Jump to content
  • Advertisement
Sign in to follow this  
Lenox

The "Base Address?"

This topic is 4866 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hey, I was talking with these people one day, asking them how they injected their third party program into the game they used it on, and they started talking about how they "Patched the Base Address, then injected it." What is the "Base Address" and how could I STOP it from being patched? *EDIT* When I asked how I could stop it, I was thinking more from the inside of the program, :P.

Share this post


Link to post
Share on other sites
Advertisement
I'm not sure, but I think this sort of code injection happens while the process is running, not via modification of the binary. I think there are techniques for detecting processes who have attached to and/or attacked your memory space, and terminating as a result, but tbh I'm not familiar with them myself.

[EDIT] I happened to find this article on how the injection is done in the first place.

Share this post


Link to post
Share on other sites
Quote:
Original post by Promit
Yet more googling brings up this page which may be useful.


Thanks for the help, I had googled earlier but found nothing but books like "Building a good base tan."

Share this post


Link to post
Share on other sites
It sounds like they're talking about inserting thier own dll into the game. Every dll has a "base address" which is the default address it loads into memory. It's hard to say more without more context.

There's pretty much nothing your program can do to stop such things. Especially if it's running on thier hardware and they're admins on the machine.

Share this post


Link to post
Share on other sites
There are ways to do it, but this topic is very complex to explain it in a posting (there are whole books about this topic out there).

A good start is the article posted above. In the appendix the autor lists some useful sources when you're really interested in this topic.

Share this post


Link to post
Share on other sites
Quote:
Original post by ext
There are ways to do it, but this topic is very complex to explain it in a posting (there are whole books about this topic out there).

A good start is the article posted above. In the appendix the autor lists some useful sources when you're really interested in this topic.


Hrm..I'll have to read up on this then, :P.

( Also, the reason I put it in For Beginners is because this is..well..my beginning experience with this topic. :P )

Share this post


Link to post
Share on other sites
That article is mostly talking about things to do about attacks *from outside the machine* - basically defensive practice designed to mitigate buffer overflow or other bugs in your own (or possibly system) code. Those techniques accomplish exactly nothing against an attacker that owns the machine and has admin access. Maybe the attacker has to go through an extra level of indirection to find your data - bfd.

IMHO these sorts of things just give people a false sense of how secure thier systems are as well as making things annoying for the poor developers that have to use (and work around) them - probably causing even more bugs.

Share this post


Link to post
Share on other sites
Quote:
Original post by Anon Mike
That article is mostly talking about things to do about attacks *from outside the machine* - basically defensive practice designed to mitigate buffer overflow or other bugs in your own (or possibly system) code. Those techniques accomplish exactly nothing against an attacker that owns the machine and has admin access. Maybe the attacker has to go through an extra level of indirection to find your data - bfd.

IMHO these sorts of things just give people a false sense of how secure thier systems are as well as making things annoying for the poor developers that have to use (and work around) them - probably causing even more bugs.


Looks like they'd still have, like you said, trouble injecting their code into your program. If the person DOES happen to still do it, then he probably deserves to hack for a little bit.

Another question: Is there any way to tell whether ANY modification has been made to a client whatsoever at runtime?

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!