CfgRemoteExec – Arma 3
Jump to navigation
Jump to search
Description
Class containing a list of all scripted functions and commands which can be remotely executed by BIS_fnc_MP / remoteExec / remoteExecCall on server or client machines. Can be defined in main Config.cpp or in campaign or mission Description.ext. Mission or campaign config overrides main config.
Format
class CfgRemoteExec { // List of script functions allowed to be sent from client via remoteExec class Functions { // RemoteExec modes: // 0- turned off // 1- turned on, taking whitelist into account // 2- turned on, ignoring whitelist (default, because of backward compatibility) mode = 2; // Ability to send jip messages: 0-disabled, 1-enabled (default) jip = 1; // your functions here class BIS_fnc_aFunction { allowedTargets = 0; // can target anyone (default) jip = 0; // sending jip messages is disabled for this function // (overrides settings in the Functions class) }; class YourFunctionOne { allowedTargets = 1; }; // can target only clients class YourFunctionTwo { allowedTargets = 2; }; // can target only the server }; // List of script commands allowed to be sent from client via remoteExec class Commands { // your commands here class setDir { allowedTargets = 2; // can target only the server jip = 0; // sending jip is turned off // (overrides settings in the Commands class) }; }; };
Notes
- Posted on January 1, 2016
- AgentRev
-
- As BIS_fnc_MP now uses remoteExec, there are some functions spontaneously called by the game core that require whitelisting in order to work if class Functions is set to mode = 1;
class BIS_fnc_effectKilledAirDestruction {}; class BIS_fnc_effectKilledSecondaries {}; class BIS_fnc_objectVar {};
- For initPlayerServer.sqf to work, BIS_fnc_execVM would need to be whitelisted, but that should be avoided at all costs, as it allows hackers to bypass the whitelist.
- For the debug console to be able to execute anything (even locally), BIS_fnc_debugConsoleExec must be whitelisted. This function only works when its remoteExecutedOwner is admin, so it is safe to whitelist for everyone.
- remoteExec and remoteExecCall are filtered by BattlEye's remoteexec.txt, the string analyzed by BE is formatted the same way as the following example's output:
format ["%1 %2", functionName, str params]
The following remoteexec.txt exclusion can be used to safely allow all whitelisted *_fnc_* functions taking an array as parameter to go through:!="\w+?_fnc_\w+? \[[\S\s]*\]"
Any attempt to exploit this exclusion using other RE methods like createUnit will run into "Error Missing ;" without any malicious code being executed. Mod makers should refrain from remote-executing raw commands from clients, as they require individual exclusions, and instead use *_fnc_* functions taking an array as parameter, which are covered by the above exclusion.
- As BIS_fnc_MP now uses remoteExec, there are some functions spontaneously called by the game core that require whitelisting in order to work if class Functions is set to mode = 1;