Page 1 of 5 123 ... LastLast
Results 1 to 10 of 48
  1. #1
    Join Date
    Jun 2004
    Location
    The Netherlands
    Posts
    153

    Compiled version of a game with Unity3D is far from secure.

    Just wanted to make people aware:

    I downloaded the great demo of Lee, and I noticed that the code we write in C# is just passed along with the final result without any obfuscation or protection. It might be usefull that we look into some sort of obfuscation for code, although I think that is even too little protection for real hackers. I can alter how high I jump or what is being send / retreived from server without any problems. While I can make server think I am position x,y look behind a wall or what ever to see if its worth there going. Even if we make some sort of DLL loader which downloads the assemblies from server and loads them in memory this is easy to alter, just because the nature of .NET.

    The solution that comes to mind is trying to use NGEN to make native code from our assemblies, the other option that comes to mind isusing DLL injection, although I am not sure its allowed by Unity3D.

    The way it goes is we write our own loader in C++, we load the executable in memoryspace but hold off execution. We have to look in the assembly-code of the EXE generated by Unity3D but I am sure they use win32 api's to load the dll's and all from harddisk. If we put all our resources (EAS encrypted) at the end of our loader.exe and hook code in the load function of unity3d exe to not load the code from the Game_Data folder but from the loader.exe and decrypt it this will make it sooo much harder for people to hack it.

    Maybe someone has some more experience with this then I have, I have done this before but on a very small executable never on something like this (6meg).

    Here is an examples of the process: http://www.insecure.in/papers/vista_dll_injection.pdf and http://www.codeproject.com/KB/system/hooksys.aspx
    Last edited by Project-A; 02-18-2011 at 03:27 AM.
    Bug? That's not a bug, that's a feature.
    LinkedIn - Twitter (dutch) - Work (dutch)

  2. #2
    Join Date
    Jan 2010
    Location
    Buenos Aires, Argentina
    Posts
    148
    Using Themida or something like that would be easier.

  3. #3
    Join Date
    Jan 2011
    Location
    Blackpool, UK
    Posts
    853
    There is a Unity code obfuscator available on the Unity Asset Store made by M2H, although it's not free.

    Certainly something that needs to be addressed at some stage.

  4. #4
    Join Date
    Jan 2011
    Posts
    72
    Highly interesting topic, and DLL injection is possible with unity compiled executables.
    You can take something simple as Cheat Engine and you inject a process speed hack.

  5. #5
    Join Date
    Jun 2010
    Location
    Kitchener, Ontario, Canada
    Posts
    258
    I downloaded the rar file recently I do not see any code in there, has this been fixed or am I just not looking in the right places

  6. #6
    Join Date
    Jun 2004
    Location
    The Netherlands
    Posts
    153
    Its the DLL's in the managed folder, you can open those with for example Reflector.
    Bug? That's not a bug, that's a feature.
    LinkedIn - Twitter (dutch) - Work (dutch)

  7. #7
    Join Date
    Jun 2010
    Location
    Kitchener, Ontario, Canada
    Posts
    258
    oh I dont have reflector yet....doh, so once we open those up u are saying we can see the code, modify, re compile and essentially mess around with the demo ?

    oh that could be a problem indeed.

  8. #8
    Join Date
    Oct 2009
    Posts
    123
    The way I've always heard of it being done, you should always assume that the client is hacked.

    Always.

    Information given to the client is compromised, so only give it what it needs to know. Information from the client is considered to be false until verified by the server.
    ( ! ) Assets/_Scripts/TP_Camera.cs(50,35): BCE0000: WTF?

  9. #9
    Join Date
    Jul 2008
    Location
    Portsmouth, England
    Posts
    436
    People have been going on about how you can use reflector and similar tools since before .NET even existed (Java works the same way). Well, using an obfuscator can make the decompiled code hard to follow. It can't stop the program from being easily patched, and that might be a problem for standalone games that want to include DRM protections, but for an MMO it's really not a concern. In an MMO all the interesting code is on the server and all the important data (loots, trades, etc.) is stored and verified there as well. In a commercial MMO there might be some concern over use of hacked client code to facilitate gold farming but there are better ways to deal with that than worrying about people reading your client-side code.

  10. #10
    Join Date
    Jan 2010
    Location
    Buenos Aires, Argentina
    Posts
    148
    Quote Originally Posted by D.M.J. View Post
    The way I've always heard of it being done, you should always assume that the client is hacked.

    Always.

    Information given to the client is compromised, so only give it what it needs to know. Information from the client is considered to be false until verified by the server.
    Exactly, thats why I'm against any sort of client side calculations (someone pop that up regarding spell collisions).

Page 1 of 5 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •