What does Vexorian mean by "rig the map?"

[sethmachine]

Hi,

In the Map Optimizer v5.0, Vexorian writes this

Rig the map, there are plenty of traps you can add to the map script to prevent it or the map from being changed. I cannot explain any in this readme since it would also be explaining the way to "unlock" the trap. And I will also avoid to explain them directly through email so do not ask me for it. It is better to be creative and invent your own way to do this, the possibilities are actually infinite

What kind of traps is he referring to, without being specific?

 

[frettory]

Hi,

In the Map Optimizer v5.0, Vexorian writes this



What kind of traps is he referring to, without being specific?

Something that makes the map crash upon opening it using WE.

 

[edo494]

if he means what I think he means, then he basically changes 4 bytes in the header of the mpq archive to random value so that world editor can no longer open the map

 

[Dr Super Good]

In the old days before the type cast exploit was fixed you could use code variables to do such a trap I would imagine. This could do anything from detecting modification of the script via checksums (the place of stuff is no longer as expected) to externally fetching the script from another file.

However I believe this was Vexorian just blowing his own trumpet trying to sound like he was better than he actually is. Self defending scripts have always been known to perform badly and be easily cracked, just like CD protection in real life.

 

[edo494]

In the Map Optimizer v5.0

he cant use typecasts for protection since 5.0 was released in like 2012, typecasting was fixed before 2011

 

[Xonok]

There's many ways really.

Ways that I've thought of myself.
1. Use UMSWE functions or custom GUI.
2. Keep your script files outside the map and just write //! import "Filename.j"
3. Change the location of war3map.j to a different place that the editor doesn't expect, but game does.

 

[Dr Super Good]

he cant use typecasts for protection since 5.0 was released in like 2012, typecasting was fixed before 2011

And the tool was poorly maintained long before that patch. The comment was likely left in there due to lack of maintenance.

 

[EdgeOfChaos]

If I remember correctly, if you make a quest with 1023 characters and at least 1 newline, it will prevent map from being edited externally.

 

[sethmachine]

In the old days before the type cast exploit was fixed you could use code variables to do such a trap I would imagine. This could do anything from detecting modification of the script via checksums (the place of stuff is no longer as expected) to externally fetching the script from another file

I think this is what Vexorian meant. A map code that verifies itself. So people did execute arbitrary code using the return bug as a form of map protection?

Keep your script files outside the map and just write //! import "Filename.j"

Aye, this makes it impossible (or very difficult) of course to recover the vJASS script.

 

[Xonok]

Aye, this makes it impossible (or very difficult) of course to recover the vJASS script.

Technically this alone doesn't, but I bet most people wouldn't know where to look for it.
Openable in editor, but can't save.

 

[sethmachine]

Technically this alone doesn't

What do you mean? When the map saves, it only keeps the compiled JASS script AFAIK.

Getting the war3map.j is trivial, but turning that into the original vJASS script (reverse compilation or whatever)? I can't imagine most people would have the knowledge and skill necessary in information theory. Also it would be impossible to recover the variable names, so you'd have to have a complex variable semantics recognizer, and because variable name semantics is open to infinite interpretations, you would have to name each variable by hand.

Or are there tools that actually do turn a JASS script into a vJASS script (barring getting correct variable names)?

 

[Xonok]

Think about it. How does the editor know to show you vJASS when you've saved it?
The code is there, just not in map script.

 

[Tal'Rarity]

There's many ways really.

Ways that I've thought of myself.
1. Use UMSWE functions or custom GUI.
2. Keep your script files outside the map and just write //! import "Filename.j"
3. Change the location of war3map.j to a different place that the editor doesn't expect, but game does.

Does 2. work in wc3? As well the only possible spot you can move it is scripts/ isn't it?

If I remember correctly, if you make a quest with 1023 characters and at least 1 newline, it will prevent map from being edited externally.

Does this really work? I have a method similar to it I have been trying to test.

Oh, and almost every method you guys have already brought up has tutorials for it. . . Not here of course. Only the things I questioned don't have tutorials/answers too.
I do know one thing though, there is superb methods of protection almost nobody else knows. Chinese and Russian maps/sites seem to have odd methods. Same for Korean's.

Someone should try testing a double .j script. =) See if you can get it to read one instead of the other, though I don't think that works because it will read folder/ second.

 

[Xonok]

Does 2. work in wc3? As well the only possible spot you can move it is scripts/ isn't it?

JNGPE has a folder named "jass". Files inside that can be used with //! import. I wonder if models can be imported that way.
Only in scripts? Probably yes.

 

[Tal'Rarity]

There is another public method of protection barely known because not many people made use of it and that is using VJass from a model file. Though that is cool, didn't know newgen could do that however how does that exactly work?

 

[edo494]

No matter how hardly hard you try, if game can read your game script, so can anyone else with a little bit of effort and good mpqviewer

 

[sethmachine]

Think about it. How does the editor know to show you vJASS when you've saved it?
The code is there, just not in map script.

The vJASS scripts gets deleted when the map is optimized. And also there is no vJASS to show in the map, because I use an import statement for the whole script.

No matter how hardly hard you try, if game can read your game script, so can anyone else with a little bit of effort and good mpqviewer

Yes this is true. But nobody can ever recover the readable vJASS script.

 

[Xonok]

The vJASS scripts gets deleted when the map is optimized. And also there is no vJASS to show in the map, because I use an import statement for the whole script.

Only if optimized, yep. This is what I was getting at. The optimization removes editor-only files, including the one where the source code is.
It is also possible (tested today) to create editor-only maps, although I don't know what the point would be.

 

[PurgeandFire]

People don't normally care about getting the source vJASS script. They usually just care to add cheats to the map.

There are a lot of ways to protect your map, but you have to think like a map hacker. Prevent ways to get easy gold, prevent iseedeadpeople code, etc. Look at current anti maphack systems (e.g. PandaMine's old AMHS on wc3c.net). As for actual file protection, you just need to look at the popular deprotection tools. Beat the MPQ editors, beat the map reconstructors (e.g. the one that rebuilds the triggers and object files), and other deprotection tools, and you're set for the most part. Of course, there will always be a way to hack into it (how do you think people reverse engineered the mpq format?), but if they managed to get past all your protection, maybe they deserve to cheat. But in all seriousness, you only need to protect it so that the majority cannot get in. A lot of people won't have the knowledge or experience to get the files they need.

Anyway, be creative. You can mess around with your script and add preventative measures in random areas. With code obfuscation, it'll be difficult to reverse it. And don't be blatant by crashing the game. Be creative: you can essentially bug the map if you detect something that goes wrong. Those are harder to look for in an obfuscated script opposed to some division by 0 or some function that crashes.

Still, you should not get too caught up in protection. It is mostly fun to think of ways (for me), but I don't really care about ultra-protecting maps. And neither should anyone, imo. There was one guy who made a thread a while back asking for the best protection method, and we gave him the cold hard truth that "no matter what you do, if the game can read it, someone else can edit your map". At that idea, he decided to quit modding. If you have that mentality, then you lose sight of the whole purpose behind modding. It is supposed to be fun, and it is more or less a privilege if people play and enjoy your map. That should be rewarding enough.