Deus Ex Alpha

Does anybody know how to override this? There's a map I'd really like to play over my LAN but can't seem to be able to host it.

Ah, I keep meaning to reply to your post on my forums. Not sure how I've kept forgetting until now.

Depends how they've done it. I think MMCity checks for a server side actor, but the only one I'm familiar with is the one used for my RPG (you were spot on btw; it checks for a pass embedded in an actor then crashes etc I was a moron when coding it though - replicated it wrong and it crashes on LAN too argh). As for mine, it's been exclusive to Hasha's for a while now so I'll release password + editable version soon.

Cool I'd like to host in over my LAN.

Interested to know if the code can be bypassed???

3 euros to whoever bypasses cozmo's host protection lmao

60 euros or no deal

Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.

lol

oh alex

Alex wrote:

Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.

Email addy then... lol

Alex wrote:

Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.

Ah, good idea - thanks. I assumed it would crash before any code to delete it could be executed (I think a test I did crashed pre beginplay), but that was silly of me. I knew it was a weak, cheesy way of "protecting" it, but it was just a last minute decision to stop people with no idea / Dogny from hosting it.

As for the password, I think I'll release it with the next patch / add on thing to make sure people don't host the broken versions.

I only want it for LAN lol

PLUS I've got Patch v1 which is more than some.....

Cozmo wrote:

Alex wrote:

Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.

Ah, good idea - thanks. I assumed it would crash before any code to delete it could be executed (I think a test I did crashed pre beginplay), but that was silly of me. I knew it was a weak, cheesy way of "protecting" it, but it was just a last minute decision to stop people with no idea / Dogny from hosting it.

As for the password, I think I'll release it with the next patch / add on thing to make sure people don't host the broken versions.

Your check happens in Tick(), no? I didn't see a reference to PreBeginPlay. Pre/Post-beginplay are all called first, before actors start using Tick.

Also, don't store your passwords in a config variable. PM me if you want to know a better method.

blah blah

Shinobi wrote:His pass is k128 though, which isn't accessible by non-coders like myself because it's stored in the map which is also protected. The k48 variable is a decoy, I'm assuming, cause I can get that by typing get "cozmo_rpg_host.authhost k48" in edh's lagfest, err I mean server.

There are methods that don't require variables at all, thus making it harder to guess or know where to aim hacks at.

If (let's use Cozmo's Authhost as an example) a method DOES use a variable, would the solution be based around changing the value of the variable from within the code, or to just bypass the check by re-writing some of the code?

As I see it his variable can't be changed as it's set in UEd inside an actor pasted on the map.

The variable set within the map is just a decoy, I don't think it's used for anything. But I didn't analyze it properly, so I can't be sure of that.

A method that does use a variable, can be cracked by 'following' the config variable, and then figuring out what it checks it against. If a method uses a variable that does not exist (yes, you can), it's harder to get an idea of the security, plus you can make it more complex by adding dummy/decoy variables and/or functions. Besides that, it could help making as much functions and variables witin the class 'private', even though that can be cracked as well (but would require more knowledge of the engine of Deus Ex). Bypassing the private attribute was one of the ways I used to bypass some restrictions within the UnrealEngine (such as, replacing actors with my own, while they are supposed to be static, thus non-replaceable)

I could go on and on concerning security within DX (as that was my 'main' thing), but I wont, as I don't have the time + telling too much could compromise certain things

blah blah

Shinobi wrote:

Alex wrote:A method that does use a variable, can be cracked by 'following' the config variable, and then figuring out what it checks it against.

Wouldn't work for this particular example. Mod is protected, remember.

A protected modification does not mean noone can ever find out what was in it. Reverse engineering, etc. Seeing as the game must still be able to interpretate the package, so can you, as long as you know what certain hex values etc mean.
EDIT: Mind you, I'm not saying it's easy to decompile protected modifications; I didn't manage to, but you can hex-read certain bits (Or the entire code, but kudos to anyone who does that).

I give up, lol. Don;'t know much at all about coding, therefore it's impossible for me to implement my own protection or try to crack cozmo's.

I tried recompiling authhost with a few edits, it recompiled okay but didn't work.

ALEX PLS PM ME 2

srsly.

President of Cozmopolis wrote:so I'll release password + editable version soon.

This is something SG did and later decided that only selected people would work on SG maps.

Think about DXMP_Skyline, majority of current DX players have only seen the pirate version on ZXC server. This happened because someone found out that original mapper had given me permission to edit for SG. He did not give permission for any of the things that the mapper/s did and they have truly spoiled his map with wep littering, removing all the lights, and stuff!! So Alex is right to be talking about pm's. Topic title is maybe even questionable... better for pm etc.

I would think about not making it totally public. SG is currently kept within a group who all visit the same forums regularly and that group vets its applicants. Let people know on your page that its editable and where to apply... start building your mini dev studio! Cozmo!

Applicants I know about are Chinny and myself as 1 map, Rodwijk wants to lead map a flying city.

Chinny asked me to link you both, as the only place you two are both registered users is our DXMP forums, could you check your account or pm him if possible.