Jump to content


Photo

Anti-hacking using maths


  • This topic is locked This topic is locked
49 replies to this topic

#1 Blue2010

Blue2010

    GMC Member

  • New Member
  • 8 posts

Posted 11 December 2011 - 04:17 AM

Recently I saw something like this to protect the valuable variables in a game, replace x with them;

Begin step;
x = (((22*x)-7)/4)+.123 (packing)

End step;
x = (((x-.123)*4)+7)/22 (unpacking)
if x is now a decimal, then we've been hacking. See below

Alright, if x is a decimal then that means that between the begin step and end step events, the variable has been modified - unless the hacker chooses an extremely random decimal and gamemaker's rounding to 2 decimal places lands a very lucky shot, the game should catch the hacker.

However (I know very little about programs that modify these variables eg Cheatengine) the hacker can change the variable during the begin step, end step or draw events and mess up this method, yes? Does this mean that if the hacker continues to try to modify variables eventually it will work? Does it also mean that the unpacking and checking should occur in the draw event, as that reduces the amount of time a hacking program can modify the variables?
Also, this method will probably slow down the game a bit (does gamemakers rounding decimals reduce the work it has to do?), so how much math would be required to still have a high probability of catching the hacker out, but retain the performance of the game itself?
I'd actually be pretty interested in the probability (with working) of the math I gave above for a variable being changed by 1 or some whole integer.
  • 0

#2 ash47

ash47

    O_o

  • GMC Member
  • 1344 posts

Posted 11 December 2011 - 06:28 AM

Idk about doing all that, personally using the XOR function is really good in terms of protecting variables, if you XOR a number by something like 5, it will go up, then back down, depending on the variable, and makes it really hard to track in stuff like cheat engine, as far as this method goes, seems pretty interesting =P
  • 0

#3 NakedPaulToast

NakedPaulToast

    GM Studio/Mac/Win

  • GMC Member
  • 8297 posts
  • Version:GM:Studio

Posted 11 December 2011 - 04:31 PM

Recently I saw something like this to protect the valuable variables in a game, replace x with them;

Begin step;
x = (((22*x)-7)/4)+.123 (packing)

End step;
x = (((x-.123)*4)+7)/22 (unpacking)
if x is now a decimal, then we've been hacking. See below

Alright, if x is a decimal then that means that between the begin step and end step events, the variable has been modified - unless the hacker chooses an extremely random decimal and gamemaker's rounding to 2 decimal places lands a very lucky shot, the game should catch the hacker.

However (I know very little about programs that modify these variables eg Cheatengine) the hacker can change the variable during the begin step, end step or draw events and mess up this method, yes? Does this mean that if the hacker continues to try to modify variables eventually it will work? Does it also mean that the unpacking and checking should occur in the draw event, as that reduces the amount of time a hacking program can modify the variables?
Also, this method will probably slow down the game a bit (does gamemakers rounding decimals reduce the work it has to do?), so how much math would be required to still have a high probability of catching the hacker out, but retain the performance of the game itself?
I'd actually be pretty interested in the probability (with working) of the math I gave above for a variable being changed by 1 or some whole integer.


GameMaker naturally modifies the x variable between the begin step and end step. This won't work.

GameMaker doesn't round variables to two variables, though the string function will for display purposes only.

Edited by NakedPaulToast, 11 December 2011 - 04:31 PM.

  • 0

#4 DZiW

DZiW

    GMC Member

  • GMC Member
  • 729 posts

Posted 11 December 2011 - 08:31 PM

IMO,
1) if the same number gives the same encoded result then it's rather poor approach;
2) if the sensible variables use the same mem offset then it's but useless;
3) if 'protection' makes the software rather complex or oven unstable then;
4) very few games are even worth cheating, let alone made in GM...

Anyway, just add built-in cheat and let those who really want to use it.
  • 0

#5 YellowAfterlife

YellowAfterlife

    GMC Member

  • Global Moderators
  • 4011 posts
  • Version:GM:Studio

Posted 11 December 2011 - 08:45 PM

Cheating is critical only for games where online highscores or achievements are available.

For those you may want to have 'verification' variables along with all important ones.
So you would create a script(s) like:
// score_set(value, skip) - changes score
// value - new score value
// skip - skip verification
if (!argument1) if ((score ^ 77) != score_) global.is_cheating = true;
score = argument0;
score_ = score ^ 77;
Replace '^ 77' by calculation of choice - be that division, lengthdir, or checksum.

This method leaves variable(s) well exposed, however you will know if player changed something, and take care - be that shutting the game down, resetting their score, or kicking them out just before the end of game (warning: may cause hate).
  • 0

#6 Blue2010

Blue2010

    GMC Member

  • New Member
  • 8 posts

Posted 11 December 2011 - 10:52 PM

Ash, I don't know what you're talking about, are you saying something about 'exclusive or'?

NPT:

GameMaker naturally modifies the x variable between the begin step and end step. This won't work.

GameMaker doesn't round variables to two variables, though the string function will for display purposes only.


Why does GM modify the x variable? I really hope you're not meaning all the variables and mistook my meaning of x being co-ordinate variables...

And yeah, wow, GM doesn't actually round the decimals except when displaying them, which is a bit weird. Again, why was this done...? >_>

DZiW... please don't assume the importance of this protection to be null. Even if it was, that is not the question.

YAL: I don't really see how that helps at all?
  • 0

#7 YellowAfterlife

YellowAfterlife

    GMC Member

  • Global Moderators
  • 4011 posts
  • Version:GM:Studio

Posted 11 December 2011 - 11:08 PM

See this example. Hack score, then click a fruit.
  • 0

#8 yourtexthere

yourtexthere

    GMC Member

  • New Member
  • 66 posts

Posted 12 December 2011 - 02:10 AM

Why do you care so much if people cheat in your game?
That's their problem if they get pleasure out of freaking CHEATING on someone's game maker game, I mean seriously...
  • -3

#9 Blue2010

Blue2010

    GMC Member

  • New Member
  • 8 posts

Posted 12 December 2011 - 02:41 AM

YAL: After re-reading that, I understand and it's a pretty good method other than a hacker aware of this could observe the trend between both variables. I like this method though. What about speed? Would the extra memory and math calculations matter much?

Why do you care so much if people cheat in your game?
That's their problem if they get pleasure out of freaking CHEATING on someone's game maker game, I mean seriously...


These comments are beginning to irritate me. Evidently you cannot conceive a possible scenario where cheating would be detrimental to other players; ie online communication. If you are not going to post something useful, please do not post at all.
  • 0

#10 YellowAfterlife

YellowAfterlife

    GMC Member

  • Global Moderators
  • 4011 posts
  • Version:GM:Studio

Posted 12 December 2011 - 05:37 AM

YAL: After re-reading that, I understand and it's a pretty good method other than a hacker aware of this could observe the trend between both variables. I like this method though. What about speed? Would the extra memory and math calculations matter much?

GameMaker changes a lot of its own variables every step. If hacker has patience to do step-by-step debugging of your game to track down second variable, figure out it's formulae, and change those at once, anti-hacking protections wouldn't protect your game anyway.
About performance - depends on operations that you perform, but in most cases not significiant (other in-game calculations are likely to take more time than it anyway). I have succesfully used Le Maire's random number generation algorithm (value_ = ((value * const1) + const2) mod const3) for this purpose in few games and it still wasn't noticable behind other calculations. Obviously, a more complex algorithm also makes it harder to track down 'protecting' variable.
  • 0

#11 DZiW

DZiW

    GMC Member

  • GMC Member
  • 729 posts

Posted 12 December 2011 - 01:26 PM

IMO it's too much fuss about nothing: all online apps with sensible protection are server-side only. Do you copy?
Furthermore, all GM EXE are so easily ripped back as GMx/K that I don't think it's a real problem--so now you have also to check CRC/MD5 or something too, right? Go ahead and on ;)

The 'real' protection which I find really cute makes a few indirect checks, but doesn't cry out 'WOLF! WOLF!' or something, it just modifies memory a heap/data so that the app successfully crashes--every cheat is a crash.

But there's no need of it all: if one really wants he can just modify the routine or send his modified data to your server of hi-scores even without running your game. So, the only relevant criterion of hi-score is... game time?
  • 0

#12 NakedPaulToast

NakedPaulToast

    GM Studio/Mac/Win

  • GMC Member
  • 8297 posts
  • Version:GM:Studio

Posted 12 December 2011 - 02:52 PM

Why does GM modify the x variable? I really hope you're not meaning all the variables and mistook my meaning of x being co-ordinate variables...



Yes I interpreted your use of the x variable as the co-ordinate. That's what the x variable represents.

And yeah, wow, GM doesn't actually round the decimals except when displaying them, which is a bit weird. Again, why was this done...?

For convenience. Take the default of two decimal points or use string_format if you want to control the number of decimal points.
  • 0

#13 Erik Leppen

Erik Leppen

    GMC Member

  • GMC Member
  • 2551 posts
  • Version:GM:Studio

Posted 12 December 2011 - 07:56 PM

Begin step;
x = (((22*x)-7)/4)+.123 (packing)

End step;
x = (((x-.123)*4)+7)/22 (unpacking)
if x is now a decimal, then we've been hacking.


I need to place a word of warning here, because GM cannot exactly represent the number 0.123. The reason is that computers work in binary and the decimal fraction 0.12310 is in fact the binary fraction
0.00011111011111001110110110010001011010000111001010110000001000001100010010011011101001011110001101010012
in binary (the undelined part is the period, should be overlined instead of underlined).
So GM will round this number, it will not be exactly decimal 0.123 anymore. It may only differ for 2-53 (I believe), but a difference that small will make x into a decimal (because 256.000000000000001 is a decimal).

For this reason I'm always cautious with floating point arithmetic and I prefer integer arithmetic for those kinds of things.
  • 0

#14 Blue2010

Blue2010

    GMC Member

  • New Member
  • 8 posts

Posted 13 December 2011 - 01:41 AM

Why does GM modify the x variable? I really hope you're not meaning all the variables and mistook my meaning of x being co-ordinate variables...



Yes I interpreted your use of the x variable as the co-ordinate. That's what the x variable represents.


Recently I saw something like this to protect the valuable variables in a game, replace x with them;


Erik, that's actually really interesting, so you're saying that I should use something 'nice' for binary? I'ma test that out...

Anyway thanks a lot YellowAfterlife, your points are most helpful.
  • 0

#15 DZiW

DZiW

    GMC Member

  • GMC Member
  • 729 posts

Posted 18 December 2011 - 07:21 PM

IMO the only modern way to obfuscate something against cheating is custom encoding and dynamic constantly changing address, but some advanced cheat engines (e.g. ArtMoney) have plenty of methods (like search for formula, coded value, unknown, memory damp, structure, pointer, filesearch, with full process session data and control /pause-resume, save-load/ etc) which make even almost any 'protection' futile.

For onstance, in my demo I used hack-revealing method of 'score/time' aspect where time value was encoded with fingeprints (e.g. '24-Hh' and '60-Mm'), so I could check the pseudo-CRC and assess allegedly time spent. The point is when one sees the formula then it's more than trivial to use math-reversal: a friend of mine once showed me how hacked hi-score sending routine without real hacking - just via ol' TCP_VIEW!

Yet I would like to make a compliment to you: if at least someone really wanted to hack your GM game then it must be something really worthy ;)
  • 0

#16 TamoNekiTipo

TamoNekiTipo

    Centurion

  • Banned Users
  • 51 posts
  • Version:GM8

Posted 11 January 2012 - 09:28 PM

I just divide the variable by 2, and then multiply it by 2.
It's simple and it sure covers the variable in Cheat Engine.

#17 loverock125

loverock125

    GMC Member

  • GMC Member
  • 1830 posts
  • Version:GM8.1

Posted 12 January 2012 - 01:07 AM

As 'YellowAfterLife' said:

Cheating is critical only for games where online highscores or achievements are available.


So if you are going to have online highscores, you might as well use a server and have the important variables stored by the server.
Otherwise the safest way in my opinion is encryption but I don't really see the point of having so much protection for simple single-player games.

Also keep in mind that everything can be hacked.


Edit: If Game Maker stores data in RAM at the exact moment when you assign a value to a variable (I'm 99% sure that this is what it does), then I believe that to determine what time Cheat Engine can capture variables you would need to know in what order the CPU executes the commands (GameMaker's first or Cheat Engine's). If Cheat Engine captures data directly from RAM, and Game Maker stores data immediately in RAM then you would need to find out which program's commands are executed first.

Edited by loverock125, 12 January 2012 - 01:16 AM.

  • 0

#18 jonathanz

jonathanz

    GMC Member

  • GMC Member
  • 86 posts
  • Version:Unknown

Posted 27 February 2012 - 08:46 PM

Cheat engine has been made to edit variables in games that DO have randomizers
Thus the anti randomizer function which would help for code injections.

What you wanna do is:

-When the game is paused varibles add a random number which is stored and minus off when unpaused (I say this because if the change is constant during the pause it will be very easy, for obvious reasons)

-Have two varible to represent one. Eg, money have coins and cents.. Once cents equals 100, it is sent to 0 and we then have a coin.
If the player doesnt know this is happening since the score will be reprensented visually as something different, we have our solution.

Edited by jonathanz, 27 February 2012 - 08:52 PM.

  • 0

#19 jonathanz

jonathanz

    GMC Member

  • GMC Member
  • 86 posts
  • Version:Unknown

Posted 20 March 2012 - 10:40 PM

Packing every step is not needed and wastes cpu. Every 5 steps is fine.. 5 times faster!
  • 0

#20 Primoz128

Primoz128

    GMC Member

  • GMC Member
  • 308 posts
  • Version:GM:Studio

Posted 29 April 2012 - 10:29 AM

How about you xor it then use the first post's method, then when unpacking use the anti method and then xor it.

Was this a good suggestion or no ?

Edited by Primoz128, 29 April 2012 - 10:36 AM.

  • 0

#21 creators124

creators124

    awesomeliciousmember

  • GMC Member
  • 866 posts
  • Version:GM8

Posted 29 April 2012 - 03:56 PM

Cheating is critical only for games where online highscores or achievements are available.

For those you may want to have 'verification' variables along with all important ones.
So you would create a script(s) like:

// score_set(value, skip) - changes score
// value - new score value
// skip - skip verification
if (!argument1) if ((score ^ 77) != score_) global.is_cheating = true;
score = argument0;
score_ = score ^ 77;
Replace '^ 77' by calculation of choice - be that division, lengthdir, or checksum.

This method leaves variable(s) well exposed, however you will know if player changed something, and take care - be that shutting the game down, resetting their score, or kicking them out just before the end of game (warning: may cause hate).

As I go through this thread I see that YAL's way seems promising!
But after trying out his example I used Cheat Engine to use code injection on it and deleted the little pieces of code the made the checking and I changed it a will. :P
after that I think making an anti-hackable game is impossible!(except server-sided games)!
  • 0

#22 Fledermann

Fledermann

    GMC Member

  • New Member
  • 9 posts
  • Version:GM8

Posted 21 May 2012 - 03:44 PM

after that I think making an anti-hackable game is impossible!(except server-sided games)!


Yes, that is a true fact. When the client, i.e. the game, is under the player's control, he or she is free to manipulate anything. They don't even need the game, since they only have to send some data which will be accepted by the server.

There is a reason that the billion dollar video game industry couldn't come up with any reliable client-based cheat protection. It's not possible.

Fledermann
  • 0

#23 cotycrg

cotycrg

    GMC Member

  • GMC Member
  • 873 posts
  • Version:GM:Studio

Posted 27 May 2012 - 02:05 PM

What about making two seperate variables..

x1=40;
x2=30;

And when you need to call them..

x3=x1+x2;

Imagine a player trying to figure out that one.

Or even go further, with like x1, x2, x3, x4, etc. But either way.. if the game is online (which is really the only place where you need to be worried about cheating), then just make all sensitive variables and sensitive calculations server-side. ;)
  • 0

#24 creators124

creators124

    awesomeliciousmember

  • GMC Member
  • 866 posts
  • Version:GM8

Posted 27 May 2012 - 05:30 PM


after that I think making an anti-hackable game is impossible!(except server-sided games)!


Yes, that is a true fact. When the client, i.e. the game, is under the player's control, he or she is free to manipulate anything. They don't even need the game, since they only have to send some data which will be accepted by the server.

There is a reason that the billion dollar video game industry couldn't come up with any reliable client-based cheat protection. It's not possible.

Fledermann

ok thanks for the info yeah no wonder there are an extensively amount of people wanting to hack those the billion dollar video games! :o

What about making two seperate variables..

x1=40;
x2=30;

And when you need to call them..

x3=x1+x2;

Imagine a player trying to figure out that one.

Or even go further, with like x1, x2, x3, x4, etc. But either way.. if the game is online (which is really the only place where you need to be worried about cheating), then just make all sensitive variables and sensitive calculations server-side. ;)

now about that:
  • If I had CE(cheat enigne) right now I could get both those values!
  • I could easily debug the value from the last value.
  • after debugging I could debug even more and then find all the values.
  • then after confirmation, I'll hack the speed and literally code inject all of them to give me around 999999 value!Posted Image
but sorry to say your way seems destroy-able, unless you could provide a .gmk or .exe were I could see if your way isn't destroy-able! Posted Image
sorry I used CE before but now CE is off my computer! Posted Image
  • 0

#25 TheouAegis

TheouAegis

    GMC Member

  • GMC Member
  • 10152 posts
  • Version:GM8

Posted 27 May 2012 - 06:39 PM

There are also some program out there that would let you just read the assembly code anyway, telling you what steps were taken to encrypt and then decrypt. If you really wanna make it difficult to crack, do it Castlevania 3's method. The decryption process is literally 3x longer than the encryption process. Arithmetic hashing to the extreme.

But yeah, if your decryption code is just the encryption code in reverse, that's easy-peasy to crack.
  • 0

#26 halfmaster1

halfmaster1

    GMC Member

  • GMC Member
  • 166 posts
  • Version:Unknown

Posted 21 June 2012 - 08:56 PM

I don't know much about hacking, but, where a needs to be protected,

End step:

b=a;c=b,d=c,e=d

Begin step:

if!(a==b&&b==c&&c==d&&d==e)
{HACKER!}

The they need to change 5 variables at the same time.
  • 0

#27 loverock125

loverock125

    GMC Member

  • GMC Member
  • 1830 posts
  • Version:GM8.1

Posted 21 June 2012 - 10:34 PM

The they need to change 5 variables at the same time.


Which is what they usually do.
  • 1

#28 creators124

creators124

    awesomeliciousmember

  • GMC Member
  • 866 posts
  • Version:GM8

Posted 21 June 2012 - 11:16 PM

I don't know much about hacking, but, where a needs to be protected,

End step:

b=a;c=b,d=c,e=d

Begin step:

if!(a==b&&b==c&&c==d&&d==e)
{HACKER!}

The they need to change 5 variables at the same time.

I could find all those variables numbers and change all of them at the same time! (hold CTRL+mouse click to select more than one Posted Image)
sorry but that is way to easy. Posted Image
plus if I happen to change "b" it'll never make the statement false. Posted Image
  • 0

#29 ramses12

ramses12

    6

  • GMC Member
  • 5769 posts
  • Version:GM8.1

Posted 22 June 2012 - 04:26 PM

There is a reason that the billion dollar video game industry couldn't come up with any reliable client-based cheat protection. It's not possible.

I wonder why would it be useless to prevent hacking using an over-complicated big fat bunch of data. I'm talking about 500 checksums changing in memory every second, each with a different algorithm and each processing a combination of actual data with pseudo-random generation, and not some cheap algorithm which can be human-read by a little reverse engineering, but some 1k Assembly instruction block.
Obviously, the processing power I described might be too much for a game's purpose, but when you have a big budget, you can make such thing, at a decent resource consumption and still big and bad enough to prevent a human from being able to crack it.
  • 0

#30 famous

famous

    GMC Member

  • GMC Member
  • 170 posts
  • Version:Unknown

Posted 22 June 2012 - 06:28 PM

No Debels is posting here? Posted Image
  • 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users