
      3. Help & Support
      4. Frontier Pursuits
    1. Crews & Posses

      1. Recruitment
    2. Events

    1. GTA Online

      1. Diamond Casino & Resort
      2. DLC
      3. Find Lobbies & Players
      4. Guides & Strategies
      5. Vehicles
      6. Content Creator
      7. Help & Support
    2. Grand Theft Auto Series

    3. GTA 6

    4. GTA V

      1. PC
      2. Guides & Strategies
      3. Help & Support
    5. GTA IV

      1. Episodes from Liberty City
      2. Multiplayer
      3. Guides & Strategies
      4. Help & Support
      5. GTA Mods
    6. GTA Chinatown Wars

    7. GTA Vice City Stories

    8. GTA Liberty City Stories

    9. GTA San Andreas

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    10. GTA Vice City

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    11. GTA III

      1. Guides & Strategies
      2. Help & Support
      3. GTA Mods
    12. Top Down Games

      1. GTA Advance
      2. GTA 2
      3. GTA
    13. Wiki

      1. Merchandising
    1. GTA Modding

      1. GTA V
      2. GTA IV
      3. GTA III, VC & SA
      4. Tutorials
    2. Mod Showroom

      1. Scripts & Plugins
      2. Maps
      3. Total Conversions
      4. Vehicles
      5. Textures
      6. Characters
      7. Tools
      8. Other
      9. Workshop
    3. Featured Mods

      1. DYOM
      2. OpenIV
      3. GTA: Underground
      4. GTA: Liberty City
      5. GTA: State of Liberty
    1. Red Dead Redemption

    2. Rockstar Games

    1. Off-Topic

      1. General Chat
      2. Gaming
      3. Technology
      4. Programming
      5. Movies & TV
      6. Music
      7. Sports
      8. Vehicles
    2. Expression

      1. Graphics / Visual Arts
      2. GFX Requests & Tutorials
      3. Writers' Discussion
      4. Debates & Discussion
    1. News

    2. Forum Support

    3. Site Suggestions

GTAForums does NOT endorse or allow any kind of GTA Online modding, mod menus or tools. Do NOT post them here or advertise them, as per the forum rules.
tom_c2012

New Exploits??!!

Recommended Posts

tom_c2012

I am sad to report that there appear to be new exploits on the street as I have seen some cheats that I've never seen before. Worst part is, they are able to follow any user from session to session to target that person. Yeah, ask me how I know. Even worse, they can change their username to whatever they want (doesn't even have to be an existing name). This collectively means this game is going to die a real quick death. With these kind of security issues, there is no way for R* to do anything because they don't even know the user account. I mean, if they can change their screen name at will, how can that possibly be banned if they can't be sure who's account is doing it. 

 

I've seen and dealt with cheaters in this game for years, but until now they could only spoil one session. All you had to do was "find new session" and the troll is gone. But now they can find and join you. 

Share this post


Link to post
Share on other sites
No Use For A Name

PC or console?

Share this post


Link to post
Share on other sites
computertech82

It's basically dumbstar NOT using any security for admin rights in the game. So the cheater's program has full admin access (and still does), so even if you try to report, the report goes to them instead of dumbstar. And by the moronic dumbstar replies on their support page, ZERO effort will be used to fix their screw up.

Share this post


Link to post
Share on other sites
Up2NoGood45

Another reason why they should open up all business to invite only lobbies.  

Share this post


Link to post
Share on other sites
Jenkiiii
29 minutes ago, computertech82 said:

It's basically dumbstar NOT using any security for admin rights in the game. So the cheater's program has full admin access (and still does), so even if you try to report, the report goes to them instead of dumbstar. And by the moronic dumbstar replies on their support page, ZERO effort will be used to fix their screw up.

No offence, but biting the hand that feeds you and calling Rockstar "dumbstar" is worse than anything else on this page.

 

Totally unnecessary!

 

 

Share this post


Link to post
Share on other sites
REXX
1 hour ago, computertech82 said:

It's basically dumbstar

How dare you insult my workplace!

 

... I wish lol

Share this post


Link to post
Share on other sites
tom_c2012

PC of course. And yes, the security, or lack thereof, in this game is beyond unacceptable. I wouldn't have thought it could have gotten any worse. 

Share this post


Link to post
Share on other sites
flexcreator
4 hours ago, tom_c2012 said:

I am sad to report that there appear to be new exploits on the street as I have seen some cheats that I've never seen before

I'm sorry, but nothing you mentioned is new.

Share this post


Link to post
Share on other sites
computertech82
6 hours ago, Jenkiiii said:

No offence, but biting the hand that feeds you and calling Rockstar "dumbstar" is worse than anything else on this page.

 

Totally unnecessary!

 

 

You obviously never tried dumbstar support. One of many post, the cheat program INTERCEPTS any attempt to report the cheater in game. dumbstar's answer? report the cheater so the cheater can kick you out of the session and the report never makes it to dumbstar. They more than earned the name now.

Share this post


Link to post
Share on other sites
tom_c2012
1 hour ago, computertech82 said:

You obviously never tried dumbstar support. One of many post, the cheat program INTERCEPTS any attempt to report the cheater in game. dumbstar's answer? report the cheater so the cheater can kick you out of the session and the report never makes it to dumbstar. They more than earned the name now.

Yes indeed. The cheats that are out there have a "modder protection" set of features. If you try to report them, you are disconnected. It is just beyond sad that this company can't keep ahead of these cheats. Reporting them via the website is pointless too, now that I see they can change their username to whatever they want -- and even change it to one that already exists. What are they going to do, ban the user whose username was hijacked?

 

Application security needs to be built on a solid foundation of AAA - authentication, authorization, and accounting. If you can't even identify the user account that is performing the cheats, there is just no way you are going to ever detect them, ban them, etc. All these years I had presumed that their security at least ensures that the cheaters accounts can be identified. Yet what I saw today demonstrates that is not the case at all. 

Yes,it it is just a game. But millions of people have put their money into the game in the form of purchases and microtransactions and countless hours of their personal time. 

4 hours ago, flexcreator said:

With all due respect, the thread you linked does not talk about cheaters being able to change their username and seek out targets and find that session and join it. I have been playing this game for a long time and have never seen that. Yes, everything in the thread you linked I've seen time and time again. This is very new. A cheater followed me all day today. From one session to the next, with a new username each time. And it was obvious it was the same person by the things they said in chat.

Share this post


Link to post
Share on other sites
FuturePastNow

They've been able to change their username for years and follow you between sessions probably as long. None of it is new.

Share this post


Link to post
Share on other sites
SummerFreeze

I've actually encountered one of these session stalking griefers a couple of months ago. This person was also teleporting around the map, using an EWO macro, aimbot, rapid-firing homing launcher exploit, etc. Just wasn't in godmode and I got a kill on "it" with the Terrorbyte drone. Probably my most impressive kill in GTA ever.

 

But yeah, the game would be practically unplayable on PC if not for the ability to empty sessions.

Share this post


Link to post
Share on other sites
Gaffa
8 hours ago, tom_c2012 said:

With all due respect, the thread you linked does not talk about cheaters being able to change their username and seek out targets and find that session and join it. I have been playing this game for a long time and have never seen that. Yes, everything in the thread you linked I've seen time and time again. This is very new. A cheater followed me all day today. From one session to the next, with a new username each time. And it was obvious it was the same person by the things they said in chat.

Oh it does, several times. You probably only read the first page or something... 

Changing name and following across (even private) sessions has been going on for over a year. 

Share this post


Link to post
Share on other sites
CaptainMarvel
12 minutes ago, Gaffa said:

Oh it does, several times. You probably only read the first page or something... 

Changing name and following across (even private) sessions has been going on for over a year. 

 

Or just the title of the thread lol

Share this post


Link to post
Share on other sites
Jenkiiii
12 hours ago, computertech82 said:

You obviously never tried dumbstar support. One of many post, the cheat program INTERCEPTS any attempt to report the cheater in game. dumbstar's answer? report the cheater so the cheater can kick you out of the session and the report never makes it to dumbstar. They more than earned the name now.

You are absolutely right; I have never used Rockstar support or needed to (PS3 for the first two years, followed by four years after transferring to XB1), which makes your continued use of "dumbstar" even more ugly. It doesn't even rhyme (at least "cockstar" does); it's just an offensive cliché that anyone can invent: wankstar, sh*tstar, crapstar, idiotstar, you name it...

 

If you want to get something done, try to treat other people with respect. You no doubt talk to Rockstar support staff in the same way that you talk to me and others, so none of this is surprising, from any of you. If Rockstar's games are giving you this many problems, why continue to play them? 

 

Edited by Jenkiiii

Share this post


Link to post
Share on other sites
flexcreator
10 hours ago, tom_c2012 said:

With all due respect, the thread you linked does not talk about cheaters being able to change their username and seek out targets and find that session and join it. I have been playing this game for a long time and have never seen that. Yes, everything in the thread you linked I've seen time and time again. This is very new. A cheater followed me all day today. From one session to the next, with a new username each time. And it was obvious it was the same person by the things they said in chat.

 

Stalking players using mod menus is first mentioned in April 2017

 

I believe, it started to widespread when the Evolve (paid) mod menu incorporated this feature:

 

rC9ylN9.png

 

 

They are using the Social Club ID to stalk you. Like I said, It's not new, it's actually the Rockstar doing bad job and the old exploits not getting patched. 

 

Quote

This collectively means this game is going to die a real quick death

This is happenning for over 2 years and the game got more popular than it ever was, lol xD

 

The best you can do is to adapt and use the firewall-related tools (firewall is proven to be effective against stalkers). Don't hope for Rockstar. Rockstar couldn't care less about the security issues. We are on our own.

 

Adapt and overcome:

https://github.com/CodeSwine/GTA5Online-Private_Public_Lobby

Edited by flexcreator

Share this post


Link to post
Share on other sites
SummerFreeze

Does anybody know if blocking on Social Club helps? That's assuming the person isn't using a fake ID.

Share this post


Link to post
Share on other sites
flexcreator

From what I heard, the blocking just lets you to know if an unwanted player is joining your session.

It just informs you, it doesn't actually prevent anyone from joining you.

 

However, you can use it in combination with the solo session tools.

Share this post


Link to post
Share on other sites
CaliMeatWagon
19 hours ago, tom_c2012 said:

PC of course. And yes, the security, or lack thereof, in this game is beyond unacceptable. I wouldn't have thought it could have gotten any worse. 

This is the problem with Peer-to-Peer servers in general. 
Of course, if it was server based we wouldn't be able to lag into a public solo lobby.

 

Also, this is why I recommend platforms this way:
PC for modded single player and role play servers.
Console for vanilla online. 

Share this post


Link to post
Share on other sites
tom_c2012
11 hours ago, flexcreator said:

 

Stalking players using mod menus is first mentioned in April 2017

 

I believe, it started to widespread when the Evolve (paid) mod menu incorporated this feature:

 

rC9ylN9.png

 

 

They are using the Social Club ID to stalk you. Like I said, It's not new, it's actually the Rockstar doing bad job and the old exploits not getting patched. 

 

This is happenning for over 2 years and the game got more popular than it ever was, lol xD

 

The best you can do is to adapt and use the firewall-related tools (firewall is proven to be effective against stalkers). Don't hope for Rockstar. Rockstar couldn't care less about the security issues. We are on our own.

 

Adapt and overcome:

https://github.com/CodeSwine/GTA5Online-Private_Public_Lobby

This is good info, but when did it start that cheaters can actually change their user name? Becuase that is the most alarming thing I saw in this incident. The cheater actually cloned my own username. I probably have been reported as a cheater.  I've never heard of that being possible or it being done. 

 

Share this post


Link to post
Share on other sites
flexcreator
1 hour ago, tom_c2012 said:

when did it start that cheaters can actually change their user name? Becuase that is the most alarming thing I saw in this incident

Since the dawn of time.

In fact, from the technical perspective this is the most BASIC thing. All you really have to do as cheat creator is to alter the string in memory. And since the source string is known, you can perform this even without knowing the exact offset.

 

As it stated

https://www.unknowncheats.me/forum/grand-theft-auto-v/191004-choose-nickname-socialclub-modmenu-urgent.html

Quote

You can't change it on the social club website but you can edit the name char ingame.
Yes, everyone on the lobby can see the name after you reconnect

 

So, the actual social club name remains valid. But the in-game text you see is altered.

 

PS

Also, they can change the font color. Saw that in some private menus

Edited by flexcreator

Share this post


Link to post
Share on other sites
AirWolf359
4 hours ago, tom_c2012 said:

This is good info, but when did it start that cheaters can actually change their user name? Becuase that is the most alarming thing I saw in this incident. The cheater actually cloned my own username. I probably have been reported as a cheater.  I've never heard of that being possible or it being done. 

 

Don't worry about reports, the in-game reporting feature will still send the reports to the cheater, who probably intercepts and blocks them. He can show your username to other people, but the reports still go to his own account.

The only thing you have to worry about is people filming him when he is using your name. And Rockstar support will still tell people to report cheaters in-game (which cheaters can block)

Edited by AirWolf359

Share this post


Link to post
Share on other sites
The Wandering Hunter

pc seems unplayable, lucky pc played can use the ip exceptions thingy, i wish i could do that on ps4

Share this post


Link to post
Share on other sites
CaliMeatWagon
23 hours ago, The Wandering Hunter said:

pc seems unplayable, lucky pc played can use the ip exceptions thingy, i wish i could do that on ps4

I believe for the PS4 you need to restrict your MTU settings. 

Share this post


Link to post
Share on other sites
tom_c2012

I get that one can use tools (or make tools) that can inspect/inject into the application's memory of the app running on their own machine. Where I struggle to wrap my head around this is how that gets propagated to all the clients in the session.  The answer has to be that the game blindly broadcasts changes to its memory every so often, without any sanity checking whatsoever. 

 

How is this not possible to combat over a 6+ year lifecycle? It should be pretty simple. I just sit and watch the map and the player list and can detect cheaters easily. Uh, that payer was level 8 before, and is now level 299. Hmm, that player was in paletto bay 30 seconds ago and is now at elysian islands. Then there is player Y that just dropped out of the sky on top of me. And player W attacked me, but when I go to return fire lag just magically appears. 

 

There just has to be a basic level of sanity checking on the peers ends, but there doesn't appear to be any. 

I'd say it is time for Rockstar to admit failure and open up CEO/MC activities in "invite only" sessions. Let people pick and choose who they want to play with or not. I get the concept they had in mind, but the execution is just horrible. 

Share this post


Link to post
Share on other sites
DentureDynamite

^^ Note sure my understanding of cleaning up peer-to-peer is completely accurate--someone correct me if I'm wrong--but basically those sanity checks (though theoretically possible to do), could potentially slow game play down to a crawl.

 

I'm also not sure if there's even a way to "secure memory" in the same way you can secure a connection between client and server (TLS).

 

My guess is that forcing secure connections for everything done in-game (like how R* does "processing transactions" when you pick up money) would also slow things way, way down.

Edited by DentureDynamite

Share this post


Link to post
Share on other sites
Plocospermataceae

Speaking of exploits, I just saw a guy run around as a cat on PS4? 😃 I wasn't aware this stuff was possible on new gen, have I just not heard of this or is this new? Another guy in the same session sent me a text message that was just numbers and various signs, I started thinking maybe it has something to do with the cat, some kind of SQL injection or something. Here's the cat:

 

 

Spoiler

mpv-shot0040.jpg

 

Here's the message:

 

Spoiler

mpv-shot0038.jpg

 

Share this post


Link to post
Share on other sites
Lonely-Martin
1 hour ago, Plocospermataceae said:

Speaking of exploits, I just saw a guy run around as a cat on PS4? 😃 I wasn't aware this stuff was possible on new gen, have I just not heard of this or is this new? Another guy in the same session sent me a text message that was just numbers and various signs, I started thinking maybe it has something to do with the cat, some kind of SQL injection or something. Here's the cat:

 

 

  Reveal hidden contents

mpv-shot0040.jpg

 

Here's the message:

 

  Reveal hidden contents

mpv-shot0038.jpg

 

Wasn't sure if you knew, but we are due the peyote plants online in the near future. I suspect someone just found a way to do that earlier than R* plans. :)

Share this post


Link to post
Share on other sites
flexcreator
5 hours ago, DentureDynamite said:

^^ Note sure my understanding of cleaning up peer-to-peer is completely accurate--someone correct me if I'm wrong--but basically those sanity checks (though theoretically possible to do), could potentially slow game play down to a crawl

I'm neither a netcode expert, but you don't have to do it with every transaction or every second.

 

For example, look how Rockstar fights the money glitches. The Horse Betting glitch in particular, they have limits of how much money you can potentially get per 3 wins (60K), they check how much cash did you bet and so on. If you go above 60K while betting low, you get kicked to the single player. Basically, they use statistics to judge if you are legitimate or not. They could utilize the similar approach against the stalkers.

 

Anyway, the industry-approved solutions already presented in the 20 years old article that no one bothers to read:

https://www.gamasutra.com/view/feature/131557/how_to_hurt_the_hackers_the_scoop_.php?page=2

 

Quote

For peer-to-peer games, cheating can be made difficult by changing from a game engine that issues commands to one that issues command requests. It's a subtle distinction but one that requires engineering changes throughout the game. It also requires that each player's machine run a full copy of the game simulation, operating in lockstep with the other players.

 

Tracking the full-scale cheating may not be a trivial stuff, however...  validating the nickname is easy as hell. Just let another game client to do the check, and if the name contains inappropriate symbols or suspicious fonts or doesn't match the social club name that is associated with SCID (the player's SCID is known to another game client), then refuse the connection.

 

The stalking problem can be solved at the client side as well - if the player was marked for vote-kicking in one of the previous sessions, refuse the connection when he/she is trying to join.

 

I believe, we DO have solutions to most of the problems. It's really NOT that hard. The thing is - no one is doing that at Rockstar, because they are busy doing other things. PC is never a priority.

Edited by flexcreator

Share this post


Link to post
Share on other sites
Big_Show
On 9/4/2019 at 6:44 AM, Jenkiiii said:

No offence, but biting the hand that feeds you and calling Rockstar "dumbstar" is worse than anything else on this page.

 

Totally unnecessary!

 

 

Can u pweez explains whyz callin R* "dumbstar" is worse than anything else on this page, especially your sh*tty posts? Also explain how R* feeds us? Last time i checked it's our loyal sharkcard and game buyers that's keeping their lights on kid.  It's not the other way around stupid.  Your post totally unnecessary. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • 1 User Currently Viewing
    0 members, 0 Anonymous, 1 Guest

×
×
  • Create New...

Important Information

By using GTAForums.com, you agree to our Terms of Use and Privacy Policy.