Sign in to follow this  

[AC] Block dll injection?

This topic is 3594 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I'm working on an anticheat for my game (find teleport cheats, health cheats, and other cheats) but i need to block dll injections.....anyone knows why? Or, if i can't block, a way to find if a dll injected while the game is running....possible?? :)

Share this post


Link to post
Share on other sites
Essentially, you can't. Short of using a trusted hardware platform, you can't block manipulations of the game code on a client machine. You can make it somewhat harder, but this will only challenge and motivate people to hack it. Someone who knows what he's doing and has too much time on his hands (or is paid to do it) can circumvent any local protection you might have built in. And no offense, but a 'protection' built by a newbee such as yourself is usually crackable within minutes by a professional. You'll only waste your time.

Anyway, if you want to protect your game against cheaters, then you have to do it server side. If you have a trusted server, that is. Assume everything coming from the client to be 'suspicious', and validate it. Try to build heuristics that track anormal patterns of action from players, and assign them an internal rating. If that rating goes over some threshold, then assume the player is cheating and kick him. That's really the only way.

Share this post


Link to post
Share on other sites
Quote:
Original post by roby65
the problem is that with a dll an hacker can also change packets on the fly, and do whatever he wants with the game.....

That's why you need to validate all data coming from the client on the server. And don't send the client information that isn't needed. If an enemy is behind a wall, and invisible to the player, then don't send the position of that enemy. This prevents wallhacks. Track the position of each player throughout the game, and look for anomalies. For example, if the position of the player changes too quickly, or if the time between an enemy appearing and the player shooting him is below the average reaction time of a human, then you can increase the cheat-probability rating of the player.

Sure, these things are annoying and complex to do. But it's the only way to really keep people from messing around with your game.

Then again, I wouldn't waste my time with any of this right now, if I was you. Just finish the game, make it fun to play, etc. If really enough people are playing it online to make cheating an issue, then you can still add anti-cheat measures later on.

Share this post


Link to post
Share on other sites
It is not possible.

The only way to achieve security is to run the code on server.

Anything that client has can be compromised. The only question that remains is how many months/years do you want to waste trying to slow the malicious users down, rather than providing value to your game.

Off-the-shelf protection can be bypassed via off-the-shelf crackers. Look at commercial games. All those SecureXYZ products, and the games are available a few hours *before* they hit the shelves.

Consoles are considerably safer, but not even remotely safe.

Quote:
the problem is that with a dll an hacker can also change packets on the fly, and do whatever he wants with the game....


One doesn't even need a client for that. Network packets can be spoofed/replayed without your client.

Share this post


Link to post
Share on other sites

This topic is 3594 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this