My next release was planned to be different, but seems like there are alot of servers currently being possessed by cheaters.
I decided to code a quick anti-cheat and haven’t really tested it yet that much (I am not able to test with multiple players).
It seems like some players have problems with some features: Update your server, if this does not help: disable the feature.
Give “applecheat.bypass” as ace to players / groups, that should not get kicked.
Currently detected features:
Speedhack
Manipulated timer
Night and Thermal Vision
Drunk
Key pressing (maybe opening a menu)
Godmode
Health-setter
Regeneration-Multiplier
Invisible
Kill players
Torque-Multiplier
Power-Multiplier
Lod-Multiplier
Light-Multiplier
Damage-Multiplier
Vehicle godmode
Invisible vehicle
Cheated weapons
Infinite ammo
Manipulated resources
Manipulated commands
Triggering events
Teleport (also detects no-clip)
Fake-Chat-Message
Almost every feature is configurable (take a look at both .lua files)
There is no quarantee for everything to work!
DISCONTINUED: Sorry guys!
Lynx source-code (if someone wants to continue and add detections (feel free to release your version))
I’ll have to test the other things with players, but notably godmode detection doesn’t always work as there’s multiple ways to set invincibility (proofs or resetting health immediately if damage is taken).
Invincibility/invisible might interfere with some scripts that use them such as for ESX’s character creator (freezing at 0,0 and marking invisible to not crowd the loading area) or for some death scripts. Beware of this when testing.
Before I rip apart your anticheat effort, I’d just like to point out that I’m not trying to call you out. I’m giving constructive criticism because I want to help.
It seems that you never tested your command checking as built-in commands that exist on the client but not on the server will throw off any count you make of them. It is much better to use a command blacklist. Furthermore, don’t rely on the client to check things the server can already check. Send the registered commands table to the server and let the server decide what to do with the player.
Your resource checking, from my first look over, seems to be useless as currently, Lua executors attach themselves to a random resource’s Lua environment, they do not create their own resources.
You should expand your “wrong event” trigger to be a table of events rather that just one event.
Auto-restarting resources is never a good idea unless they are designed to be tolerant. You will lose critical data only stored in memory.
Thanks for your feedback.
The comand-checking never kicked me. Even tho i have commands registered on te client side.
The resource-chechking is there and it does not kick players if not needed. You can disable it, but it doesnt matter.
The script does not save any important data in memory.
It writes into console. So if you have a log system writing to a discord webhook, then yes.
EDIT: more people want it, i will add it in the next update.
Yes please, money hacking is a big issue for RP server since they are smart enough to hack little amount at a time. All I want is to know whos doing it so I can ban them for good (Or set auto perma/temporary ban).