• Greetings, Agents! Welcome to the The Division Forums. It looks like you're looking forward to Tom Clancy's The Division 3, but haven't created an account yet. Why not take a minute to register for your own free account now? As a member you get free access to all of our forums and posts plus the ability to post your own messages, communicate directly with other members and much more.

Multiplayer Games and hacking - experiences from a mod maker.

Status
Not open for further replies.

RimBlock

Underground, overground, wombling free
I am sure the majority of us are equally frustrated with the hacking going on in The Division but it was not until about 3 years ago that I found out more about hacking multiplayer games and the whole ecosystem behind it when I started writing mods for persistent Arma 2 based conversions like Dayz Epoch.  

I thought I would share my experiences so people can have a better view on what I have seen going on with this sort of hacker / multiplayer game relationship.  Whilst the information here centers around Arma 2, there are a uprising number of parallels with The Division.  

Arma 2 is a game engine with a set of configuration files that handle the menu system.  On top of that you could add your own config files for custom menus / guis (inventory etc) and mission files with scripts for missions / mods.  You can also add new assets (objects, sounds etc) via a mod package that the server and client both need installed.  Arma uses a scripting language (with online reference) for building missions.

Initially the mission files are downloaded from the server and had the mission code and parameters (in plain text) on the client.  Sound familiar ?. Guess what happened...... Boom..... hackers discovered that if you start the game and get the files then you could edit them and restart the game and it would take the edited files as long as no file names changed.  It trusted the files on the clients.  Then there was a Crc check put in for the downloaded mission files and .... Boom..... the hackers started using memory editors to change key values in the game memory space.   Common hacks seen included teleports, exiting cars next to a wall in order to get through to the over side (exchange car for mobile cover in The Division), superspeed, invincibility, aimbot etc.

As the Arma 2 engine was not originally built for persistent MP games, it had very little security built in and so any extra security would need to be added by the mission / mod makers either at a client mission level or at a server level.  Client side code was open to hacker dissecting and abusing.  Server side checks were a lot more secure as the hackers didn't have the code (unless it was publicly released for private server owners) but each round of checks added more load on to the servers so it became a war of putting the most effective cycle efficient checks in so you can still maintain a decently fast game environment for your player base.

Arma 2 was released in 2009.  There is no reason the developers could not have taken a look at it as a model of the difficulties MP games have with hackers, the things that have been tried and what success they have had.  The big hype when DayZ launched on Steam would have highlighted Arma again and I find it hard to believe none of the Massive project team were unaware of it.

Now for the other side......

We all know there are people out there with inquisitive minds and lots of time on their hands.  Some like a challenge and getting a game to do something it is not meant to is a very bright lightbulb to draw these moths in.  Some are able to find ways to cheat and just publish the information on the internet to show how clever they are, a few keep the information for themselves and then are others who sell programs to people wanting this advantage over others.  

There are two fairly easy to find sites out there which have people selling cheat engines or guides on how to get advantages on MP games (COD / DayZ / The Division etc) and when money comes in to play the people selling will work hard to bring more in.  If the game devs bring in a fix then they will apply a lot of resources to find the next issue they can exploit as this will bring in another raft of cash for those people who thrive on cheating in games.  If Steam bans the cheaters then these cheat creators just use the cash they made to buy more keys.  With the cash they can pull in, it makes little difference to them.  The number of cheaters used to rocket on the A2 Dayz Epoch servers whenever an Arma 2 Steam sale popped up and cheaters just bought new keys to replace their banned ones.

On top of all this, there is now a market for people to 'help' other players beat missions, farm and get loot.  We have all seen the spam on the CoO.  This will, by far, be the hardest to protect against as a core concept of the game it for people to work together but this also gives unfair advantages to those willing to pay to win. 

So what is the moral of all this (Tl:Dnr) ....

  • The server should never trust the client on a PC multiplayer game
  • This is not a new problem.
  • Fixing exploits / cheats via server side 'checks' will slowly grind the game down to crawl as more exploits and checks are added.
  •  Massive should have been more than aware of it if they had done their due diligence, although there is always the possibility that when all the above was going on (over the last 7 tears), the person responsible for PC client server architecture was sitting in a dark room with a bucket on their head, hitting it with a wooden spoon whilst singing baa, baa black sheep.
The more cynical may suggest that someone made the decision to 'meat deadlines for an all format release and sort out the PC issues as they come up'.  If that was the case then all I can say is "Oh, you silly person"....

Hope this has been at least a bit interesting to some.  There is also a good thread over on the UBI forums (sorry, can't link it from work) on this.

Happy hunting.

 
Status
Not open for further replies.

Advertisements

Back
Top