Circumventing the Anti-Cheat-Protection
 

Hey Folks,

I just wanted to let you know that I probably found out how Norfleet managed to trick the Anti-Cheat-Protection. I wasn't able to produce unlimited gems but I found out how it's possible to forge for free. Could it be that Norfleet used the same hole and forged for free or was he actually able to produce gems?

Of course I'm going to inform the Devs about how I did it... It might be easy to include a fix in the anti-cheat protection for this particular cheat.


Rock on,

Michael

Re: Circumventing the Anti-Cheat-Protection
 

Interesting. I've spend a lot of time analizing Norf's file, and there is no way he could have even his 850+ (out of total 4800 gems) none-death and mostly none-astral gems that he had in his Gem Treasury without cheating(not to mention bloodslaves), since his total none-death income for the duration of the game was about 130 gems, not counting any summons/forging. Not to mention 2000+ gems worth of summons and empowering, that also had nothing to do with forging.


Therefore you must have found another hole in Dom2 security BugRoger. I am sure devs will be very interested to know the details. Well done.

Regards,
Stormbinder

Re: Circumventing the Anti-Cheat-Protection
 

Actually I can use the same method for casting and empowerment too. Once you have Alteration 9 it's possible to cast Wish for free and that will give you almost everything. Maybe it's even possible to manipulate the research but that is definetly harder to do...

I'm going to look into the cheat game. Maybe I can find something for myself. You only happen to have one turn file?

Re: Circumventing the Anti-Cheat-Protection
 

Yeap. And it is turn 23, max reseach lvl 7, so no wishes. You can download it from Mose's server, he provided a link to it in some of the related threads recently.

BTW have devs confirmed your findings? (meaning were they able to duplicate it)

Re: Circumventing the Anti-Cheat-Protection
 

I looked into the cheat game. I think this is possible using the trick I found. I also found out that it's possible to build castles for free.

Also I have another game which was hosted on my server where Calmon suspected that Norfleet might be cheating. Norfleet wanted me to delete the game files... Well, I think I'm going to look into this as well.

I haven't informed the devs yet. Just got up and wanted to try spell casting and empowerment as well... Actually, I think the devs know by now how it's possible to do this. The anti-cheat protection tries to protect exactly against this kind of cheat but it's just not sophisticated enough.

I can imagine that it might be quite hard to fix all the holes but maybe there's a technique to protect against it programatically.

Re: Circumventing the Anti-Cheat-Protection
 

Well whatever it is you are doing, the sending just list of commands to server and nothing else, to be performed and calculated by the server based upon your "begining of the turn state" should be enough to prevent it, correct? (and please don't say anymore details about it http://forum.shrapnelgames.com/images/smilies/wink.gif )

It may reqire quite a bit of recoding on the part of Illwinter though, depending on how exactly did they structured their sourse code. But it sounds to me like a good way to aproach the problem, based upon what we know about recent developments.

Re: Circumventing the Anti-Cheat-Protection
 

The fixes in order of "correctness" are:

1. Only send the server the commands and let it validate each command. This could be expensive in terms of coding depending upon how Illwinter coded the game.

2. check all costs on the server side add them together and see if this is possible. This could be of moderate cost. Who know if Illwinter has time for this.

3. Put some XOR's in the accessors for these ( perhaps even all ) member variables. Move the structure in question away from where it currently is, perhaps break it up into multiple parts. Put the values into a linked list instead of right after one another. This is cheap to do and makes it so people have to break out IDA instead of just spamming ReadProcessMemory and looking at the output for 10 min.

Re: Circumventing the Anti-Cheat-Protection
 

Hey, BR, you are great!!! Three cheers for you!!
I didnt know you are a Berliner, too -- hihi, schön.

Re: Circumventing the Anti-Cheat-Protection *DELETED*
 

Post deleted by Zen

Re: Circumventing the Anti-Cheat-Protection
 

I disagree. All he's done is described what the cheat does, and some slight information about how he went about finding it. Anyone who would be able to figure out how to cheat based just on this information, would be able to figure it out on their own anyway. But, this description of how the cheat operates might help honest players notice if it is happening in their game.

In any case, I expect that there are very few players here who would cheat anyway, and those who would know how to do it already.

I suppose I also should add that this particular flaw, while serious, would still not account for what was found in Norfleet's turn. So there must be something else afoot.

Re: Circumventing the Anti-Cheat-Protection
 

As a standard rule, and hopefully enforced as equally as possible, information on how to bypass purchasing, copy protections, and cheat detections will disappear quickly.
After all, this IS a computer owned/run by an upstanding games publishing company. Discussion as to how effective, fair, or desireable such things are will have no effect on whether or not Shrapnel should be willing to leave them in plain site on their Boards.

Now if you want to join me in the alt.hacker newsgroup, or my www.alt-hacker.org site, I will be glad to discuss the subject further. (but be forwarned that in those forums I dont have to be so careful about what I might call someone)

Re: Circumventing the Anti-Cheat-Protection
 

I just wanted to add that I contacted the devs with the details about the cheat. Hope you guys are still going to play with me... http://forum.shrapnelgames.com/images/smilies/wink.gif

Huzurdaddi:
Though I used a similar approach to what you described (deleted now) the actual procedure was different. Maybe you also let the devs know how your cheat works...

Re: Circumventing the Anti-Cheat-Protection
 

Well said Gandalf.

Re: Circumventing the Anti-Cheat-Protection
 

No it totally explains what people think that they saw in Norfleet's turn. There may be additional exploits but this one does the trick.

Re: Circumventing the Anti-Cheat-Protection
 

How does it explain the large stockpile of bloodslaves that he had?

Re: Circumventing the Anti-Cheat-Protection
 

Short answer? It doesn't.

It might interest folks to know the following, which is an excerpt from a PM that Norfleet sent me 6 days ago (as one of his few friends on the forum):
Frankly, I don't believe him. Too many people have been reporting too many oddities with games he was in for me to be able to accept his claim at face value. I would not be surprised at all if he used more than one exploit. Norfleet struck me as the type to take losing very poorly, and to not be above using any dirty tricks he could (such as having multiple aliases so that he could pump people for info) to gain whatever advantage he felt he needed to assure his supremacy.

EDIT: furthermore, an honest player would have immediately let everyone know that something very odd had happened and called a halt to the game. From the threads I've seen, Norfleet took full advantage of this alleged bug. Not the sort of action an innocent person would/should take.