|
Request: Enable Address Space Layout Randomization for the engin
#442073
06/10/14 11:21
06/10/14 11:21
|
Joined: Nov 2012
Posts: 62 Istanbul
Talemon
OP
Junior Member
|
OP
Junior Member
Joined: Nov 2012
Posts: 62
Istanbul
|
Hello, I don't think this one would be implemented any time soon but here it goes: ASLR is a decent way to defeat some of the vulnerabilities in an application( wiki )It is available on Windows Vista and later versions. It protects app's memory space so malicious players can't meddle with it to alter scores etc. It would be nice if we had this feature.
|
|
|
Re: Request: Enable Address Space Layout Randomization for the engin
[Re: Talemon]
#442081
06/10/14 14:35
06/10/14 14:35
|
Joined: Oct 2007
Posts: 5,210 İstanbul, Turkey
Quad
Senior Expert
|
Senior Expert
Joined: Oct 2007
Posts: 5,210
İstanbul, Turkey
|
ASLR is no way to prevent such cheats. First, ASLR can be disabled system-wide from registry, or on process-basis by launching the executable in XP compatibility mode.
Second point is that the cheating tools(check cheat engine forums) and malware targeting specific executables have successfully worked around ASLR.
Since you are working on an online game, you should rely on values stored on the server and not trust the client.
3333333333
|
|
|
Re: Request: Enable Address Space Layout Randomization for the engin
[Re: Quad]
#442083
06/10/14 14:57
06/10/14 14:57
|
Joined: Nov 2012
Posts: 62 Istanbul
Talemon
OP
Junior Member
|
OP
Junior Member
Joined: Nov 2012
Posts: 62
Istanbul
|
ASLR is no way to prevent such cheats. First, ASLR can be disabled system-wide from registry, or on process-basis by launching the executable in XP compatibility mode.
Second point is that the cheating tools(check cheat engine forums) and malware targeting specific executables have successfully worked around ASLR.
Since you are working on an online game, you should rely on values stored on the server and not trust the client. Thanks for the input, I didn't know that. I'm not suggesting that we rely on client side variables, it was just an example. What I'm worried about are things like wallhacks and malware that target gulliable players, which require code injection and/or hooking to specific functions. As I said, we'll see what hackers come up with soon.
|
|
|
Re: Request: Enable Address Space Layout Randomization for the engin
[Re: Talemon]
#442086
06/10/14 16:53
06/10/14 16:53
|
Joined: Oct 2011
Posts: 1,082 Germany
Ch40zzC0d3r
Serious User
|
Serious User
Joined: Oct 2011
Posts: 1,082
Germany
|
lol you can call every game function / engine function with an injected dll. You shouldnt worry about wallhacks but about teleport, speedhack, weapon/equipment hacks, rank/level hacks and so on.
Last edited by Ch40zzC0d3r; 06/10/14 16:53.
|
|
|
|