Jump to content
  • Advertisement
Sign in to follow this  
Enselic

How hackable is my highscore?

This topic is 4952 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hello! After being a conscript for 10 month I have slowly got into programming again. I'm currently experimenting with how to implement an online highscore using C#/.NET and I need your help. I'd like to find out how hard it is to hack my current solution. How easy can it be hacked, and what can one do to prevent it alternativly make it harder? I plan on making an article on this subject later, but first I need som testing. You will find the 60kb download here: Spatra HS (Highscore) (EDIT: Download removed. Check out my website for the sequel planned to come in a few weeks). [Edited by - Enselic on January 28, 2006 5:49:23 PM]

Share this post


Link to post
Share on other sites
Advertisement
The game fails to start (some undefined error), but I'm using a public computer now, so it could be my problem.

Share this post


Link to post
Share on other sites
tried sending and viewing my score just freezes :( ( for ages )

and u might wanna work on your collision detection

EDIT: after waiting i get the error "error underlying connection close, could not connect to high score..."

Share this post


Link to post
Share on other sites
Hmm, ok. Well, the server is in sweden, so it might take a while. I've let some other swedes try, and they didn't have any problem with submiting/viewing.

Share this post


Link to post
Share on other sites
Quote:
Original post by Enselic
Yeah, the public computer probably don't have the .NET framwork installed.

True, I forgot. Too bad, I was looking forward to the challenge.
Quote:
Original post by Michalson
Took about 2 minutes.

Oh dear.

Share this post


Link to post
Share on other sites
Oh dear...

I knew it wouln't take long, but 2 minutes?

How could you do it that fast? You think it would help if I encrypted the data?

Share this post


Link to post
Share on other sites
well, you have ZERO encryption, at least you check if the score is an actual number, negative etc :p as you see, Mr 'Easy' has never started the exe, but appeared as a topplayer.

You dont need a decompiler to get the unicode address and then its a simple write a url action.


What you should do:
-Make your Programm unreadable with some sort of Obfuscator (that will make decompiled code unreadable)
-Add encryption or verification data to the 'Post' process (sending the url)
-Add decryption on your server, you can also try to make some system that requests a key from the server...


T2k

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
open up the exe in a hex editor and you will see the php calls in the code

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!