Galactic Arms Race 1.0 release (mp space shooter)

[Froofy-D]

Thanks a lot Camerous. Unbelievably (or not) we've actually had cheaters on the GAR Official server. They seem to be doing some memory offset hacking to fire faster. I didn't really cheat proof it because I figured nobody would bother.

[Hachima]

Quote:

Originally Posted by Froofy-D

Thanks a lot Camerous. Unbelievably (or not) we've actually had cheaters on the GAR Official server. They seem to be doing some memory offset hacking to fire faster. I didn't really cheat proof it because I figured nobody would bother.

Just briefly glancing at the code couldn't I just change the following code for easy cheating?

Code:

 public static void SendFireMessage(int selectedWeapon, int damage, float polarity)
        {
            for (int i = 0; i < 5; i++)
            {
                try
                {
                    NetBuffer sendBuffer = new NetBuffer();
                    sendBuffer.WriteRangedInteger(0, 0x80, 3);
                    sendBuffer.WriteRangedInteger(0, 0x80, Globals.player.playerID);
                    sendBuffer.Write(Globals.player.position.X);
                    sendBuffer.Write(Globals.player.position.Z);
                    sendBuffer.Write(Globals.player.weaponArray[selectedWeapon].aimYaw);
                    sendBuffer.WriteRangedInteger(0, 4, selectedWeapon);
                    sendBuffer.WriteRangedInteger(0, 0x4000, damage*3);
                    sendBuffer.WriteRangedInteger(-1, 1, (int)polarity);
                    netClient.SendMessage(sendBuffer, NetChannel.Unreliable);
                }
                catch
                {
                    MessageQueue.AddPriorityBigMessage("Failed to send fire message!");
                }
            }
        }

[Fog]

Not to slag on you too much, but why on earth can't I put numbers in my password? And why can't I use TAB to switch between text fields?

[Kargon]

Would love ability to move the camera angle =/

[Draegan]

That was you posting over on F13 eh?

Anyway I hit level 40 or so.. cool game but I can't find any new weapon patterns. It got boring.

[Froofy-D]

Quote:

Originally Posted by Hachima

Just briefly glancing at the code couldn't I just change the following code for easy cheating?

Code:

 public static void SendFireMessage(int selectedWeapon, int damage, float polarity)
        {
            for (int i = 0; i < 5; i++)
            {
                try
                {
                    NetBuffer sendBuffer = new NetBuffer();
                    sendBuffer.WriteRangedInteger(0, 0x80, 3);
                    sendBuffer.WriteRangedInteger(0, 0x80, Globals.player.playerID);
                    sendBuffer.Write(Globals.player.position.X);
                    sendBuffer.Write(Globals.player.position.Z);
                    sendBuffer.Write(Globals.player.weaponArray[selectedWeapon].aimYaw);
                    sendBuffer.WriteRangedInteger(0, 4, selectedWeapon);
                    sendBuffer.WriteRangedInteger(0, 0x4000, damage*3);
                    sendBuffer.WriteRangedInteger(-1, 1, (int)polarity);
                    netClient.SendMessage(sendBuffer, NetChannel.Unreliable);
                }
                catch
                {
                    MessageQueue.AddPriorityBigMessage("Failed to send fire message!");
                }
            }
        }

Oh how can you read the code? A decompiler? I suppose that is what they did.

[Froofy-D]

Oh damn. Yeah just searched for C# decompiler and in 5 mins I was reading the executable with .net Reflector. Hmm so what do you use to either alter the executable or the memory?

[Hachima]

There are tools out there to help obfuscate your code.

Tutorial: Visual Studio 2008 Obfuscating with Dotfuscator - CodeCall Programming Forum should give you a good start

[Szlia]

Guru Hachima:
super hero or villain,
you, digital god?

[Fog]

Relying on tools to obfuscate the code really isn't practical to stop anyone with any motivation at all. Even assuming nobody at all could decipher the IL and fiddle with the executable in a useful way (an impossible assumption) it's pretty simple work to watch Wireshark and figure out what's going on, and then fiddle with it in-memory to send the proper messages over.

If you want even a little bit of security, you'll have to do stuff like weapon calculations on the server, but since you did this for your Ph.D., I presume you're well aware and decided not to go to the effort. As such, I suggest you don't even bother trying to obfuscate the code.

The de facto tool for disassembly is OllyDbg, but I assume that whoever is working on your code is just using ildasm to decompile it and ilasm back into an executable.

[Hachima]

Obfuscating it may not prevent all cheating, but it would help protect the ideas behind how the game is designed, which is his focus.

[Fog]

Quote:

Originally Posted by Hachima

Obfuscating it may not prevent all cheating, but it would help protect the ideas behind how the game is designed, which is his focus.

Why? He's not selling it; it's academic. Why would he want to hide the source?

[Hachima]

I don't know if he does or doesn't. I was just letting him know his options if he did, since he seemed to be unaware that you could look at the high level version of the source so easily.

I guess is he did want the source to be available he could release the actual source w/ any comments for educational purposes, which would be pretty cool if he did.


With the full source being available for this far into the project already it seems like a decent route. Give it some OS status and let people build upon it.

[Froofy-D]

I will obfuscate the code in the next version just so it is a bit harder to cheat. Although, I banned the accounts and IPs of the few people that were hacking, and haven't had any complaints since. I threw in server-side IP banning at the last minute before release. Glad I did.

[Fog]

There's a Metafilter thread here on the game (I didn't post it, just letting you know.)