Cheating again...

by M4cpunk on 12/13/2006 16:39, 5 messages, last message: 12/13/2006 20:58, 2659 views, last view: 05/05/2024 14:15, closed on 12/13/2006 21:37

Now, before you read this thinking this is some faggot cheater, because I\'m not. I just have an interest in breaking things, or making them do what I want. I\'m smarter than you think, so don\'t take me for an idiot.

That being said, this topic is about cheating, and about a few of the methods I use to do it. They\'re the same as any other game, thus your protection should be modeled the same as any other game.

I use hooking/memory editing. For memory editing, I use a program that just searches for certain values(like health, ammo, score, etc.) in the memory space that the program has when running, and then change those values to suit my needs. It\'s simple. I use Mac OS X, and use \"The Cheat\" for this.

For the hooking...there\'s two kinds of hooking. Hooking the OpenGL system that the game uses, and hooking the game\'s own functions(clienthooking). I didn\'t venture too far into hooking the OpenGL API for this game, but it can be done the same as any other game. I can make the player\'s visible through walls; I can get Weapon ESP(shows player\'s weapon name through walls); I can do all kinds of stuff with this, even make an aimbot/triggerbot(aims/shoots for you). I didn\'t jump too far to do that though, I was too lazy. :P

Recently, I figured out how to clienthook the Macintosh. I now have a renewed interest in hacking this game as my first major clienthooking project. So far, I can only print stuff using the games engine(and dynamically hooking it, not just compiling my own binary[even though that wouldn\'t work...]), but I plan to be working on making chams(see other players through walls), weapon/name/health ESP, invincibility(using the engine, not memory editing), aimbot/triggerbot, radar, and pretty much every other hack I can think of/that\'s been done before. While you will probably hate me for this, I don\'t know if I\'ll release it or not, because it would probably ruin the game(even though memory editing kinda ruins it anyways.)

Now, on to anti-cheat discussion.

The method\'s you have been suggesting have faults in them. For example, making a 10000 byte file, and chosing random offsets to validate...that has no protection at all. That\'s just saying \"Oh, this is my friend, I want to play with him.\" That\'ll not protect against cheaters, it will probably just ruin online play.

Validating the actual binary...who\'s gonna go through the work of changing the actual binary? What\'s the point when you have dynamic methods that only mess with what\'s loaded in memory? Both the methods I outlined completely bypass this protection.

Validating skins/maps would help. Getting a cheksum of those files would work to a point, but again, via hooking, those could be spoofed to return the right data, every time. But it would go a long way towards a decent anti-cheat.

There are many anti-cheat systems out there that can check for hooking, or \"detouring.\" Most anti-cheats do that, actually. You need to find a way to do this yourselves.

That\'s all I have for anti-cheating. I\'m more of a cheater, and since I use a Mac, haven\'t run into problems with anti-cheat\'s, so I don\'t have a lot of knowledge in them. Sorry about that. I wouldn\'t mind trying to find holes in whatever system\'s you try to use. Just make sure they don\'t require too much work to implement. That\'s impractical, even for legit users.

Gotta go to 2nd period now, I\'ll check back at the end of the day. :)

--MAcpunk

   Board Index   

#1: impossible

by Pxtl on 12/13/2006 16:53

It's frequently been discussed - cheat protection is nigh-impossible in an OSS game. Your cheating is overcomplicated - with access to the source code, it would be trivial to send an "I just killed you" message to every other player and instagib everyone with a keypress.

Fortunately, most cheaters are stupid children with no sense of subtlety, so they're easy to spot and kick. So that's the solution.

Play with people you trust.

reply to this message

#2: Impossible?

by M4cpunk on 12/13/2006 19:02

Naw, you could't do that. That's because you can't even connect(to legit servers) if you compile your own binary.

--Macpunk

reply to this message

#3: ..

by caf on 12/13/2006 19:51

I would like to say, you aren't the problem with the game. The problem are the "cracky n00bs", as Drakas calls them. Soulsilver sums them up with this:

"many of this destructive minds are kids with "cool" ideas that are ignored here. I saw this in other communities as well. They rush into a new community/project and try to impress people with big ideas that would make the game much better than it is now. And if people dont like it or dont even react to it they get pissed off. Then all hell breaks loose in those little brains. The only solution to get freedom after that is to bring chaos and mayhem into the community."

Besides, if anyone cheats in the game, people usually notice. I know I do. perhaps a group vote to kick someone off? or would the h4xx0rz find a way to exploit that too?

reply to this message

#4: ..

by Passa on 12/13/2006 20:56

Probably discussed before, but why not a closed source launcher program that scans sauerbraten.exe (and Linux + Mac counterparts under those OSes) for inconsistencies and checks its checksum. Everytime the devs release a server patch or whatever, the include a new launcher program.

Its an extremely low effort solution, and it would keep out the majority of cheaters.

reply to this message

#5: Re: Impossible?

by Drakas on 12/13/2006 20:58, refers to #2

er, what?
I can recompile everything myself and it would all work.
And as eihrul has explained to me, I won't be able to add new gamemodes and things like that because all the game is done in the clients - the server just routes everything together (and of course, does more things too)!

Well, memory hooking is another kind of hacking - but why do that when you have all the source code open and you can simply become invinsible by adding two lines of code to a source file?:>

Still, I think that the fps client should have a map checksum or something like that in order to check if the user has changed map or not - it would kick off many map editors who edit a map and then play online with the modified version! It of course, wouldn't stop anyone exploiting the source code.

But as far as we can go, there is no point in cheating at all! You'll just make yourself look shit really.

Only the way to actually do any kind of anti-cheating is to change the game's engine and make the server do all the work - which of course, is totally different from what Aard and eihrul are looking at.

Simply, Sauerbraten community needs mature people. Immature people are just stupid, and they'll realise that they are still going to get pwned by the woop clan even though they are cheating!

reply to this message

   Board Index