////////////////////////////////////////////////////////////////////////////////

1. /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
2. // Identify Naughty Clients
3. // mercior
4. // June 2010
5.  
6.  
7. local NAUGHTY_PLAYER = false
8.  
9. local function DrawNaughty()
10.     if NAUGHTY_PLAYER then
11.         surface.SetDrawColor( 0, 0, 0, 255)
12.         surface.DrawRect(0 , 0, ScrW(), ScrH() )
13.  
14.         draw.DrawText("You appear to be cheating!\nYou have been automatically banned.\n", "HUDNumber5", ScrW() / 2, ScrH() / 2, Color(255, 0, 0, 255), 1)
15.     end
16. end
17. hook.Add("HUDPaint", "block_Kx34t8", DrawNaughty)
18.  
19. require("wshl")
20. require("sh2")
21. require("hl2_shotmanip")
22.  
23. local function CheckSE()
24.  
25.     // look for common bacon convars
26.     //if ConVarExists("Bacon_load") or ConVarExists("espmode") or ConVarExists("espweaponon") or ConVarExists("Bacon_Enemy_Compensation") then
27.     //  NAUGHTY_PLAYER = true
28.     //  Msg("\n\n Cheat -- ConVar 'Bacon_load' \n\n")
29.     //  datastream.StreamToServer("GWCheatNotify_Kx34t8", { id="bb", reason="ConVar" })
30.     //end
31.  
32.     // look for SQL tables
33.     if sql.TableExists("Bacon_ESPEnts") then
34.         NAUGHTY_PLAYER = true
35.         Msg("\n\n Cheat -- SQL Table \n\n")
36.         datastream.StreamToServer("GWCheatNotify_Kx34t8", { id="bb", reason="SQL Table" })
37.     end
38.  
39.     // look for dll functions
40.     if hl2_shotmanip then
41.         NAUGHTY_PLAYER = true
42.         Msg("\n\n Cheat -- DLL \n\n")
43.         datastream.StreamToServer("GWCheatNotify_Kx34t8", { id="bb", reason="DLL" })
44.     end
45.    
46.     // look for naughty modules
47.     if sh2 || wshl then
48.         NAUGHTY_PLAYER = true
49.         Msg("\n\n Cheat -- DLL \n\n")
50.         datastream.StreamToServer("GWCheatNotify_Kx34t8", { id="sh", reason="DLL" })
51.     end
52.    
53. end
54.  
55. timer.Create( "GWNoCheatTimer_Kx34t8", 120, 0, CheckSE )
56. CheckSE();
57.    
58. /*
59.  
60. // Anti- Tranquilitiy steamid spoofing
61. require("gatekeeper")
62.  
63. TranqUsers = {}
64. TranqNextThink = CurTime()
65. TranqEnabled = true // we assume we're connected to steam when we launch
66.  
67. // how long to wait for an approval callback before kicking the client
68. // 10 can be too short (it's proven too short on GMT, at least)
69. // but in my experience most clients are approved within seconds of joining
70. TranqTimeout = CreateConVar("at_timeout", "30", FCVAR_NOTIFY)
71.  
72. local function KickUser(steam, reason)
73.     local tranqTable = TranqUsers[steam] // tranqTable should never be nil 
74.     local userId = gatekeeper.GetUserByAddress(tranqTable.IP)
75.    
76.     if userId then
77.         gatekeeper.Drop(userId, "SteamID validation failed (" .. tostring( reason ) .. ")\n")
78.     end
79.    
80.     TranqUsers[steam] = nil
81. end
82.  
83. // this hook is called when the server (re)connects to steam
84. hook.Add("GSSteamConnected", "AntiTranqConnected", function()
85.     TranqEnabled = true
86.    
87.     Msg("Connected to Steam! Anti-Tranquility enabled.\n")
88. end)
89.  
90. // this hook gets called when the server loses it's connection to steam
91. hook.Add("GSSteamDisconnected", "AntiTranqDisconnected", function(reason)
92.     TranqEnabled = false
93.     TranqUsers = {}
94.    
95.     Msg("Disconnected from Steam: ", reason, ", Anti-Tranquility disabled.\n")
96. end)
97.  
98. // client is approved by the backend
99. // this is called within a few seconds for valid clients
100. // and isn't called at all for clients spoofing their authentication data
101. hook.Add("GSClientApprove", "AntiTranqApprove", function( steam )
102.     Msg("Approved: ", steam, "\n")
103.    
104.     TranqUsers[steam] = nil
105. end )
106.  
107. // client was denied by the backend
108. // this isn't called right away
109. // in my tests, this was called approximately 5 minutes after a spoofed client connected
110. // it's best to handle the lack of an approval callback, but this is a Just In Case scenario
111. hook.Add("GSClientDeny", "AntiTranqDeny", function(steam, reason, msg)
112.     Msg("Denying ", steam, " (Reason: ", reason , "): ", msg, "\n")
113.    
114.     KickUser(steam, reason)
115. end)
116.  
117. // this hook is called when a player connects to the server
118. // this is similar to gatekeeper's PlayerPasswordAuth callback, except it does not expect a return value to disconnect the client
119. hook.Add("GSPlayerAuth", "AntiTranqConnect", function(name, pass, steam, ip)
120.     if tonumber(steam) then return end
121.    
122.     Msg("Auth: ", steam, "\n")
123.    
124.     TranqUsers[steam] = {
125.         IP = ip,
126.         ConnectTime = CurTime(),
127.     }
128. end)
129.  
130. hook.Add("Think", "AntiTranqThink", function()
131.     if TranqNextThink >= CurTime() or not TranqEnabled then return end
132.  
133.     for k,v in pairs( TranqUsers ) do  
134.         local diff = CurTime() - v.ConnectTime
135.        
136.         if diff > (TranqTimeout:GetInt() or 30) then
137.             KickUser(k, "timeout") // no approval after the timeout, boot them out
138.         end    
139.     end
140.    
141.     TranqNextThink = CurTime() + 1
142. end)
143.  
144. */