Talking to another player online yesterday, it became apparent that he knew my IP address. How did he find this? I am aware the old westwood style ladder showed this info but I can't see this anywhere on the new xwis ladder.
View IP of player
#1
Posted 21 January 2018 - 11:56 AM
#2
Posted 21 January 2018 - 02:57 PM
its in a file in ur ra2 when u have played some 1
#3
Posted 08 February 2018 - 09:15 PM
#4
Posted 09 February 2018 - 05:40 PM
Sometimes....
It is!
#5
Posted 19 March 2018 - 01:51 AM
its in a file in ur ra2 when u have played some 1
No, it's not. Xwis.dll actually NOPs the function that writes the file containing the IP addresses of players.
Besides, there's better ways to do this. Nowadays, IPs are harvested on a large scale through the IRC.
Those better ways are:
- IRC-Relay
- Pcap
- Hooking the function that extracts/processes IRC lines
Pcap is hard because you have to analyze headers and reassemble the TCP stream yourself before you can extract and process lines. But fun thing to do and it's the only thing of these 3 that's not against the rules and because it's non-intrusive there's just no way to detect it and no way for you to mess up the data between the server and client. The only one I know of has been made in 2011 and then rewritten in 2015 by the same engineer.
Hooking is very doable, but requires quite some reverse engineering knowledge. I'm not aware of anyone ever making one this way and I don't know anyone capable enough that could to do this other than Olaf and myself. I think Olaf already found the function to inject lines, at least in the QM screen.
Edited by Chlorpromazine, 19 March 2018 - 12:56 PM.
#6
Posted 31 March 2018 - 09:40 PM
Just resolving xwis.net and checking whether it points to the loopback address could do the job.Simple relays can be detected with good confidence by reading the hosts file or testing a socket on which the relay is not listening but the server is. A lot of players have and do use this. Relays have been around since 2001.
One could probably get away with simply hooking the send() and recv() calls along with connect() and closesocket() to keep tabs on the connection. So it should be easier than first thought.Hooking is very doable, but requires quite some reverse engineering knowledge. I'm not aware of anyone ever making one this way and I don't know anyone capable enough that could to do this other than Olaf and myself. I think Olaf already found the function to inject lines, at least in the QM screen.
Edited by Chlorpromazine, 31 March 2018 - 09:40 PM.
#7
Posted 31 March 2018 - 10:31 PM
but how will you defeat a reverse proxy if its not transparent
#8
Posted 01 April 2018 - 12:27 AM
Relays for RA2, as you and I know them, are by definition non-transparent reverse proxies.
What you should be asking is the case in which you install the relay on some server on a public network. This makes it a bit harder to detect, indeed. But it's not like we're designing ways to catch cheaters, Frank.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users