This sounds inefficient given the relatively large increase in map filesize, since it's difficult enough to get 500KB+ maps to spread. Is this in general or would simple things not significantly increase map size (ie, I can do a few simple enhancements for roughly the size of a few triggers)?

This sounds close to getting everyone to agree to run an agreed on mod of SCBW, but using battle.net directly as a distribution system. It has its advantages.

Too late.

True, but when discovered, progress on EUD actions that have could have been used maliciously was greatly impeded by the series of patches 1.13-1.13e. (and probably 1.13f, but that actually took a few months. Not sure if a new EUD discoveries took roughly as long during that time) From the timeline:

The people who would abuse the power may simply not have had the time, and by the time they got something out, it may have been patched.

I feel as though this would have happened with modding already.

If only.

You'd be surprised how petty people can be, for example anyone who used the game list flood script to temporarily render entire gateways near unplayable.

Doesn't seem like it, considering how many simple wonderful things they could do to put some life into the game. Though, notably, exploits have attracted attention in the past, so there is a significant possibility they would care enough to patch a hole as big as this. EUD actions were patched after attracting quite a bit of attention, ten days after that were released. (1.13 - 1.13f) This ultimately led to a drawn out patch "battle" between Blizzard and SEN's (primarily Heinermann's) developments. However, it is worth noting that this was almost ten years ago, in 2005, which is why a Blizzard patch may not be as probable.

I'm not sure about after any sort of obfuscation/whatever, but the triggers should be highly compressible making it a much more reasonable size (<100kb).

I got a map size of 143KB, and this is before I care to do trigger optimizations and CHK optimizations.

I suggest private servers. Avoid any detection from Battle.net while also applying your own DLL changes/enabler through the server, which has been done if I read correctly.

Post has been edited 1 time(s), last time on Aug 6 2014, 6:39 am by Sand Wraith.

That's not really a way to apply map-based exe code, but it would be nice to have a popular private English server

Like iCCup and the upcoming StarServer, of which I'm one of the developers?

It has been done but it seems that you've skipped my post. In order for a server to send dll files to the client, the file must be cryptographically signed with a private key which we don't have and probably won't have for a very very long time and if not, will never have.
Battle.net doesn't use Warden anymore so players can't be detected for playing on these maps.

Interestingly, this was something I had asked about a while back: integrated EUD/expansion patches.

And now it seems to be possible.

I can't help but wonder though; wouldn't all this brain power go to better use remaking StarCraft with better features and on a more capable engine?

A while back some ex-modders remade WarCraft II (barring IP infringement) for html and had laudable success. I would imagine that success achieved many times over for a true starcraft-like.

It seems like a business opportunity, gentlemen.

+ about lockdown.dll : I've mistaken, maybe. Fish server may had used different methods to enforce/disable EUD actions.

Clarification
------------------
Private server once enabled EUD actions for everyone. That's all I know of.
Private server once had disabled programs modifying SC. (EUD Action Enabler had been disabled, too) I've experienced them.

I don't know how exactly those worked. I didn't knew ollydbg then, and I couldn't reversed them.



Add
----
Attached lockdown.mpq from Fish server and Asia.
Fish server apparently uses custom lockdown.dll. I don't know how to verify signature of those dlls, however.

Attachments:

Post has been edited 5 time(s), last time on Aug 7 2014, 7:17 am by trgk.

Thanks to Tianyi HE(I don't know who he is but he definitely deserves credit), the private key for Blizzard's Weak Digital Signature was cracked and code has been published to sign mpq files.

So, just to give a little update.

I've updated my map/program such that one would literally only have to add DLL(s) into the map using an MPQ Editor, and the map will load those DLL's when it is played (i.e. ANYTHING is possible). I'm not going to release it, of course, but it's just to show how easy malicious code could be run if it went viral (not to mention certain hacks I remember where you can "hijack" a room by forcing the players in the lobby to download a map different from the one being hosted, or "mimicking" maps by giving a similar appearance in the lobby e.g. force names, map name, etc).

This could easily be patched by Blizzard, but since they don't care anymore here's some effort on my part for preventing this. It is a "hack" that I'm calling MapCheck for now. It's sole purpose is to "check" maps in the lobby before they are played for extended preplaced units in the map, and informs the user accordingly. The rationale behind this is that doing a blatant "patch" on the overflows will only cause desyncs in such maps, and most maps use the overflows for harmless purposes (p15 speedup trick, p20 terrain trick, extended supply, etc). So, the hack only "checks" the map and it is up to the user to decide whether to play it or not. It's still very preliminary, and is very possible to conflict with other "hacks" or "mods" (as is the nature of them), but will serve fine for anyone that is paranoid of this overflow. Here it is: http://www.staredit.net/files/2980/.

On a personal note this exploit was pretty fun to develop. Though it probably ruined mapping for me because my previous mapping mentality was to push mapping to its utmost limits and finding out what's absolutely possible, and now we know literally anything is possible. So, I dunno what jjf28/trgk have planned as far as releasing this exploit, but I probably won't take part of it.