You can have very secure encryption of packets. For instance we can look at the way World of Warcraft does it which is extremely secure. They first negotiate a shared key via SRP. They then use this key in a RC4 crypto. This means that you can not passivly sniff and decrypt the packets. You have to take an active role on some level. Unless your game has a very large audience this should be enough and it's very fast.
Stopping injecting hacks is much much harder but Blizzard has implemented a very potent system for that as well. Probably one of the most sophisticated I have seen. The people you're fighting probably knows a whole lot more than you do about the issue though so chances are you'll lose.
How would... double encryption fare?
im *definitely* not an experienced programmer, but wouldnt it help at least a little bit having a server-side script looking for patterns in the players behavior? like if the player always does things the exact same way with the exact same delays and such he could be banned or whatever?
iunno.. just an idea
iunno.. just an idea
Quote:Original post by Oggan
im *definitely* not an experienced programmer, but wouldnt it help at least a little bit having a server-side script looking for patterns in the players behavior? like if the player always does things the exact same way with the exact same delays and such he could be banned or whatever?
iunno.. just an idea
This would be near impossible to implement unless your game is outrageously simple, and once implemented it would be trivial to circumvent.
CM
I would say the real problem with such a solution would be the high likelihood of a false positive. Some players tend to be very repetitive when playing these types of games and I'm sure you'd end up hurting real players.
I used a macro in an online game once, because I got very, very bored of sitting around repeatedly clicking on some vegetable patch or something trying to harvest carrots because that's what I needed to do to get my farming skill up. Or whatever it was.
The best solution would be to design your game such that it doesn't contain that kind of mindless, repetitive action. That way nobody will want to macro.
The best solution would be to design your game such that it doesn't contain that kind of mindless, repetitive action. That way nobody will want to macro.
Quote:Original post by asp_
I would say the real problem with such a solution would be the high likelihood of a false positive. Some players tend to be very repetitive when playing these types of games and I'm sure you'd end up hurting real players.
yeah of course, but i mean if the player keeps repeating something and it takes *exactly* the same time between moves all the time.. but yeah, of course it cant be *exact* like i just said because it varies with the lag.. heh, so i guess that sorta kills the whole idea. oh well =þ
and i definitely agree with superpig there..
heh, in Runescape its practically impossible to use simple recorded mouse-moves/clicks and keystrokes to macro..
they have implented loads of features for that..
for instance, when fishing, all of a sudden some kinda river-monster pops up from somewhere who would kill a simple-macro'er. and also the 3D camera moves a tiny little bit sometimes, but its enuf so that a recorded mouse-macro would not work.
Ah... I have a bit of experience with hacking games. There are a few ways to make macros.
1. You can simply send keyboard and mouse input to the window without any information of the game world.
2. Usually there'll be an array of entity information in memory somewhere, if you find that and find a pointer to it, you can look through it and get information about the world around your player, for example, the players location and an items location, and then you can use that information to send keystrokes to the window intelligently.
3. Intercept packets and get your information from them, and send keystrokes based on that, or even change the packets as you said.
The only way to truly combat macroing in an MMORPG is to make design decisions where people will not want to macro, or it will not be possible to macro.
For example, most MMORPGs have very boring repetitive crafting systems which involves absolutely no player skill, and barely any player input. See creative crafting, something like that would be fun to do, it'd reduce players macroing crafting, and it'd be difficult to create a macro for it.
Even if you were to encrypt packets twice, some reverse engineer who was determined enough would tear apart your program and figure out how to decrypt the packets.
1. You can simply send keyboard and mouse input to the window without any information of the game world.
2. Usually there'll be an array of entity information in memory somewhere, if you find that and find a pointer to it, you can look through it and get information about the world around your player, for example, the players location and an items location, and then you can use that information to send keystrokes to the window intelligently.
3. Intercept packets and get your information from them, and send keystrokes based on that, or even change the packets as you said.
The only way to truly combat macroing in an MMORPG is to make design decisions where people will not want to macro, or it will not be possible to macro.
For example, most MMORPGs have very boring repetitive crafting systems which involves absolutely no player skill, and barely any player input. See creative crafting, something like that would be fun to do, it'd reduce players macroing crafting, and it'd be difficult to create a macro for it.
Even if you were to encrypt packets twice, some reverse engineer who was determined enough would tear apart your program and figure out how to decrypt the packets.
Quote:Original post by ScottC
Ah... I have a bit of experience with hacking games.
Oh, really ?
Quote:
The only way to truly combat macroing in an MMORPG is to make design decisions where [...] it will not be possible to macro.
Well, duh.
Quote:The best solution would be to design your game such that it doesn't contain that kind of mindless, repetitive action. That way nobody will want to macro.
Seems the best solution to me, no grind, no macro.
Ultima Online used double encryption for a long time; in fact, it might still, but I doubt it. Before I implemented double encryption in UO, many of the programs that were used to hack the game knew the encryption scheme and did in-line encryption and decryption of the stream. After implementing double encryption, none of the main-stream UO hackers were able to figure out what I'd done. So, it took a while for them to eventually just bypass the encryption altogether. So the point of this is, double encryption will only slow them down.
World of Warcraft doesn't even encrypt their entire datastream; just the header bytes of each packet. This makes it impossible to syncronize with the packet stream unless you actually know the algorithm. At first I thought that was a real freak show because all of us in the MMO business had been trained to encrypt everything as much as possible. But, after having given this some thought I realized that the idea was pretty good. None of the actual unencrypted data you can see is really useful anyway so there's no point in encrypting it all, and it saves a ton on CPU utilization.
World of Warcraft doesn't even encrypt their entire datastream; just the header bytes of each packet. This makes it impossible to syncronize with the packet stream unless you actually know the algorithm. At first I thought that was a real freak show because all of us in the MMO business had been trained to encrypt everything as much as possible. But, after having given this some thought I realized that the idea was pretty good. None of the actual unencrypted data you can see is really useful anyway so there's no point in encrypting it all, and it saves a ton on CPU utilization.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement