Jump to content


Photo

Md5 Variable Guard


  • Please log in to reply
7 replies to this topic

#1 Sindarin

Sindarin

    Indie Game Developer

  • New Member
  • 1644 posts
  • Version:GM:HTML5

Posted 14 July 2008 - 11:45 AM

MD5 variable guard
protects from memory editing

version 1.0

This example how you can effectively protect your variables against people, who try to cheat in it using Cheat programs/Memory editors, with a dll that checks the md5 checksum of the variable. It protects against variable changes and freezing. It does not protect from speedhacks (I currently don't know how to block this) but speedhacks are mostly useful for cheating in online games (which checks should be done server-side).

Before use, please realise that there is no 100% protection from memory editing. Never.
This method will annoy many people who like to cheat easily by using programs.

You should also take extra steps to enhance the protection,
Do not show a variable value with a number to the player (for e.g. draw heart sprites instead of "health: 100")
Check for Cheat program processes by using a dll
Obfuscate your source with GM obfuscator (really important)
Remove the debug form (PM me for more info)
Wrap using a software protection program (check my sig)

Download Gmk/Dll

Edited by Sindarin, 23 September 2008 - 05:01 PM.

  • 0
GM 8.1 / GM:HTML5 User

#2 BrainWare

BrainWare

    Adrenaline

  • GMC Member
  • 791 posts

Posted 15 July 2008 - 12:47 PM

To be honest, using an MD5 hash just to protect a single variable seems a bit over the top.
  • 0

#3 death-droid

death-droid

    GMC Member

  • GMC Member
  • 2600 posts

Posted 15 July 2008 - 12:59 PM

It isnt at all really just don't use it for every single variable if you do then it is over the top.
  • 0

Posted Image


#4 ljdp

ljdp

    GMC Member

  • New Member
  • 43 posts

Posted 02 December 2008 - 03:55 PM

That was too easy to hack "/
Cheat engine found 2 double-type addresses, i just changed both of these at the same time.
  • 0

#5 ash47

ash47

    O_o

  • GMC Member
  • 1347 posts

Posted 03 December 2008 - 05:21 AM

easily broken, you could of cource change both at once, it wouldn't take a good hacker long to work out what is going on and get past it. Most game maker games arn't worth "hacking" anyways as they arn't that good.

Here's a WAY better solution, i made this from scratch in about 5-10 mins, it is quick, i commented as much as possible and it comes with TWO versions, i complex one and a simple one, here is link, sorry to go off topic but still: http://willhostforfo...ad&fileid=43389

Nice IDEA but not very great :(
  • 0
Posted Image

Rate this topic: 0 | 1 | 2 | 3 | 4 | 5

PRESS IT
\/


#6 Sindarin

Sindarin

    Indie Game Developer

  • New Member
  • 1644 posts
  • Version:GM:HTML5

Posted 03 December 2008 - 06:41 PM

That was too easy to hack "/
Cheat engine found 2 double-type addresses, i just changed both of these at the same time.


Yes, you didn't take in account though that this was a small example. In a finished game there will be thousands of variables that will have same values. How one would know what value to change? Especially if there is no visual representation of that variable? And if all the variables are obfuscated?
  • 0
GM 8.1 / GM:HTML5 User

#7 ash47

ash47

    O_o

  • GMC Member
  • 1347 posts

Posted 03 December 2008 - 11:22 PM

It's not really that hard to find them, personally i think that this method is VERY stupid as it will basicly make you quit, maybe this idea might be ok for an online game but i wouldn't even both with an offline game. Wouldn't this also use some memory or something? Does this use any CPU power or anything like that to do the MD5s?
  • 0
Posted Image

Rate this topic: 0 | 1 | 2 | 3 | 4 | 5

PRESS IT
\/


#8 Maarten Baert

Maarten Baert

    GMC Member

  • GMC Member
  • 750 posts
  • Version:GM8.1

Posted 05 December 2008 - 02:25 PM

This is great, you just have to make some changes to make it better.

You could solve the "change both the same time" problem by appending a small 'secret' string at the end of the variables before using MD5. This secret string could be generated randomly at game start, so this way the hacker would have to find the variable, the md5 key, AND the secret string (which is NOT in GM memory but in the memory the DLL is using) to calculate the new MD5 hash. Could anyone hack that (except by trying it again and again a million times)?

The only problem is, you will have to edit the dll to do this.

Edited by matrebatre, 05 December 2008 - 02:29 PM.

  • 0
Posted Image