FlyFF - Easy Anti Cheat - Implementation - Preview

Hello guys,

i've decided to work on FlyFF again. After implementing a fully working MySQL framework into FlyFF i came back month ago to implement a bit more into that awesome piece of game.

Here is a short preview of my Easy Anti Cheat implementation into FlyFF. The whole EAC is implemented into the server and into the client.

Clienside is doing driver protection and game integrity checks and a lot of other stuff do defend against cheating and debugging, while the server side is communicating with the Epic Games Online Services to keep a connection to the EAC user client and kick players if they don't run the client with their FlyFF. Through the implementation of EAC we've the nice abillity to encrypt messages and much more, all the beautiful things coming with EAC.

Video:


Keep discuss below, wether is this useful or not. Maybe i'm going to release it soon.

Discord: DevGrab#0815

i think it could be very usefull!

Nice work :)

LG
- Kevin

It's quite useful, nice work!

Quote:

Originally Posted by DevGrab Hello guys, i've decided to work on FlyFF again. After implementing a fully working MySQL framework into FlyFF i came back month ago to implement a bit more into that awesome piece of game. Here is a short preview of my Easy Anti Cheat implementation into FlyFF. The whole EAC is implemented into the server and into the client. Clienside is doing driver protection and game integrity checks and a lot of other stuff do defend against cheating and debugging, while the server side is communicating with the Epic Games Online Services to keep a connection to the EAC user client and kick players if they don't run the client with their FlyFF. Through the implementation of EAC we've the nice abillity to encrypt messages and much more, all the beautiful things coming with EAC. Video: [Only registered and activated users can see links. Click Here To Register...] Keep discuss below, wether is this useful or not. Maybe i'm going to release it soon. Discord: DevGrab#0815

Does this also provide protection against packets?

Quote:

Originally Posted by TheAllfather Does this also provide protection against packets?

You can read the documentation online, EAC is now a free anti cheat thanks to Epic.
I guess the best way to prevent cheats using packets is just to secure your game server for every packet, dont rely on an Anti cheat system to do that. But still Eac is free now and easy to integrate into flyff so it will stop many cheat engine speed hackers :P

Quote:

Originally Posted by cookie69 You can read the documentation online, EAC is now a free anti cheat thanks to Epic. I guess the best way to prevent cheats using packets is just to secure your game server for every packet, dont rely on an Anti cheat system to do that. But still Eac is free now and easy to integrate into flyff so it will stop many cheat engine speed hackers :P

EAC provides possibilities for packet encryption but you should always implement your own protection against packet editing.

Even tho it isn't that easy to implement since you've to build in all the the EOS into your server and client. The documents that Epic Games provide doesn't contain any usecase of EAC or how to implement it fully.

Even tho, you've to fix some things to get EAC working on FlyFF since EAC is hooking DirectX and is causing crashes.

Nothing more, if you contribut and say it's easy to implement, lets start releasing it instead of shit-talk. EAC provides more than protection against Cheat Engine, EAC provides a fully kernel mode anti cheat which is protecting and evaluating your process.

Thats actually pretty dope tbh

By adding EAC, all you will be doing is creating a marketplace for people to come in and bypass/provide bots for servers with EAC, which:

1. You are enabling them to be able to charge a lot more for a bot because they have to bypass the "all-mighty EAC", which is a laugh for anyone who knows what they are doing, especially with your implementation.

2. Servers with "hard to bypass" ACs will see prices go up for RMT since not everyone can just bot anymore, but this can create a worse botting problem since it'll be so profitable for users like myself that can create bots for our own use. Tracking trades/RMT is laughable, so that won't stop us either.

Take this information as you will.

Quote:

Originally Posted by Rabbit™ By adding EAC, all you will be doing is creating a marketplace for people to come in and bypass/provide bots for servers with EAC, which: 1. You are enabling them to be able to charge a lot more for a bot because they have to bypass the "all-mighty EAC", which is a laugh for anyone who knows what they are doing, especially with your implementation. 2. Servers with "hard to bypass" ACs will see prices go up for RMT since not everyone can just bot anymore, but this can create a worse botting problem since it'll be so profitable for users like myself that can create bots for our own use. Tracking trades/RMT is laughable, so that won't stop us either. Take this information as you will.

It doesnt matter which Anticheat is used as soon as it's implemention get's public, it'll be free food for any reverse engineer that has a few basic understandings of what he's doing.

The Black Market section shows you an example for playpark made by us, which is actually running EAC (not sure how different it is, since it was reversed without the onlince documentation available, but proof's that this is just an additional bullcrap to write a 10-liner to give a fk about).

I smell a pretty similar story as it is about AhnLab's Crapshield, ngl dont waste your time with client sided anticheats and start fixing your code. That's a way harder thing to break through, given that you're able to produce proper code.

Just my 2 cent's and, i actually only qouted to add my opinion ontop of whom's i agree to.

Cheers

Quote:

Originally Posted by netHoxInc It doesnt matter which Anticheat is used as soon as it's implemention get's public, it'll be free food for any reverse engineer that has a few basic understandings of what he's doing. The Black Market section shows you an example for playpark made by us, which is actually running EAC (not sure how different it is, since it was reversed without the onlince documentation available, but proof's that this is just an additional bullcrap to write a 10-liner to give a fk about). I smell a pretty similar story as it is about AhnLab's Crapshield, ngl dont waste your time with client sided anticheats and start fixing your code. That's a way harder thing to break through, given that you're able to produce proper code. Just my 2 cent's and, i actually only qouted to add my opinion ontop of whom's i agree to. Cheers

EAC is one of the top tier anti cheats, surely you can bypass it only via kernel drivers but those are getting detected earlier or later. Every EAC cheat which i know had a detection since EAC cares about their games and service.

Since this is a official implementation and no rip off, its getting updated all a long. The EAC anti cheat bootstrapper is handling most of the client-side protection, there isn't much you can do at client-side but implementing heartbeats from EOS to your gameserver and client, to check if the game has been started with EAC.

The game is getting started through the EAC drivers which evaluate the game at start. Bypassing EAC will work, you need a massive knowledge and no copy cat code or public code.

I have not read the TOS/Rules for the implementation/usage of EAC (not end user contract) but i am not pretty sure there is a statement that it is disallowed to use for illegal projects and luckily for the server owners so far gala was rather "chill" when it comes to legal action. EAC on the other side also is used for official Playpark Flyff and because they are really "on the hunt" will come across the usage of their anticheat for illegal project(s) rather fast or another server admin will make sure they will :lul:. The implementation of EAC is nothing new and has been done for other pserver stuff as well in the past.

EAC is a US company and therefore they will take legal action because they simply have to protect their reputation and service integrity.
Fighting EAC on a "cat and mouse" game with bypassing and cheating might be fun todo but on the legal side i'd rather fight a lion in a cage than their army of lawyers.

Wow! So useful!