|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
masternerdguy
Dominion Task Force
1663
|
Posted - 2014.04.15 22:21:00 -
[1] - Quote
So you are asking CCP to allow you to freely inject arbitrary code into their client, allow you to redo all your client side graphics, and expose the core of their game?
This is a bot writer's dream.
And "OpenGL FX mods" lol. Things are only impossible until they are not. |
masternerdguy
Dominion Task Force
1663
|
Posted - 2014.04.15 23:17:00 -
[2] - Quote
Amy Alland wrote:Thanks for recommending alternate discussion thread.
To those who can't read ; Limited client modding ; this means limited availability to the client via encryption and CCP provided Decompiler(s)
Via encryption.
Guys I guess it's ok to inject code into the client, it's encrypted.
http://www.youtube.com/watch?v=COSeM2EVkDc Things are only impossible until they are not. |
masternerdguy
Dominion Task Force
1663
|
Posted - 2014.04.15 23:31:00 -
[3] - Quote
Amy Alland wrote:That is why limiting decompilers are used ; please do research before displaying your ignorance
Displaying my ignorance?
Even if you decompile only a small part of the client it is possible to hook in anything you want into it. Don't believe me? Well, a good example of such a project is FLHook which allows arbitrary code injection into Freelancer. This lovely mod has allowed many totally new features to be added such as multiplayer storyline missions, jump drives, cloaking devices, sovereignty and clan ownership of space, anti-cheat systems, market economies, manufacturing and crafting, and out of game web integration.
And this is just by injecting a DLL at startup and having that DLL call any plugin in a folder.
Your 'limiting decompiler' is going to expose more than enough. It doesn't matter if the client is encrypted or obfuscated when built, since that key will need to be exposed at some point to run the code, and therefore can be captured.
Also, by allowing players to load assets into the game you are introducing a second route of code injection: malformed resource files. Why do you think so many mail services block images by default? Because they are often used to load code into the library used to decode them for display and attack via buffer overun.
Finally, even if your system is 100% secure (which it won't be, not even close) allowing you to load custom client side models and textures is going to make writing bots super easy. No longer will you have to worry about getting the bot to understand the client, because now you can make the client easier to understand!
Finally, it is going to make patching a nightmare (read impossible). Things are only impossible until they are not. |
masternerdguy
Dominion Task Force
1663
|
Posted - 2014.04.15 23:45:00 -
[4] - Quote
Amy Alland wrote:Your misunderstanding of the function of a limited compiler is more than enough for me to disregard your defensive retorts. Ignoring this I simply can't be asked to go through the relatively simple procedures to prevent these obvious loop holes you have pointed out. Have a nice day.
Please explain in technical detail how you've solved these problems. Otherwise, your claims that you've solved them hold no weight. Things are only impossible until they are not. |
|
|
|