Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Dark GDK / Cheat engine speedhack.

Author
Message
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 7th Feb 2009 11:34
Link
I have made it so "unrandomizer" fails and in my MP, it messes it up on purpose (it stops all movement, shooting, etc. and puts you on a neutral team so everyone can kill you and displays a message lol), but how would I combat speedhack?
Back to top
Profile PM Website
Hayer
18
Years of Service
User Offline
Joined: 4th Nov 2005
Location: Norway
Posted: 7th Feb 2009 15:49
Link
... WTF are u trying to do?

Dont get this. Are ur hacking ur own game?

Spread your games!
http://forum.thegamecreators.com/?m=forum_view&t=108800&b=5
Back to top
Profile PM Email Website
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 7th Feb 2009 16:29
Link
I am trying to stop people speedhacking my game, not trying to hack it
Back to top
Profile PM Website
Benjamin
21
Years of Service
User Offline
Joined: 24th Nov 2002
Location: France
Posted: 7th Feb 2009 16:30
Link
According to http://en.wikipedia.org/wiki/Speedhack#Known_types_of_exploits_in_MMORPG:

Quote: "Speed Hacking/Teleporting/Subterrain Travel - If character position in an MMORPG is determined by the client side (usually not the case), it is possible for players to send out artificial positional data and be instantly transported to any part of the world or used to speed up traveling speed by increasing positional deltas."


So it's only a problem if you don't design it properly in the first place.

Multisync - TCP Server/Client Multiplayer Plugin (DBP/DBCe)
Back to top
Profile PM Email
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 7th Feb 2009 16:34 Edited at: 7th Feb 2009 16:40
Link
Another question, is there a function to draw text last? so it appears above sprites. dbdrawspritesfirst() make the 3d objects go above the sprites, and text is also, but the sprites disappear.
Back to top
Profile PM Website
jason p sage
17
Years of Service
User Offline
Joined: 10th Jun 2007
Location: Ellington, CT USA
Posted: 10th Feb 2009 04:33
Link
I think its cool that you were "hacking your own game" - its called testing

--Jason


http://www.jasonpetersage.com/?PAGE=ironinfantry&SECTION=ironinfantry
Back to top
Profile PM Email Website
andiconda
15
Years of Service
User Offline
Joined: 10th Feb 2009
Location:
Posted: 14th Feb 2009 05:59
Link
if you are using object oriented
make your speed variable private

make user's download a file with all the params in it
when they connect to a server
initialize them
delete file
do not allow code to be entered in game
or make an admin logon system
honestly if its open source
its gonna be hard, cuz people can see your code and find the loopholes
Back to top
Profile PM
Hayer
18
Years of Service
User Offline
Joined: 4th Nov 2005
Location: Norway
Posted: 16th Feb 2009 01:01
Link
andiconda ur wrong.

Make the server handle things like the clients speed, what gear he got, how much points etc. The client should only get data from the server(or send requestes) and then do something on the screen acording to what it recived from the server.

Keep it simple.
Questions? Mail me
Back to top
Profile PM Email Website
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 16th Feb 2009 09:40
Link
How would I work out the position they should be in?
Back to top
Profile PM Website
AlexI
19
Years of Service
User Offline
Joined: 31st Dec 2004
Location: UK
Posted: 16th Feb 2009 13:56 Edited at: 16th Feb 2009 13:57
Link
Send all user input to the server e.g move forward. The server then sends back the clients position. The client cannot speed hack it has no control over position just moving.


http://www.fphosting.co.uk FREE WEB HOSTING, NO Adverts
Back to top
Profile PM
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 16th Feb 2009 15:02
Link
ok ill do that when I have some free time. thanks
Back to top
Profile PM Website
Hayer
18
Years of Service
User Offline
Joined: 4th Nov 2005
Location: Norway
Posted: 16th Feb 2009 23:18
Link
but remember the server dont need to visualize the players.
Just a simple console.

Keep it simple.
Questions? Mail me
Back to top
Profile PM Email Website
AlexI
19
Years of Service
User Offline
Joined: 31st Dec 2004
Location: UK
Posted: 17th Feb 2009 09:38
Link
Unless its another player too


http://www.fphosting.co.uk FREE WEB HOSTING, NO Adverts
Back to top
Profile PM
dark coder
21
Years of Service
User Offline
Joined: 6th Oct 2002
Location: Japan
Posted: 17th Feb 2009 09:58
Link
Just make sure you use some client-side input prediction unless you want terrible gameplay for anyone above ~50ping.

Back to top
Profile PM Email
Dragon Knight
17
Years of Service
User Offline
Joined: 10th Jan 2007
Location: Newcastle
Posted: 17th Feb 2009 10:15
Link
Hope this randomness helps you .

The solution I had for this problem was to let the client update the positions and do a server CHECK, is it possible for them to have gone x amount of distance from their old position in that time frame.

Pythagurus theorm .

If it's a shooting up e.g. they're in a vehical / crouching, the server will recieve this data and thus judge accordingly using the new max speed variables etc...

The other problem that can arrise from this is the client sending false data that the play is inside of a vehical when they're not really, BUT if you've codded the game properlly you can let the server enter the player in and out of the vehical. and move accordingly.


http://www.hybridwolves.co.uk
Back to top
Profile PM Email
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 17th Feb 2009 10:22
Link
Yes that sounds more plausable to do. Couldn't I also encrypt the data sent and recieved so players can't sniff them and edit them?
Back to top
Profile PM Website
AlexI
19
Years of Service
User Offline
Joined: 31st Dec 2004
Location: UK
Posted: 17th Feb 2009 10:29 Edited at: 17th Feb 2009 10:30
Link
True, if you use mike net you can encrypt packets


http://www.fphosting.co.uk FREE WEB HOSTING, NO Adverts
Back to top
Profile PM
Dragon Knight
17
Years of Service
User Offline
Joined: 10th Jan 2007
Location: Newcastle
Posted: 17th Feb 2009 10:39
Link
Awh man, i know rightly one of the projects i'm working on now, i took a short cut and made a GIANT security breach. BUT i know i'll have to go back and fix it, then add encryption to the variables i send. Personally speaking though it kind of annoys me the fact i have to do all this extra work just because people want to hack games :/

Random Algarithm for encryptions, change each number for a letter, then from the string they create you can pull out the information.

Also for each Data you send you can add false data, even though this clouds up the amount of stuff you send, it will decrease the chances of anyone de-crypting your code.


http://www.hybridwolves.co.uk
Back to top
Profile PM Email
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 17th Feb 2009 10:44
Link
ok cheers
Back to top
Profile PM Website
pirogoth
16
Years of Service
User Offline
Joined: 6th Apr 2008
Location: Good Old California
Posted: 17th Feb 2009 11:29
Link
Just thought I'd step in and mention that encrypting the packets before sending them isn't the best idea in the world. It's trivial to break.

If you use the encryption API's the come with the Windows SDK, it's trivially reverse engineered by anyone with a little assembly experience, and an assembly level debugger like IDA or Ollydbg. The same is true for any encryption method you yourself devise.

You also assume that people will be modifying the packets as they are sent from the computer. This is also rather trivial to bypass, as those variables sit in memory unencrypted and can be modified by an external application such as SoftICE (and there are hundreds of apps that do this, with the sole target of games).

The ONLY way to stop cheating of any kind is to handle everything on the server. The client merely should be the graphical representation of the data on the server and send the input back to the server. The server validates the input, and the updated information will be sent back to the client.

Encryption isn't the answer here as it doesn't actually solve the problem. You don't trust the clients information.

-Piro
Back to top
Profile PM Email
prasoc
15
Years of Service
User Offline
Joined: 8th Oct 2008
Location:
Posted: 17th Feb 2009 17:59
Link
Some major recoding has to be done How would I do shooting? Like with angles or something? If the server is just a console which sends out positions and angles, i couldn't use 3d objects to raycast easily...
Back to top
Profile PM Website
Back to top

Login to post a reply

Server time is: 2024-09-30 17:40:37
Your offset time is: 2024-09-30 17:40:37