While driving home, I came up with an idea for hack detection for my bot, and I would like comments.
Some background: My bot is a 'tournament bot', and will interconnected to other bots. The bots will set up tournament trees and such, and I wanted a way to make sure no one is hacking in these tournaments.
So, I was thinking I could have the bot load the data from some known hacks, (as far as I know most hacks are dll injection) and read the game process, looking for the hack data. I am not quite sure how to implement this at the moment, but I'm sure it can't be to hard. Then if it detects a hack it will message the other bots that the client is hacking.
And the hacker intercepts the message saying he is hacking.
Kill the game process then?
Write a clone of your bot that always announces "Not cheating" without actually checking whether the user running it is cheating. Then he can run any hacks he wants and not get caught. Alternately, instead of cloning your bot, hack your bot so that any time it attempts to read game locations which the hack has modified, it instead receives the "correct" data. This would be fairly straightforward to do, probably not more than a few days work. With some cleverness, it could even be made version independent.
If you could inject the anti-hack into the game, however, it would work better (sort of like how Valve's VAC works, but that's built in).
Quote from: rabbit on May 22, 2005, 10:22 PM
If you could inject the anti-hack into the game, however, it would work better (sort of like how Valve's VAC works, but that's built in).
Why would it work better? Any code running on the client machine can be overridden with code that behaves in the interest of the client's user, not in the interests of the software owner.
You could make it very difficult to override, with encryption and such, but in the end anything running on your machine is overridable.
The point of my orginal plan is not modifying the game process at all. You also have to remember that most people are not that smart good at reversing/hacking, they just use the ones that other people make.
Quote from: Shout on May 23, 2005, 11:03 AMYou also have to remember that most people are not that smart good at reversing/hacking, they just use the ones that other people make.
Sure, but what happens when someone makes and releases something of the quality I described above? :)
Quote from: Kp on May 23, 2005, 11:47 AM
Quote from: Shout on May 23, 2005, 11:03 AMYou also have to remember that most people are not that smart good at reversing/hacking, they just use the ones that other people make.
Sure, but what happens when someone makes and releases something of the quality I described above? :)
At that time I deal with it.
Deal with it how?
If anybody thinks highly of you enough to reverse engineer and re-write your software just to use a maphack (what more of a hack is there, anyhow?) let them just do it.
or not. If they exploit software, fix it.
If someone wanted to take the time to reverse engineer a bnet bot, and exploit it, I'd say they need to get some help.
I could also go the blizzard way and do a checksum on the files, and am some sort of authorization check.
I don't see why the thought of people making hacks (including hacks to get around anti-hacks) is such an outlandish and hard to grasp concept.
Well, like iago said earlier, a program that runs locally on a machine can never completely protect itself on that machine. This topic is very similar to an older discussion a while ago where someone was trying to protect his or her program from unauthorized users.
Your best bet is to make your program dependent on some remote resource.
And then they just modify a hosts file, create a simple prog that always verifies as true, etc.
He said make it dependant on a remote resource, not make it verify itself to one.
Couldn't you just feed this remote source false info about yourself while in game?
It would have to be set up in such a way to make that difficult. As I said before, it'll never be impossible :)
So if it's impossible, there is no point in doing it, which means I wasted ~200 hours so far, which means I should just kill myself?
Wow flawed logic sucks.
[ontopic] Does anyone have any tangible suggustions? If you do, please explain them. This may be a topic people can use later. ;D
Quote from: Shout on May 24, 2005, 09:38 PMSo if it's impossible, there is no point in doing it, which means I wasted ~200 hours so far, which means I should just kill myself?
No, just go engage in more useful pursuits. For instance, go earn additional cash and donate it to vL in gratitude for our forums having shown you the error of your ways. ;)
*rofl* I'd atleast make it hard for them, yanno make them work =D
Quote from: raylu on June 01, 2005, 01:03 AM
Quote from: Shout on May 24, 2005, 09:38 PMWow flawed logic sucks.
Gee, really?
Never underestimate the power of stupid people in large groups.
Quote from: Ban on June 01, 2005, 09:46 AM
Quote from: raylu on June 01, 2005, 01:03 AM
Quote from: Shout on May 24, 2005, 09:38 PMWow flawed logic sucks.
Gee, really?
Never underestimate the power of stupid people in large groups.
Never underestimate the power of geeks
in large numbers.