Twitter youtube github instagram
    Lystic's Blog
    • Home
    • Projects

    Cheating in Escape From Tarkov is Easy

    • March 10, 2023
    • By lystic

    Cheating in Tarkov has been making the rounds lately online. Funny enough, I recently started playing the game again with friends, so I gave my old cheats a kick and decided to rebuild them from scratch. There is often a lot of misinformation and confusion around cheat development, so I…

    Read More

    • C# C++ DMA
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Ethereum Payment Processor

    • November 23, 2022
    • By lystic

    I have been fascinated with the Ethereum ecosystem since the beginning of DeFi. I continue to see cryptocurrency as a solution to several failure points of the internet. One of those is online payments. Every online startup I’ve ever run has always had a single serious problem, payment gateways are…

    Read More

    • Ethereum
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Modded Proto Definitions in Enfusion Engine

    • June 27, 2022
    • By lystic

    Enfusion Engine’s scripting language ships with Proto definitions. These connect the C++ code in the engine to the scripting language. A clear example of this is the KickCauseCodeAPI class. Adding C++ functionality via custom proto functions would be a powerful tool for complex mods. There exists a closed-source way of…

    Read More

    • ArmA Reforger Enfusion
    • Tags: enscript ida reforger reverse
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Networked Meshes in Arma Refroger

    • June 25, 2022
    • By lystic

    Arma Reforger is the latest Arma game released by Bohemia Interactive. This is more of a demo of the Enfusion Engine than a fully-featured gaming experience. It has a similar scripting experience to that found in DayZ Standalone, with some markable improvements. Reforger brings two new exposed script APIs that…

    Read More

    • ArmA Reforger Enfusion
    • Tags: collider mesh physics reforger replication
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    DMA Code Execution

    • February 1, 2022
    • By lystic

    — NOTE: THIS ARTICLE IS INCOMPLETE AND NEEDS REVIEWED — Hi everyone! It’s been some time since my last post. In this one, I wanted to continue on the Direct Memory Access (DMA) train of thought and cover something much more complex than simple pointer swapping. When using a DMA…

    Read More

    • C++ DMA
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Executing SQF Without Allocating Memory

    • July 22, 2021
    • By lystic

    So recently I purchased a Screamer PCIe from LambdaConcept. Personally, I would not recommend buying one of these as two of the three cards I purchased were dead on arrival. However, thanks to the one device that did work, I have been given an opportunity to once again approach attacking…

    Read More

    • ArmA 3 C++ DMA
    • Tags: cheating dma liquidplumr memprocfs pcileech
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    CallExtension in DayZ

    • May 22, 2021
    • By lystic

    One of my least favorite changes between Arma 3 modding and DayZ modding is that the developers of DayZ insist that the game only be modded in the way that they deem correct. One example of this is the removal, and refusal to re-implement, the callExtension functionality that is so…

    Read More

    • C++ DayZ SA
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    DayZ Arbitrary Enforce Execution

    • January 16, 2021
    • By lystic

    In computer security, arbitrary code execution (ACE) is an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. – Wikipedia So recently, I have been working with Fini on his Anticheat. By “I have been working with”, I mean that he has…

    Read More

    • DayZ SA
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    SHA256 Implementation in DayZ Standalone

    • October 28, 2020
    • By lystic

    SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. – Wikipedia In the last few days, I decided to do something for no reason other than the challenge. I decided I wanted to…

    Read More

    • DayZ SA
    • Tags: bitwise enforce enscript sha256
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Enabling File Write to DayZ Root Directory

    • October 24, 2020
    • By lystic

    So my recent work on DayZ BR has lead to me creating my own ban management system. The idea is all server bans will be aggregated into a database and synced between all of my official servers. In order to sync bans, I opted to follow the same method infiSTAR…

    Read More

    • DayZ SA
    • Tags: binary ninja patch reverse
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    How to create a Remote Execution

    • October 19, 2020
    • By lystic

    Arma 3 Remote Execution is considered one of the few peaks of script-based cheating. For server owners, cheaters with remote executions can be a real pain. It is important that every script developer understand how remote executions are created so they can avoid allowing these vulnerabilities to exist in the…

    Read More

    • ArmA 3
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    TFAR Code Execution

    • July 11, 2020
    • By lystic

    Everyone who has played Arma for an extended period has come across TFAR, Task Force Arrowhead Radio. I am not going to go into how the mod works, you can check it out here. I am going to dive directly into the code that drives TFAR, and do my best…

    Read More

    • ArmA 3
    • Tags: exploit lazy eval
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Lazy Eval Execution Exploit

    • June 17, 2020
    • By lystic

    Recently I have been interacting directly with some guys at Bohemia Interactive. With the latest update, BIS_fnc_parseNumberSafe hasn’t been as safe as it should have been. A few great discussions later and I am hopeful that the guys at BI have it right this time, finally patching that multi-year vulnerability….

    Read More

    • ArmA 3
    • Tags: exploit lazy eval
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Arma 3 “Old Man” SQF Execution Exploit

    • April 20, 2020
    • By lystic

    With the “Old Man” update out now, I decided to take another look at the Functions and UI scripts to see what fixes they implemented, and to look for a new exploit for SQF execution. To my surprise, I was greeted with BIS_fnc_parseNumberSafe. This neat little function is a “fix”…

    Read More

    • ArmA 3
    • Tags: exploit
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Pre-Connection Remote Execution

    • October 22, 2019
    • By lystic

    I have covered remote execution in the past. Everyone by now knows that any remote execution cheat is brutal to the security of game servers in Arma. The developers have made strides to block unlogged and unfiltered remote execution, and they have come a long way since Arma 3 Alpha….

    Read More

    • ArmA 3
    • Tags: exploit remote execution
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Breaking the SQF Firewall

    • October 19, 2019
    • By lystic

    One of the least discussed issues with the Arma 3 Engine, Real Virtuality 4, is the Engine & the Developer’s inability to protect game servers from its own scripting language. For the last 3+ years, I have been abusing the scripting language & its intricacies to execute SQF code wherever…

    Read More

    • ArmA 3
    • Tags: exploit
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Owning Tarkov’s Marketplace

    • March 11, 2019
    • By lystic

    Escape From Tarkov is a first-person shooter in its alpha stage of development. It has an in-game economy with unique characteristics that help drive a very stable in-game marketplace. The marketplace allows players to buy and sell items they find while in game. Item prices each have a stable supply and…

    Read More

    • C#
    • Tags: network
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    SQF Genetic Algorithm

    • February 21, 2018
    • By lystic

    Oh yeah, it is time. So I have been looking into machine learning and decided I should dive head first into genetic algorithms. The concept was easy enough for me to wrap my head around. As a prefix, this SQF code was based on a python script written by  Joeseph Misiti….

    Read More

    • ArmA 3
    • Tags: fun
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Overriding the Official Server List in ArmA 3

    • September 7, 2017
    • By lystic

    There is a little-used feature in the ArmA 3 Multiplayer Server list that shows all of their “Official” servers. Currently, there are ~100 players on the official servers. These host games from Endgame to Zues. Stokes figured out how to override this list with the official servers for our mods….

    Read More

    • ArmA 3
    • Tags: modding
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    extDB2 Exploit And Why You Should Use SQL_CUSTOM_V2

    • May 8, 2017
    • By lystic

    If you run a Life Server you probably use extDB2. It is a wonderfully optimized and amazingly useful plugin used for Database connectivity. The problem with many life servers is they use SQL_RAW (mode 2), which take a string from SQF and executes it in the mySQL database. This inherently…

    Read More

    • ArmA 3
    • Tags: security
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Hardware Packet Monitor – Raspberry PI

    • March 4, 2017
    • By lystic

    So I have been working on a new project with my Raspberry Pi 3. I was looking for situations where something running on my current PC would block an application like Wireshark, and how to work around this protection. My solution was a direct bridge through my Raspberry Pi along…

    Read More

    • Raspberry PI
    • Tags: network
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    How to host your own Gyazo Server

    • February 9, 2017
    • By lystic

    Hey guys, I am updating this post with more up-to-date information. Here it is from Jan 1st 2020.

    Read More

    • C# C++
    • Tags: fun
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    ArmA 3 UI Execution Exploit – In Detail

    • November 4, 2016
    • By lystic

    EDIT: The latest patch (0.66) has fixed these issues. This post should now be used to learn how to better prevent these forms of exploits from appearing in your missions and mods. Now that BI has fixed the issue in its latest Dev Patch I wanted to go over, in…

    Read More

    • ArmA 3
    • Tags: exploit
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Blocking Scripted Remote Execution

    • October 15, 2016
    • By lystic

    Recently, there have been a lot of server file leaks. The way cheaters obtain server files has always been the same. Remote Execute some code up to the server that retrieves data and returns it back to the cheater’s client. Upon receiving data the cheater writes it to their log…

    Read More

    • ArmA 2 ArmA 3
    • Tags: anticheat security
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Server password bruteforcing

    • August 27, 2016
    • By lystic

    I spent the last two days working on a method for stealing server admin passwords. I figured if I used the altis life database injection that I talked about in my previous post I could inject a server and have the bruteforce run for weeks on end until it finds…

    Read More

    • ArmA 3
    • Tags: security
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    What do cheaters use on ArmA 3 servers?

    • August 22, 2016
    • By lystic

    This post comes after I asked /r/ArmADev for suggestions and subsequently got down voted to hell for what, in my opinion, is a fair dislike towards me in the community. I will be responding to the suggestion posted by /u/otherworldlyBuffoon Here is the post. So what kind of attacks do…

    Read More

    • ArmA 3
    • Tags: anticheat security
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Advanced script variable hiding.

    • July 29, 2016
    • By lystic

    I needed to find a new way to hide global variables from being accessed (Or even found for that matter) from threads that are not created by me. This is useful for Anticheats as it allows them to access and modify values from multiple threads without subjecting those values to…

    Read More

    • ArmA 2 ArmA 3
    • Tags: cheating fun
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Having AI run after and kill you.

    • July 28, 2016
    • By lystic

    I have been working on a Zombie-like system inside arma 3 and want to have the AI chase after my player and kill me. This should be very simple to do, however I failed to find a good way of doing it with the built-in AI scripting commands. I did…

    Read More

    • ArmA 2 ArmA 3
    • Tags: fun
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    How to detect hint menus

    • May 24, 2016
    • By lystic

    The worst nightmare for any anticheat developer is coming across a cheat that is nearly impossible to detect. Hint menus are one such cheat. There is no way to disable the “hint” command and no way to detect what is being displayed in the current hint. So how would an…

    Read More

    • ArmA 2 ArmA 3
    • Tags: anticheat security
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Manipulating vehicle locality

    • May 24, 2016
    • By lystic

    A while ago I was working on a system that would allow me to manipulate remote objects as if they were local to me.  In other words, I wanted to use commands like “setDamage” or “setVelocity” on objects that were created by the server. I found that vehicles were the…

    Read More

    • ArmA 3
    • Tags: cheating
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    How do Anticheats work?

    • May 21, 2016
    • By lystic

    A lot of people don’t understand how scripted anticheats like Infistar AntiHack work. The idea behind scripted anticheats is simple and effective. They rely on three key features. Randomizing variables Using local variables effectively Sending code to clients in a randomized heartbeat fashion Randomizing Variables Any variables that can be…

    Read More

    • ArmA 2 ArmA 3
    • Tags: anticheat
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Securing publicVariableEventHandlers

    • May 21, 2016
    • By lystic

    A big issue with most game modes in ArmA 3 is how they handle network messages. Most servers I have come across do nothing to protect publicVariableEventHandlers and remoteExec calls. Now before I get started I will mention that there are many different ways to secure network messages and I…

    Read More

    • ArmA 2 ArmA 3
    • Tags: anticheat security
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    C# Arma Extension command parsing

    • May 21, 2016
    • By lystic

    I spent a good portion of time last year working with server extensions in arma 3. I wanted to create a simple way to interface the script and the extension and to make adding functions into the extension as simple as possible. I came up with Command Requests as a…

    Read More

    • ArmA 3 C#
    • Tags: extension
    • Twitter
    • Pinterest
    • Facebook
    • Google+

    Draw3D Interactive Menu

    • May 21, 2016
    • By lystic

    A few months ago I was looking into making a user interface with the draw3d mission event handler. I was looking into using keybinds to interact with the menu and found that they were, more often than not, not so user friendly. Instead I opted for a way to interact…

    Read More

    • ArmA 3
    • Tags: cheating
    • Twitter
    • Pinterest
    • Facebook
    • Google+
    #include <iostream>
    #include <thread>
    #include <chrono>
    
    int main() {
        while(true) {
            std::cout << "Hello there." << std::endl;
            std::this_thread::sleep_for(
                std::chrono::milliseconds(100)
            );
        }
        return 1;
    }

    Donate

    Ethereum
    Bitcoin
    Litecoin

    Hi there :). © 2022 Lystic's Blog.
    Top