|
There was several threads on Blizzard action agains hackers. It was said that the number of banned cheaters is 5000. And I think this might be the last moment of happines for the hackfree environment for all of you, honest ladder players. Let me explain you several facts, that you might eventually miss..
In case this violates the TL rules, any admin can feel free to close/delete this thread. Anyways, I think this might be interesting topic. You might think, that it actually advertise cheats, but truth is that it just describes how the current problematics works and how it worked in SC1. The links provided are not cheats, but in the hands of skilled programmer they might be recoded to the weapon of mass cheating, yes. Sorry in advance.. Let's go on..
You might know I fought against various dll injections in SC1, the tool PenguinPlug (later SCExtension) was fairly good and kept the PGTour and WGTour decently hackfree environment. Later on me and Ili gave up because we (WGT) had some law misunderstandings with Blizzard on the dll we provided, and their responses took ages.. And WGT died in a year or two in a same way PGT did. People just lost interest to work on it (you probably know the story).
But secretly me and one german ToT) "nottobenamed" friend - we were working on streaming the replays.. Thus we had two choices, to crack StarCraft in a way we did with Superpenguin and Ilintar, or to write our own SC1 emulator.
+ Show Spoiler +
We chose the second way, Nottobenamed friend wrote OpenGL 2D emulator, and with Taiche's map from MPQ library, with extracted pictues from SC1 we made our own StarCraft emulator, based on my SC1 knowledge. In the end it looked like better then on the picture, you could zoom the map and the new units had glowing background (OpenGL!), the screen could be like 1920x1600 big, it moved to players camera, and it had plenty other features.. And you can probably ask, why noone heard about it?
The answer is pretty easy, Rather for SC game streaming it could be used for cheating instead. So we kept it private. Noone was really interested in external game emulator in SC1 days thos we had one. Once I made the DirectX overlay based on Lasgo's BWTV DX hooks.. so you saw the cheat info right in the game and you had replaced minimap with my own.. And you could play it on ICCup. I gave the necessary info to the ICCup guys to know, that they can't do anything against it... but to improve their experience against cheating.
+ Show Spoiler +
So, when SC2 beta came out, I was evil enough to fight for the shadowwalker's glory and research code like mad to finish the maphack as first in the world. I failed. I was second. Tho permafrost's and other's way was to crack SC2 process again, I chose the way of being invisible, to read from StarCraft just like antiviruses search for malware in your PC. The information I received was displayed on another PC monitor. It took like 2 days of research from scratch. And after some time I had almost perfect external maphack, tho I missed one more information. The unit type. I could read whos unit is where, but I didn't know what it is, if marine or zergling. I gave up coding anything due to loss of interest. The result of several wasted evenings is available here:
+ Show Spoiler +
And why am I writing this text? There are other guys, that are after first banning wave very very interested to be invisible. Tho, its more like a research job at the moment, sooner or later the external emulator will be available to download. The sources (not just mine) are already published for current patch, but you must be smart enough to compile them (which is 99% barrier in most of the reader's case), however I assume that within few weeks the cheat will be on the net.
The bad guys even found the cached information from the SC2 obsmode, which is "APM, minerals per minute, camera position" information, and they can display it on other PC or directly in game without modifying it. And that's it. Without modifications to SC2 memory. If you ask what does it mean, it means that Warden won't work in general - it cannot. Not this way. Simple and easy. Yes, there might be technical argues that you can find the handle in other processes, but... if you think twice.. Blizzard cannot do that because of thousand reasons.
In SC1 times I you could read that you cannot win the war against hackers&cheaters. Its right, you can't. If you think you can, you are fools. And now, the bad guys got really good idea how to cheat. And sadly, they are very very interested in this external method, and a lot of them are working on it. And they will do it, they are good, damn good in finding what they need in SC2 memory structures. And they won't get caught.
I told Blizzard guys during beta, that the current way is hacker friendly. For sure they knew it is, but you know... The anticheat dept. cannot do a thing, its that way coz of performance issues, its ment to be that way, because you game will work fluently... and they won't change it. And I really doubt there will be serious changes in the game engine in the upcoming expansion(s). It's kinda sad, that the bad guys found what we knew we can't fight severals years back in times when we were coding PP anticheat.
Just in case you are interested in the source codes, feel free to PM me I will guide you.
|
Good read, saddening that like you said warden(and in turn blizzard) will be severely limited in the ways of detecting stuff like this. Like you said if someone is determined enough, it's only a matter of time.
|
You'd think a fairly large software company like Blizzard would be like Microsoft and hire hackers like yourself to work for them so they can plug security holes. Thanks for the read.
|
I guess everybody in their right mind knew that Warden wouldn't save battle.net from hackers. It was bound to happen.
What I'd like to know is: Would it be possible to detect this kind of hack with an anti-cheating tool? Of course you'd have to have dedicated programmers to have it, but is it possible that we'll have a hack-free competitive environment in sc2 thanks to community effort like with iccup etc?
I sure hope so...
|
I r sad face nao. Thanks for the read anyway! It's probably going to be a waste of my mental capacity to hope such things won't reach SEA.
User was warned for this post
|
Nothing is perfect, tbh i rather have blizzard spend time on balancing and making the game better in general then worry about hackers to much. There will always be hackers as long as there are online games.. I played years of counter strike and that was a hack fest as well. Those few games I lose because of a hacker really won't spoil the fun i have with starcraft. And let's be honest , most kids that do use hacks won't take it serious and stop playing rather fast and in most cases they just suck so you can beat them anyway 
Just my 2 cents, fun read though ^^
|
On October 04 2010 21:32 Coufu wrote:
You'd think a fairly large software company like Blizzard would be like Microsoft and hire hackers like yourself to work for them so they can plug security holes. Thanks for the read.
The issue is that, the only ways to detect something like this, would probably also be illegal. Blizzard can, as far as I understand, only monitor the server traffic, code changes within their game files and -folders, as well as any program that interferes with them.
I am no expert, though, but that's an explanation I heard when playing WoW.
|
On October 04 2010 21:32 Coufu wrote:
You'd think a fairly large software company like Blizzard would be like Microsoft and hire hackers like yourself to work for them so they can plug security holes. Thanks for the read.
It's not that simple. Only solution would be not sending any information that is covered by fog data. That is not possible like in a game like SC2 because of abilities like scanner sweep and general massive unit movement that uncovers fog of war. Complain about Lag > Complain about hackers^1000
On October 04 2010 21:39 Amadi wrote:Show nested quote +On October 04 2010 21:32 Coufu wrote:
You'd think a fairly large software company like Blizzard would be like Microsoft and hire hackers like yourself to work for them so they can plug security holes. Thanks for the read. The issue is that, the only ways to detect something like this, would probably also be illegal. Blizzard can, as far as I understand, only monitor the server traffic, code changes within their game files and -folders, as well as any program that interferes with them. I am no expert, though, but that's an explanation I heard when playing WoW.
No MMORPG companies do this all the time. Protecting themselves from being hacked by not allowing a program to run is perfectly legal if it's stated in ToS. It's just that it's futile (and I mean FUTILE) since a bypass can easily be made.
|
Wouldn't another solution be to heavily encrypt everything? I mean, a hacker could get at it if he wanted, it would just take a long time. So long that the info would no longer be relevant.
|
Ashur never cease to amaze when it comes to stuff like this, seriously.
Interesting read.
|
Aotearoa39261 Posts
Informative read Ashur, nice to see you post again despite the depressing message it sends
|
On October 04 2010 21:43 TedJustice wrote:
Wouldn't another solution be to heavily encrypt everything? I mean, a hacker could get at it if he wanted, it would just take a long time. So long that the info would no longer be relevant.
that's why people make programs. So you only have to decrypt it once.
Even if a random encryption was created every time a new game loads. This doesn't work because a hacker will just look at the memory and look at what the random encyption value (or a value that triggers a certain decryption function) and decrypt it.
Back to square one of having server sided fog of war.
|
Firstly I am a programmer.
The bad guys even found the cached information from the SC2 obsmode, which is "APM, minerals per minute, camera position" information, and they can display it on other PC or directly in game without modifying it. And that's it. Without modifications to SC2 memory. Getting APM and all the other info was possible/found out months after the beta.
Without modifications to SC2 memory? What?
Also what source-codes are you referring too.
|
""And WGT died in a year or two in a same way PGT did. People just lost interest to work on it (you probably know the story)."""
Being one of the head admin to PGTour this was not the case. PGTour had just received a brand new face lift and during the process the code that he used in the forums was open source. The people that created the code left a backdoor which they used to exploit and gain access to the website thereby destroying it. Pat was so devastated by the event that he literally disappeared (He never got the chance to backup the new changes so he lost everything). Chr1s and myself tried calling him repeatedly but he disappeared. Most of this information was never completely revealed to the public because Chr1s posed as Pat for a few more weeks hoping he would come back.
On topic though, I really dislike cheating. It ruins the game for everyone else. A display of production queue, or income tab is just as bad if not worse than a maphack. I wish blizzard would put forth the effort into fixing these possible future issues.
|
On October 04 2010 21:53 cocosoft wrote:
Also what source-codes are you referring too.
PM if you want them, i won't spread cheats all over this splace.
And I am refering to this:
+ Show Spoiler +number of workers alive 0x3A0
mineral income 0x4E0
gas income 0x4E8
army mineral worth 0x748
army gas worth 0x768 + to the player structure offset in SC2 memory, its all ReadProcessMemory stuff, including minimap and unit IDS.. Means some other PC can warn you that enemy is 6pooling, 9pooling or smth else by sound..
On October 04 2010 22:00 Sanasante wrote:
""And WGT died in a year or two in a same way PGT did. People just lost interest to work on it (you probably know the story)."""
Sure there are differences, the meaning was that they ended coz people didn't work on them. First WGT had the partnership issue which was about that Blizzard didn't respond fast and in case of PGT it was that Pat didn't respond at all. And people that were willing to work lost interest/chance. Hope its clear now.
|
nice information, you mind reposting this 1min youtube vid ?
i get the error message that because of violation with sony ( music may be) this video cant be showed in my country.
and i got another question, what do you think must be done to at least try to prevent cheating in the current way you described ?
|
an encrypted protocol with changed encryption once in a while will make maphackers life hard. He would need to update his hack software with each patch and the programmers doing those programs would have to constantly update their software ..
|
+ Show Spoiler +
It's kind of sad to see hax, though 
I can only hope hackers face a permanent ban :>
But hey, people cheat in all games... Even professional sports.
It would be hard to do it at an actual tournament, but in online-only tournaments, this is a real issue.
|
Is this how those Immortals were being warped in too?
|
On October 04 2010 22:05 Special Endrey wrote:
and i got another question, what do you think must be done to at least try to prevent cheating in the current way you described ?
You can't do anything automatic.
On October 04 2010 22:20 Soclever wrote:
Is this how those Immortals were being warped in too?
No.
On October 04 2010 22:10 Schnullerbacke13 wrote:
an encrypted protocol with changed encryption once in a while will make maphackers life hard. He would need to update his hack software with each patch and the programmers doing those programs would have to constantly update their software ..
Its not about network protocol, its reading game memory.
|
|
|
|
|
|
EPT![[image loading]](http://www.mymym.com/gfx/BWTV.jpg)
![[image loading]](http://img.cyberfight.ru/i_c/20896/cache/1.jpg)
