Cheat folders and files?
#21

Quote:
Originally Posted by Unkovic
Посмотреть сообщение
if a file is dll, I think the program wont work after renaming dll
The filename is completely irrelevant. I can name a file anything I want and it still runs as intended if you start it like intended.

Same for executables. I can name any program explorer.exe, will you ban people for explorer.exe?

Quote:

Most of the hack/cheat users are not so advanced users to manipulate they'r computer to get around it.

They don't need to. They managed to install mod_sa or CLEO or whatever they use, so if someone was to post something on ******* in an easy 3 step tutorial what would keep them from following that?
Reply
#22

Quote:
Originally Posted by NaS
Посмотреть сообщение
The filename is completely irrelevant. I can name a file anything I want and it still runs as intended if you start it like intended.

Same for executables. I can name any program explorer.exe, will you ban people for explorer.exe?



They don't need to. They managed to install mod_sa or CLEO or whatever they use, so if someone was to post something on ******* in an easy 3 step tutorial what would keep them from following that?
what you will do to check if player is using cheats?
Reply
#23

As a guy who worked briefly on a clientside anticheat, I'd suggest you NOT to write an AC unless you actually have experience in modding or at least know how cheats and mods work.
First step is to understand how cheats manage to change the behaviour of the game. This is mostly done from within the process (internal - so.be.it) or from other processes (external - trainers). So, experience with Win32 API is required. Moreover, you'll have to analyze the cheats you're going to detect and portions of GTA:SA+SA-MP, so prior experience with disassemblers, debuggers and other analyzing software is needed.
Now let's say that you've got the base of your AC up and running. How do you protect it from haxors? You must come up with methods that will make bypassing, tampering and emulating hard to achieve.
Reply
#24

Most of them will manipulate memory or is there some other way ?

When i worked on my server, i created a hack to quickly teleport to desired locations, it was done by reading players position out from sa:mp memory to save positions and writing memory to teleport saved positions read from ini file.
Samp uses dynamic memory for player pos, so it requires offsets to read/write effectivly.


Quote:
Originally Posted by NaS
Посмотреть сообщение
The filename is completely irrelevant. I can name a file anything I want and it still runs as intended if you start it like intended.
dll is called from program by dll's name, so changing only that will end up with error, sooner or later, sometimes later if the dll is dynamic not static that is read at start.

Код:
 function Out32(PortAdr: word; Data: byte): byte; stdcall; external 'inpout32.dll';
Just some example from the program code I used to read and write LPT port data to control step-motor, here the inpout32.dll is called.
Reply
#25

Quote:
Originally Posted by VeryTallMidget
Посмотреть сообщение
Most of them will manipulate memory.
When i worked on my server, i created a hack to quickly teleport to desired locations, it was done by reading players position out from sa:mp memory to save positions and writing memory to teleport savfed positiond read from ini file.
Samp uses dynamic memory for player pos, so it requires offsets to read/write effectivly.




dll is called from program by dll's name, so changing only that will end up with error.

Код:
 function Out32(PortAdr: word; Data: byte): byte; stdcall; external 'inpout32.dll';
Just some example from the program code I used to read and write LPT port data to control step-motor, here the inpout32.dll is called.
I wanted to say that

Quote:
Originally Posted by Spmn
Посмотреть сообщение
As a guy who worked briefly on a clientside anticheat, I'd suggest you NOT to write an AC unless you actually have experience in modding or at least know how cheats and mods work.
First step is to understand how cheats manage to change the behaviour of the game. This is mostly done from within the process (internal - so.be.it) or from other processes (external - trainers). So, experience with Win32 API is required. Moreover, you'll have to analyze the cheats you're going to detect and portions of GTA:SA+SA-MP, so prior experience with disassemblers, debuggers and other analyzing software is needed.
Now let's say that you've got the base of your AC up and running. How do you protect it from haxors? You must come up with methods that will make bypassing, tampering and emulating hard to achieve.
So how can someone avoid launcher, that will disable .dll files, CLEO folder and other folders, except renaming it?
Reply
#26

Quote:
Originally Posted by VeryTallMidget
Посмотреть сообщение
Most of them will manipulate memory or is there some other way ?

When i worked on my server, i created a hack to quickly teleport to desired locations, it was done by reading players position out from sa:mp memory to save positions and writing memory to teleport savfed positiond read from ini file.
Samp uses dynamic memory for player pos, so it requires offsets to read/write effectivly.




dll is called from program by dll's name, so changing only that will end up with error, sooner or later, sometimes later if the dll is dynamic not static that is read at start.

Код:
 function Out32(PortAdr: word; Data: byte): byte; stdcall; external 'inpout32.dll';
Just some example from the program code I used to read and write LPT port data to control step-motor, here the inpout32.dll is called.
There are multiple methods to hook foreign DLLs or actually any file.

- Mapping DLLs using WinHooks or other more advanced programs
- Modifying your DLL to also load mine
- Modify your code to load my DLL, which is basically what you did with the SAMP Player Pos just a tiny bit more advanced...

You don't even need an ASI loader for ASIs btw. Just inject an asi (which is literally a renamed DLL).

Anyway this is by far not the only possible attack or circumvention I could think of. I'm just trying to say that you NEED to secure your Launcher efficiently against all kind of things, even if you are sure that noone will inject a DLL.
What about network layer? What keeps me from replicating your code?
Reply
#27

Quote:
Originally Posted by NaS
Посмотреть сообщение
There are multiple methods to hook foreign DLLs or actually any file.

- Mapping DLLs using WinHooks or other more advanced programs
- Modifying your DLL to also load mine
- Modify your code to load my DLL, which is basically what you did with the SAMP Player Pos just a tiny bit more advanced...

You don't even need an ASI loader for ASIs btw. Just inject an asi (which is literally a renamed DLL).

Anyway this is by far not the only possible attack or circumvention I could think of. I'm just trying to say that you NEED to secure your Launcher efficiently against all kind of things, even if you are sure that noone will inject a DLL.
What about network layer? What keeps me from replicating your code?
Yeah thank you, also what yoy means by Network Layer and code replicating?
Reply
#28

Quote:
Originally Posted by Unkovic
Посмотреть сообщение
Yeah thank you, also what yoy means by Network Layer and code replicating?
By network layer he means the way data is send. For example let's say that you will send a string "clean" or "cheat". What is stopping him from creating a modified version of your anticheat that just sends "clean" in any case.
Reply
#29

Quote:
Originally Posted by 10MIN
Посмотреть сообщение
By network layer he means the way data is send. For example let's say that you will send a string "clean" or "cheat". What is stopping him from creating a modified version of your anticheat that just sends "clean" in any case.
Hmmm

If i Understand you i will answer with this, but i think i didnt und. you:

Example: player 1 create application that connects to server and send "clean".?

EDIT: i dont really mean application
Reply
#30

But you create anti-cheat soft that detects something client side and then sends info to server side ?
If this program communicates with server it will probably send something that indicates if the player is using cheats or not ?
So this info should be crypted in some way, if not, its easy to manipulate it to send false info...
This crypted info should depend on something maybe from client side or something that server will send.

This is how its done:
You create protective system and then start to abuse it in any way possible, this is how you will detect flaws.
You build a castle and to make it more secure, you try to brake in, any way possible to detect weak points.
Reply
#31

Quote:
Originally Posted by Unkovic
Посмотреть сообщение
If i Understand you i will answer with this, but i think i didnt und. you:

Example: player 1 create application that connects to server and send "clean".?

EDIT: i dont really mean application
He means "what stops a hacker from modifying the AC to always send "clean" data even when it's really "cheat" data?" I think.
Reply
#32

Quote:
Originally Posted by DTV
Посмотреть сообщение
He means "what stops a hacker from modifying the AC to always send "clean" data even when it's really "cheat" data?" I think.
Yep, that's what I meant to say.
Reply
#33

Quote:
Originally Posted by DTV
Посмотреть сообщение
He means "what stops a hacker from modifying the AC to always send "clean" data even when it's really "cheat" data?" I think.
Yea, I understood.

1) I rly dont know how he can do that if he dont know how launcher works.

That is good idea for crypting info.
Reply
#34

Quote:

I rly dont know how he can do that if he dont know how launcher works.

He can if he reverse engineers the launcher, which is how trainers are produced for every game that comes out. Ultimately, this is a game of cat and mouse and who decides to give up first.
Reply


Forum Jump:


Users browsing this thread: 5 Guest(s)