EPTFirst Starcraft 2 'dischack' ? - Page 9
| Forum Index > SC2 General |
|
StreetHeat
United States225 Posts
| ||
|
lololol
5198 Posts
On August 02 2010 04:47 Zocat wrote: How should this help? I often run a program which analyzes my incoming network traffic packets individually (for university). And I play games while capturing traffic. Blizzard cannot ban me for this. (Even some firewalls function this way). Blizzard can scan for program signatures (assuming the hacks arent sophisticated enough to use some kind of polymorphism) in RAM and they could ban some people using well known hacks. But they cannot prevent maphacking as a whole as long as the needed data is being transmitted to each player (dont know if this is true, someone stated it in this thread). Just use a hack which isnt well known (no signature in Warden or whatever RAM scanning program they use). On the other hand: If this IRC guy was the real hacker (which I honestly doubt^^) Blizz can do something against it. He says he used some kind of flooding - but because all the traffic for SC2 is routed over the blizz servers (preventing LAN latency even while being in a LAN) they can prevent this kind of flooding. The client does have full information. That's why your game client can create replays of your games, otherwise you would have to download the replays from the battle.net servers(which is the case in HoN, and it's practically impossible to create a maphack for HoN). | ||
|
figq
12519 Posts
On August 01 2010 23:10 Cellardoor wrote: EllenPage, MattDamon, MeganFox, JessicaJung, StevenSeagal, DerrickRose, BillPaxton, JimmyCarter - all pwn noobs on the ladder. no one saw that Ellen Page plays Sc2?!!? But really that sucks but hackers will hack.  No kidding btw, some of those are quite good, no idea if the players behind them are in a clan "celebrity" or it's accidental. | ||
|
imyzhang
Canada809 Posts
On August 01 2010 23:07 Kiva128 wrote: Maybe Blizz should have spent less time on Facebook friends feature and more time on fighting B.net hacks. I'm sure it's not easy and requires a lot of time and work but...The game wasn't even out of beta and people had hacks. :/ i totally fucking agreee -_- | ||
|
kxr1der
United States213 Posts
| ||
KillerPlague
United States1386 Posts
On August 02 2010 02:18 Wilko wrote: http://eu.battle.net/sc2/de/profile/791268/1/Ownage/ he dishacked 50 games in a row there has to be a way to ban his key... | ||
|
Moita
Brazil30 Posts
On August 02 2010 05:14 kxr1der wrote: Wow I know this is a big problem but do 50 people in this thread need to say "maybe if they spent less time on facebook..." Seriously do you think the same people worked on he facebook integration and the anti hack software. And even if they did, how long could that have taken. I have personally used the facebook integration and found it to work quite well so I say good job blizzard on that one. I totally fuc**ng agree with this | ||
|
Orzabal
France287 Posts
On August 02 2010 04:46 Whole wrote: Blizzard should hire assassins to kill anyone who hacks. It would be a fool proof way to get rid of them. If you hack, you die, and you can never hack again. haha I'loled | ||
|
argie
Croatia31 Posts
This is just a nutshell. There is no actual hack or any kind of instructions so please don't ban me. Drophacks are VERY SPECIFIC hacks. They can only be executed in right conditions with extremely correct data. They are not like MapHack where all data cannot be encrypted totally and most of it can be intercepted in memory and altered because it is already in your memory and it is coming YOUR way. This works in different direction. This drophack uses UnitAction type to force packet overflow by creating something that game dosen't support. And it creates it during the game and of course game will die. Something like this in the definition of Class which is called by hack.exe: typedef CUnit* (SC2UnitFunctionSomething* SC2_GetActiveUnit_t) ( void ); static const SC2_GetActiveUnit_t SC2_GetActiveUnit = (SC2_GetActiveUnit_t) <OFFSET HERE> <sc2 unittype function code here> I won't type the proto code. Then that function along with offsent is called by the hack and piggyed onto the packets flowing from you to the game and hack is executed, client freezes and you drop because of unknown code game recieved. You drop because hack called the CORRECT function with bogus data which caused a packet overflow and clients crashed from the game. Of course, hacker can easily protect himself to even stay in the game but mostly that he be dropped a bit later so victory is his. It is a damn packet manipulation VIA game itself. Same as in local buffer or stack overflows. But this is more difficult to achieve and harder to patch unless you really dedicate to do it. So any call to SC2 Type function regarding this needs to change dramatically in terms of encryption and network communication. After that hacker will have to find another way to flood the client using Battle.net. There is another way of course, but there are no unlimited ways. Of the top of my head, I can think of three. (all three can be fixed in one strike). So for Blizzard to fix this they will need to completely change and obfuscate/encrypt the UnitAction offset combo so it will be very difficult to get the right one in the debugger or found by disassembly. However, if Blizzard still leaves the type code clean to read and intercept/send then it is impossible to stop them. If they try to fix it with a new patch it will delay the hack for 1 hour. After Blizzard releases new patch SC2.exe changes, then for drophack to work again you just need to change offsets and tweak the hack to be compatible with new SC2.exe and it is 100% ready again in an hour and few hours for public to download it. Only option for this to go away for good and to be very difficult to achieve again is for Blizzard to make crucial changes to a small infrastructure inside the game. PS. Warden is useless. Only Blizzard with direct changes to the game can stop a massive SC2 hack flood. It is all Beta's fault. And Blizzard didn't care much to enhance the security. In fact, security changed only once and it was a VERY slight change. They cared most for the balance and language. Well, you will get balance and facebook and maybe you will be able to f-ucking tweet from the game to report how many probes are currently touching themselves while they pass between Nexus and minerals/gas but massive hack overflow will come because game files are taken apart and blizzard will ban 100.000 people every 6-7 months or whatever. 60$ for 6-7 months of play with hacks? I think that is affordable for most cheaters. And game will only get cheaper and easier to get via websites that sell keys. Anyway, that is that. Only Blizzard can do something. But I also with some certainty can say that changes needed to be made are not simple. It should have been done in Beta. Honestly, future for SC2 fair play dosen't look good. Warden can gtfo and take care of WoWGlider. | ||
|
Grettin
42381 Posts
| ||
|
TLOBrian
United States453 Posts
I don't agree at all. I do agree that facebook integration wasn't needed. I do agree that blizzard could have spent funds for FB in balancing, server issues, and real community issues. And yes, 50 people DO need to say this. Maybe if they spent less time on facebook this would have been stopped, the races would be balanced, and zerg wouldn't be so boring to play. 51. | ||
|
KhaosKreator
Canada145 Posts
Isn't there an easy in-game way to report hackers? | ||
|
PredY
Czech Republic1731 Posts
| ||
TheYango
United States47024 Posts
On August 02 2010 02:25 LittleeD wrote: Now the SC2 community gets a touch of what the WC3 community has been forced to live with (And even actually developted their OWN protection against because blizzard refuses to act) for several years already. As long as there is people there will be hacks and unfair methods, its precisely the same no matter what sport your executing. Get over it already You say that like you've never used ICCup Launcher or BWHF for Brood War. On August 02 2010 05:41 TLOBrian wrote: I don't agree at all. I do agree that facebook integration wasn't needed. I do agree that blizzard could have spent funds for FB in balancing, server issues, and real community issues. And yes, 50 people DO need to say this. Maybe if they spent less time on facebook this would have been stopped, the races would be balanced, and zerg wouldn't be so boring to play. 51. Firing the 2 guys who worked on Facebook integration doesn't magically create 2 more guys to work on security and balance. FB integration was probably the product of 2 guys who work on the WoW Armory who didn't have anything better to do for a few days--and don't have the expertise for any of those other tasks. | ||
|
Zealotdriver
United States1557 Posts
| ||
|
PokePill
United States1048 Posts
Now all hackers have unlimited guest passes to use as well. This is only the first exploit of probably a couple dozen, I think Warcraft has had maybe 10 different tie/disc hacks, and each took months to patch. And the funny thing is Blizzard can't even catch the hackers with warden, they always patch the client 1.24e or something for example and then all the hackers know its an anti-hack patch and they just stop until the exploit is given new offsets or something, and keep their account. Wait until this is public (It took me 5 minutes to find out there was one released in the beta), and THOUSANDS of nerds will be doing this. | ||
|
Qzy
Denmark1121 Posts
| ||
|
MidKnight
Lithuania884 Posts
On August 02 2010 00:56 Teddyman wrote: Google ads prove useful again ![[image loading]](http://imgur.com/38p9I.jpg) I don't really know the ToS for Google Ads, but I assume the staff can't really do much about this? Yep, that's a pretty big fail... I've seen similar fails on YouTube, where while watching a video which reveals fake psychics, an add saying "Get free psychics readings here" pops up.. Blizzard should start banning hackers without any mercy.You hack, you get a permanent ban.No questions asked | ||
|
BeMannerDuPenner
Germany5638 Posts
On August 02 2010 05:49 PokePill wrote: The entire Warcraft 3 ladder has been like this since 2006. There are more hackers than legit players. D2 is like this, where it is normal to maphack, and normal to bot. This is not an exaggeration, get used to it because ALL blizzard games are like this and people really shouldn't have expected anything different. Now all hackers have unlimited guest passes to use as well. This is only the first exploit of probably a couple dozen, I think Warcraft has had maybe 10 different tie/disc hacks, and each took months to patch. And the funny thing is Blizzard can't even catch the hackers with warden, they always patch the client 1.24e or something for example and then all the hackers know its an anti-hack patch and they just stop until the exploit is given new offsets or something, and keep their account. Wait until this is public (It took me 5 minutes to find out there was one released in the beta), and THOUSANDS of nerds will be doing this. its not thaaat bad. i played wc3 occasionally ( playd to lvl ~30-35 with a race. stopped for few months. repeat) and never had big problems. also sc2 is THE blizzard release. it has a huge esports focus. they arent stupid. if they let hacks destroy the ladder they will kill their own game within months. it wont happen. im one of the first to jump at blizzard beeing retarded ignoring the importance of features of bnet etc. but i really dont believe they are stupid enough to let their new flagship game die cause of some retard scriptkids. | ||
|
shalamadoooo
78 Posts
On August 02 2010 05:49 PokePill wrote: The entire Warcraft 3 ladder has been like this since 2006. There are more hackers than legit players. D2 is like this, where it is normal to maphack, and normal to bot. This is not an exaggeration, get used to it because ALL blizzard games are like this and people really shouldn't have expected anything different. Now all hackers have unlimited guest passes to use as well. This is only the first exploit of probably a couple dozen, I think Warcraft has had maybe 10 different tie/disc hacks, and each took months to patch. And the funny thing is Blizzard can't even catch the hackers with warden, they always patch the client 1.24e or something for example and then all the hackers know its an anti-hack patch and they just stop until the exploit is given new offsets or something, and keep their account. Wait until this is public (It took me 5 minutes to find out there was one released in the beta), and THOUSANDS of nerds will be doing this. Quite true. Blizzard forced real-id and forced tying the cd key to user accounts for security purposes, but now they gave out these guest passes which can be tied to any temporary account. Great idea blizz, completely bypasses the incentive for the account holder to not cheat and only threatens legit customers rather than the trolls/haxors. Perhaps they will have to require guests to have other blizzard games before adding them to their accounts? | ||
| ||
