[AC] Block dll injection?
I'm working on an anticheat for my game (find teleport cheats, health cheats, and other cheats) but i need to block dll injections.....anyone knows why?
Or, if i can't block, a way to find if a dll injected while the game is running....possible?? :)
Essentially, you can't. Short of using a trusted hardware platform, you can't block manipulations of the game code on a client machine. You can make it somewhat harder, but this will only challenge and motivate people to hack it. Someone who knows what he's doing and has too much time on his hands (or is paid to do it) can circumvent any local protection you might have built in. And no offense, but a 'protection' built by a newbee such as yourself is usually crackable within minutes by a professional. You'll only waste your time.
Anyway, if you want to protect your game against cheaters, then you have to do it server side. If you have a trusted server, that is. Assume everything coming from the client to be 'suspicious', and validate it. Try to build heuristics that track anormal patterns of action from players, and assign them an internal rating. If that rating goes over some threshold, then assume the player is cheating and kick him. That's really the only way.
Anyway, if you want to protect your game against cheaters, then you have to do it server side. If you have a trusted server, that is. Assume everything coming from the client to be 'suspicious', and validate it. Try to build heuristics that track anormal patterns of action from players, and assign them an internal rating. If that rating goes over some threshold, then assume the player is cheating and kick him. That's really the only way.
the problem is that with a dll an hacker can also change packets on the fly, and do whatever he wants with the game.....
Quote:Original post by roby65
the problem is that with a dll an hacker can also change packets on the fly, and do whatever he wants with the game.....
That's why you need to validate all data coming from the client on the server. And don't send the client information that isn't needed. If an enemy is behind a wall, and invisible to the player, then don't send the position of that enemy. This prevents wallhacks. Track the position of each player throughout the game, and look for anomalies. For example, if the position of the player changes too quickly, or if the time between an enemy appearing and the player shooting him is below the average reaction time of a human, then you can increase the cheat-probability rating of the player.
Sure, these things are annoying and complex to do. But it's the only way to really keep people from messing around with your game.
Then again, I wouldn't waste my time with any of this right now, if I was you. Just finish the game, make it fun to play, etc. If really enough people are playing it online to make cheating an issue, then you can still add anti-cheat measures later on.
It is not possible.
The only way to achieve security is to run the code on server.
Anything that client has can be compromised. The only question that remains is how many months/years do you want to waste trying to slow the malicious users down, rather than providing value to your game.
Off-the-shelf protection can be bypassed via off-the-shelf crackers. Look at commercial games. All those SecureXYZ products, and the games are available a few hours *before* they hit the shelves.
Consoles are considerably safer, but not even remotely safe.
One doesn't even need a client for that. Network packets can be spoofed/replayed without your client.
The only way to achieve security is to run the code on server.
Anything that client has can be compromised. The only question that remains is how many months/years do you want to waste trying to slow the malicious users down, rather than providing value to your game.
Off-the-shelf protection can be bypassed via off-the-shelf crackers. Look at commercial games. All those SecureXYZ products, and the games are available a few hours *before* they hit the shelves.
Consoles are considerably safer, but not even remotely safe.
Quote:the problem is that with a dll an hacker can also change packets on the fly, and do whatever he wants with the game....
One doesn't even need a client for that. Network packets can be spoofed/replayed without your client.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement