Unbannable name?

[PanamaJim]

This post has two intents: 1. Pose a question and find solution. 2. Warn others of an individual suspected of running said hack. Because the question is valid and the reporting of the individual may be taken as a witch hunt, I'll keep the two issues apart.

 

We had an individual come onto our server today and was quite disruptive. When we went to ban the player through in-game commands, PRoCon and console commands, we found there was no means to accomplish this. In-game commands and PRoCon returned no confirmation and the individual remained active in game. BC2 console commands also returned no confirmation. PB console returned a "ban failed" message. We suspect this was due to the individual's name, which is rather unique and listed below, or the individual was using a hack. Further, the individual had been previously banned by name some months prior yet was able to re-enter the server. Killing, kicking and banning were unresponsive through any means. In short, we were unable to exert any control over the player aside from moving him from attacker to defender and back. After two or three minutes of that, the player finally left. What would cause this and what do you suggest as means to avoid this in the future? We have manually added the individual to our ban list via name (again), GUID and IP. We'll see how useful that is.

 

 

For those interested, the individual's name is -_-_-_-___--~_- and the 
last 8 of the GUID are 967bd8a6.

Edited January 9, 2011 by PanamaJim

[Nadar]

It's nothing new that "so called hackers" (i prefer cheaters or just low-life's) try to find names that's difficult to identify. I've seen several that uses the confusion between capital i (I) and lowercase L (l) for example. I doubt the name itself is a "hack" though, and the failure to identify the player is probably due to bugs in the admin system. That said, it could ofcourse exploit at bug in the admin protcol itself, but it's hard to judge without more data.

[PanamaJim]

It's nothing new that "so called hackers" (i prefer cheaters or just low-life's) try to find names that's difficult to identify. I've seen several that uses the confusion between capital i (I) and lowercase L (l) for example. I doubt the name itself is a "hack" though, and the failure to identify the player is probably due to bugs in the admin system. That said, it could ofcourse exploit at bug in the admin protcol itself, but it's hard to judge without more data.

 

Thanks for the response. What nature of data would be more helpful?

[Everson]

Easiest solution is to apply the ban to the GUID, don't need to mess around with names then.

 

People have been using the iIl1 0oO trick for 10+ years, used to be a big issue with WAP sites.

[KillerBee69]

a few month ago we had the same problem. although the guys name was identified correctly at last the admin tool baned someone else each time we tried to ban him via ingame commands.

 

the only thing that helped was loging in the server tool (we use bc2guardian) and use the nickname only to ban him. for some reason that worked.

we later found out that the guy somehow managed to ONLY have a nickname and a guid displayed in our logs. no ip or eaguid showed up. and everytime we tried to ban him the command was somehow redirected to the player in slot1. it was quite astonishing

 

a few days later someone else showed up aimboting and using the same hack (actually i still can only suspect it is a hacking tool... it may have been a glitch in the server but that is highly improbable). after one of our admins got rid of him the same way you described one of our IT members programed a method that uses pbkicks to ban but still works even in this case by using the bc2guardian webtool as a base frame. this way every admin can use this method quite easily.

if you require the code of the method our IT guy programed just pm me. but keep in mind it is specifically made for the bc2guardian webtool.

[HSMagnet]

always use the GUID and get a SS of the info

 

messing with name banning will bite you in the arse when you least expect it