[ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cookies!
2 Attachment(s)
SourceMod Re-Banner (v. 1.3) GitHub | Download | Wiki Fights ban evasion through client-side "fingerprinting". Relies on security through obscurity. Sometimes, a ban isn't enough to stop them from trying to play on your servers. This solution tries to combat such players by leaving tiny unique files in download folders to recognize players. Supports Basebans and SourceBans++. I release this in hope to help the community fight ban evasion, as I personally know how annoying it can be. Nothing can be ideal, and there are loopholes that can easily make players immune to this. It also won't catch ban evasion instantly, but rather get more effective over time as it analyzes more and more accounts. Designed to run autonomously without admin intervention. Dependencies:
Currently supported games:
Tested games:
Re-Banner should be game-independent as long as you have the gamedata. For now only two games are supported. You may request support for other games. What does it do? To not clutter up the post, the full description can be found at: I highly encourage you to read the Wiki version instead. Below is a stripped-down version. Re-Banner's logic can be split into two big sections:
1. Re-Banner hooks into early player connection phases, to be fully precise the phase at which the server sends it's ConVar values to the player. During this stage, Re-Banner will attempt to recognize clients through SteamID and IP checks. If it fails to do so, a new fingerprint will be generated. Then, Re-Banner will modify the value of sv_downloadurl like this http://fastdownload.com/tf/serve.php...NGERPRINT&url= And send this value to the client. After this stage, the client starts downloading server content from the FastDownload URL that they received. Re-Banner adds it's fingerprint file to the Download Table, so all connecting clients will eventually request that file as well. When that happens, the FastDownloads script checks whether the requested path is actually the fingerprint file path, and if so, dynamically generates that file on the FastDownloads server and sends it to the client, putting the fingerprint value inside it. 2. Re-Banner starts by sending the original sv_downloadurl value to the player to hide it's presence. Then it queries the player for their fingerprint file. From here, there are two possible outcomes: the client either successfully sends their fingerprint value to the plugin or not. If the query is successful, Re-Banner will check the fingerprint against it's internal records and re-ban the player if necessary. If the query fails (either the client doesn't have the file locally for some reason, or they deleted it/changed PC), Re-Banner will attempt to make the client late-download a fingerprint if a match is possible. What happens if someone gets banned? When a player gets banned, their unique fingerprint gets marked as banned in the internal database. Any subsequent attempts to join the server from another IP address/account/PC (any combination of the 3) will lead to a re-ban if any of the conditions are met:
Checks are ran in the same order as shown above. If player SteamID/IP address is matched to a known fingerprint, current client fingerprint value is discarded and not taken into account. In an event that the alt account player is missing their fingerprint client-side (and they are recognized), the fingerprint file is re-sent before they get re-banned. Tampering prevention? If the plugin is unable to identify the client via SteamID and IP address, but the client has a fingerprint locally which we can use for identification, this will make sure that the fingerprint is not tampered with. Well, "tampered with" is a rather big word, it checks whether the file only contains numbers (the fingerprint is numeric only) (and) if the fingerprint is known by the server. If the file has anything else (say, SQL commands, etc), or it's not recognized by the plugin, Anti-tamper will raise a red flag and, if configured, will kick the client. The fingerprint won't ever reach the database to prevent SQL injection. Setup: Please refer to the Wiki page. It's important to follow the setup instructions, as it not as simple as drag-n-drop. ConVars: Please refer to the Wiki page. Commands: Please refer to the Wiki page. Known issues:
To-Do:
Credits:
Important: As of 22.04.2023, the latest version of Re-Banner (1.3) and all future versions will not be compatible with previous database versions. Even if the database srtucture is the same, the fingerprint length was decreased to mitigate potential issues with the new FastDownloads fingerprinting method. Since sv_downloadurl can hold only up to 127 characters, and old fingerprints were ~70, with Re-Banner 1.3 you might run into ConVar overflow issues. With that in mind, I encourage you to drop the old database and do a clean re-install of Re-Banner (deleting it's old config file and changing the fingerprint path). Please follow the wiki for detailed setup instructions. |
Re: [ANY?] SourceMod Re-Banner - detect alts of banned players through client "cookie
1.1 Changelog:
- Added support for MySQL hosts. This essentially makes the plugin capable of covering multiple servers with a single unified database. - Minor bugfixes. I don't recommend changing database types after if you've launched the plugin at least once; If that's the case, change the fingerprint path in rebanner.cfg to avoid false anti-tamper detections. If you're going to use a single MySQL database for multiple servers, make sure that all plugin instances use the same fingerprint path and filename! |
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Appears nobody has noticed the significance of this plugin yet and I'm thrilled to be the first to comment. I had this idea about 5 years ago but never got to it unfortunately.
Hoping the cheat community does not figure out the work around for quite some time, rendering cheaters clueless when their IP changes. Great work! |
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Quote:
|
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Left 4 dead 2 has a quite specific download system, will it work?
|
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Good work but you should add a security feature if requiring sv_allowupload to be set to 1.
OnFileReceived should have a default option to automatically delete the received file if it is not inside the RequestListing array. I would also add a convar option that forces clients to have cl_allowupload 1 or kick (off by default). |
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Re-Banner 1.3:
Revamped the fingerprint sending logic. Re-Banner 1.3 now has two ways of sending fingerprints: - FastDownloads injection - File Network late-downloading You may read a thorough description in the Wiki: (LINK). The initial thread message was also updated. In order to use this version and any future releases, you NEED a FastDownloads server available and configured, and it needs to have PHP installed. Most game server providers provide such a webserver free of charge. Due to changes in fingerprint length and the new FastDownloads method of sending fingerprints, it is highly recommended to do a clean re-install of Re-Banner (that is, delete the old database, delete the config file and change the fingerprint path). I also strongly recommend using the Wiki page to (re)install the plugin. Please save your and my time. Tested and confirmed working with default ConVar values in TF2 and CSGO on Windows SCRDS. Some elaboration on the new FastDownloads method: CS:GO disables sv_allowupload by default for clients. This prevens File Network from being able to send files to clients. To fully support CS:GO (and improve the chances of successful fingerprinting), Re-Banner now uses FastDownloads to ship fingerprint files to clients. |
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Please add support for materialadmin - https://github.com/SB-MaterialAdmin/NewServer
|
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
possible to add way to recognize client ban evading through steam webhelper cookies? can be userful for games that support motd, and its possible to open motd in background without displaying it, could be great for games that support motd (https://forums.alliedmods.net/showthread.php?t=157953)
|
Re: [ANY?] SourceMod Re-Banner - ban alts of banned players through clientside cooki
Quote:
I already have an idea regarding MOTD - Canvas Fingerprinting. While not 100% false positive proof, it should still be quite reliable. It will likely be added in one of the future releases. As for Steam Web Helper cookies - I'll take a look, that sounds like a nice idea. Thanks! |
All times are GMT -4. The time now is 22:55. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.