|
Calling all programmers out there.
I remember last year was my first year learning VB.net and C++ at a votech school where I divided my time among my regular school (Governor Mifflin High School) and went to Berks West Campus Votech, for IT Programming. This was exceptionally cool because I only had to do a 3 hour school day and the rest was spent on a computer with awesome people coding.
Anyways, there was not a real whole lot to pick up from that class as the learning is the basics, which no one can really expect more. Visual Basic.NET was pretty lame, but was really a breeze to make Windows Apps so I actually had a special place in my heart for it. Of course we (students) would get our curriculum done, and whenever we had free time we just made ridiculous and dumb programs. For instance, I remember the first program I made that was goofy was where it would set the form to the size of the screen and just flash between colors, so you'd have to alt+tab or open up task manager or alt+f4 to close it. So maybe it was a pretty dumb program, but if my parents stumbled upon it they'd probably have a heart attack.
ANYWAYS. I remember when my friend Anthony made a program where it actually played a Mario song that looped forever through computer beeps, and I actually might still have the program. Even better is that he found a way to disable the task manager (or something similar, I can't even remember). The only way to stop the program he made was by opening another, which would then close both. Now why can't someone make it so the ICCup AH just disables the Oblivion from running? Not from your opponent, but to yourself. So that you can guarantee all the opponents you play are not hacking if they have anti-hack launcher on.
Is this possible? Why can/can't it be used?
|
This coming from someone who gets multicommand flags lawl
|
Yeah but that is coming from the
"HackDetector for 1.15.2 Version 0.1b
Detects: Automine, Multicommand, Zerg-Mineralhack and Nuke-anywhere
by MasterOfChaos"
And I was clearly not hacking, but I still got multicommand messages.
I think it just has a glitch in it or something when it lags and my insane APM throws it off.
|
Not possible. The program you described could assume many characteristics about the program it was looking for to close, and enumerate the processes running on the computer until it found that process, then close it. When you're dealing with hacks, there's no way to assume such characteristics, and it therefore becomes impossible to identify what you're looking for. Not to mention that it wouldn't be too hard for a hack to hide from the list of enumerated processes (using techniques similar to those used in rootkits).
Edit: Also, Oblivion runs as an injected DLL into Starcraft (To explain that a bit further, it basically tricks the SC process into loading an outside code module (dll) it normally wouldn't load), which can be hard to detect. It becomes especially hard to detect when you factor in all the techniques one could use to further hide from antihack. And even if you can detect it, there's just about nothing you can do to make it unload, all you can do is take note that they're hacking.
|
One thought is like in DotA there is a mode forget what it is but it breaks alot of parts of map hacks except parts that pretty much doesn't matter. I found it interesting when i was in a game and one guy just shouting "FUCKING NOOB HOST NOW MY MAPHACK IS BROKEN!" and left the host's team. So then i looked up what map hack was being used and played a game loaded the hack then used the mode. It took away revealing mini and seeing hero's under fog. Didn't take away enemy pings and you could still see the health bar of the hero's but i found it interesting none the less.
|
On August 22 2008 10:24 SCC-Faust wrote:
Yeah but that is coming from the
"HackDetector for 1.15.2 Version 0.1b
Detects: Automine, Multicommand, Zerg-Mineralhack and Nuke-anywhere
by MasterOfChaos"
And I was clearly not hacking, but I still got multicommand messages.
I think it just has a glitch in it or something when it lags and my insane APM throws it off.
this happens to me to at lag spikes when u are apm'ing really hard, its no big deal.
|
|
|
On August 22 2008 10:32 tec27 wrote:
It becomes especially hard to detect when you factor in all the techniques one could use to further hide from antihack. And even if you can detect it, there's just about nothing you can do to make it unload, all you can do is take note that they're hacking.
That is very, very deep.
And very, very sad. 
|
United States22883 Posts
You could do it an ugly way like CS used to and have a program make a 1fps movie of the minimap. Make keeping the files mandatory and request them if there's suspicion to have them reviewed.
|
On August 22 2008 11:27 SCC-Faust wrote:Show nested quote +On August 22 2008 10:32 tec27 wrote:
It becomes especially hard to detect when you factor in all the techniques one could use to further hide from antihack. And even if you can detect it, there's just about nothing you can do to make it unload, all you can do is take note that they're hacking. That is very, very deep. And very, very sad.
Couldn't you then make note of when they are useing it and make sc crash as a result of taking that note though?
|
On August 22 2008 11:31 Jibba wrote:
You could do it an ugly way like CS used to and have a program make a 1fps movie of the minimap. Make keeping the files mandatory and request them if there's suspicion to have them reviewed.
Things like that can be broken fairly easily though, unless they're done in tricky ways. All it takes is a hacker figuring out how the screenshot mechanism works (or being able to detect when its taking a shot) and they can pass clean data off to it any time it tries to take a shot.
On August 22 2008 12:23 IzzyCraft wrote:Show nested quote +On August 22 2008 11:27 SCC-Faust wrote:On August 22 2008 10:32 tec27 wrote:
It becomes especially hard to detect when you factor in all the techniques one could use to further hide from antihack. And even if you can detect it, there's just about nothing you can do to make it unload, all you can do is take note that they're hacking. That is very, very deep. And very, very sad. Couldn't you then make note of when they are useing it and make sc crash as a result of taking that note though?
Yes, you could. But thats effectively the same as taking a note of it on a server like ICCup anyway 
|
Cheating-Death was pretty awesome, I don't think that method would work for SC though.
How Cheating-Death Works
Cheating-Death works by wedging itself in between the engine and the cheat. This is what makes C-D different than most anti-cheat software. It does not run as a separate program outside of the game, but is actually loaded into the game. Here is what C-D does:
If C-D detects that you cannot see a player, it will move that player's location behind you. This does several things. First, it makes wallhacks less effective. Even if you have transparent walls, you cannot see enemies behind them, until at least part of the enemy is visible on the screen.
Second, it makes radars and ESP boxes less effective. ESP boxes are boxes drawn on top of players, these boxes will show up through walls. If a player is crouching on the other side of a wall, a box will be drawn on the wall right where the player is crouching. Even though you cannot see the player, the ESP box gives you their exact position.
Furthermore, C-D gives the MOD inaccurate information about players' positions. This will ruin ESP, aimbot and other features common in cheats. It will not affect collision detection, because that is done by the engine, which still has accurate information.
Finally, C-D monitors places commonly used by cheats to intercept data from the engine. If Cheating-Death notices that one of these locations has been modified, it disconnects the player. This deprives the cheats of the information they need in order to function, and forces them to change the way they get information which is quite hard, instead of just making themselves look different which is relatively easy.
Probably wouldn't work since SC needs accurate info to stay in sync.
|
On August 22 2008 10:32 tec27 wrote:
Edit: Also, Oblivion runs as an injected DLL into Starcraft (To explain that a bit further, it basically tricks the SC process into loading an outside code module (dll) it normally wouldn't load), which can be hard to detect. It becomes especially hard to detect when you factor in all the techniques one could use to further hide from antihack. And even if you can detect it, there's just about nothing you can do to make it unload, all you can do is take note that they're hacking.
Is it possible to detected an injected DLL which loads the outside code module? Or any sort of DLL monitoring. Is there a way to possible to detected programs open that have those operations... like a pre-loading starcraft scan of open programs that can access that starcraft DLL or starcraft in general?
Is it possible to have a program that runs as an injected DLL which locks the SC Process from being trick into loading which it wouldn't normally load (map vision ect...)
Is it possible to auto-crash SC if a known .exe is opened or already open that is already a known maphack?
|
|
|
On August 22 2008 17:02 AttackZerg wrote:Show nested quote +On August 22 2008 10:32 tec27 wrote:
Edit: Also, Oblivion runs as an injected DLL into Starcraft (To explain that a bit further, it basically tricks the SC process into loading an outside code module (dll) it normally wouldn't load), which can be hard to detect. It becomes especially hard to detect when you factor in all the techniques one could use to further hide from antihack. And even if you can detect it, there's just about nothing you can do to make it unload, all you can do is take note that they're hacking. Is it possible to detected an injected DLL which loads the outside code module? Or any sort of DLL monitoring. Is there a way to possible to detected programs open that have those operations... like a pre-loading starcraft scan of open programs that can access that starcraft DLL or starcraft in general?
Yes, but again, this can become very hard. Programs normally keep a record of all the DLLs that have been loaded by them, and you can read this easily. If you inject your DLL in certain ways, however, that record will not be modified to show your dll is loaded. There are still other ways to monitor it that would detect but, but those can also be bypassed fairly easily.
Is it possible to have a program that runs as an injected DLL which locks the SC Process from being trick into loading which it wouldn't normally load (map vision ect...)
There's not really any way to prevent programs from loading other DLLs against their will. There are simply too many ways to go about it.
Is it possible to auto-crash SC if a known .exe is opened or already open that is already a known maphack? Yes, but you're getting into a tricky realm here. Most people wouldn't be happy with you scanning all of the processes on their computers, reading window titles, etc. (As can be seen with what happened with Warden, and why Blizz doesn't scan that stuff any more)
|
|
|
On August 23 2008 09:36 Jonoman92 wrote:
no hacking>privacy
I really don't agree. In the case of Blizzard, its at least not *as* bad, because they have customers to keep them at least somewhat in check with how they handle that information. With things like ICCup, its a fairly horrible invasion of privacy, as nothing's really stopping them from collecting tons of information and then simply dissappearing off the face of the earth with it (not that I'm saying I don't trust the ICCup team, I do, but there's nothing holding them in place like there is for Blizzard).
|
|
|
|
|
|
EPT
