1. Post #1
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    Hello all. I am here today to present to you a new fixed and improved version of AntiSerenity. I would first of all like to give credit to Python1320 for his work on GXML, which made all of this possible. To Zeh Matt, who made the gm_glsock module, and permitted me to follow redirects when doing a http query. and to the creators of ArbitraryPrecision, and the original creator of AntiSerenity. Without further ado, let's get on with the presentation.

    What is serenity?

    Serenity is a common hack that is used to change a users SteamID. This allows the user to go onto servers from which they have been banned. Seeing as almost every Lua script that needs to save some information about the player, uses it's SteamID, this is a major flaw.
    Firstly, how was this broken in the first place?

    Since the creation of this, steamcommunity.com now redirects to a users profile, if he has a custom URL. for example, if I were to access the page of a user with a custom URL, I wouldn't get anything because the current HTTP module does not support redirection. To fix this, I have used the HTTP2 module ( slightly modified ) with the gm_glsocks module ( both by Zeh Matt ). And the automatic IP retriever was broken, but that was a quick fix.

    Secondly, what did you add?

    I added the use of GXML ( by Python1320 ). This permitted me to make it slightly faster. It also let me add support for VAC. We all know that VAC is "enabled" in GMod, but even if you are vac'ed , you can still play. This module adds an opt-in function that will ban a player if he or she is already vac banned. I do want to add on this subject though, not all vac banned players are cheaters, which is why I made it opt-in.

    In other words you used other peoples modules to get credit?

    Not at all. I claim credit only for what I did. As for everything else, they original creators are credited for that.

    Hamburgers

    The download links can be found here, along with some basic documentation. I warn you, the code is messy.

    https://sites.google.com/site/jamesa.../anti-serenity

    I would love to have some feed back, if there are any features you guys think I should add/change. Anything that can be obtained from a steam users profile can be used (example : http://steamcommunity.com/profiles/7...6055559/?xml=1 )
    Reply With Quote Edit / Delete Reply Windows XP France Show Events Dumb Dumb x 12Friendly Friendly x 4Useful Useful x 1 (list)

  2. Post #2
    CyberGmod Founder PropHuntv2 Home
    Phoenixf129's Avatar
    May 2009
    995 Posts
    I thought Serenity was long gone and dead?
    Reply With Quote Edit / Delete Reply Windows 7 United Kingdom Show Events Agree Agree x 9 (list)

  3. Post #3
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    I've given a short explanation on the page where the download link is. I will put it in the OP though.

    And to reply to your first statement : I started work on this when a player joined my server under a diffrent steamID. I don't know whether it is main stream or not, but I think it's still a precaution we can take.
    Reply With Quote Edit / Delete Reply Windows XP France Show Events Friendly Friendly x 1Agree Agree x 1 (list)

  4. Post #4
    CyberGmod Founder PropHuntv2 Home
    Phoenixf129's Avatar
    May 2009
    995 Posts
    I've given a short explanation on the page where the download link is. I will put it in the OP though.

    And to reply to your first statement : I started work on this when a player joined my server under a diffrent steamID. I don't know whether it is main stream or not, but I think it's still a precaution we can take.
    Okay.

    For Devs, you might want to add an extra arg to CheckPlayer(ply), so they can return information to say... their own function.

    I would most probably use this to detect and pass information back to my anti-cheat, which has a centralised Detection parser.

  5. Post #5
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    So do you mean I should create some enumerations and return those when a certain argument is true, or just return the XML data?

  6. Post #6
    CyberGmod Founder PropHuntv2 Home
    Phoenixf129's Avatar
    May 2009
    995 Posts
    So do you mean I should create some enumerations and return those when a certain argument is true, or just return the XML data?
    Returning enumerations would be better than XML data IMHO.

    Edited:

    My Server hangs right after:


    NOT GMod 13 server, gm_glsock crashes?

  7. Post #7
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    Done. I'll update op soon

    
    Enums = {
    
    	Success = -1,
    
    	VacBanned = 1,
    	NoProfile = 2,
    	PrivateProfile = 3,
    	Offline = 4,
    	NotInGame = 5,
    	NotInGMod = 6,
    	NotInServer = 7,
    	
    	Dupe = 8,
    	Malformed = 9
    
    }
    
    

    These what you needed?
    Edited:

    Returning enumerations would be better than XML data IMHO.

    Edited:

    My Server hangs right after:


    NOT GMod 13 server, gm_glsock crashes?
    the gm_glsocks I provided is built for GM13
    Reply With Quote Edit / Delete Reply Windows XP France Show Events Agree Agree x 1 (list)

  8. Post #8
    CyberGmod Founder PropHuntv2 Home
    Phoenixf129's Avatar
    May 2009
    995 Posts
    Forget it, I downloaded the one for GMod12, from Mat's thread, and it works like a charm.

    Edited:

    You broke my automerge
    Reply With Quote Edit / Delete Reply Windows 7 United Kingdom Show Events Agree Agree x 1 (list)

  9. Post #9
    metromod.net
    _Chewgum's Avatar
    April 2010
    2,216 Posts
    How many times did that player join your server with another steamid?
    What if the player had the same name on another steam account?

  10. Post #10
    CyberGmod Founder PropHuntv2 Home
    Phoenixf129's Avatar
    May 2009
    995 Posts
    
    [lua\includes\modules\http2.lua:76] attempt to call method 'Destroy' (a nil value)
    [@lua\includes\modules\antiserenity.lua:219] Tried to use a NULL entity!
    
    

    Msg("Verifying " .. ply:Nick() .. "'s SteamID... Failed! (Profile Private)\n")
    is MY line 219.

    Caused when the player disconnects as they spawn, normally Buffer Overflow, or RSO. (I have a check running on PlayerInitialSpawn)

    Two errors for you.

  11. Post #11
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    
    [lua\includes\modules\http2.lua:76] attempt to call method 'Destroy' (a nil value)
    [@lua\includes\modules\antiserenity.lua:219] Tried to use a NULL entity!
    
    

    Msg("Verifying " .. ply:Nick() .. "'s SteamID... Failed! (Profile Private)\n")
    is MY line 219.

    Caused when the player disconnects as they spawn, normally Buffer Overflow, or RSO. (I have a check running on PlayerInitialSpawn)

    Two errors for you.
    Thank you. I will add an IsValid check at the start of the callback.

    For the error in HTTP2 though, I will have to look into a bit further

    -- Edit

    Updated. The errors shouldn't happen anymore normally. I haven't had the time to test this though.

  12. Post #12
    Map in a box's Avatar
    July 2009
    7,314 Posts
    I thought serenity didn't work anymore? And this is rather intrusive, too.
    Reply With Quote Edit / Delete Reply Windows XP Professional x64 United States Show Events Agree Agree x 1 (list)

  13. Post #13
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    this is rather intrusive
    Could you elaborate on that please? I don't quite get what you mean.

  14. Post #14
    Map in a box's Avatar
    July 2009
    7,314 Posts
    People have to make their profile public if they don't want to, if they get kicked for something like that they will probably just leave and find another server.
    Reply With Quote Edit / Delete Reply Windows XP Professional x64 United States Show Events Agree Agree x 3Dumb Dumb x 1 (list)

  15. Post #15
    SeveredSkull's Avatar
    October 2008
    1,316 Posts
    People have to make their profile private if they don't want to, if they get kicked for something like that they will probably just leave and find another server.
    Isn't that the whole fucking point of having a PUBLIC profile? It is Publicly viewable by anyone. This is not intrusive...
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Dumb Dumb x 7Agree Agree x 1 (list)

  16. Post #16
    Map in a box's Avatar
    July 2009
    7,314 Posts
    It was a typo and if you had common sense you could notice it. Edited. Also, reread my post.
    Reply With Quote Edit / Delete Reply Windows XP United States Show Events Agree Agree x 2Dumb Dumb x 1 (list)

  17. Post #17
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    People have to make their profile public if they don't want to, if they get kicked for something like that they will probably just leave and find another server.
    This library pivots around a steam user's profile. If a user can't make his profile public, he could he hiding something? And on this note, it only kicks them, not bans them like the rest of the exceptions. This gives the user a chance to make his or her profile public. If they can't, it might be because they are using someone else's profile, and thus someone else's steam ID. Isn't that what this library is blocking?

    The point I am trying to get through though, is that if a player wants to play multiplayer, he should at least make his information public.
    Reply With Quote Edit / Delete Reply Windows XP France Show Events Dumb Dumb x 1 (list)

  18. Post #18
    Gold Member
    AzuiSleet's Avatar
    September 2007
    758 Posts
    Serenity never existed.
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Funny x 18Agree x 5Zing x 2Disagree x 1Dumb x 1 (list)

  19. Post #19
    Gold Banana
    Banana Lord.'s Avatar
    May 2010
    6,754 Posts
    wait so what's the point in creating an addon to kick people for exploits that were fixed in like September
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Agree Agree x 2 (list)

  20. Post #20
    SeveredSkull's Avatar
    October 2008
    1,316 Posts
    It was a typo and if you had common sense you could notice it. Edited. Also, reread my post.
    Then learn to write clear, grammatically correct sentences. If you had common sense you could do this, and then people wont think you have the IQ of 2. Goes both ways dipshit.

    (User was banned for this post ("Flaming" - PLing))
    Reply With Quote Edit / Delete Reply Windows Vista United States Show Events Dumb Dumb x 7 (list)

  21. Post #21
    Facepunch's #1 Huskybutt
    James xX's Avatar
    July 2011
    2,094 Posts
    wait so what's the point in creating an addon to kick people for exploits that were fixed in like September
    Serenity never existed.
    If that's what you believe, you have my permission to not use this, if that is what you are looking for by posting that. I posted this because the other day a user joined my server under many different steamIDs. now if he was a rich kid with 20 accounts or if he was actually using a steamID changer, I don't know. The point is, that wasn't a chance I was willing to take.

    I want to make it clear to everyone doubting what happened : I am imposing on no one this library. People who think it is worth it, they can use it at no cost. To the people who don't think it's worth it, I just don't see what you are doing lurking in this thread.
    Reply With Quote Edit / Delete Reply Windows XP France Show Events Zing Zing x 3Friendly Friendly x 1Dumb Dumb x 1 (list)

  22. Post #22
    Gold Banana
    Banana Lord.'s Avatar
    May 2010
    6,754 Posts
    If that's what you believe, you have my permission to not use this, if that is what you are looking for by posting that. I posted this because the other day a user joined my server under many different steamIDs. now if he was a rich kid with 20 accounts or if he was actually using a steamID changer, I don't know. The point is, that wasn't a chance I was willing to take.

    I want to make it clear to everyone doubting what happened : I am imposing on no one this library. People who think it is worth it, they can use it at no cost. To the people who don't think it's worth it, I just don't see what you are doing lurking in this thread.
    I was just confused as the exploits were patched a week after they popped up (maybe sooner) - I didn't see a point in you releasing + maintaining something when they have been fixed, the guy most likely had an alt or maybe your ban script didn't work or something.
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Agree Agree x 1 (list)

  23. Post #23
    Gold Member
    dingusnin's Avatar
    February 2010
    2,024 Posts
    Banana, not only has James made an excellent library, but has also made a cool example.
    This may also be used to kick vac banned players for example.
    Reply With Quote Edit / Delete Reply France Show Events Dumb Dumb x 5Informative Informative x 1 (list)

  24. Post #24
    Gold Member
    BlackAwps's Avatar
    July 2011
    765 Posts
    Scripts that kick you based off your vac ban history on your profile is pretty dumb. I'm vac banned from all hl1 games, does that mean I shouldn't be allowed to play any source games? No, because that's not how vac bans work.
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Agree Agree x 9Lua Helper Lua Helper x 1Lua King Lua King x 1 (list)

  25. Post #25
    Gold Member
    slayer3032's Avatar
    November 2007
    3,466 Posts
    Serenity never existed.
    how ever you were the mastermind behind tranquility!!!! you are the single pperson responsible for releasing this plauge upon the gmod community and all of the transgressions done with this hacker tool against every server owner in garrysmod. you are a sick man and i have proof!!!!!!!!!!

    here is a photo which i have got from a friend who double back hacked into the tranquility database

    Reply With Quote Edit / Delete Reply Linux United States Show Events Funny Funny x 8 (list)

  26. Post #26
    taste the salty dong
    Remscar's Avatar
    September 2009
    1,822 Posts
    People using Serenity have to be the most annoying pricks in the world. Luckily i haven't run into any in the past year and a half though.
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Agree Agree x 1 (list)

  27. Post #27

    May 2012
    39 Posts
    Scripts that kick you based off your vac ban history on your profile is pretty dumb. I'm vac banned from all hl1 games, does that mean I shouldn't be allowed to play any source games? No, because that's not how vac bans work.
    >.< It was an example.
    And i was not implying the source engine should work like this. I was just making a point of one of its many uses.
    Reply With Quote Edit / Delete Reply Windows 7 France Show Events Dumb Dumb x 3 (list)

  28. Post #28
    Gold Banana
    Banana Lord.'s Avatar
    May 2010
    6,754 Posts
    >.< It was an example.
    And i was not implying the source engine should work like this. I was just making a point of one of its many uses.
    wat

    how many alts do you have?
    Reply With Quote Edit / Delete Reply Windows 7 United States Show Events Dumb Dumb x 1Agree Agree x 1 (list)

  29. Post #29
    Gold Member
    dingusnin's Avatar
    February 2010
    2,024 Posts
    1: dingusnin
    Reply With Quote Edit / Delete Reply France Show Events Dumb Dumb x 6 (list)

  30. Post #30
    PENISCORP DIRECTOR
    Gran PC's Avatar
    August 2007
    3,114 Posts
    I promise you Serenity/Tranquility were patched ages ago, with the PlayerAuthed hook. I've tried them and they don't work unless you're running a non-Steam server - are you?
    Reply With Quote Edit / Delete Reply Windows 7 Spain Show Events Agree Agree x 7Zing Zing x 1 (list)