Maps protected from hosting

Technical issues discussion about your computer and Deus Ex games.

Moderator: Forum Guards

Maps protected from hosting

Postby Shinobi » Tue Mar 15, 11 2:24 pm

Does anybody know how to override this? There's a map I'd really like to play over my LAN but can't seem to be able to host it.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Cozmo » Tue Mar 15, 11 3:46 pm

Ah, I keep meaning to reply to your post on my forums. Not sure how I've kept forgetting until now.

Depends how they've done it. I think MMCity checks for a server side actor, but the only one I'm familiar with is the one used for my RPG (you were spot on btw; it checks for a pass embedded in an actor then crashes etc :P I was a moron when coding it though - replicated it wrong and it crashes on LAN too argh). As for mine, it's been exclusive to Hasha's for a while now so I'll release password + editable version soon.
Last edited by Cozmo on Tue Mar 15, 11 3:47 pm, edited 1 time in total.
Cozmo
Master
 
Posts: 1266
Joined: Tue Jun 28, 05 10:53 am
Location: UK

Postby Shinobi » Tue Mar 15, 11 4:01 pm

Cool I'd like to host in over my LAN. :)

Interested to know if the code can be bypassed??? :roll:
Last edited by Shinobi on Tue Mar 15, 11 5:56 pm, edited 1 time in total.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Shinobi » Wed Mar 16, 11 1:49 am

3 euros to whoever bypasses cozmo's host protection lmao
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby ~DJ~ » Wed Mar 16, 11 3:10 am

60 euros or no deal
Last edited by ~DJ~ on Wed Mar 16, 11 3:14 am, edited 1 time in total.
User avatar
~DJ~
Forum Super Hero
 
Posts: 3766
Joined: Tue May 22, 07 12:23 pm

Postby Alex » Wed Mar 16, 11 7:29 am

Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.
Alex
Alpha
 
Posts: 8067
Joined: Wed Nov 12, 03 4:51 pm

Postby James » Wed Mar 16, 11 7:33 am

lol

oh alex
I am dead.
User avatar
James
Alpha
 
Posts: 28885
Joined: Sun Oct 26, 03 9:14 pm
Location: Home

Postby Shinobi » Wed Mar 16, 11 10:01 am

Alex wrote:
Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.


Email addy then... lol
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Cozmo » Wed Mar 16, 11 10:36 am

Alex wrote:
Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.


Ah, good idea - thanks. :) I assumed it would crash before any code to delete it could be executed (I think a test I did crashed pre beginplay), but that was silly of me. I knew it was a weak, cheesy way of "protecting" it, but it was just a last minute decision to stop people with no idea / Dogny from hosting it.

As for the password, I think I'll release it with the next patch / add on thing to make sure people don't host the broken versions.
Cozmo
Master
 
Posts: 1266
Joined: Tue Jun 28, 05 10:53 am
Location: UK

Postby Shinobi » Wed Mar 16, 11 10:49 am

I only want it for LAN lol :(

PLUS I've got Patch v1 which is more than some.....
Last edited by Shinobi on Wed Mar 16, 11 10:53 am, edited 1 time in total.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Alex » Wed Mar 16, 11 11:27 am

Cozmo wrote:
Alex wrote:
Shinobi wrote:3 euros to whoever bypasses cozmo's host protection lmao

Deal, please transfer the sum.

Cozmo, you should also make a check if it actually checked the passowrd.
It took me 2 minutes to make something that simply disables/deletes your password checker..

Perhaps make the password check enable stuff when authorized, thus when the pw is wrong or when it's bypassed, the game still isn't playable.


Ah, good idea - thanks. :) I assumed it would crash before any code to delete it could be executed (I think a test I did crashed pre beginplay), but that was silly of me. I knew it was a weak, cheesy way of "protecting" it, but it was just a last minute decision to stop people with no idea / Dogny from hosting it.

As for the password, I think I'll release it with the next patch / add on thing to make sure people don't host the broken versions.

Your check happens in Tick(), no? I didn't see a reference to PreBeginPlay. Pre/Post-beginplay are all called first, before actors start using Tick.

Also, don't store your passwords in a config variable. PM me if you want to know a better method.
Last edited by Alex on Wed Mar 16, 11 11:27 am, edited 1 time in total.
Alex
Alpha
 
Posts: 8067
Joined: Wed Nov 12, 03 4:51 pm

Postby Shinobi » Wed Mar 16, 11 11:33 am

blah blah
Last edited by Shinobi on Wed Mar 16, 11 2:03 pm, edited 1 time in total.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Alex » Wed Mar 16, 11 11:44 am

Shinobi wrote:His pass is k128 though, which isn't accessible by non-coders like myself because it's stored in the map which is also protected. The k48 variable is a decoy, I'm assuming, cause I can get that by typing get "cozmo_rpg_host.authhost k48" in edh's lagfest, err I mean server.

There are methods that don't require variables at all, thus making it harder to guess or know where to aim hacks at.
Alex
Alpha
 
Posts: 8067
Joined: Wed Nov 12, 03 4:51 pm

Postby Shinobi » Wed Mar 16, 11 11:47 am

If (let's use Cozmo's Authhost as an example) a method DOES use a variable, would the solution be based around changing the value of the variable from within the code, or to just bypass the check by re-writing some of the code?

As I see it his variable can't be changed as it's set in UEd inside an actor pasted on the map.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Hanover Fist » Wed Mar 16, 11 11:54 am

Image
Happiness is a full wallet and a loaded clip
User avatar
Hanover Fist
Master
 
Posts: 1186
Joined: Sun Nov 21, 04 1:32 am
Location: Cali

Postby Alex » Wed Mar 16, 11 11:58 am

The variable set within the map is just a decoy, I don't think it's used for anything. But I didn't analyze it properly, so I can't be sure of that.

A method that does use a variable, can be cracked by 'following' the config variable, and then figuring out what it checks it against. If a method uses a variable that does not exist (yes, you can), it's harder to get an idea of the security, plus you can make it more complex by adding dummy/decoy variables and/or functions. Besides that, it could help making as much functions and variables witin the class 'private', even though that can be cracked as well (but would require more knowledge of the engine of Deus Ex). Bypassing the private attribute was one of the ways I used to bypass some restrictions within the UnrealEngine (such as, replacing actors with my own, while they are supposed to be static, thus non-replaceable)

I could go on and on concerning security within DX (as that was my 'main' thing), but I wont, as I don't have the time + telling too much could compromise certain things :)
Alex
Alpha
 
Posts: 8067
Joined: Wed Nov 12, 03 4:51 pm

Postby Shinobi » Wed Mar 16, 11 12:09 pm

blah blah
Last edited by Shinobi on Wed Mar 16, 11 2:04 pm, edited 2 times in total.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby Alex » Wed Mar 16, 11 12:36 pm

Shinobi wrote:
Alex wrote:A method that does use a variable, can be cracked by 'following' the config variable, and then figuring out what it checks it against.


Wouldn't work for this particular example. Mod is protected, remember.

A protected modification does not mean noone can ever find out what was in it. Reverse engineering, etc. Seeing as the game must still be able to interpretate the package, so can you, as long as you know what certain hex values etc mean.
EDIT: Mind you, I'm not saying it's easy to decompile protected modifications; I didn't manage to, but you can hex-read certain bits (Or the entire code, but kudos to anyone who does that).
Last edited by Alex on Wed Mar 16, 11 12:37 pm, edited 1 time in total.
Alex
Alpha
 
Posts: 8067
Joined: Wed Nov 12, 03 4:51 pm

Postby Shinobi » Wed Mar 16, 11 12:45 pm

I give up, lol. Don;'t know much at all about coding, therefore it's impossible for me to implement my own protection or try to crack cozmo's.

I tried recompiling authhost with a few edits, it recompiled okay but didn't work.
So we beat on, boats against the current, borne back ceaselessly into the past.
User avatar
Shinobi
Master
 
Posts: 1503
Joined: Tue Jul 10, 07 12:10 pm
Location: Wales

Postby ~DJ~ » Wed Mar 16, 11 11:12 pm

ALEX PLS PM ME 2

srsly. :oops:
User avatar
~DJ~
Forum Super Hero
 
Posts: 3766
Joined: Tue May 22, 07 12:23 pm

Postby Marder » Fri Mar 25, 11 2:30 pm

President of Cozmopolis wrote:so I'll release password + editable version soon.


This is something SG did and later decided that only selected people would work on SG maps.

Think about DXMP_Skyline, majority of current DX players have only seen the pirate version on ZXC server. This happened because someone found out that original mapper had given me permission to edit for SG. He did not give permission for any of the things that the mapper/s did and they have truly spoiled his map with wep littering, removing all the lights, and stuff!! So Alex is right to be talking about pm's. Topic title is maybe even questionable... better for pm etc.

I would think about not making it totally public. SG is currently kept within a group who all visit the same forums regularly and that group vets its applicants. Let people know on your page that its editable and where to apply... start building your mini dev studio! Cozmo!

Applicants I know about are Chinny and myself as 1 map, Rodwijk wants to lead map a flying city.

Chinny asked me to link you both, as the only place you two are both registered users is our DXMP forums, could you check your account or pm him if possible.
Last edited by Marder on Fri Mar 25, 11 2:32 pm, edited 1 time in total.
Marder
Poster
 
Posts: 231
Joined: Sun Oct 10, 10 12:58 pm
Location: Classified


Return to Technical issues

Who is online

Users browsing this forum: No registered users and 7 guests