[idea] prevent wallhack?

~~=Warmonger=~~ · 02/06/2011, 02:56

Quote:

Originally Posted by ItsNobody

1. Yes it does....check the history and facts of all unpacked servers and their hacking issues. You can unpack my client all you want...but try to use PackIO = 0 and see if you dont get slapped in the face. CRC checks within the data.pak work a hell of alot better then checking the individual files. Plus...you wont make it far with an unpacked client besides adding the bs thats easy like the a8 mobs and maps.
2. No it cannot if you implement new checks that makes your client dependent on your exe, Such as aloken and the aloken status files. Will crash everytime you try to use a hacked exe.
3. Guessing your dekaron.exe isnt packed to avoid reversers bypassing your shit and releasing it on forums? Hmmmm some work to do.

You dont understand...add all the fucking checks you want...Its not gonna do nothing but lag the server more. Look at GameHI....If it was that simple no1 would be wallhacking on there. Get your heads together guys. Think smart. 6mb of ram and a home connection speed will get your players major lag when you run those checks in your tunnel server.

You guys think im nub so I'll let silk and HellSpider talk about it. Im out. I keep hearing it can be bypassed, Show me....bypass ours someone. Funny how everyone else is worried about hackers and stopping them still and Hellspider fixed that quickly after he came back to Dekaron. We're currently focused on adding content...Anti-cheat is done

EDIT:: You're better off listening to THT and his approach

Actually server side checks are best. They do not cause any lag at all as they don't even factor in any information being sent in/out of the network. If you just pulled every players location from servers memory and constantly checked them with a set map/coordinate range, if the player is outside the limits or equals inside a object, then server will close the session. Client side anti-cheats work but only to a certain extent. Anything is unpackable giving the time and effort. Kick starting the game like so will allow me to bypass it before yours even loads.

Code:

#define DEFAULT_DLL_NAME                "bypass.dll"
#define WIN32_LEAN_AND_MEAN
#include <windows.h>

// struct with data needed for remote thread.
typedef struct i_data
{
        HINSTANCE       (__stdcall *LoadLibrary)( LPCTSTR lpLibFileName );      
        VOID            (__stdcall *ExitThread)( DWORD dwExitCode );
        VOID            (__stdcall *ExitProcess)( UINT uExitCode );
        int             (__stdcall *MessageBox)( HWND hWnd, LPCTSTR lpText,     LPCTSTR lpCaption, UINT uType  );
        char            Error[128];
        char            DllName[MAX_PATH];
}i_data;


__inline DWORD __stdcall InjectDll( i_data *i_data )
{
        if( !i_data->LoadLibrary( i_data->DllName ) )
        {
                i_data->MessageBox( NULL, i_data->Error, i_data->Error, NULL );
                i_data->ExitProcess(0);
        }
        i_data->ExitThread(0);
        return 0;
}

__inline void EndInjectDll( void ){ return; }

int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow   )
{
        static PROCESS_INFORMATION      ProcessInformation;
        static STARTUPINFO              StartupInfo;
        HANDLE                                          hProcess = 0;
        HANDLE                                          hThread = 0;
        i_data                                          idata;
        LPVOID                                          ridata;
        LPVOID                                          rInjectDll;
        DWORD                                           tid;
        char                                            szDll[MAX_PATH];

        if( !CreateProcess(     
                                        NULL,
                                        "<<Insert game exe and parameters here>>",
                                        NULL,
                                        NULL,
                                        NULL,
                                        CREATE_SUSPENDED,
                                        NULL,
                                        NULL,
                                        &StartupInfo,
                                        &ProcessInformation ) )
        {
                MessageBox( NULL, "Can't kick start the application", "Error", NULL );
                return 0;
        }

        hProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, ProcessInformation.dwProcessId );

        GetCurrentDirectory( sizeof szDll, szDll );
        wsprintf( szDll, "%s%s", szDll, DEFAULT_DLL_NAME );

        // fill structure with the needed data we gonna pass to remote thread.
        lstrlen( lpCmdLine ) ? lstrcpy( idata.DllName, lpCmdLine ) : lstrcpy( idata.DllName, szDll );
        lstrcpy( idata.Error, "Can't find dll. You can specify the dll name as command line (with no quote marks and full path)." );
        idata.ExitThread = ExitThread;
        idata.ExitProcess = ExitProcess;
        idata.LoadLibrary = LoadLibraryA;
        idata.MessageBox = MessageBoxA;

        // allocate memory on remote process for the thread and the structure.
        ridata  = VirtualAllocEx( hProcess, NULL, sizeof idata, MEM_COMMIT, PAGE_EXECUTE_READWRITE );
        rInjectDll      = VirtualAllocEx( hProcess, NULL, (unsigned int)((unsigned int)EndInjectDll-(unsigned int)InjectDll), MEM_COMMIT, PAGE_EXECUTE_READWRITE );

        if( ridata && rInjectDll )
        {
                // copy data to remote process.
                if( WriteProcessMemory( hProcess, ridata, &idata, sizeof idata, NULL ) && 
                    WriteProcessMemory( hProcess, rInjectDll, InjectDll, (unsigned int)((unsigned int)EndInjectDll-(unsigned int)InjectDll), NULL ) )
                {
                        // create thread on remote process.
                        hThread = CreateRemoteThread( hProcess, 
                                                                                  NULL,
                                                                                  0,
                                                                                  (LPTHREAD_START_ROUTINE)rInjectDll,
                                                                                  ridata,
                                                                                  0,
                                                                                  &tid );
                }
                if( hThread )
                {
                        // wait for remote thread to finish.
                        WaitForSingleObject( hThread, INFINITE );

                        // resume main process thread.
                        ResumeThread( ProcessInformation.hThread );
                        CloseHandle( hThread );
                }
                // free memory allocated on remote process.
                VirtualFreeEx( hProcess, ridata, 0, MEM_RELEASE  ); 
                VirtualFreeEx( hProcess, rInjectDll, 0, MEM_RELEASE      );
        }
        CloseHandle( hProcess );
        return 0;
}

All in all I don't think players are smart enough to bypass client side protection. But if they do, your "fix" will need fixing again.

҉ THT ҉ · 02/06/2011, 03:26

Are you sure it wont lag the server?
Lets say you have 400 players online and the AC checks it 1 time in 1 seconds
that is 400 querys for 1 second, lets do it with 1 min 400 x 60 = 24.000
We are talking about 24.000 QUERY in 1 minute ONLY for the AC.....
And then talk about the whole running server, and ppl that walking around, ppl that are lvling, ppl that are doing DF, ppl that are pking..
all that things going to the database...
You can think about 30.000 QUERYs every min with AC like that

nvm: we can talk days-days-days about this.. the best solution is a client side AC.

Zektor · 02/06/2011, 03:29

Where the **** did database come from?

Edit:
He's talking about reading the coordinates from the server's memory, not from the database.

Besides the database only updates the coordinates when the profile is being saved

҉ THT ҉ · 02/06/2011, 16:09

you want ban the player in the memory? -.-

ItsNobody · 02/06/2011, 18:34

I understand it can be bypassed....But it hasnt yet. The best Anti-Cheat out for dekaron at the moment.

Warmonger...I want to see it and im sure HellSpider does. First you would have to reverse and unpack the exe. Not many people on epvp can unpack the protection it has.

Zektor · 02/06/2011, 22:35

Quote:

Originally Posted by ҉ THT ҉

you want ban the player in the memory? -.-

Why do we need to do 400 queries? Server checks are server-sided from the games memory to see who hacks, and fi a person is hacking then it can do whatever query it needs to. Why the hell do we need to do 400 queries a second its not like everyone's hacking.

҉ THT ҉ · 02/07/2011, 00:46

yea, if we think about a server with 30 online, oke you are true..
If we think about elitedekaron (or bigger)... Then you should need very much...
You need to read the x-y frome every player and every some seconds

ItsNobody · 02/07/2011, 03:03

You know this convo is really getting nowhere

҉ THT ҉ · 02/07/2011, 15:16

Yea, you are right

..

I am out

jamietjeh · 02/19/2011, 03:31

hey i got an idea about the wall hackers change the hex code of the files or encript em with unknown salt?? maby an idea so thay cant read em only u can
like thay did with rs private server to protect ppl from seeing passwords(i know its lame i played/hosted rs pservers... i know im lame but thanks to that i am making my own game...)

BioNicX · 02/20/2011, 01:43

what u need is something called "Search!". someone posted this how to prevent wallhackers. Not anyone , someone whos a pro dev, he posted it on elitepvp.