Help IS THIS ANTICHEAT SAFE?

[Shizue]

One of the largest Hispanic SAMP servers is working on an anticheat that, upon entering the server, will detect the files you have installed in your GTA folder, such as cleo, lua, asi, etc.

I have seen similar anticheats on other servers, but you had to install a .asi file to make them work, like ACM, G-AC, GOAT-AC, etc. On this server, you don't have to install anything; just by logging into the server, it detects the files in your game and even creates a log.txt in the root folder of your GTA. I would like to know how this is possible and if it is really safe for users. This seems great as an anticheat, but many users are worried because they think it could even execute malicious code. The server requires you to use SAMP 0.3.7 R1, not R5

This is the server IP if you want to test 104.248.50.59:7777

 

[Shizue]

The anticheat is being tested on a test server, so you can enter without registering.

 

[Zin]

The server requires you to use SAMP 0.3.7 R1, not R5

Don't know much about the actual exploit but it must be what was patched in R5, so it is untrustworthy (coming from samp devs themselves). See below.

SA-MP 0.3.7-R5 client update (strongly recommended)

An important client update (SA-MP 0.3.7-R5) is now available on the Download Page.> There is an exploit in the client. It’s a critical RCE vulnerability that allows server owners to run un…

kalcor.video.blog

SA-MP 0.3.7 R5 file - San Andreas: Multiplayer mod for Grand Theft Auto: San Andreas

A new version of SA-MP 0.3.7 has been released. It is highly recommended to use this version if you are connecting to 0.3.7 servers since it has an important exploit fixed. There is an RCE exploit[1] in previous versions all the way back to the version...

www.moddb.com

 

[SobFoX]

@Hidend

 

[0x73616D]

safe

 

[Hidend]

Well, first of all, my post might be biased because I helped them with some things. But I will answer with honesty, as I always do.

In this particular case, it's using the exploit @Zin mentioned, so as is, it's as dangerous as the owner of the server wants it to be. From what I know, they use it in a good way as a "server ASI loader" (they have a CLEO/Lua/ASI keylogger checker for example) and among other things, they have a small client anticheat, so yes, it's no different than any other client anticheat you mentioned or any client anticheat from any other game, In my personal opinion, as it has a lot of limitations due to the exploit itself, the anticheat in its current state is not really good and any experienced user can manage to bypass it (or even see what it does), but that's another story and I'm not involved in that, I just lend a hand sporadically.
They really have a problem with cheaters, especially people using godmode, SA-MP is dying and the userbase is decaying, so I guess their main goal is to try and "patch" it so they don't lose any more userbase to cheaters and at the same time make the people who play legit happy. They have lagcomp 0, so they can't use something like samp weapon config to patch godmode too.

Speaking of malicious intent, if they really had it, I'd say they could have just silently sent you a virus without telling you, don't you think? With some little experience you can even check what it does so yes, in my opinion, they don't have a malicious intent. We can discuss whether it's moral to use an exploit to do this, but I guess that's a personal opinion too.

At this point I think it's a choice that the user has to make, I think they'll add it to their ToS and if you accept it, you accept having a client anticheat running while you play on their server, like most games basically do. If you don't accept it, you can simply not play on those servers, use R5 or use al3x_'s fix:

Lua - ASI - DialogRCEfix

убирает RCE уязвимость в диалоге со стилем DIALOG_STYLE_LIST сервер мог выполнять любой код на клиенте добавил луа версию и исправленные samp.dll

www.blast.hk

I would also like to say that in no way am I defending them or anything. I'm just giving my honest answer.

TLDR: I don't think they have any malicious intent (since I talked with them etc), they just needed a simple anticheat and saw an opportunity to make it without the user having to download and install it themselves. Time will tell.

 

[SobFoX]

Well, first of all, my post might be biased because I helped them with some things. But I will answer with honesty, as I always do.

In this particular case, it's using the exploit @Zin mentioned, so as is, it's as dangerous as the owner of the server wants it to be. From what I know, they use it in a good way as a "server ASI loader" (they have a CLEO/Lua/ASI keylogger checker for example) and among other things, they have a small client anticheat, so yes, it's no different than any other client anticheat you mentioned or any client anticheat from any other game, In my personal opinion, as it has a lot of limitations due to the exploit itself, the anticheat in its current state is not really good and any experienced user can manage to bypass it (or even see what it does), but that's another story and I'm not involved in that, I just lend a hand sporadically.
They really have a problem with cheaters, especially people using godmode, SA-MP is dying and the userbase is decaying, so I guess their main goal is to try and "patch" it so they don't lose any more userbase to cheaters and at the same time make the people who play legit happy. They have lagcomp 0, so they can't use something like samp weapon config to patch godmode too.

Speaking of malicious intent, if they really had it, I'd say they could have just silently sent you a virus without telling you, don't you think? With some little experience you can even check what it does so yes, in my opinion, they don't have a malicious intent. We can discuss whether it's moral to use an exploit to do this, but I guess that's a personal opinion too.

At this point I think it's a choice that the user has to make, I think they'll add it to their ToS and if you accept it, you accept having a client anticheat running while you play on their server, like most games basically do. If you don't accept it, you can simply not play on those servers, use R5 or use al3x_'s fix:

Lua - ASI - DialogRCEfix

убирает RCE уязвимость в диалоге со стилем DIALOG_STYLE_LIST сервер мог выполнять любой код на клиенте добавил луа версию и исправленные samp.dll

www.blast.hk

I would also like to say that in no way am I defending them or anything. I'm just giving my honest answer.

TLDR: I don't think they have any malicious intent (since I talked with them etc), they just needed a simple anticheat and saw an opportunity to make it without the user having to download and install it themselves. Time will tell.

In other words, this game is dead. The site is closed. go to MTA OR FIVEM