Executing SQF Without Allocating Memory

Categories: ArmA 3, C++, DMA

So recently I purchased a Screamer PCIe from LambdaConcept. Personally, I would not recommend buying one of these as two of the three cards I purchased were dead on arrival. However, thanks to the one device that did work, I have been given an opportunity to once again approach attacking the Arma 3 engine from […]

CallExtension in DayZ

Categories: C++, DayZ SA

One of my least favorite changes between Arma 3 modding and DayZ modding is that the developers of DayZ insist that the game only be modded in the way that they deem correct. One example of this is the removal, and refusal to re-implement, the callExtension functionality that is so widely used in Arma 3. […]

DayZ Arbitrary Enforce Execution

Categories: DayZ SA

In computer security, arbitrary code execution (ACE) is an attacker’s ability to execute arbitrary commands or code on a target machine or in a target process. – Wikipedia So recently, I have been working with Fini on his Anticheat. By “I have been working with”, I mean that he has done most of the work, […]

SHA256 Implementation in DayZ Standalone

Categories: DayZ SA

SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. – Wikipedia In the last few days, I decided to do something for no reason other than the challenge. I decided I wanted to implement SHA256 into DayZ Standalone […]

Enabling File Write to DayZ Root Directory

Categories: DayZ SA

So my recent work on DayZ BR has lead to me creating my own ban management system. The idea is all server bans will be aggregated into a database and synced between all of my official servers. In order to sync bans, I opted to follow the same method infiSTAR and Fini use for their […]

How to create a Remote Execution

Categories: ArmA 3

Arma 3 Remote Execution is considered one of the few peaks of script-based cheating. For server owners, cheaters with remote executions can be a real pain. It is important that every script developer understand how remote executions are created so they can avoid allowing these vulnerabilities to exist in the first place. Just as a […]

TFAR Code Execution

Categories: ArmA 3

Everyone who has played Arma for an extended period has come across TFAR, Task Force Arrowhead Radio. I am not going to go into how the mod works, you can check it out here. I am going to dive directly into the code that drives TFAR, and do my best at explaining a type of […]

Lazy Eval Execution Exploit

Categories: ArmA 3

Recently I have been interacting directly with some guys at Bohemia Interactive. With the latest update, BIS_fnc_parseNumberSafe hasn’t been as safe as it should have been. A few great discussions later and I am hopeful that the guys at BI have it right this time, finally patching that multi-year vulnerability. During our back and forth, […]

Arma 3 “Old Man” SQF Execution Exploit

Categories: ArmA 3

With the “Old Man” update out now, I decided to take another look at the Functions and UI scripts to see what fixes they implemented, and to look for a new exploit for SQF execution. To my surprise, I was greeted with BIS_fnc_parseNumberSafe. This neat little function is a “fix” for their previously broken BIS_fnc_parseNumber. […]

Pre-Connection Remote Execution

Categories: ArmA 3

I have covered remote execution in the past. Everyone by now knows that any remote execution cheat is brutal to the security of game servers in Arma. The developers have made strides to block unlogged and unfiltered remote execution, and they have come a long way since Arma 3 Alpha. This post covers an exploit […]