MD5 Blacklist of Cheats & Hacks
The following files are known cheats. If anyone gets logged by UTDC and a log is generating identifying any of the following files with these following checksums, you should ban them as they are assuredly cheating.
To ensure that cheaters don't get on this list and then use google to find matches to the cheat names, they have all been removed. I personally assure you that they ALL have been confirmed as hacks by either myself, or other prominent members of the community. Just because a player has an MD5 that doesn't match any on this list doesn't mean he isn't cheating. Use your best judgement. If someone has a matching MD5 checksum, have NO DOUBT that they were cheating. -- ================================================== UTMenu.u ================================================== 602D82937FE772C58BC84CBEF59BC205 E011638BDDDD1BCCF4B4EACC18588DC1 EA6A2112274D383F6F7A99A647448D88 3D4EDF301F8A93B7D032555FC5CA166E 0F80E8211403150929024DCA8AC1B987 0C8DD0B0EAA27F916BDF52EE4AE520B4 12496F44061AD837D379E6A275F33691 ================================================== UWindow.u ================================================== 2A8EC5CF1D882931C4313305B0C97AF0 DFE5AF3C3715F4CF8200A75FFBA768D7 A4C1B8C3093D2575C8468E57B7B07249 ================================================== Engine.u ================================================== 080C7C577258BA6BD8599768111C27F3 74A013AEA68504312D18210D4099F8D7 ================================================== BotPack.u ================================================== 536F4D2A3D33093F73CA24DCCB654A11 54871E509438A3F0BB610E2219BB15E1 ================================================== UTDCv18.u ================================================== 5ABF3DDAEBAF28F1D51AB7F1A45C21A3 ================================================== AnthCheckerC_v137.u ================================================== 5E415013B77435587DDCA2C88433748D ================================================== AnthCheckerC_v138.u ================================================== FE59B3224886C0AB2B00EB91CABA3DF5 ================================================== UTPureRC7G.u ================================================== F450D701DAF5A1F54C3495E558CD3F57 7AE2DED6B15797E81611BB0B522AD891 ================================================== UTPureRC5v.u ================================================== 372BC0F500249F7F528C4E464124A442 ================================================== UTPureRC59.u ================================================== 6C2FA018C5C2AE47CE293CA86F8420CC ================================================== OpenGLDrv.dll ================================================== CA0425FB154D2A9E704570FB78D4C51E ================================================== antibv.u ================================================== A7193F02B86B747769B1F120AE887845 ================================================== anticv.u ================================================== 341D28E392C8615858BFDD4EEE2C1A9C ================================================== antishockhoplusbeta3.u ================================================== FF2B13ECEB297D274B3D23943647F5F2 ================================================== ZeroPing_v100.u ================================================== BF557A4AF8CE4AD4B7FF9EE0CDFF3CD6 ================================================== ZeroPing_v102.u ================================================== EA80BDF44D9C2165E50F5D91D5D8ED77 |
Updated a few other sums today - will try to do more to it in the next couple of days.
|
Thank you for this. This is what I've been looking for. We just verified some questionable people thanks to this!!
|
I think it would be helpful to people if you put next to each hash what cheat it is.
|
Quote:
Quote:
|
You'll just have to trust me.
|
Matthew is one of the good guys, you can trust him. :thumbup:
|
Updated again this evening to reflect some newer bypassess that have been floating around.
|
Updated.
|
Top job Matt! :thumbup: :thumbup: :thumbup:
|
And another this morning.
|
would it be possible to organize hook, and corrupt memory returns like this?
|
Quote:
|
So in other words, there is no database coming in the forseeable future.
:P |
no offense but i'd go with the women and ice cream too lol
|
Quote:
|
I don't remember full and exact name of this cheat but it goes something like this:
Skyline AimBot [UTDCv18] Corruption hash..: F86224725BF31F506BB04F496A2D38B1 [UTDCv18] Altered addresses: 105A6B54-7FF23F00/1010207C, GNAT Radar: [UTDCv18] Corruption hash..: 8C257A7905CD9DF6A1208597F622CD99 [UTDCv18] Altered addresses: 10B153B8-CEBC48E9/B317CC68,10B153BC-178C68FF/178C6810, Both tested by my self and Cratos from UTA. |
NOOB Question, how do I add these to UTDC 2.0??
|
Quote:
I know you have a TO server and i dont know what files you would need to check. You will need the DigestFile.exe file from UTDCv20.zip. Use it to find a file you want to add like UTPureRC7G.u, it will give you the MD5, just add file or package name and MD5 in actionman.ini. Should look like this: Package[0]=UTDCv20.u Package[1]=UTDCv20.dll Package[2]=UTPureRC7G.u Package[3]= Package[5]= Package[6]= Package[7]= MD5[0]=1D04CB21D295F5A2534550DD3DA9072B MD5[1]=E8F36943140F920F06B7407DB08BAB3C MD5[2]=210BF724D2E0EFEE39B04E2A2044AF08 MD5[3]= MD5[4]= MD5[5]= MD5[6]= MD5[7]= |
Thank you so much for the USEFUL responses, Now I understand better, I will get the MD5's I need and get em into UTDC.
Next N00b question (lol), I see this blacklist and assume it is used to prevent someone from using the hacks on a UTDC server, I understand the GOOD MD5's, but is there a way to actually USE the blacklist?? Is this blacklist part of UTDC native? Is it just used as a cross-reference for people caught by UTDC with unknown cheats, I cruise alot of forums and find ALL KINDS of hacks caught by UTDC that we never see on ours (yet we have MANY MANY obvious cheaters). I don't know if you know but hacks/cheats are FRIGGIN RAMPANT in Tactical OPS, most Tactical Ops Admins are noobs worse than me, so these forums are my only resource:) Last N00b question, what can I use to stop Texture/8 bit/Opengl Hacks and sound hacks, this is like the newest thing in TO and it's awful, Screenshots don't catch it, is there something I can change to have a system scan catch em?? I see alot of anti -cheats on these forums pure etc....??? Thanks again, Pat |
If TO uses the same OpenGlDrv.dll as UT and other UT packages are the same in TO, you can see
a list of good MD5`s for different packages here: http://www.unrealadmin.org/forums/sh...ad.php?t=11684 I`ll add the first 3 MD5`s from that list for UT`s OpenGlDrv.dll to actionman.ini to show you. Package[0]=UTDCv20.u Package[1]=UTDCv20.dll Package[2]=UTPureRC7G.u Package[3]=OpenGlDrv.dll Package[5]= Package[6]= Package[7]= MD5[0]=1D04CB21D295F5A2534550DD3DA9072B MD5[1]=E8F36943140F920F06B7407DB08BAB3C MD5[2]=210BF724D2E0EFEE39B04E2A2044AF08 MD5[3]=D8ABBF774E3420623A2F44B74BB9653C,7731EA6193BED32F 48550AACF683BD50,1DD02EEA4AB45924601310119A3A0DD0 MD5[4]= MD5[5]= MD5[6]= MD5[7]= Keep in mind that only the first 3 MD5`s will be allowed on a server with this and any others good ones from that list would be kicked for a HACKED package. You should use DigestFile.exe to find the MD5 of the package you want to add then look to see if its on the GOOD list, and add any other MD5 for that package. |
Cool, now what packages should I be checking?? things like BOTPACK? or in TO S.SWAT can I just check all the damn packages?, I didn't see that many slots for MD5s in action man, can I add slots?
if I add a buttload of md5's will it lag the server? Should I use MY Client as a digest source or something else?? FYI Tactical ops uses the exact same files as UT except for the addition of S.SWAT.U, so nearly every UT file is in Tactical Ops (except they stripped the botpack.u down to essential files only). Sorry for all the dumb questions, but I'm realizing I need to fine tune this to be the most effective. and... please clarify something for me....if I don't add md5s to my UTDC EVERYTHING OTHER than those md5s gets kicked?, cause that doesn't seem to be the case....or.....is it once I put in say, some OPGL md5s UTDC will only allow THOSE OPGL's??? and what about sound hacks?? Thanks again, Pat |
To have one anticheat look for all cheats would cause alot of lag at player join. Adding other anticheats to look for different cheats, will lesson the time of player join lag.
To check render`s like OpenGlDrv you maybe able to use AnthChecker_v138 in TO. Sorry should of told you about this one earlyer. You will need both AnthChecker_v138.zip and AnthCheckerS_v138_Build6.zip. In actionman.ini you should add AnthCheckerC_v138.u, the MD5 is 7D35A7BF663FAD22C365B2E6EB6264CA Other packages to add in actionman most common i would say would be botpack.u and menu.u. Never tryed to add more, not sure if you can. I dont know what TO S.SWAT is. If you add TO S.SWAT you need to know MD5 for any other good versions of it. Any packages you add in actionman.ini will tell UTDC to only allow the package with MD5 in that list, thats why you need to add all the good MD5`s for each pacage you add. UTDC wont check a package thats NOT in the list. If you were to add only this to actionman: Package[3]=OpenGlDrv.dll MD5[3]=D8ABBF774E3420623A2F44B74BB9653C,7731EA6193BED32F 48550AACF683BD50,1DD02EEA4AB45924601310119A3A0DD0 Then ONLY these 3 md5`s would be allowed, UTDC would kick for any other md5`s for OpenGlDrv.dll. Dont know about sound hacks. |
Awesome, thanks soooo much, guess I have some work to do tonight....I'll let ya know how it gos...
|
Verification---Altered File?
[UTDCv20c] +---------------------------------------------------+
[UTDCv20c] Client have failed integrity check [UTDCv20c] Player name......: ]NK[-Maximus.Pl [UTDCv20c] Player IP........: 83.22.87.69 [UTDCv20c] Client UT version: Tactical Ops [UTDCv20c] Client OS........: WindowsXP [UTDCv20c] D3DDrv.dll MD5...: DD6E3692F8EAD5E1DF88716024BC25D1 [UTDCv20c] Core.dll MD5.....: 4C4B6D84F0680AA8030DF35B79FDE192 (Unknown) [UTDCv20c] Engine.dll MD5...: 73AFD1F086A9BB830ACBEC09C1B028E4 (Unknown) [UTDCv20c] Render.dll MD5...: 6F18D6BB2B3DC12D0D2E5AD5CC66586B (v4.36) [UTDCv20c] Galaxy.dll MD5...: CB246E9A387CC002E6EA13264AC0DC08 (v4.36) [UTDCv20c] UTDCx.dll MD5....: 9203C337C6B14D0285A08893B9C72000 [UTDCv20c] MAC hash.........: 0009E09EBA006E280775F96FD327D98B [UTDCv20c] Mem NTDLL image..: True [UTDCv20c] Altered File.....: Engine.u [UTDCv20c] Server Received..: 6309B98050F3474458E4BF5E2B4E328F [UTDCv20c] Date/Time........: 01-01-2008 / 11:20:05 [UTDCv20c] +---------------------------------------------------+ This MD5 is not listed in the blacklist, can neone verify that this is a cheat! I googled it and nothing came back. ShootYaLata |
You didnt remove the ip or name, LOL
looks real to me, with the engine.u file altered |
Quote:
|
Quote:
|
what is the MD5 for UTPure7E ? i have no fund on the liste.
|
Umm this list ONLY contains cheats. UTPure is definately not a cheat.
|
All times are GMT +1. The time now is 08:40 PM. |