> I'm curious how these DLL hacks work. Any one like to give a brief synopsis? > If I know what they're doing, then I have a fighting change to stop it. > > But if I understand the process, the DLL hack inserts itself between the > engine hooks and the mod DLL using the callback tables. (At least for > aimbots anyway. The graphic and model hacks are another story.) I'm not how > they do that, but I'll assume that's the case. If so, then we have what we > call in networking a man-in-the-middle attack in which a hacker can eaves > drop on both sides of the conversation. A possible solution to this is to > encrypt the player movement packets using a public key algorithm using > randomly generated keys on both ends. (Only the client movements being sent > to the server would need encryption.) Since RSA's patent has expired, it > would be a good choice. The catch to this is that both the server and the > client need to incorporate this for it to work. The key wouldn't need to be > very large. Just large enough to make hacking a key an unreasonable option. > If you wanted to be really evil, you could generate new keys at the end of > every level.
Part of the problem is that, at some point, the player positions are stored in memory so that the engine can render the models and so that the client can apply effects (like Triangle API stuff). No matter what encryption scheme you use, the client bots can access these player origins from the memory contents. A major part of the problem is that Windows processes are not protected from "outside" applications accessing "protected" process memory. If it were, client bots wouldn't be able to modify the engine runtime code and load their DLLs into the engine/client runtime space and become man-in-the-middle problems. You can find web sites that provide more details on how the client bots are loaded by searching for "Half-Life client bot" with your favorite Internet search engine. I'm still convinced that the only "foolproof" way to prevent cheaters is by running code on the only system the cheaters don't have access to (the server). Tracking the aiming accuracy of a player over time can help identify players who are using aimbots. Of course, a really good player looks like he's/she's using an aimbot (has high aiming accuracy, high number of kills and low number of deaths). This has the undesired side effect of banning really good players as well as cheaters. Also MOD design plays a major part in how much players can cheat. If players were not allowed to shoot through walls in Counter-Strike, aimbots and wall-hacks would be less effective (or at least allow the person being shot at more of a chance to dodge incoming bullets). If you designed a MOD that doesn't use anytype of weapons at all, it would make aimbots completely useless (racing games, strategy games, etc. would have fewer cheaters since the AI required to control a fake player is more complicated). Jeffrey "botman" Broome _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
