[.net] C# games and cheating...
Author
I have recently begun learning to program in c# and as I have been programing for a while in c++ I found it quite an easy transition. I also like the style of C# and I find it 'smoother' and quicker(although I may just be dreaming this), and I do not worry about any speed problems in C# for my games (its just a hobby!). After just stating that it is just a hobby, I do want to try and prevent cheating, as I am planning to add multiplay support to a small game I have made. The reason is because I am planning to play with an extended group of friends, many I cannot trust to not try and create some kind of cheat program. Please don't reply saying it isn't worth the time to add anticheat mechanisms, as I am willing to put in the time.
What I want to know is, Is creating a game in C# asking for trouble due to easier reverse engineering? Is there any way to implement anticheating routines that wont just be able to be stripped out with in minutes? Also I heard something about memory protection is better in .NET languages/programs, will this actually help at all?
C# is no worse for having your code hacked then any other.
With that being said, you can NOT make a game that is hacker proof. You can make one that keeps honest people honest and keep the script kiddies from hacking it in a hour. Any decient hacker can bypass any software system you put in place to prevent cheating. Now does this mean you should not put in any, no. You put in a simple system that makes it some work to hack it but don't kill yourself trying to make it hacker proof because you fail.
theTroll
With that being said, you can NOT make a game that is hacker proof. You can make one that keeps honest people honest and keep the script kiddies from hacking it in a hour. Any decient hacker can bypass any software system you put in place to prevent cheating. Now does this mean you should not put in any, no. You put in a simple system that makes it some work to hack it but don't kill yourself trying to make it hacker proof because you fail.
theTroll
Actually, it's incredibly easy to hack C# code with only the program. Even a complete idiot can do it. It's *much* easier than C++.
If you want to make it slightly more difficult for people to glean information about your code with ease, consider using an obfuscator. It's a simple way to make things slightly more difficult for the would-be hacker.
I agree with the general sentiment, though, that there's nothing you can do to prevent cheating. Good to assume that someone will modify data at some point and work from that assumption.
If you want to make it slightly more difficult for people to glean information about your code with ease, consider using an obfuscator. It's a simple way to make things slightly more difficult for the would-be hacker.
I agree with the general sentiment, though, that there's nothing you can do to prevent cheating. Good to assume that someone will modify data at some point and work from that assumption.
Obfuscating your code will deter the casual decompiler, as it removes all the names of internally used functions and variables so the result ends up being no more use than a decompiled normal EXE.
Using the obfuscator will slow hackers down, at least. When it comes down to it, though, it doesn't really matter.
For single player games, it really doesn't matter that much if your game gets hacked or not, since it doesn't affect other players. (And it will be hacked sooner or later, assuming someone cares enough to do it. Doesn't matter what language you use.) Trying to prevent single player games from being hacked, or even trying to hide and encrypt media and all that other stuff that people obsess about, it's a waste of time. If people care that much about your stuff, they will manage to get it. You're only delaying the inevitable.
For multiplayer games, if your code makes hacking easier, you have much more fundamental problems. A well designed multiplayer game should be impossible to hack even with access to the source code. Sadly many games are not well designed, and so you see hundreds of hacks for them (see: Counter-Strike). Again, you can only delay the inevitable here if you rely on client side security.
For single player games, it really doesn't matter that much if your game gets hacked or not, since it doesn't affect other players. (And it will be hacked sooner or later, assuming someone cares enough to do it. Doesn't matter what language you use.) Trying to prevent single player games from being hacked, or even trying to hide and encrypt media and all that other stuff that people obsess about, it's a waste of time. If people care that much about your stuff, they will manage to get it. You're only delaying the inevitable.
For multiplayer games, if your code makes hacking easier, you have much more fundamental problems. A well designed multiplayer game should be impossible to hack even with access to the source code. Sadly many games are not well designed, and so you see hundreds of hacks for them (see: Counter-Strike). Again, you can only delay the inevitable here if you rely on client side security.
Quote:Original post by Promit
A well designed multiplayer game should be impossible to hack even with access to the source code. Sadly many games are not well designed, and so you see hundreds of hacks for them (see: Counter-Strike). Again, you can only delay the inevitable here if you rely on client side security.
I disagree.
There is no such thing as impossible to crack unless we are talking quantum computer gerenated passcodes, which in turn, can be hacked by, well, quantum computers.
The point is, nothing is impossible to hack, especially in the realm of user PC level software.
Poorly designed? Some, maybe, but I think there are a lot more people looking to "break" it and a lot more potential thinking outside the box then the number of people who designed the system not to be hacked.
E.G. Look at windows. For all the code/securty/etc crap Redmond tries to implement, their teams of hundreds of coders can not compete with the ten of thousands of hackers who want to break it. Its just raw numbers.
Quote:Original post by JoviexThat's not relevant. In multiplayer games the basic strategy is simple: never trust anything the client tells you about the state. Hell, don't even ask. You're only interested in what controls the player is pressing (and those should be sanity checked as well). So if your server gets hacked, that's a different matter. But there should be no way to alter the client to gain an advantage.Quote:Original post by Promit
A well designed multiplayer game should be impossible to hack even with access to the source code. Sadly many games are not well designed, and so you see hundreds of hacks for them (see: Counter-Strike). Again, you can only delay the inevitable here if you rely on client side security.
I disagree.
There is no such thing as impossible to crack unless we are talking quantum computer gerenated passcodes, which in turn, can be hacked by, well, quantum computers.
The point is, nothing is impossible to hack, especially in the realm of user PC level software.
Quote:Original post by Promit
In multiplayer games the basic strategy is simple: never trust anything the client tells you about the state. Hell, don't even ask. You're only interested in what controls the player is pressing (and those should be sanity checked as well). So if your server gets hacked, that's a different matter. But there should be no way to alter the client to gain an advantage.
Seconded. You would have to do this with a C++ game. There's no difference between C# and C++ from this aspect.
You could also use Remotesoft Protector if you are really paranoid and than it would be even harder to decompile and peek around than if it was written in C++.
Chris Crawford once used a technique that I liked (though I think with all of the BS that windows does now it's not a feasible: the program would change itself while it ran, so when hackers tried to follow the logic, multiple commands issuing from the same address and such made it nearly impossible to hack. I think it was Patton Strikes Again! that he did that on, and it worked really well...
That being said, it's probably not feasible anymore.
That being said, it's probably not feasible anymore.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
