Consider this a beta as its not widely tested...but i think there should be no problems ;)
anyway:
Updated hook detection - will most likely catch all public and private bot hooks (can't be sure as i don't have em :))
other:
[ADDED] MD5 File checking
[ADDED] UTDC Logo
[ADDED] Anticheat messages for cheaters ;)
[FIXED] Players can't connect because of cache expirary

read the readme.txt for more info...

link:
http://users.cybercity.dk/~dsl84778/UTDCv14.zip

note: this version don't allow linux or mac clients

hf

Will definately test this straigth away :D

Thanks :thumbup:

Hope you fixed the crashing 436 server problem. ;) Already installed on my servers. Thx Trouble.

I cant get the logo to show, could you?

gg nice work :p

Hey, I have done about 10 reboots and now the logo works ;)

Found a problem when using UTDC to check packages:

ScriptLog: [2005-01-03 00:13] [UTDC] Test have been kicked because of hacked packages
UTDC: [UTDCv14] +---------------------------------------------------+
UTDC: [UTDCv14] Client have failed integrity check
UTDC: [UTDCv14] Player Name......: Test
UTDC: [UTDCv14] Player IP........: ***.***.***.***
UTDC: [UTDCv14] Client UT Version: 436
UTDC: [UTDCv14] Altered File.....: UTPureRC7G.u
UTDC: [UTDCv14] Server Received..: FILE NOT FOUND-2
UTDC: [UTDCv14] +---------------------------------------------------+

This happened when I did something that I shouldnt really do - I used a cache cleaner while UT was running. As far as I can see, the result was that the cache.ini says that I do have that file installed and therefore do not need to download it, but the files were not moved to the system folder.

I have until now had BanPlayer=True, but I got something like 10 bans in just as many minutes. Seems like I am not the only one to run the cleaner everytime I get new files.

Could you please add a separate option to ban for MD5 checks? I am sure this will happen again, so I would like to only kick for this, and still ban for the verified hooks.

[UTDCv14] Unknown OS: Class'SDLDrv.SDLClient'
[UTDCv14] Player: [043]Obsidian was disconnected because of unknown OS

The OSCare option doesn't do anything anymore.

People running cache cleaner while ut is running are just silly. :o
Other checkers failed on files that were in cache anyway, that's not the case here?

Well maybe it was silly. But obviously some people do it. I did it because I forgot that UT was just minimised, and not shut down. I have never seen anything like this with other checkers. If you dont believe me, go ahead and try it yourself. I did exactly the same thing over again to verify that this was the reason, and also talked to 2 other players who had done the same.

Is this release stable ?

The OSCare option doesn't do anything anymore.

People running cache cleaner while ut is running are just silly. :o
Other checkers failed on files that were in cache anyway, that's not the case here?

other checkers only fail to check cache folders on linux clients :)

Damn you windows users, damn you to hell! :P

Start - Search - Hell
Error: hell not found

eeehm, could u point me in the right direction?

;)

Found a problem when using UTDC to check packages:

ScriptLog: [2005-01-03 00:13] [UTDC] Test have been kicked because of hacked packages
UTDC: [UTDCv14] +---------------------------------------------------+
UTDC: [UTDCv14] Client have failed integrity check
UTDC: [UTDCv14] Player Name......: Test
UTDC: [UTDCv14] Player IP........: ***.***.***.***
UTDC: [UTDCv14] Client UT Version: 436
UTDC: [UTDCv14] Altered File.....: UTPureRC7G.u
UTDC: [UTDCv14] Server Received..: FILE NOT FOUND-2
UTDC: [UTDCv14] +---------------------------------------------------+

This happened when I did something that I shouldnt really do - I used a cache cleaner while UT was running.

sigh! ur not supposed to do that!! ;) cache cleaner can't move files when they are in use but it empty the cache.ini file anyway...i thought cache.ini entryes was required for a file to be found but apperantly it isen't so...

So what is the story on the OSCare for this version? Are Linux clients able to play on UTDC servers without locking up if it is enabled?

Good work Troublesome :)

Ye, I know Im not supposed to do it, and I wouldnt normally either. Like I said, I forgot that I had minimised UT and totally overlooked it. Since several others have done the same thing for one reason or another, I dont really feel like using the ban option anymore. I dont want to ban people for a minor screwup like this, I think that would become a lot of bans. I still think it would be great to have an option to only ban for confirmed hooks. Not that I am complaining or anything :thumbup:

Ban levels are cool, good idea! :o

Sarduker, they won't crash, I think that only happends with Forcenativespawn=True, they will just be kicked for having an unknown OS.

I never have ban option ON
always on Kick
I check my logs 1st then need a positive on detection then i implant ban ;)

Obsidian we have to make a Linux Union or smth .... already removed the new version from the server. Trouble please, I'm sure there is safe way to detect the OS.

OMG! A Linux Union? Hahahah!!!!

Just imagine the Linux server admins going on strike, and refusing to start there server until Troublesome and the LU comes to an agreement! haha

Just jokin of couse, but man...that would be funny.

UTDC is not only used for UT. It works fine with a mod called Strikeforce. I think UTDC will work with other mods too.

We have some linuxplayer in our clan and i know there are some Mac users playing StrikeForce.

So Linux and Mac compatibiliy is a must.

Axor

Good job with adding the md5 checking this makes cheating even harder for those n00bs.. it also makes putting UTDC more worth wild.. I find that If it can help stop pure hacks and also the hooks server admins will more likly place it on there servers...

Good to see a new version of UTDC again :)

Very nice that the cache problem is sorted. That was really the biggest problem imho. I'll update my servers asap.

is it ok to use this with pure7g? Or do they kinda cancel each other out?



The OSCare option doesn't do anything anymore.

Won't do anything because this version doesnt allow linux or mac users.

I use it with 7G. They block different things. I also use UTDC to check Pure etc. Works fine here.

Multi MD5 sums would be nice so yo can check the opengl dll and allow valid versions but block the rest..

This way we could

MD5[0]=MD5-1,MD5-2,MD5-3,MD5-4,MD5-5.MD5-6,MD5-7,MD5-8,MD5-9,MD5-10

and anyone who has one of these different valid versions in and block the rest of possible opengl cheats.. allow up to about 32 if possible also would be nice if you could increase the amount of packages from 7 to a higher number

Anticheat protection that isn't cross-platform is pointless :(

iv seen 2 definate bots on my server and im using utdc1.4beta with pure7g.
this happened today. is there some new cheat out or does an old one get past somehow......
keep an eye out on your servers

the latest cheats are private so it's not easy to block them unless you buy them :)

the latest cheats are private so it's not easy to block them unless you buy them :)
True, but that also means that there are less people using them :)


Anticheat protection that isn't cross-platform is pointless :frown:
You got a point there, however windows is used by 90%+ of all players so this is a start. But i agree with support for other platforms (Linux/Mac) this cheat protection will be even better.


Also i got a question about a log of UTDC:
+---------------------------------------------------+
[UTDCv13b] Client have hooked addresses
[UTDCv13b] Player Name......: ******************
[UTDCv13b] Player IP........: *******************
[UTDCv13b] Client UT Version: 436
[UTDCv13b] Server Received..: Initial check
[UTDCv13b] Hooked adresses..: 10b1d6ce-f11a39?1038fba0-f19314?
[UTDCv13b] Hook Match.......: Unknown
+---------------------------------------------------+

Can someone tell what that player did?
(and yes i've already updated to v14 now, but this is just an older log)

You got a point there, however windows is used by 90%+ of all players so this is a start. But i agree with support for other platforms (Linux/Mac) this cheat protection will be even better.


90%+ or not.

We have 2 Linuxplayers in our clan. I cant install a protection if 2 players (who pay for the server) can not play with. :confused:

Axor

Dunno if this works, but mayb you can use the 'mutate utdc allowone' command to let your mates in.
According to the readme this command will allow the next player who join the server not to be checked by utdc.

Once again, not sure if this works, but could be a workaround till this problem is solved.

Dunno if this works, but mayb you can use the 'mutate utdc allowone' command to let your mates in.
According to the readme this command will allow the next player who join the server not to be checked by utdc.

Once again, not sure if this works, but could be a workaround till this problem is solved.

Nice idea, but it will not work if no serveradmin is online. :rolleyes:

(I can't be online 24/7, i must work, sleep and so on. :cool: )

Axor

Yes Axor i can understand your problem, and i already said that Linux/Mac support would be very much appreciated, but the current windows support is a good start.

Let's just hope UTDC will be avail for linux soon (like qval) so we can really get a good cheat protection :)

_Axor_(ger)']Nice idea, but it will not work if no serveradmin is online. :rolleyes:

(I can't be online 24/7, i must work, sleep and so on. :cool: )

Axor

Just assumed, because they pay for the server, they also have the admin password.

Kinda hard to use that password if youre not allready on the server ;)

Well you could try and make an UTDC webadmin section, so you would be able to give the first person who enters access without all the checks etc.

It is a lot of work but it isn't really worth it imho. We just have to wait untill linux/mac support is available

Kinda hard to use that password if youre not allready on the server ;)

True :)
But I'd be suprised if his clan only has 3 members ;)

[UTDCv13b] Hooked adresses..: 10b1d6ce-f1ae39?1038fba0-f22714?
[UTDCv13b] Hook Match.......: Unknown

anyone shed some light on the above hooked code??
i know its from 1.3b but hoped troublesome would see it sooner here :)

True :)
But I'd be suprised if his clan only has 3 members ;)

LOL :thumbup:

No we have more than 3 Members, but "normal" Members pay less and dont have a adminpass.

I think add a webadmin section for first login or anything else will be more work than get the Linux/Mac support work. Linux/Mac support allways worked in 1.3*!

Axor

Personally I dont allow other OS clients to connect anyway, since some never bots have an option to fake a Linux system.

[UTDCv13b] Hooked adresses..: 10b1d6ce-f1ae39?1038fba0-f22714?
[UTDCv13b] Hook Match.......: Unknown

anyone shed some light on the above hooked code??
i know its from 1.3b but hoped troublesome would see it sooner here :)

the numbers tell that memory isen't how it should be on those locations...i think it's a private bot unless more logs show up the exact same numbers

iv seen 2 definate bots on my server and im using utdc1.4beta with pure7g.
this happened today. is there some new cheat out or does an old one get past somehow......
keep an eye out on your servers

i think it dosen't stop helios hook 4.3 / 4.4 since i haven't seen any cheaters whine...can't stop it when i dont have the cheat

Personally I dont allow other OS clients to connect anyway, since some never bots have an option to fake a Linux system.

I think the newest mod of AnthraX should stop faking the renderer device. ;)

It seems my questions is being overlooked (does that word excist?)

+---------------------------------------------------+
[UTDCv13b] Client have hooked addresses
[UTDCv13b] Player Name......: ******************
[UTDCv13b] Player IP........: *******************
[UTDCv13b] Client UT Version: 436
[UTDCv13b] Server Received..: Initial check
[UTDCv13b] Hooked adresses..: 10b1d6ce-f11a39?1038fba0-f19314?
[UTDCv13b] Hook Match.......: Unknown
+---------------------------------------------------+

What does the hooked address code mean?

It seems like someone is tampering with the adresses, and there is no match. Could be a new/private hook.

It seems my questions is being overlooked (does that word excist?)

+---------------------------------------------------+
[UTDCv13b] Client have hooked addresses
[UTDCv13b] Player Name......: ******************
[UTDCv13b] Player IP........: *******************
[UTDCv13b] Client UT Version: 436
[UTDCv13b] Server Received..: Initial check
[UTDCv13b] Hooked adresses..: 10b1d6ce-f11a39?1038fba0-f19314?
[UTDCv13b] Hook Match.......: Unknown
+---------------------------------------------------+

What does the hooked address code mean?

it's same as what nuff posted but with different memory content meaning it's defenitely a hook (cheat) but not one that helios have made

Am0K, Box or Milk hooks :p ?

btw, when trying to dl newest utdc...


The requested URL /~dsl84778/UTDCv14.zip was not found on this server.

If the link doesnt work, try this site. (http://uksnipers.com/utserverstuff/)

w0ww quality work there :) thx m8. btw, which files under "Protection" you advise me to install, along with pure7G+utdc14? thx in adance :D

Those two should do the trick.

UTDC14, UTPure7G and ModMenuChecker120, i'd suggest.

http://uksnipers.com/utserverstuff/Protection/ModMenuChecker/ModMenuChecker_v120.zip

AntiLamer is good to, if you run a public server. After 2 teamkills/suicides, and other teamkills/suicides will not count toward the teams score, but the player still gets a personal -X score.

thx for the answers PizzaMan and Sardukar :)

lastly, i feel the need of a brief explanation (and possibly a list, too) of MD5 hashes. what are the basic files that need to be checked? i guess UTPureRC7G.u and UTDCv14.dll are the most direct ones, i guess it's this files who are in UTDC.ini:


MD5[0]=B426C25C8F72F762B487ACD8A2FBAB0B
MD5[1]=DC5D03BCFD3E054BDEDFE9CC645AECF5


thx again for your time m8s :D

Engine.u and UWeb.u are what i'd recommend :)

[EDIT] Hold on a second, strike that. When I quick-read an above post, I thought it was mentioned more than one MD5 hash can be "valid" for a file in UTDC14, but it seems not. I think engine and uweb.u vary from patch to patch, so best not the check them this way.

UTDC14, UTPure7G and ModMenuChecker120, i'd suggest.

.


If using Pure, you don't need a seperate Mod Menu checker, pure has it built into it. When chaning the ut.ini just make it looke like this....

ServerActors=PureINTLog.INTLogger
ServerActors=UTPureRC7G.UTPureSA
ServerPackages=UTPureRC7G


Mase

Pure's mmc caused lag when I tryed it, so I took it off.

MMC, ASH, AntiFA are 3 good cheat protections however they can cause quite a bit of lag.

I am currently using Pure7G, UTDCv14 and PureCheckerV3 and that runs fine.

I thought MMC was outdated.

MMC is, the other MMC's Pizza has in that link are less well known.

MMC, ASH, AntiFA are 3 good cheat protections however they can cause quite a bit of lag.

I am currently using Pure7G, UTDCv14 and PureCheckerV3 and that runs fine.

ASH is good protection? I don't think so - it has been bypassed and is not worth the resource expense. Also, I don't think you need PureChecker with UTDC, if you're using UTDC14's package checksum comparison.

What protections haven't been bypassed (yet) :rolleyes: ?

I know purecheckerv3 isn't neccessary, i just cba to remove it (yet)

There aren't any publicaly available protections that I am aware of that have not been bypassed by some form of cheat.

ScriptLog: [2005-01-03 00:13] [UTDC] Test have been kicked because of hacked packages
UTDC: [UTDCv14] +---------------------------------------------------+
UTDC: [UTDCv14] Client have failed integrity check
UTDC: [UTDCv14] Player Name......: Test
UTDC: [UTDCv14] Player IP........: ***.***.***.***
UTDC: [UTDCv14] Client UT Version: 436
UTDC: [UTDCv14] Altered File.....: UTPureRC7G.u
UTDC: [UTDCv14] Server Received..: FILE NOT FOUND-2
UTDC: [UTDCv14] +---------------------------------------------------+


I see this happening a bit too often. Any chance of getting a separate message for this? It doesnt look too good for the player in question when they get the "hacked packages" message, especially the message in the chatbox.

Maybe also give the player instructions to delete all files in the cache folder.

I have the following question, probably stupid, but anyway... :redface: :

in my .inis of previous UTDC versions I had entries like these:

Addr436[0]=280061176
Addr436[1]=0
Addr436[2]=0
Inst436[0]=1095158
Inst436[1]=0
Inst436[2]=0
Addr451[0]=279973933
Addr451[1]=0
Addr451[2]=0
Inst451[0]=106238
Inst451[1]=0
Inst451[2]=0
Addr440[0]=269496473
Addr440[1]=0
Addr440[2]=0
Inst440[0]=242834
Inst440[1]=0
Inst440[2]=0

I think someone had posted them here and I just used them...
UTDCv14 does not have anything like that - so can I just leave them blank?

Yes, those entries are not neccessary for version 14. Entries like those are used to detect new cheats without having to release a new version of UTDC. If you put the same numbers in the 14 ini you will get false positives.

I see this happening a bit too often. Any chance of getting a separate message for this? It doesnt look too good for the player in question when they get the "hacked packages" message, especially the message in the chatbox.

Maybe also give the player instructions to delete all files in the cache folder.

turn package checking off then - ill release a fixed version later this week

Great, I can live without that check until then :thumbup:

I cant find anything in the readme about a console command to turn on/off the packagecheck, is there a command to do it?

I tried "mutate utdc set packagecheck off" and some other things I could think off without luck.

I see this line in my UTDC.ini file (just above the checksum lines):

PackageCheck=True

Setting this to False probably turns the package checking off i guess.

Yes sure, but that means shutting down the server. I can of course do that, but wanted to check if theres a command first.

Yes, those entries are not neccessary for version 14. Entries like those are used to detect new cheats without having to release a new version of UTDC. If you put the same numbers in the 14 ini you will get false positives.

What would I do without all the help I get here... :D

Thank you !!!

Server Received..: FILE NOT FOUND-2

So would the server then download the file and overwrite the UTPureRC7G already in the cache folder and restore the Cache.ini? ***Just checked** No it doesn't download the file. Doesn't make sense why it wouldn't. Now the cache cleaner also doesn't see the UTPure file in the cache folder anymore :rolleyes:

UTDC must only check the cache.ini file instead of checking for the actual file itself in the cache folder...can this be fixed? Either that or make the kick message display instructions to manually clean out the cache folder. But we all know everyone will cry if the cache folder would have to be touched manually :rolleyes:

Hope you get it fixed Troublesome....and thanks for all your work :thumbup:

UTDC must only check the cache.ini file instead of checking for the actual file itself in the cache folder...can this be fixed?

The point is to run an MD5 check, not to check for presence.

The point is to run an MD5 check, not to check for presence.

he's right that utdc check for the file presence in the cache.ini file to find the file and do a md5 check... so this don't if the cache.ini file is borked up ...
but it can and is fixed in next... :)

Yeh, I thought he wanted you to only check the ini, and dont check the cached files. Good thing that you fixed it :)

hmmm, checking cache.ini is gay, you only need obj linkers on windows clients.

In the native code you don't even need Obj Linkers because every single loaded package has a loaded filename attribute IIRC.

Great stuff this new UTDC - not even 12 hrs and we had the first catch, even saying wich version of helios that guy was using. :D

Another log I found is this one:
[UTDCv14] +---------------------------------------------------+
[UTDCv14] Client have failed integrity check
[UTDCv14] Player Name......: ]POT[P$YCO
[UTDCv14] Player IP........: 68.33.12.198:2924
[UTDCv14] Client UT Version: 436
[UTDCv14] Altered File.....: UTDCv14.u
[UTDCv14] Server Received..: FILE NOT FOUND-0
[UTDCv14] +---------------------------------------------------+

Is this just the same prob as already mentioned here with UTPURE?

Yes, thats the same problem. I would turn off the file checker until it is sorted out.

The link on the first page of this topic for the download of this version does not work, where can I get it?

You can get it here (http://uksnipers.com/utserverstuff/), I posted it somewhere in this topic.

Thank you

OT: Can Troublesome plz clear his PM's :P

hmm - wondering why our server is that empty again I found this several times now in the server log (no UTDC log):

[NBSP]Parsing Packages for XXXXXXX...
[NBSP][[xxxxxxxx]- UTDCv14, UTDCv14dll, NoTelefrag, ZarkAssaultRifle, BDBMapVote304, SpectatorPlus
[UTDCv14] Player: XXXXXXXX was disconnected because of no dll

So obviously the files are there, but the player still gets kicked because UTDC says it's not there... :confused:

Why?

UTDC is saying it can't find the dll file which should appear in the System folder when you click install. Either the player chooses not to install it or the install is failing for some obscure reason. Get the umod installer of the uksnipers site and copy the address for the download to UTDC's ini file.

Evil_Dragon']hmm - wondering why our server is that empty again I found this several times now in the server log (no UTDC log):

[NBSP]Parsing Packages for XXXXXXX...
[NBSP][[xxxxxxxx]- UTDCv14, UTDCv14dll, NoTelefrag, ZarkAssaultRifle, BDBMapVote304, SpectatorPlus
[UTDCv14] Player: XXXXXXXX was disconnected because of no dll

So obviously the files are there, but the player still gets kicked because UTDC says it's not there...

Why?
It's always the same....players click the wrong button or they didn't even noticed the window top left.
Then they start whining and moaning that your server sucks.

Hmm, I have noticed that some players have the attention span of a pigeon and take a bit of time to understand seemingly simple things. I would advise pointing the manual download button to an easy to understand page which explains how to install the dll. This should help the majority of those sort of players.

haha, yes, that's what I started thinking too.

And I have to say I didn't even supply the download in the .ini just for not confusing people by forcing them to choose between download and install.

But pointing to a page that let's even the last ....pigeon understand what to do seems a good idea, I'll do that asap.

Also - if there is even another version in progress, maybe it's possible to make this little window with the download and install buttons that BIIIIIIIIIIIG that noone can oversee it? Like half screen size or so?

Also - if there is even another version in progress, maybe it's possible to make this little window with the download and install buttons that BIIIIIIIIIIIG that noone can oversee it? Like half screen size or so?
Agree!

Agree :) (center it too).

can the UTDC window be altered for the next version so that it appears in the middle and just has the install button.. that would slove the problem right...

Maybe the best is just to only make one button available. Install.

So people can only click on install. Perhaps that will help.

I'm not sure if there should only be the option to install.

Many people don't look at what they downloaded and/or then refuse to install just any files.

So there should still be the download button providing a page where things are explained (I did that now).

But both buttons should jump right into the player's eye.

IMO....there shouldnt be a download prompt for UTDC anticheat at all.

Can you make a version for those of us that want that???

It wouldnt scare the people away soo easily if this was an option.

automatic install of any dll is a bad idea.

I agree, but for UTDC, I think its safe :)

what if someone had a trojan named UTDCv14.dll - would it install that just as easy?
what if someone modified it to steal cd keys?
what are the limits with a dll?

UT never worked with cd-keys so no need to bother about that.

Ofcourse dll's can be a security issue, however if people will learn to read (so they can read what utdc is and such) they won't have any trouble's with the dll.

Kawii; if some server admin had a trojan named UTDCv14.dll on the server, they won't be writing "this is a trojan" so reading anything is not going to help.

(Unless you were meaning that theres no need for an auto install of DLLs, people should just read the info box they get with this version).

Some UT players also play UT2004, like me for instance. I don't know anything about programming dlls but I imagine they can be easily reverse engineered.

Epic would kill the coders if they'd know about the loaders ^^

I meant that they could visit the website which explains what UTDC is and what it does.

Ya I think if you plan on continuing with the development of UTDC maybe you should at the very least have a forum for UTDC set up...

Ya I think if you plan on continuing with the development of UTDC maybe you should at the very least have a forum for UTDC set up...

Well a short part of the readme file in the textbox with the buttons should be enough for most people.

And you are talking on a forum about UTDC so no real need for another forum.

This post written by a pink elephant named Dinkydoo. This elephant can dance and sing and sometimes calculates the 235th decimal of pi, but sometimes it just eats candy all day long.

Weird text huh? Since it's written here it must be true! Just like when you write a page saying the file called UTDC.dll on your server is anticheat, everything that people write on the internet is true.
It really doesn't matter if you point people to a piece of text or install the dll right away, they have no way of telling if that text is valid or not. Just post a message, an anticheat with filename ... is now being installed, auto install and done. If they don't want it they can remove it again.

I'm quite sure any dll can read the registry and steal passwords but maybe it needs to be registered first before being able to do so.

It's all a matter of trust. Don't join weird looking servers. Wellknown companies have totally no benefit from hacking their customers pc's, it's even illegal. The same goes for anticheat coders. Don't install any random anticheat, UTDC has been around long enough to trust Troublesome won't add any hacks, but he could if he wanted. Most hackers won't go through all this trouble though. That's also why you also should not blindly install a new version you find somewhere. Official releases can be downloaded here, nowhere else. In the past people installed beta's for UTPure as if it were official versions. They had no way of knowing this was an made by the UTPure team since it did not exist on their webpage, they just assumed it. Ofcourse, pure is only uscript so limited, but when you find an UTDCv15.dll somewhere while here it's still only about 14 I really would not install it.

not a bad post for a pink elephant :) but I dont believe it.. no elephant can dance and sing :?

but it also has a point - and thats why I dont install the dll's from the servers, I come here and get them if I need them, or I'll get them from here as soon as they are released, I dont want some random server installing some random dll without me knowing or without my permission.

Why not give two options:
1: Download directly from server
2: Download link at official website (say hosted here maybe?)

or even a third option: build in an auto-update feature that downloads from the website when user is prompted, that way once you install ONE version of it you don't need to worry bout this stuff as the updates will all be directed to one main website.

Why not give two options:
1: Download directly from server
2: Download link at official website (say hosted here maybe?)


Haven't you learned that people are stupid ? Hard words, but mostly true. More options to choose, more chaos .... The text about the elephant also applies to this law ... btw. Anybody here read Terry Goodkind ? ;)

More options would indeed make more chaos. And i never said that everything written about a file has to be through.

Ofcourse a dll can be "risky" file, however so can other files. I'm sure you can make malisious scripts with U-Script. We just need to have a litle faith in each other :)

Haven't you learned that people are stupid ? Hard words, but mostly true. More options to choose, more chaos .... The text about the elephant also applies to this law ... btw. Anybody here read Terry Goodkind ? ;)

Wizards first rule :D

read them all so far - was a bit disapointed lately tho, I mean, how many books can he drag this out to :( I wanted a trilogy, now theres about 3 of them :?
still good books tho :)

back on topic, the options are ok as they are, I can decline or install if I want. Its the players that need to change, not the method.

read them all so far - was a bit disapointed lately tho, I mean, how many books can he drag this out to :( I wanted a trilogy, now theres about 3 of them :?
still good books tho :)


Indeed, 8 books with an avarage of 400 pages is pretty a lot for one story, however when I finished the "Naked Empire" I was reeally disappointed that there is not further part finished yet, I wanted MORE ! And still I want. :P

Oh and sorry for the little offtopic.

How about an md5 file available from an official source somewhere. Users could get an md5 tool and check if their dll is the original.

Haven't you learned that people are stupid ?
lol, true...how bout option 3 then :P
a third option: build in an auto-update feature that downloads from the website when user is prompted, that way once you install ONE version of it you don't need to worry bout this stuff as the updates will all be directed to one main website.

i.e. Install only one version of UTDC and then UTDC will handle updating by itself...should give most who are concerned piece of mind.

Just to refresh me.. (and after reading 8 pages... and getting lost a bit)..
I was wondering how i can let players using macs into the server..... *they are all getting kicked.. I forget the setting.. thankyou in advance!

Just to refresh me.. (and after reading 8 pages... and getting lost a bit)..
I was wondering how i can let players using macs into the server..... *they are all getting kicked.. I forget the setting.. thankyou in advance!

well if you read the first! page u would know that v1.4 dont allow linux or mac :) but there will be a new version soon with hopefully most bugs gone

I was running v3b and it was not creating any logs, and I had seen someone get kicked for an illeagle hook one night, so I updated to v4 and I still have NO logs, I think it is may be one of the following,,,please help

1. Maybe no cheaters come to our server now
2. The ASH400 logs are working ok, maybe a conflict with ASH400 and UTDC?????
3. MY setting are not right,,,,se below

[UTDCv14.UTDCMut]
UTDCCheck=True
ServerCheck=True
CheckFrequency=30
ClientCheck=True
ClientCheckFrequency=5
KickMsg=You have been kicked because a cheat have been detected
DownloadURL=None
BanPlayer=False
KickPlayer=True
ExternalLog=True
SafeKick=False
LogPath=../Logs/
OSCare=False
ForceNativeSpawn=False
ShowLogo=True
FUCheat=True
LogoXpos=1
LogoYpos=10
Allow440=True
Allow451a=True
Allow451b=True
Addr[0]=0
Addr[1]=0
Addr[2]=0
Inst[0]=0
Inst[1]=0
Inst[2]=0
Addr436[0]=0
Addr436[1]=0
Addr436[2]=0
Inst436[0]=0
Inst436[1]=0
Inst436[2]=0
Addr451a[0]=0
Addr451a[1]=0
Addr451a[2]=0
Inst451a[0]=0
Inst451a[1]=0
Inst451a[2]=0
Addr451b[0]=0
Addr451b[1]=0
Addr451b[2]=0
Inst451b[0]=0
Inst451b[1]=0
Inst451b[2]=0
Addr440[0]=0
Addr440[1]=0
Addr440[2]=0
Inst440[0]=0
Inst440[1]=0
Inst440[2]=0
PackageCheck=False
Package[0]=UTDCv14.u
Package[1]=UTDCv14.dll
Package[2]=
Package[3]=
Package[4]=
Package[5]=
Package[6]=
Package[7]=
MD5[0]=B426C25C8F72F762B487ACD8A2FBAB0B
MD5[1]=DC5D03BCFD3E054BDEDFE9CC645AECF5
MD5[2]=
MD5[3]=
MD5[4]=
MD5[5]=
MD5[6]=
MD5[7]=

I would add an md5 for the UTPure or NBSP packages depending on which uscript protection you use (you can add ASH400 too although it is pretty outdated and modern versions of UTPure can perform a similar function). That will certainly trigger off a response if the U files have been tampered with. The same goes if you use the ZeroPing mod.

well if you read the first! page u would know that v1.4 dont allow linux or mac :) but there will be a new version soon with hopefully most bugs gone Darn... I was hoping there was something I missed..
I guess I'm back to the older version then, until the new one.
But thankyou for answering me, and also to the guyz that are behind UTDC!........ You soooo R0x0rs!!!!! and have made my day many times since i"ve started using it..

I would add an md5 for the UTPure or NBSP packages depending on which uscript protection you use (you can add ASH400 too although it is pretty outdated and modern versions of UTPure can perform a similar function). That will certainly trigger off a response if the U files have been tampered with. The same goes if you use the ZeroPing mod.

I wouldnt. I used to, but lots of people got kicked for file not found. And the message they and everyone else gets is that they have hacked packages.

Well, if you have a public server then I guess you don't have the choice. However this does mean you aren't taking advantage of this powerful checking feature and the possibility of uscript hacks is real. I've managed to get things working fine with a check on UTPureRC7E and, so far, noone has gotten kicked.

PackageCheck=True
Package[0]=UTDCv14.u
Package[1]=UTDCv14.dll
Package[2]=UTPureRC7E.u
Package[3]=
Package[4]=
Package[5]=
Package[6]=
Package[7]=
MD5[0]=B426C25C8F72F762B487ACD8A2FBAB0B
MD5[1]=DC5D03BCFD3E054BDEDFE9CC645AECF5
MD5[2]=02EfA8EE30E207C8C5F0BCA09EA5E2E5

Edit : I used this to generate the md5 string :

http://www.tohoku.ricoh.co.jp/barcode/printer/dist/common/md5/english/md5help.html

I realise that, but it kicked about 10 players for "file not found" the first day I used it. Troublesome posted that he would sort the problem for the next version.

Btw you can calculate MD5's with the file DigestFile.exe that comes with UTDC.

What is the problem exactly ? Is it the fact that the package is in the cache or in the system directory ? Did you happen to add an md5 for the handlers by any chance ?

I first saw the problem when I forgot to quit UT before running cache cleaner, I had only minimised UT. This will apparently cause the cached files to be moved like they should, but the cache.ini is protected and will still say that the files are in the cache. UTDC can not find the files there, and kicks you for hacked packages, complete with the in-game message. The log will show that the files are missing.

I added checks for Pure and ZPPure in addition to UTDC, but thats not the problem as most people never had any problems.

Well it is a bit strange to empty your cache when UT is active. The reason that the ini file can't be deleted is because it's in read-only mode which makes perfect sense from a programming point of view, seeing that the file could be updated at any time.

Yes, I find myself repeating that I did not do it on purpose.

Well i run a pickup server and i only had one person with the problem of being kicked for hacked packages because he was missing utpure7g.u

So i know the problem, but it only occured at that player. Howerver Troublesome said something about that being fixed in future versions :)

[UTDCv14] +---------------------------------------------------+
[UTDCv14] Client have hooked functions
[UTDCv14] Player Name......: Hans_Wurst
[UTDCv14] Player IP........: 80.134.157.61:2317
[UTDCv14] Client UT Version: 436
[UTDCv14] Server Received..: Initial check
[UTDCv14] Altered addresses: 10431e14-56cdf90?1038c89a-423df8?10b1d665-f4bb0a37?
[UTDCv14] Hook Match.......: Helios hook 3.1
[UTDCv14] +---------------------------------------------------+

Nice log SixtSense, i can post all my logs aswell, but that's pointless imho (all cheater caught have already been reporterd)

This is just that people remember name m8
I like to scroll to caught cheaters list always handy to regonize names m8
And i always need positive's before i ban
Aldo that 1 seems clear;)
Just so that troublesome can see his little tool does a amazing job :thumbup:

ps: you say al cheaters are reported to who??
this is ut 99 not 2k4 ???
and im posting my logs here a long time m8 ;)

lol how is it pointless??
other admins can ban the ip or watch for the username, hell it might even be someones clan mate and they can match it by ip....

posting bans is never pointless...
even the utan thread, I have matched ip's to UT99 cheaters, not that they care but since we have a 2k4 server as well I do.

In case someone is interrested, my list of cheaters is in my signature.

Is this a hacked pure?
[UTDCv14] +---------------------------------------------------+
[UTDCv14] Client have failed integrity check
[UTDCv14] Player Name......: *****
[UTDCv14] Player IP........: *****
[UTDCv14] Client UT Version: 436
[UTDCv14] Altered File.....: UTPureRC7G.u
[UTDCv14] Server Received..: E36A2288D7F906B6B18D622724641196-2
[UTDCv14] +---------------------------------------------------+

Looks like it. The correct MD5 string for UTPureRC7G.u is 210BF724D2E0EFEE39B04E2A2044AF08. The package has been tampered with one way or another. If you're in contact with this player, pretend nothing has happened and ask them to send their copy of that package. If you're succesful at that, act as you originally intended.

It could be that he ran cache cleaner and UT at the same time, for some reason that fucks up some files.

Ask him to remove all Pure files and let him try and join again :)

No, if he did use cache cleaner the message would clearly state the file is missing. Either that or this is something new.

No you would get the log message "FILE NOT FOUND" then..
the md5 hash is wrong for the file which means its very likely a hacked utpure

Still cannot get my logs to work :frown: :frown:

Anybody know what this is, it came up from an ASH400 scan

[CSHP][ASHs][Actor]: 8 XXXXXXXXX 66.131.XXX.XXX UTDCBadge

Some guy came on my server last night with the name Ic3Cold IP 24.243.109.169

he proceeded the conversation like this

[him] you want to know why this server sucks
[me] because your on it?
[him] no, because I am hacking it right now
[me] yea right
[him] I see tags over everybody's heads, you need to install UTDCv4
[me] yea right, dumbass, we already run it

then I documented his IP and got rid of him
My point is, I really don't think this guys was hacking the server, he sucked and was not doing very well.....
but my question is,,,,how do I know if UTDC is running and working, I mean, I se the logo come up and also see "client verified" and from time to time see people get kicked for UTDC Timeout, but I still have NO logs,, (maybe nobdy is cheating) but how can I be absolutly sure everything is working as it should????

There are some private hooks that will pass UTDC14. Also you should use UTPure (or similar) to stop the uscript hacks.

Make sure anything sensitive in uscript (UTPure, NBSP and Zeroping) is checked out by UTDC.

I have the standard .ini file.

Ok, what version of Pure do you have installed and do you happen to have ZeroPing on your server ? I'll give you the necessary md5 strings so you can block the possibility of hacked uscript files.

RäïÐëÑ']Some guy came on my server last night with the name Ic3Cold IP 24.243.109.169

I confirm this guy as being a genuine cheater.

UTDC won't make a logs for every game. Only if a client is kicked for "unknown os" "hacked packages/missing file" and "hooked ut" as far as i know.

So that might explain why it isn't creating logs.

yea I was told that it only creates logs on capture of a cheater, and I do not run ZeroPing or PURE, I run UTDC and ASH400,,,,,,HELP

Test it by using a Hook yourself, so then you can see if it's making logs.

RäïÐëÑ']Some guy came on my server last night with the name Ic3Cold IP 24.243.109.169

he proceeded the conversation like this

[him] you want to know why this server sucks
[me] because your on it?
[him] no, because I am hacking it right now
[me] yea right
[him] I see tags over everybody's heads, you need to install UTDCv4
[me] yea right, dumbass, we already run it

then I documented his IP and got rid of him
My point is, I really don't think this guys was hacking the server, he sucked and was not doing very well.....
but my question is,,,,how do I know if UTDC is running and working, I mean, I se the logo come up and also see "client verified" and from time to time see people get kicked for UTDC Timeout, but I still have NO logs,, (maybe nobdy is cheating) but how can I be absolutly sure everything is working as it should????


This is not a cheat that can be detected by UTDC. It's some sort of uscript, the same guy tried to enter our servers and was kicked out. Our server at that time ran NBSP 1.07 and UTDCv1.2b. Here's the kick message (I am not sure what the cheat is, but if suck or someone could explain what it is, it would be greatly appreciated):

#### ----------------------------------------------
#### NBSP - CLIENT HACK DETECTED - PACKAGE
#### ----------------------------------------------
#### - Player Name: 1c3CoLd
#### - Player IP: 24.243.109.169
#### - Details: Invalid default package encountered.
#### - Method: UTMenu 1972 770 3027 1
#### - Panic degree: High.
#### - Date/Time: 1-21-2005 / 19:38:27
#### ----------------------------------------------
[NBSP]- Player has been kicked: 1c3CoLd (24.243.109.169) | PC/D3D | ID: 7

RäïÐëÑ']yea I was told that it only creates logs on capture of a cheater, and I do not run ZeroPing or PURE, I run UTDC and ASH400,,,,,,HELP

you should always run UTPure

This is not a cheat that can be detected by UTDC. It's some sort of uscript, the same guy tried to enter our servers and was kicked out. Our server at that time ran NBSP 1.07 and UTDCv1.2b. Here's the kick message (I am not sure what the cheat is, but if suck or someone could explain what it is, it would be greatly appreciated):

#### ----------------------------------------------
#### NBSP - CLIENT HACK DETECTED - PACKAGE
#### ----------------------------------------------
#### - Player Name: 1c3CoLd
#### - Player IP: 24.243.109.169
#### - Details: Invalid default package encountered.
#### - Method: UTMenu 1972 770 3027 1
#### - Panic degree: High.
#### - Date/Time: 1-21-2005 / 19:38:27
#### ----------------------------------------------
[NBSP]- Player has been kicked: 1c3CoLd (24.243.109.169) | PC/D3D | ID: 7


there were bots and radars built into UTmenu a long time ago, before the mod menu bots were common.
Pure stopped those from working a long time ago too, thats why they needed hacked pures, but now UTDC can make sure Pure isnt hacked.
Zellius made a few bots built into UTmenu, also into UWindow and they were the last ones made I think.

Test it by using a Hook yourself, so then you can see if it's making logs.


Thats the funny part Don, I was gonna do that from my laptop, but I could not even find one of these Hooks, I guess I don't know where to look, I could not even get an old ElfBot working to test against ASH400, I guess I would NOT make a very good cheater, since I can't even find one :rolleyes: :rolleyes:


BTW, why should I run UTPure???? just asking as I have never used that, we were good to go with ASH400 till the new hooks came out and I thought that I would be safe running UTDC, and also NBSP gave a ton of timeouts to players in other countries, so I removed it because some of our clan members we getting so many that they could not even play, has NBSP been improved on in this area, I have not kept up with that one. Any and all help is greatly appeciated. And BTW I am glad I went with my gut feeling to kick/ban that Ic3cold person as soon as he started talking crap.

I think I saw that Ic3Cold person before on the sss server, a few months ago I guess. He was saying all the time things like "the server is not protected, I am using an Aimbot now"....and crap like that. I thought he was talking shit, like a person who desperatly needs attention.
But I think it's wise to keep an eye on him......you never know for sure with these idiots.

About Pure......UTPureRC7G with the .int logger and UTDCv14 are running on the DoC servers. Apart from some "FILE NOT FOUND" logs no problems so far.
No probs with the sniperrifle and Pure either.

Another hacked pure?
[UTDCv14] +---------------------------------------------------+
[UTDCv14] Client have failed integrity check
[UTDCv14] Player Name......: *****
[UTDCv14] Player IP........: *****
[UTDCv14] Client UT Version: 436
[UTDCv14] Altered File.....: UTPureRC7G.u
[UTDCv14] Server Received..: 5087C6AA1611936A65CDCB93BDEFE62D-2
[UTDCv14] +---------------------------------------------------+

[UTDCv15] +---------------------------------------------------+
[UTDCv15] Client have hooked functions
[UTDCv15] Player Name......:
[UTDCv15] Player IP........:
[UTDCv15] Client UT Version: 436
[UTDCv15] Altered addresses: rrrrrrr3e54b00NativeCheck0-35153c4,


Like to know if this 1 is cheating
PLz fast respounse is important

i'm getting loads of these too. almost every other player, so they were definately false positives.

[UTDCv15] Altered addresses: rrrrrrr2db4380NativeCheck3-27a53c4,

the characters in bold were constant, the rest differed between each log entry. turned off MemoryScan to stop it.

Looks like some weird overflow problem. That text shouldn't even be in the address string.

ok thx guys i thought it was some kind of radar
This is from 1of my members
and i already made a nice letter to kick him out
but nice to hear this is a false positive

2(122202:123702:120502) 02(`IDA`VIP-TS02) UTDC: [UTDCv15] Client have hooked functions
02(122202:123702:120602) 02(`IDA`VIP-TS02) UTDC: [UTDCv15] Player Name......: Firestorm.!X
02(122202:123702:120802) 02(`IDA`VIP-TS02) UTDC: [UTDCv15] Player IP........: 217.82.36.33:63747
02(122202:123702:120902) 02(`IDA`VIP-TS02) UTDC: [UTDCv15] Client UT Version: 451b
02(122202:123702:121102) 02(`IDA`VIP-TS02) UTDC: [UTDCv15] Altered addresses: rrrrrrr3752920PCCrc0-161c000,
02(122202:123702:121202) 02(`IDA`VIP-TS02) UTDC: [UTDCv15] +---------------------------------------------------+


hook or bug ?

Memscan bug I think.