Jump to content

Cheat Protection For Open Source Games?


hsncorrosion
 Share

Recommended Posts

I have played Assault Cube recently (an open source game/engine)

They are having a big problem with cheats who use memory hacks and client side modifications, and now some are even taking admin accounts via server side bugs, Is there some way of protection to an open source game like this?

I had and idea but they did not go for it.

"I was thinking they can use a master ban list on the masterserver and require each game to have a serial number or key code that the master server looks for when they connect. If they do not have a code ban them. If a server bans them 3 times ban them on the master server, and if two people are playing with the same key ban them. I think this would help stop cheaters, this is similar to what is used in unreal tournament 2004)

Link to comment
Share on other sites

Here lies the problem in open source everything. It makes everything much easier to exploit. They'd need to write their own PunkBuster client that checks to make sure all files are correct, then allows them to connect.

Your idea for client side keys wouldn't work. The malicious user could simply change his key, and ta-da!

Checking the hash of every file could work though. If it isn't the same as the server's hash values, don't allow the connection. It's a pretty simple concept that can turn wildly unsimple.

Link to comment
Share on other sites

But the server will match it with a list of current keys and if it does not match it bans them

The player can change the ID there client sends.

Sparda, how is the user going to get a list of valid keys?  If the client sends a non-valid key it will be disconnected form the server.
Link to comment
Share on other sites

No, keys stored on the masterserver side, not within the source.

Also I would not be doing this, but convincing the ones who made the game to implement it.

not to mention on my first post any two people with the same key are banned (just saying before you mention that)

Link to comment
Share on other sites

No, keys stored on the masterserver side, not within the source.

Also I would not be doing this, but convincing the ones who made the game to implement it.

not to mention on my first post any two people with the same key are banned (just saying before you mention that)

For a client to validate it's self it has to download a key that any one can download and is publicly available then send it to the server it is attempting to connect to?

Link to comment
Share on other sites

When the game is first launched it requests from the master server and it generates a key code which is then stored in either a registry key or in an encrypted file. Then if they goto a server and are banned 3 times the server sends their id to the master server which then blocks there id on every server.

Link to comment
Share on other sites

You could write a rouge server that blasts every client out of the game. (btw. EA, because they are fucktards, had (and still do as far as I'm aware) a problem with some thing similar to this,again, because they are fucktards.)

Also, the client could just request a new key, but if a rouge server blasted all of them off, that's not gonna work.

Link to comment
Share on other sites

Modifying the game to request a new key on start no matter what would be very easy to do too. Also modifying these said "encrypted" files would be easy to do to, because the encryption method would be in the source.

This is why real video games don't use jank client-side keys. They use advanced file-scanning techniques involved with programs. Look at PunkBuster as I said before.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...