24.06.2020, 22:05
Any form of process detection or injection detection can be easily bypassed, that's true. That's why this module has two communicating components with server-side validation.
It's not an open source to make eventual bypass methods less obvious. And no, you can't do the same in pure scripts. While large chunk of this module contains Squirrel script compiled on load (GO doesn't support pre-compiled scripts), you can't achieve the same range of measurement accuracy with functions that go through Squirrel Virtual Machine. Client scripts can also be manipulated while module contains some special algorithm to detect that it's loaded and in desired form.
No one can know for sure if I didn't include any malicious code into module. Same goes to GO, Windows, vaccines, etc.
You can also check Virus Total reports on files:
VirusTotal - SpeedBlock.dll
VirusTotal - SpeedBlockServer.dll
VirustTotal - SpeedBlockServer.so
I've got some feedback that the module sometimes trigger false positive for some players. Unfortunately, I wasn't able to reproduce this error with simulation of load and latency.
If such problem occurs, you can resolve it with setting some tolerance to estimated multiplier, by modifying server script code like this:
Where x is maximum tolerated multiplier (like 1.015).
Other option is to store counter of wrong multiplier values in some players data structure, together with multiplier. Then, you can check if the same multiplier occurs consistently. There high probability that false positive will produce other multiplier on different estimation.
It's not an open source to make eventual bypass methods less obvious. And no, you can't do the same in pure scripts. While large chunk of this module contains Squirrel script compiled on load (GO doesn't support pre-compiled scripts), you can't achieve the same range of measurement accuracy with functions that go through Squirrel Virtual Machine. Client scripts can also be manipulated while module contains some special algorithm to detect that it's loaded and in desired form.
No one can know for sure if I didn't include any malicious code into module. Same goes to GO, Windows, vaccines, etc.
You can also check Virus Total reports on files:
VirusTotal - SpeedBlock.dll
VirusTotal - SpeedBlockServer.dll
VirustTotal - SpeedBlockServer.so
I've got some feedback that the module sometimes trigger false positive for some players. Unfortunately, I wasn't able to reproduce this error with simulation of load and latency.
If such problem occurs, you can resolve it with setting some tolerance to estimated multiplier, by modifying server script code like this:
Code:
addEventHandler("onSpeedHackDetect",function(pid, multiplier)
{
if(isPlayerConnected(pid) && multiplier > x)
kick(pid, "SpeedHack detected with multiplier: " + multiplier);
});Where x is maximum tolerated multiplier (like 1.015).
Other option is to store counter of wrong multiplier values in some players data structure, together with multiplier. Then, you can check if the same multiplier occurs consistently. There high probability that false positive will produce other multiplier on different estimation.