• 🏆 Texturing Contest #33 is OPEN! Contestants must re-texture a SD unit model found in-game (Warcraft 3 Classic), recreating the unit into a peaceful NPC version. 🔗Click here to enter!
  • ✅ HD Level Design Contest #1 POLL is now OPEN! Check out the stunning visuals of the final entries. 🔗Click here to cast your vote!

Fake Save Code Prevention

Status
Not open for further replies.
Level 13
Joined
Oct 18, 2013
Messages
689
Hi, I'm doing something with improving a save/load rpg, and had a couple of questions. Afaik, anyone with enough knowledge can put a cheatpack in a map, and then look in the maps object editor data for every item's raw code. With that they can basically do whatever they want. Is there anything I can do to make unprotecting the map more difficult? Dota uses common variable names found in cheatpacks, but even that can be countered. :/ I feel like there is little I can do to prevent hacked saves on this map.
 
Level 24
Joined
Aug 1, 2013
Messages
4,657
I feel like there is little I can do to prevent hacked saves on this map.

There is little you can do because Warcraft 3 must be able to read it... and so can a hacker read it.

I once designed an encrypted database that cannot be reversed by hackers.
However that is pretty much root stuff. Such stuff cannot be implemented in a normal WC3. You need to create a hacked version of WC3.
 
Level 13
Joined
Oct 18, 2013
Messages
689
The benefits I would yield from requiring a modded war3 to play the map would probably not outweigh the detriments. I don't think i would download a modded war3 client just to be able to use a map, as with most other players.
 
Level 13
Joined
Oct 18, 2013
Messages
689
I know there is no fool proof way to keep a cheater from getting what they want, but perhaps I can find methods of making their life more difficult.
@Dr Super Good; I suppose I care because I don't want the value of character saves to diminish from floods of forged characters, if that makes sense. Idk.
 

Dr Super Good

Spell Reviewer
Level 63
Joined
Jan 18, 2005
Messages
27,170
I know there is no fool proof way to keep a cheater from getting what they want, but perhaps I can find methods of making their life more difficult.
@Dr Super Good; I suppose I care because I don't want the value of character saves to diminish from floods of forged characters, if that makes sense. Idk.
Normal security measures should be enough as people will generally not cheat in that case unless they really want to (in which case there is nothing you can do to stop them).

To detect cheated codes you could add triggers that listen for common cheat commands (which you do not declare them as a single string but as a series of sub-strings concatenated to avoid detection). This will give you one measure someone is cheating. Another is that you track the state of the game to some degree, if strange stuff happens (units enter map when they should not, or units gain levels when they should not etc) you will have another measure that someone is cheating. If 2 such measures are violated (typical noob hacker) you flag the generated code as being "cheated".

When he loads the code some times it will load fine, however other times it will do strange stuff (to his detriment). For example it could sometimes fail to load completely saying that it is "invalid". Other times it might cause him to suddenly die when taking too much damage etc. The idea is to make it so subtle that most hackers will think it works first time and they will not look in to correcting the "cheat" bits in the code.
 
Level 13
Joined
Oct 18, 2013
Messages
689
@Dr Super Good; Lmao XD ..those are awesome ideas. I really like the idea of being subtle as to avoid detection, I was thinking that approach would be pretty effective. I never thought of flagging codes, that's another sneaky way of doing things.

@Dat-C3; Maybe elaborate on your ideas a little bit, I don't really understand.
 

Dr Super Good

Spell Reviewer
Level 63
Joined
Jan 18, 2005
Messages
27,170
DSG has some pretty awesome idea's however people would eventually figure it out, or well the one out of a million would I mean. Nobody would consider anyone flagging your fake/hacked code.
Well it is well known commercially by now. Even Blizzard employs a similar method against hackers where it will only ban them some variable time after the offense so hack developers have no immediate feedback (they cannot be sure if a hack was undetectable or not). This greatly slows down the iterative development process for hacks and does so to such an extent that you may find the hackers write it off as being done before it is truly hacked (all the secrets of your security are discovered).

Obviously people can still hack it, however your aim is to stop 99.9% of hackers not the 0.1% of highly determined hackers who do it for themselves.
 
Status
Not open for further replies.
Top