[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Bit on cheating: was: Re: Introductions



On Thu, 11 Dec 2003, KANE Aaron wrote:

> Instead of generating the source code differently what if the source was constant and variables were just changed.
> 
> If all dll were required to contain cert variables something 2048 bits long.  At server startup the key could be generated and the
> dll compiled and distributed.  That way every game the libraries would be different.  The authentication could involve returning the
> cert along with a MD5 of the library? With a cert and the MD5 as the password I think we getting into a self authenticating
> library?  (I am sure I have missed something in here)
> 
> I agree that this method would force a ------------long------------ server start up time... and a long client connect time.. however
> if the server is intended to be running for a long time, it might be worth considering?
> 
> Just crazy ideas...

The problem with doing it like that is that you basically says; "OK, here 
is the key. Please use it". And the hacker says, "OK, that is nice, I will 
just feed my corrupt data through the dll. Great". You do not solve the 
problem that way at all. Actually you just make it easier for the hacker.

If you do not understand my answer (which is written in a hurry) please 
write again.

Mads

-- 
Mads Bondo Dydensborg.                               madsdyd@challenge.dk
#!/usr/bin/perl -w
# 526-byte qrpff, Keith Winstein and Marc Horowitz <sipb-iap-dvd@mit.edu>
# MPEG 2 PS VOB file on stdin -> descrambled output on stdout
# arguments: title key bytes in least to most-significant order
$_='while(read+STDIN,$_,2048){$a=29;$c=142;if((@a=unx"C*",$_)[20]&48){$h=5;
$_=unxb24,join"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d=
unxV,xb25,$_;$b=73;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=($t=255)&($d
>>12^$d>>4^$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*8^$q<<6))<<9
,$_=(map{$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;$t
^=(72,@z=(64,72,$a^=12*($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)[$_%8]}(16..271))
[$_]^(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a}';s/x/pack+/g;eval