Jump to content
  • Advertisement

Archived

This topic is now archived and is closed to further replies.

civguy

How's this for a hard-to-hack scheme?

This topic is 5889 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

The server compiles new client executables all the time. These executables only differ from each other in how they communicate with the server. And maybe by some redundant code so that each executable has different file size. When the player (client) logs on, the server sends him the client executable. Now the server expects the player to communicate with it by using that executable''s specific communication codes. So the player can''t use any hacked executables, because they''d communicate with the server differently. To hack this, one would need to edit every new executable one gets from the server. Or maybe there are some other loopholes in this scheme; that''s for you to fiqure out

Share this post


Link to post
Share on other sites
Advertisement
Not sure, but I don''t think that it differs if it''s a serial, key, executable, or a car. The same principles apply, just a bit more complicated.

Your scheme would just be a sort of encryption. What does the client need to do to persuade the server to give it the exe? I guess it''s there the big hole would be. Otherwise, it''s pretty much as plain SSL where both parties agree on an encryption scheme/key which they (en|de)crypt the data with, after authentication taken place.

Though, I must say it sounds interesting (I like that sort of stuff too ), but I''m afraid you just would overload the server''s processing power compiling and it''s bandwidth pushing execs.

Share this post


Link to post
Share on other sites
Well, if I were playing the game I''d hate to have to download a new program every time I go to play. That would be such a pain. You could send a dll file though. The problem with that though is that the program could intercept the dll and read what''s inside to look for the new codes. But an executable would be better because the new codes could be anywhere in the executable and it would be very difficult to find them. Overall it''s a good idea. You just need to keep most of the game-processing code external from the sent executable. And the sent executable should be very small (ie 100-kb).

---
My Site-My Tetris Clone w/Source
Come join us on IRC in #directxdev @ irc.afternet.org

Share this post


Link to post
Share on other sites
It would, I think, be much safer to use the entire exe (or dll) as an encryption key instead. Let''s have a file size of, say, 100 kb, that would give us some 819,600 bits encryption. Wrap that around a few layers and we got ourself a real hardie

Share this post


Link to post
Share on other sites
I think, you don''t need send executable code, only part of them.

For example send dll with new crypt/encrypt functions and keys.
You can change everytime crypting mechanism is server and it''s send to client and in comunicated protocols put some holes for checking new code.

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
quote:
Original post by Ramsess
I think, you don''t need send executable code, only part of them.

For example send dll with new crypt/encrypt functions and keys.
You can change everytime crypting mechanism is server and it''s send to client and in comunicated protocols put some holes for checking new code.




Still easy to hack the client app, though. Who cares if network communications are secure if the client''s sending bogus info in the first place?

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Couldn''t someone just figure out how to hack one EXE and distribute that to anyone else who wants to use it?

Share this post


Link to post
Share on other sites
quote:
Original post by Anonymous Poster
Still easy to hack the client app, though. Who cares if network communications are secure if the client''s sending bogus info in the first place?


Every client application can be hacked It''s not hard if you know debugers like softice.

In my practice I get from app. some function code and use it''s code for my programs. (but it''s was only hoby read some crypted data

If evolve my ideas ... one way is everytime changed network protocol and client need download simly function for handle/parsing new protocol.

Share this post


Link to post
Share on other sites
quote:
Original post by Anonymous Poster
Couldn''t someone just figure out how to hack one EXE and distribute that to anyone else who wants to use it?


It''s not hard if your know system programming.
Read docs in hackers site

First exam is hack shared programs which want serial key like WinZip.

But be careful, some programs has protection wich switch to debug your debuger, or use internal timers for antidebug.




Share this post


Link to post
Share on other sites

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!