|
|
FAKE PLAYERS BUG
Proof-of-concepts for the fake players bug that affects almost all the multiplayer games (and not only them).
Note that disabling the outgoing ICMP packets on the own system is suggested for testing the fake players bug (the Windows firewall already does this by default, so there is nothing to touch)
read here if you don't know how to use my stuff
- Generic TCP Fake Players DoS 0.2.2 (tcpfp)
creates simultaneous connections to a specific host and port and supports some options for adapting it to specific types of servers.
It's interesting that some programs which accept connections can be blocked or have other bad effects through this simple tool, so if you have a game or a program that uses TCP connections try it.
This tool is great with all the games (moreover many known opensource games) and programs which accept TCP connections, usually is only needed a file containing the first data sent by a normal client to a server that must be passed to this tool through the -f option.
- Unreal engine basic client and Fake Players DoS 0.2.1 (unrealfp)
basic client for sending custom commands to any server of almost any game based on the Unreal engine, tested with:
- America's Army
- Dead Man's Hand
- Deus Ex
- Frontline: Fuel of War
- Land of the dead
- Magic: The Gathering - Battlegrounds
- Men of Valor
- Mobile Forces
- Pariah
- Postal 2
- Raven Shield
- Red Orchestra
- Rune
- Shadow Ops: Red Mercury
- Start Wars: Republic Commando
- SWAT 4
- The Wheel of Time
- Tribes Vengeance
- Turning Point - Fall of Liberty
- Unreal 1
- Unreal II XMP
- Unreal Tournament
- Unreal Tournament 2003
- Unreal Tournament 2004
- Unreal Tournament 3
- Warpath
- X-Com Enforcer
- XIII
- possibly others
- does not work with Devastation, Klingon Honor Guard and probably other old games while others just crash completely
note: depending by the version of the engine, works also versus passworded servers without knowing the keyword
- Halo Fake Players DoS 0.2.1b (halofp)
works also versus passworded servers without knowing the keyword
- Sniper Elite Fake Players DoS 0.1 (sniperelfp)
- Sword of the Stars Fake Players DoS 0.1 (swordotsfp)
- S.T.A.L.K.E.R. Fake Players DoS 0.1a (stalkerfp)
supports both normal and invisible (-i) fake players
- Crysis invisible Fake Players DoS 0.1 (crysisfp)
works also versus passworded servers without knowing the keyword
- Flashchat Fake Players DoS 0.1.2c (flashchatz)
tool for Flashchat (a Flash based chat)
- Armed Assault Fake Players DoS 0.1 (armafp)
works perfectly in LAN but probably requires something like authorization for internet servers
- Multi Theft Auto Fake Players DoS 0.1 (mtafp)
works also versus passworded servers without knowing the keyword
- Battlefield 2/2142 invisible Fake Players DoS 0.1.1 (bf2fp)
works versus all the Battlefield 2 family (bf2, bf2142)
- Battlefield 1942 invisible Fake Players DoS 0.1.3 (bf1942fp)
works versus all the Battlefield 1942 family (1942, vietnam, sw, r2r and demo)
- Live for Speed Fake Players DoS 0.2.1a (lfsfp)
works only versus the demo servers
- Half-Life fake players bug (no auth) 0.3.2 (hlfill)
works only versus servers without authentication and implements the hlfreeze/hl-headnut/csdos/Born_to_be_pig attacks
use "-p 1 -r steam" or "-p 4 -r valve" for Steam and Valve authenticated servers or the -x option for testing all the bugs
- DirectPlay 6/7 Fake Players 0.1 (dplay7fp)
fake players tool for all the DirectPlay games (version 7 and below)
If you don't know what games support this version of DirectPlay check if they open the ports 47624 and 2300
- Kaillera Fake Players DoS 0.1 (kaillerafp)
- SA:MP invisible Fake Players DoS 0.1.3 (sampfp)
- GGM (GoE GTA III Multiplayer) Fake Players DoS 0.1 (ggmfp)
- Skulltag Fake Players DoS 0.1.2 (skulltagfp)
- OpenTTD Fake Players DoS 0.1 (openttdfp)
- Legacy Doom Fake Players DoS 0.1 (legacyfp)
this tool causes also the freezing of the players and the subsequent termination of the server 1.42
- ZDoom Fake Players DoS 0.1 (zdoomfp)
- Zdaemon Fake Players DoS 0.1.3 (zdaemonfp)
due to the limit in the server which doesn't allow more than 2 players from the same IP this tool is autolimited to 2 fake players each 26 seconds
- csDoom Fake Players DoS 0.1 (csdoomfp)
- Globulation 2 Fake Players DoS 0.1 (glob2fp)
causes also the crash of the servers <= Alpha19
- LBreakout2 Fake Players DoS 0.1 (lbreak2fp)
- Enet library Fake Players DoS 0.1 (enetfp)
works with versus all the games which use the Enet library like the Cube and Sauerbraten engines
- LieroX Fake players DoS 0.1 (lieroxfp)
- TetriNET Fake Players DoS 0.1 (tetrinetfp)
- Scorched 3D Fake Players DoS 0.1a (scorchfp)
- Battle Carry Fake Players DoS 0.1a (bcarryfp)
- FlatFrag Fake Players DoS 0.1a (flatfragfp)
- Darkplaces engine (Nexuiz) invisible Fake Players DoS 0.1a (darkpfp)
works versus the games that use Darkplaces engine like Nexuiz and with small modifications also versus the Quake 1 games
Other games on which could work
Other engines on which could work
- Chris Moneymaker's World Poker Championship Fake Players DoS 0.1 (chmpokfp)
- NetPanzer Fake Players DoS 0.1 (netpanzfp)
- Stronghold 2 Fake Players DoS 0.1a (strong2fp)
- Dark Vengeance Fake Players DoS 0.1 (darkvfp)
- Breed: Homecoming LAN Fake Players DoS 0.1a (breedfp)
doesn't work versus online servers for the usual reasons
- Roger Wilco Fake Players DoS 0.1 (wilcofp)
- Mtp-Target Fake Players DoS 0.1 (mtpfp)
- Orbz Fake Players DoS 0.1a (orbzfp)
no password support
- Terminator 3 War of the Machines (LAN) Fake Players DoS 0.2 (t3wmfp)
should work only versus local servers due to the usual online cd-key problem but try it
- Warrior Kings Battles Fake Players DoS 0.1a (wkbfp)
- War Times Fake Players DoS 0.1 (wartimesfp)
- Lords of the Realm III Fake Players DoS 0.1 (lotr3fp)
- Empire Earth 2 Fake Players DoS 0.1a (ee2fp)
- Warhammer 40,000 Dawn of War LAN Invisible Fake Players DoS 0.1a (dowfp)
works only versus LAN servers
- BZFlag Fake Players DoS 0.1.1 (bzflagfp)
works also versus servers protected by password without knowing the keyword
- Yager Fake Players DoS 0.1 (yagerfp)
- Race Driver 2 Fake Players DoS 0.1a (rd2fp)
- IGI 2: Covert Strike Fake Players DoS 0.1a (igi2fp)
- FunLabs games Fake Players DoS 0.1a (funlabsfp)
this tool should work versus all the games developed by FunLabs: 4X4 Off-road Adventure III, Cabela's Big Game Hunter 2004 Season, Cabela's Big Game Hunter 2005, Cabela's Deer Hunt 2005 Season, Cabela's Dangerous Hunts, Revolution, Secret Service - In harm's Way, Shadow Force: Razor Unit, US Most Wanted: Nowhere To Hide and possibly others
Works partially also versus servers protected by password without knowing the keyword
- Chaser Fake Players DoS and clients disconnector 0.1a (chaserfp)
works also versus servers protected by password without knowing the keyword
- Ca3De Fake Players DoS 0.1a (ca3defp)
- Scrapland invisible Fake Players DoS 0.1a (scrapfp)
- Ventrilo Fake Players DoS and brute forcer 0.2.8f (ventrilofp)
includes also some flooding functions which can be tested versus both server and clients and a password guessing function for testing the admin and the join/server passwords
supports both the 2.x and 3.x versions
- Armagetron / Armagetron Advanced Fake Player DoS 0.1.1 (atronfp)
- nFusion engine Fake players DoS 0.1.1a (nfusionfp)
works versus Line of Sight Vietnam, Deadly Dozen 2 Pacific Theater, Elite Warriors Vietnam and other games that use the same engine
- Tread Marks Fake Players DoS 0.1a (treadmarksfp)
- Soldat Fake Players DoS 0.1a (soldatfp)
very simple tool tested versus version 1.3.1.
Works also versus servers protected by password without knowing the keyword
- Gotcha Fake Players DoS 0.1a (gotchafp)
- Hot Wheels Stunt Track Challenge Fake Players DoS 0.1a (hotwheelsfp)
- Painkiller (LAN) infinite Fake Players DoS 0.2.2a (painkfp)
for obvious reasons works only versus servers that don't use the online authorization (since you should have a valid online cd-key for each fake player). Supports any version from 1.00 until the latest 1.64
- Savage Fake Players DoS 0.1.1 (savagefp)
- Far Cry Fake Players DoS 0.1a (farcryfp)
very very simple tool, doesn't support servers protected by password
- Codename Eagle Fake Players DoS 0.1a (codeaglefp)
- Il2-Sturmovik Fake Players DoS 0.1a (il2fp)
works versus any Il2 game like Forgotten Battles and Pacific Fighters and fills also servers protected by password without knowing the keyword
- Soldner LAN Fake Players DoS 0.1a (soldnerfp)
doesn't work versus online servers
- Neverwinter Nights special Fake Players DoS 0.1a (nwnfp)
this tool is very interesting and contains a special mode (-s) able to fill internet servers without using cd-keys and servers protected by password without knowing the keyword
- Serious engine fake player DoS 0.3a (ssfakep)
Should work versus any game based on the Serious engine, I have tested:
- Serious Sam (FE and SE) <= 1.05
- Carnivores: Cityscape
- Alpha Black Zero
- Nitro family
- Serious Sam Second Encounter 1.07
Works also versus any password protected server without to know the keyword!
Causes the crash of the games that use the UDP protocol
- Lithtech engine Fake Players DoS 0.2 (lithfp)
great tool, you can fill any server although it is password protected without knowing the keyword
Supports almost any existent Lithtech based game and other can be added easily adding their GUID at command-line:
- Alien vs Predator 2
- Blood 2
- Global Operations
- Kiss Psycho Circus
- No one lives forever
- Purge Jihad
- Sanity
- Shogo
- F.E.A.R.
- Contract Jack
- No one lives forever 2
- Tron 2.0
- Legends of Might and Magic
- Lithtech 1.0
- Lithtech 2.0/2
- Lithtech 2.4
- Lithtech Talon
- Kreed Fake Players DoS 0.1a (kreedfp)
- Gore Fake Players DoS 0.1a (gorefp)
- Codename: Outbreak (Venom) Invisible Fake Players DoS 0.1a (outbreakfp)
- Hired Team (Shine engine) Fake Players DoS 0.1a (hiredtfp)
- Star Wars Battlefront Fake Players DoS and Tester 0.3.1a (swbfp)
a complete tool with a lot of features and useful options to test this game.
Really interesting moreover for who wants to understand the bit fields in the query and join protocol and how to build and read them
- DirectPlay 8 Fake Players DoS 0.1.1a (dplay8fp)
this is a fake players tool working versus any game that use directplay 8. It uses some files (called join_files) needed for each specific game. Feel free to send me your join_files for other games!
Read the text file inside for all the needed informations, details and examples.
Latest dp8games package: 30 Aug 2005
- Teamspeak Fake Players DoS 0.2.1 (tspeakfp)
a very complete and nice fake players tool for this known voice chat program
The code is enough commented and the tool supports also some exeperimental flooding functions
- Master of Orion III Fake Players DoS 0.1 (moo3fp)
- IronStorm fake players DoS 0.1a (istormfp)
- Doom 3 engine invisible fake players DoS 0.1.2 (doom3fp)
Cool proof-of-concept with the compatibility in mind (for future games based on this engine).
Supports also passwords and cd-key authorization, check the source code for more informations
Actually supports:
- Doom 3
- Quake 4
- future supported games here (only their checksums are required to use them)
The tool needs to know a specific CRC which changes for each game so must be updated everytime a new game which uses the Doom 3 engine is released
- Celtic Kings LAN fake players DoS 0.1 (ckfakep)
the game works only in LAN so this fake players DoS is just a joke
- StarShatter Fake Players DoS 0.1 (sshatfp)
fake players and server freeze/crash (<= 3.9.0 versions)
- Midnight Club 2 Fake Players DoS 0.1a (mc2fakep)
tested only versus the demo version but I "think" it works also versus the full game
- Battle Mages Fake players DoS 0.1 (battlemagfp)
- Avoyd Fake players DoS 0.1a (avoydfp)
- Team Factor Fake invisible players DoS 0.1a (tfactorfp)
- Red Faction (version 1.20 only) Fake players DoS 0.1.1a (redfacfp)
works only versus the 1.20 version (that is the latest official version of the game)
A version for the Worlwide demo 1.0 is available here
- Etherlords 2 Fake players DoS 0.1.1a (eth2fp)
- Ratbag's engine Fake players DoS 0.1.1 (ratbagfp)
Supports all the games written by Ratbag, a list is available here
- Big Scale Racing <= 1.04h Fake players DoS and crasher/freezer 0.1 (bsrfpcrash)
- Worms Armageddon (LAN) Fake invisible players DoS and match freeze (wormsafp)
it is not only a fake players DoS but also freezes a bit the current match. It works only versus LAN servers and I have tested it only versus the version 3.0.5.0beta2
- Quake 2 engine Fake players DoS 0.3.1 (quake2fp)
an evergreen proof-of-concept for all the games based on the Quake 2 engine:
- Quake 2
- SiN
- Heretic 2
- Kingpin
- Daikatana (the server crashes after a single player... contact me if you have details)
- Soldier of Fortune doesn't seem supported or at least not online
- Code Red: Alien Arena
- Alien Arena 2006 GE
- R1Q2 - R1CHs Enhanced Quake II
- other games
- other engines
The tool contains some great options for chosing the nicknames to use and moreover to send a sequence of custom commands to the server for each fake player
- Medal of Honor (AA, SH and BT) Fake players DoS 0.2.1a (mohaafill)
a proof-of-concept for the Medal of Honor games: Allied Assault, Spearhead and Breakthrough. The only requirement is for the last 2 games (SH and BT) where you must use a valid online cd-key to fill their servers due to the usage of online authentication.
You can also use player names chosen by you (mohaafill.ini)
- Speed Challenge Fake players DoS 0.2 (scfakep)
- Need for Speed Porsche 2000 Fake players DoS 0.1a (porschefp)
- Toca Race Driver 1 Fake and unkickable players DoS 0.3.1 (rdfakep)
- 4x4 evolution Fake players DoS 0.1a (4x4evofp)
(support for password protected servers is NOT implemented)
- Haegemonia Fake players DoS 0.1a (haegfp)
- Tzar <= 1.10 fake players bug and remote crash 0.1 (tzarff)
A fake players DoS with a nice surprise (I don't know why the server crashs)
- Need for Speed: Hot Pursuit 2 Fake players DoS 0.2a (nfshp2fp)
supports both 240 and 242 versions
- Ghost Recon engine Fake players DoS 0.3 (grfakep)
works versus any game based on this engine
- Quake 3 engine fake players DoS 0.4.4b (q3fill)
This proof-of-concept implements also an anti-unbanning (and possibly anti-playerslimit too) function which works on the latest versions of the engine.
It has tons of options and supports also the online servers which use authorization (you need a valid CD-KEY for the authorization).
The following are some of the great amount of games that can be tested with this tool:
- Call of Duty 1, UO, 2 and 4
- Quake III Arena
- Return to Castle Wolfenstein
- Soldier of Fortune II: Double Helix
- Star Trek Voyager: Elite Force
- Star Trek: Elite Force II
- Star Wars Jedi Knight II: Jedi Outcast
- Star Wars Jedi Knight: Jedi Academy
- Wolfenstein: Enemy Territory (2.60 too but requires a bit of practice, use -B ? for the info)
- others
Note1: the tool is studied to run mainly on Quake 3 but it seems to work very fine also with any other game
Note2: the tool works also versus servers that use Punkbuster
Note3: if you get some CLIENT_UNKNOWN_TO_AUTH error messages, retry again more times and you will access the server
- Tribes 1 (Starsiege) fake players DoS 0.1a (tribes1fake)
- Medieval Total War 1.1 fake players DoS 0.1 (mtwfakep)
|