Caiol Posted February 5, 2011 Posted February 5, 2011 Hello everybody! I'm making a game antihack/cheating, this is supposed to block hackers in the game, so i've used this: - Windows Names - Windows Texts - Block Task Manager and others - _ProcessGetLoadedModules (Get the loaded modules and compare with some arrays) The question is if someone knows another way to block hackers... This isn't a malware and nothing related... Thanks!
SkellySoul Posted February 5, 2011 Posted February 5, 2011 Hello everybody!I'm making a game antihack/cheating, this is supposed to block hackers in the game, so i've used this:- Windows Names- Windows Texts- Block Task Manager and others- _ProcessGetLoadedModules (Get the loaded modules and compare with some arrays)The question is if someone knows another way to block hackers... This isn't a malware and nothing related... Thanks!If it is a online game use server side configs and have a unique encryption
Caiol Posted February 6, 2011 Author Posted February 6, 2011 (edited) That's a antihack client side... and yes, it's a online game. But, what do you mean with "unique encryption"? And at server side, what type of configs? Edited February 6, 2011 by Caiol
darkjohn20 Posted February 6, 2011 Posted February 6, 2011 (edited) He means store all of your data on the server, like player's money, etc. so that they can't change it on their computer. Also, by encryption he means encrypt the data being sent to the client so it's not easy to read. Edited February 6, 2011 by darkjohn20
Caiol Posted February 7, 2011 Author Posted February 7, 2011 The hacks are used in the client, they inject DLL's and alterate some adress at the game to have powerfull than others... About the game data, it's storage at the server... and crypt the bytes sended isn't a possibility... I'm searching for ways to block the client hack, programs that are used and others... but it's hard because the ways to cheating are infinite... Thanks darkjohn20 and SkellySoul, . Sorry for my english.
darkjohn20 Posted February 7, 2011 Posted February 7, 2011 http://msdn.microsoft.com/en-us/library/ms680345%28v=vs.85%29.aspx could be helpful to see if a debugger is present, and if so, close the program.
Javik Posted February 7, 2011 Posted February 7, 2011 I am not a game programmer, but I have heard that holding all your client files open helps to prevent "in-game data injection" attacks. If for some reason you are writing game data to disk that may be read back again during a live game session, don't ever close the data files while the game is in progress. Just leave them open all the time, until the game client exits. This way no other process can edit the file and change data values because the file is in use by your client. Though, they may still be able to open the file as read-only copy, which is where some sort of encryption or encoding is useful. Also if writing critical data to disk, don't just update individual data-fields, write whole swaths of stuff all at once in big blocks of data to obfuscate exactly what it is you are writing. Might want to write a few kilobytes of encrypted random data around the fields, while you're at it.
jvanegmond Posted February 7, 2011 Posted February 7, 2011 (edited) When it comes to client-side hacks, there is only one approach that works in all cases: SUCK IT UP and TAKE IT LIKE A MAN. Log everything that happens in the game server-side and let client-side send logs to server. Log everything ranging from client-side clicks on the screen (X,Y, color clicked on), server-side user walking to a X,Y point, interacting with an object and the more obvious such as audit logs (log in, log out). Let the game server write all these logs to another machine dedicated to log storage and analysis. Keep in mind common log practices such as keeping the logs indefinitely ("disk is cheap"). Let that log machine do (real-time) log analysis using a tool such as OSSEC and let it report suspicious behavior to a human who will then evaluate the suspicious logs by hand and make a descision (ban/no ban) based on that.As far as client-side protection goes, don't do stupid things like nProtects Gameguard. rootkits are bad mmkay. Rather do something like World of Warcrafts Warden which has functionality like [checking for ... ]:Model edits. Known cheat modules (DLLs) Known modifications to game functions Known cheating addons Speedhacks Known API hooks from cheatsOf course the "Known" part comes from analyzing the logs: which is step 1!Best of luck with your non-rootkit software. Edited February 7, 2011 by Manadar github.com/jvanegmond
Caiol Posted February 7, 2011 Author Posted February 7, 2011 (edited) Thanks by the help.. Manadar, everything that you said are the things that i'm trying to do... Model edits. Known cheat modules (DLLs) Known modifications to game functions Known cheating addons Speedhacks Known API hooks from cheats I've been searching around hackers forums and i've been optimizing the game antihack to block the cheats that i've found... About the "Known cheat modules (DLLs)", i've done it, how i've said at the start post. - "Known cheating addons", i've take a lot of programs and block it; by window name, process and window text... Now i'm trying to known another way to block... List of hacks that I known and i've blocked: - Cheat Engine (Adress change and others) - PerX (DLL Injector) - Omega Injector (DLL Injector) After, i made logs to the anti hack, and it'll help-me to identify something else... Thanks everyone, it helped me a lot... Again, sorry for my english... Edited February 7, 2011 by Caiol
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now