Liberty Unleashed
News and Content => Updates/Changes => Topic started by: Force on November 09, 2013, 08:35:18 pm
-
Liberty Unleashed 0.1 Update
Updates to Liberty Unleashed 0.1 have been released, they will be automatically applied the next time you restart your server browser, the following changes include:
- Fixed the server checking for updates every 84000 milliseconds (Changed to 12 hours)
- Reset health and weapons on reconnect
- Fixed a crash related to vehicle alpha channels
- Fixed a buffer overflow
- Fixed the spawnscreen spamming spawned packets on reconnect
- Made the crashed packet send as soon as the exception handler displays
- Cleaned up a lot of memory on disconnect (helps fix reconnect bugs)
- Fixed sirens and locked states of vehicles being incorrectly set on initial connect and reconnect
- Fixed dying if /reconnecting while in a vehicle
- Fixed a crash in the client when removing radar markers
- Fixed a crash when starting/stopping bad timers
- Fixed a crash relating to not enough memory for audio objects
- Fixed editboxes stealing focus from other GUI objects
- Fixed the password being displayed in editboxes when clicking off and back on to editboxes
- Fixed a crash with the BF injection when repairing a vehicle out of streaming range of other players then other players trying to enter it
- Fixed some bugs with handling data
- Changed the invalid nick character to ?
- Fixed being able to load client scripts when you shouldn't be (now shouts about checksum mismatch)
- Fixed BF Injection crash (again)
The update requires the new client (which the browser should download) and a new server for any server hosters.
-
Yeah, great Update!
-
Glad to see that LU alive and updtying :)
But images/sounds don't downloading after update. And there is a crash when you join the server at first time.
Can you fix a little bug, please? Cyrillic lowercase letter (http://files.4ky.ru/games/lu_05.png) (letter code: -1) don't works in the game chat and messages, it moves cursor left instead of typing letter. That is upsets Russian players very much(
p.s. And can you tell me, please, how to bind "chat open" on the Enter key instead of T? I can't find it in the Wiki...
-
What About Fixing Remove Objects When I Type /Reconnect ? :-\
-
Look at "Mess about server". Guess who? ::)
(https://dl.dropboxusercontent.com/u/85589430/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA.PNG)
-
Don't you think to add a secure key to all your server functions?
function blablabla(nam, val, key) {
if(key!="a54u34bj3") return;
...
}
And call like this:
blablabla("winner", 5, "a54u34bj3");
It will protect from custom client scripts hacks. Also you can use a classes. If you don't do it - it will be unsafe and hackable anyway :)
-
Don't you think to add a secure key to all your server functions?
function blablabla(nam, val, key) {
if(key!="a54u34bj3") return;
...
}
And call like this:
blablabla("winner", 5, "a54u34bj3");
It will protect from custom client scripts hacks. Also you can use a classes. If you don't do it - it will be unsafe and hackable anyway :)
Nice idea, but you can't add something like that to function "Message". Even if you can and you call some function via client script I can see your key and use.
I thought about the security and all ways to secure the server and I realize that all this ways can't secure the server except one - randomize Lu.DLL memory addresses.
-
Nice idea, but you can't add something like that to function "Message". Even if you can and you call some function via client script I can see it.
PM :)
*Using 0.1.0.12 an waiting for 0.1.0.14 onjoin crash fix*
-
Nice idea, but you can't add something like that to function "Message". Even if you can and you call some function via client script I can see your key and use.
Are we talking about compiled scripts? If so, what about this code
alphabet letters:
a <- ["a","b","c","d"];
A <- ["A","B","C","D"]; //in case if you need large words
local name_encrypted = a[0] +[1] +[2] +[3]; // SIMPLE EXAMPLE
local path_encrypted= a[blah] + a[blah] + a[blah]+ a[blah]+ a[blah]+ a[blah];
CallServerFunc(path_encrypted ,name_encrypted , Localplayer, int params );
I've used that in 2011 year, when i started development of my server ( current state - *finished* ).
Anything can be encrypted , anywhere.
-
Nice idea, but you can't add something like that to function "Message". Even if you can and you call some function via client script I can see your key and use.
Are we talking about compiled scripts? If so, what about this code
alphabet letters:
a <- ["a","b","c","d"];
A <- ["A","B","C","D"]; //in case if you need large words
local name_encrypted = a[0] +[1] +[2] +[3]; // SIMPLE EXAMPLE
local path_encrypted= a[blah] + a[blah] + a[blah]+ a[blah]+ a[blah]+ a[blah];
CallServerFunc(path_encrypted ,name_encrypted , Localplayer, int params );
I've used that in 2011 year, when i started development of my server ( current state - *finished* ).
Anything can be encrypted , anywhere.
And var's name can be encrypted, really? Turn on the server with some special key addicted function which will message random string and i'll try to call it.
-
And var's name can be encrypted, really? Turn on the server with some special key addicted function which will message random string and i'll try to call it.
As far as i remember:
Variables names (both global and local).
Custom function names
LU functions names
This can't be encrypted.
But if you can retrieve data from variables, then this is big security hole for Liberty Unleashed.
-
TO LU DEV TEAM:
I suggest
1. For client script part - save it each time you connect to the server to the RAM ( Read only memory).
2. Create RAM protection.
Ask your colleagues from MTA how they done protection against various tools that can work with memory.
-
Another way to make this flaw not so powerful is disable calling LU functions via client, just custom functions to call.
-
Ask your colleagues from MTA how they done protection against various tools that can work with memory.
As I remember VCMP 0.4 have same protection.
-
Ask your colleagues from MTA how they done protection against various tools that can work with memory.
As I remember VCMP 0.4 have same protection.
Yes, but very primitive. Current protection in MTA maybe one of the best, but i can't say for sure.
PS, After such discussions i feel hungry for new knowledge, i want learn n code on C , C++ :)
-
We are currently working on several methods to prevent using your own client scripts and taking control of the server. The current solution was thrown together in around 20 minutes as i don't have enough spare time to work on LU that much these days and the other developers are either as busy as me or are being lazy.
The new solution that i am working on should stop this as well as many other forms of cheating but it will take time to implement properly, if we half-ass it then it will be bypassed and render it useless.
As for not letting client scripts call internal lu functions... i have thought about adding this and may add it soon but its easier said than done as squirrel doesn't have any native way to tell the difference between the two. Disabling calling internal LU functions isn't a full solution anyway as client scripts can still be used to cheat in the server. The original idea behind client scripts being able to call internal LU functions was to enable server owners to create a fully functional admin panel which could control the server easily but i did not think that anybody would be able to use their own scripts (oh how wrong i was).
To be honest, this bug isn't as bad as it was before the two patches. Yes there are ways to get around it but it isn't as simple as sasha makes it out to be, its probably only him that has taken the time and effort needed to pull this off at the moment and he hasn't been a dick about it :)
The next patch should fix it once and for all anyway but as for when it'll be released... it really depends when i have time to implement all the ideas and test them.
-
Is it possible to use 1.1 patch if you have gta3 as a game on steam?
-
Is it possible to use 1.1 patch if you have gta3 as a game on steam?
It's possible but VRocker don't want make version Steam.
I want he make like FourDeltaOne on MW2 steam without modify file GTA3 but local data it's very good and more easy I think I'm not programming.
I have gta3 on steam and I want too playing on steam like you ^^
-
Is it possible to use 1.1 patch if you have gta3 as a game on steam?
It's possible but VRocker don't want make version Steam.
Oui, Oui, it's because every app have memory address. And LU was aimed to work only with GTA3 v 1.1 exe.
I can give you example for single player game:
in GTA3 v 1.1 exe memory "code" that responsible for health of your player is Kfa7af6
In GTA3 Steam version, the same at memory address at hJ8ajr2egk
Although this is a fake memory address, because i don't have a time to give you a real ( you can check them on your own, with tool that can dig up memory addresses. ), this above explains why Steam as well as android versions of GTA3 can't work with Current Liberty Unleashed Modification.
-
Is it possible to use 1.1 patch if you have gta3 as a game on steam?
It's possible but VRocker don't want make version Steam.
Oui, Oui, it's because every app have memory address. And LU was aimed to work only with GTA3 v 1.1 exe.
I can give you example for single player game:
in GTA3 v 1.1 exe memory "code" that responsible for health of your player is Kfa7af6
In GTA3 Steam version, the same at memory address at hJ8ajr2egk
Although this is a fake memory address, because i don't have a time to give you a real ( you can check them on your own, with tool that can dig up memory addresses. ), this above explains why Steam as well as android versions of GTA3 can't work with Current Liberty Unleashed Modification.
It is also the same reason why 1.0 isn't used. You pretty much explained the technical side of the problem quite well. Kudos to you. It has been awhile since I've seen someone who actually understood the reason explain it correctly. :)
-
Although this is a fake memory address, because i don't have a time to give you a real ( you can check them on your own, with tool that can dig up memory addresses. ), this above explains why Steam as well as android versions of GTA3 can't work with Current Liberty Unleashed Modification.
Just to add to why LU can't easily be ported to Android, Android and Windows, and x86/x64 and ARM are completely different platforms. LU is written in Visual C++ for Windows, which has totally different limitations and tools than Java on Android.
Simply put, it would be like programming something written entirely in English. Now you need to translate it into a local dialect of Mandarin, and some symbols you need are gone, and others have entirely different representations. Your only option would be to completely rewrite it.