IDEA: Manually VAC ban users from your server!

sebastiannielsen · **Author**

I found out this:
http://www.reddit.com/r/GlobalOffens...u_have_visited

Apparently, VAC checks if your computer have phoned home to a specfic DRM server belongning to a paid cheat.

Now lets use this to something useful:

To make it possible for server admins to VAC ban the user, the server needs to make the client to do some form of DNS lookup for a DRM-server belongning to a paid cheat.
Yep, it is that easy.

So I got a idea:
Server admin runs !vacban [user]
The plugin sends a request to [user] to download a game related file, lets say a sound file, decal file or something from lets say:
http://cheat-drm-server.cheatmaker.com/sound.wav , or why not send a fake mapchange to nicemap.bsp tp the user, and set downloadurl to http://cheat-drm-server.cheatmaker.com/nicemap.bsp

Another idea is to load a MOTD window (which normally is for showing rules or messages to clients) but ask the MOTD window to load a file from the cheat DRM server - even if the file does not exist its enough.

Even if cheat-drm-server.cheatmaker.com does not host a HTTP server at all (resulting in timeout) or sound.wav/nicemap.bsp is nonexistent (resulting in 404), the client computer will do a DNS lookup on cheat-drm-server.cheatmaker.com, which will end up in the DNS cache, and that will be enough.
(This will propably be true since the cheat makers run their DRM servers with propertiary protocols)

This will be picked up by VAC, since VAC will Think the user has a private cheat installed since he contacted the DRM-server belongning to a private cheat - even if he didnt do it via the cheat tcp/ip port, the VAC will not check for that.
Result: User will be VAC-banned.

Note that cheat-drm-server.cheatmaker.com is not a real cheat DRM server.
You will have to find out that yourself. Note that its NOT enough to Contact a cheat website via HTTP or something like that, because the cheat website and cheat DRM server is different from each other, thus VAC would not pick up the cheat website.
VAC would only add real DRM servers of cheats, eg those DRM servers that are not hosted on the same machine as the cheat website - to avoid banning users that have just visited a cheat website, rather they ban the user when the user has actually downloaded a cheat and attempted to use it.

Happy cheater fighting and Happy VAC banning of misbehaving users on your server!
Note also that VAC bans are timed, you will not see a effect immediately after asking the client to download that nonexistent sound file/map file, instead you will have to server ban the user in addition to this, but after a while, it will come a VAC ban wave and your misbehaving user will get VAC banned.

haha imagine getting vac banned for harassing a Community server admin or just camping too much or something like that...

NOTE: To use this you will have to write your own plugin to make use of this idea.
You could also verify this by executing the command against some smurf account you know have not cheated and then check if it gets VAC banned after a long while. If it gets VAC banned, then you know the idea works.

asherkin · 04-30-2014 , 18:56 Re: IDEA: Manually VAC ban users from your server!

It's so trivial to poison the DNS cache, VAC won't use it as a trigger.

sebastiannielsen · 04-30-2014 , 19:11 Re: IDEA: Manually VAC ban users from your server!

What do you mean? Why would the VAC module contain code that actially hashes entires from the DNS cache and checks them against something, if they wouldn't use it as trigger?

asherkin · 04-30-2014 , 19:13 Re: IDEA: Manually VAC ban users from your server!

Cross-referencing data to discover undetected cheats in the wild - there are plenty of other instances of this like the checks against open window titles.

Kia · 05-01-2014 , 00:29 Re: IDEA: Manually VAC ban users from your server!

Worst idea ever.
Even if it would be possible, I would not join any server using this since I don't want get vac-banned because of immature kids.

ddhoward · *Last edited by ddhoward; 05-01-2014 at 01:28.*

You clearly haven't read Gaben's post on this issue.

First off, VAC only checked the DNS cache if a cheat program had been detected on the client. If no cheat program existed on the client, the DNS wasn't touched.

Further, Valve no longer checks the DNS cache AT ALL. They did that for like 2 weeks, and then stopped it once the cheat programmers stopped making such a check relevant. VAC hasn't looked at DNS for over 2 months now.

http://www.reddit.com/r/gaming/comme...vac_and_trust/

ANTICHRISTUS · *Last edited by ANTICHRISTUS; 05-01-2014 at 07:12.*

Quote:

Originally Posted by Kia

Worst idea ever.
Even if it would be possible, I would not join any server using this since I don't want get vac-banned because of immature kids.

+2^2

Quote:

Originally Posted by ddhoward

VAC hasn't looked at DNS for over ~~2 months~~ 10 years now.

I have nothing against your post, I just love to make sarcasms about stupid VAC.