Anti-Hack Triggers NEW UPDATE: MAC-FRIENDLY! (Topic)

Staredit Network > Forums > SC1 UMS Theory and Ideas > Topic: Anti-Hack Triggers NEW UPDATE: MAC-FRIENDLY!

Anti-Hack Triggers NEW UPDATE: MAC-FRIENDLY!

Aug 18 2009, 5:51 pm
By: Tank_7

Pages: < 1 � 5 6 7

Apr 24 2012, 10:51 pm

Roy Post #121

An artist's depiction of an Extended Unit Death

Quote from name:xboi209

I see that you're trying to detect what the user is typing and setting deaths to keep track so this wouldn't work in multiplayer.

You're making an incorrect assertion that Set Deaths is a global action. Refer to the list of Global/Local actions in this post.

Local/Local is perfectly fine for multiplayer.

Learn how EUDs work: A Mapmaker's Guide for Creating EUDs
Don't like learning?: EUDGen 2
Other stuff: Farlap Bound Maker

Dash: 1 2 3 4 5 6 7 8 9 X
Jog: Original Warp
Other: Super Mario SC Fireball Guard Your Civilian Strength Contest

Apr 24 2012, 10:57 pm iCCup.xboi209 Post #122

So setting deaths is a local action?

None.

Apr 25 2012, 1:14 am

Roy Post #123

An artist's depiction of an Extended Unit Death

Quote from name:xboi209

So setting deaths is a local action?

Yes. Refer to the list of Global/Local actions in this post.

Apr 25 2012, 3:39 am

jjf28 Post #124

Cartography Artisan

Updated the map...

- Instead of using keypress detection for "[ENTER]" to check if the chat box is open, a specific EUD checks if the chat box is open.
0x0068C144 governs whether the chat box will open or close when the user next presses enter, can be used to check whether the chat box is open or closed.

- Map detects the following sequences:
"/", "d", "r", "o"
"/", "c", "r", "a"
"/", "l", "e", "f"
"/", "w", "i", "n"

- The map prevents false-positives with the aforementioned space/backspace system as a baseline example of how to prevent false-positives without affording hackers obvious methods of circumvention.

_____

For quick reference here's where you can find all the windows keypress EUDs: Detecting Keys Pressed (EUDs)

Attachments:

Anti-Drop Hack2.scm
Hits: 7 Size: 20.57kb

Post has been edited 1 time(s), last time on Apr 25 2012, 4:35 am by jjf28. Reason: fixed error in map

TheNitesWhoSay - Clan Aura - github

Reached the top of StarCraft theory crafting 2:12 AM CST, August 2nd, 2014.

Apr 25 2012, 3:48 am

Roy Post #125

An artist's depiction of an Extended Unit Death

Quote from

jjf28

- Instead of using keypress detection for "[ENTER]" to check if the chat box is open, a specific EUD checks if the chat box is open.
0x0068C144 governs whether the chat box will open or close when the user next presses enter, can be used to check whether the chat box is open or closed.

Oh good, I'm glad you started using that; I was disappointed to see detection for the enter key.

Quote from

jjf28

If you think it will be a serious issue than you can certainly add some kind of false positive protection; my previous way of doing so was to have the system track the number of spaces used, and the number of backspaces used... if the number of spaces exceeded the number of backspaces, the map would stop listening for key-presses (/, d, r, and o) until the number of spaces fell below 1+backspaces again, or until he pressed enter/esc to clear the current chat window.

Quote from

Azrael

I would certainly have the space/backspace check in the system.

Quote from verssuss

btw i started doing this map like 5 hours ago and i already added space and backspace trigger

it looks if u hit backspace it clear 1 switch coz i made it under switch not under death.

No... Don't implement detecting backspace... It's a bad idea...

Here's a system implementing backspace, if you're really so concerned about false-positives:

Code

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12764, Exactly, 16777216);
Deaths("Current Player", "Cantina", At least, 1);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12734, Exactly, 1);
Deaths("Current Player", "Cantina", Exactly, 0);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12734, Exactly, 1);
Deaths("Current Player", "Cantina", At least, 2);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12737, Exactly, 65536);
Deaths("Current Player", "Cantina", At most, 1);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12737, Exactly, 65536);
Deaths("Current Player", "Cantina", At least, 3);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12736, Exactly, 16777216);
Deaths("Current Player", "Cantina", At most, 2);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12736, Exactly, 16777216);
Deaths("Current Player", "Cantina", At least, 4);

Actions:
Set Deaths("Current Player", "Cave", Add, 1);
Preserve Trigger();
Comment("Debt");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, Exactly, 0);

Actions:
Set Deaths("Current Player", "Cantina", Set To, 0);
Set Deaths("Current Player", "Cave", Set To, 0);
Preserve Trigger();
Comment("Player isn't typing");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12764, Exactly, 16777216);
Deaths("Current Player", "Cantina", Exactly, 0);
Deaths("Current Player", "Cave", Exactly, 0);

Actions:
Set Deaths("Current Player", "Cantina", Add, 1);
Preserve Trigger();
Comment("First character pressed is '/'");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12734, Exactly, 1);
Deaths("Current Player", "Cantina", Exactly, 1);
Deaths("Current Player", "Cave", Exactly, 0);

Actions:
Set Deaths("Current Player", "Cantina", Add, 1);
Preserve Trigger();
Comment("Second character pressed is 'd'");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12737, Exactly, 65536);
Deaths("Current Player", "Cantina", Exactly, 2);
Deaths("Current Player", "Cave", Exactly, 0);

Actions:
Set Deaths("Current Player", "Cantina", Add, 1);
Preserve Trigger();
Comment("Third character is 'r'");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12736, Exactly, 16777216);
Deaths("Current Player", "Cantina", Exactly, 3);
Deaths("Current Player", "Cave", Exactly, 0);

Actions:
Set Deaths("Current Player", "Cantina", Add, 1);
Preserve Trigger();
Comment("Fourth character is 'o'");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12719, Exactly, 1);
Deaths("Current Player", "Cave", Exactly, 0);

Actions:
Set Deaths("Current Player", "Cantina", Subtract, 1);
Preserve Trigger();
Comment("Backspace");
}

//-----------------------------------------------------------------//

Trigger("Player 8"){
Conditions:
Memory(264056, At least, 1);
Memory(334764, Exactly, 0);
Memory(12719, Exactly, 1);
Deaths("Current Player", "Cave", At least, 1);

Actions:
Set Deaths("Current Player", "Cave", Subtract, 1);
Preserve Trigger();
Comment("Backspace");
}

//-----------------------------------------------------------------//

Followed by every key you can press, which would add 1 to the debt (Cave).

Basically, the system has a death counter for the current stage (Stage 1 = "/," Stage 2 = "/d," Stage 3 = "/dr," and Stage 4 = "/dro"). If you type something that isn't part of the sequence, you incur "debt" stored in another death counter. When you press backspace, it decrements your debt if you have any, and then decrements on the stage progress (since you'd be deleting characters from the detecting string at that point). Therefore, you can type "/sdkfasdfkalks" at first and then delete everything until the forward slash and the system would know that if you type a "D" next, you'll be progressing forward to type the "/dro" sequence. This removes any chance of false positives and prevents hackers from tricking the system, right?

It sounds like a nice system, but it doesn't work at all in implementation. The reason for this is because when a player presses a key, one of three things happen:

The key is released before being detected at all
The key is released after being detected once
The key is released after being detected multiple times

That is, if you press the "/" key, the EUD detection can actually miss it, or it can detect it twice or more. This greatly reduces the integrity of detecting a string of characters to the point of making a safe system pointless.

If you don't understand the technical jargon and/or want to see the implementation fail in action, I've attached a map with a wonderful debugging system built into it to illustrate why this is such a bad idea.

Attachments:

SafeKeyDetectSucks.scx
Hits: 4 Size: 47.34kb

Apr 25 2012, 4:00 am

jjf28 Post #126

Cartography Artisan

Quote

The key is released before being detected at all

Safety Perspective: The debt is not repaid and the non-hacker is still safe
Hacker Perspective: Exact same deal as jack-knifing your keys to avoid detection

Quote

The key is released after being detected once

Safety Perspective: System works as intended
Hacker Perspective: System works as intended

Quote

The key is released after being detected multiple times

Safety Perspective: No significant alteration (slight increase in chance of false positive, not significant)
Hacker Perspective: No significant alteration (with incredibly precise timing this affords the slimmest of chances to break the system)

______

Even without perfect string recording, I think we can get this to work without significant problems. Generally with tests I've seen this protection system to be very successful.

edit: performed some comparison tests, even in situations (mimic'd one to the other) where your map predicted a debt problem, my map still detected the sequences without issue.

Post has been edited 2 time(s), last time on Apr 25 2012, 4:15 am by jjf28.

TheNitesWhoSay - Clan Aura - github

Reached the top of StarCraft theory crafting 2:12 AM CST, August 2nd, 2014.

Apr 25 2012, 4:16 am

Roy Post #127

An artist's depiction of an Extended Unit Death

Quote from

jjf28

Quote

The key is released after being detected multiple times

I would argue differently on this one as far as backspace protection goes.

Safety Perspective: Dramatic decrease in false positive, assuming you aren't detecting something like "aabb"
Hacker Perspective: Significant decrease in being detected, as you'd be incurring imaginary debt

The map I provided illustrates it this way to me, at least. Your original system handled this case much better against the hacker at the expense of risking a false positive.

Quote from

jjf28

edit: performed some comparison tests, even in situations (mimic'd one to the other) where your map predicted a debt problem, my map still detected the sequences without issue.

Well, I'm sure they aren't identical implementations.

I got a false positive on yours by doing "./dro" (obviously). Or say I typed "Hackers type .drop to drop people" and realize I made a typo: I go back and delete up to the mistake, and then as I type "/dro" I get a false positive.
I worked around your detection by doing "/d/" or "/dr/" and then backspace followed by the rest of the string.

Post has been edited 3 time(s), last time on Apr 25 2012, 4:28 am by Roy.

Apr 25 2012, 4:52 am

jjf28 Post #128

Cartography Artisan

Quote

I worked around your detection by doing "/d/" or "/dr/" and then backspace followed by the rest of the string.

Was an implementation error, fixed and re-attached the map to the above post

Quote

Hacker Perspective: Significant decrease in being detected, as you'd be incurring imaginary debt

Whoops, I retract the point for limited cases: I was mainly considering holding space, then holding backspace; or pressing spaces, then pressing backspaces. The case where you hold space for a while then press backspaces avoided detection; my theory is that the spaces were detected by the map more times than they were printed, which could potentially be accounted for assuming blizzard programmed their own repeat key speed in, rather than using the users default (which is not unlikely).

^ Work for later

Quote

Or say I typed "Hackers type .drop to drop people" and realize I made a typo: I go back and delete up to the mistake, and then as I type "/dro" I get a false positive.

Yep, space/backspace is baseline (mentioned above), only provides limited protection (which if my theory from before is incorrect, would probably not be worth it)

edit:

Designed a simple way to prevent the protection from being abused...

Trigger

Players

Player 7

Conditions

Player 7 has suffered exactly 0 deaths of Stack Delay

[EUD] Space Key Detected

Actions

Set Deaths of Stack Delay to RKC

Add 1 to deaths of Debt

Preserve Trigger

RKC = ceiling [ RKS * 11.905 ]

RKC is the maximum repeat key delay expected in trigger cycles
RKS is the maximum repeat key delay expected in seconds

Trigger

Players

Player 7

Conditions

Player 7 has suffered at least 1 death of Repeat Key Delay

Actions

Subtract 1 from deaths of Repeat Key Delay

Preserve Trigger

Will test it when I get home

Post has been edited 1 time(s), last time on Apr 26 2012, 5:02 pm by jjf28.

TheNitesWhoSay - Clan Aura - github

Reached the top of StarCraft theory crafting 2:12 AM CST, August 2nd, 2014.

Apr 26 2012, 10:41 pm

jjf28 Post #129

Cartography Artisan

Ok, i've implemented the protection system with a RKS of 2 seconds (I didn't time more than 1.5 seconds with maximum repeat key delay time on various OS's/computers)

You can download the updated map here: Anti-Drop Hack

I don't think the false-positive protection system provides any easy methods of circumvention anymore, if you find an example where it does so, please let me know.

I wanted to elaborate on when this false-positive protection can fail:

Roughly put: the tracker only moves forward when the N_{umber of spaces} - N_{umber of backspaces} <= 0 and you type the next letter of a sequence that the map tracks.

N_{umber of spaces} cannot increase by more than 1 every 2 seconds, so N_{umber of spaces} is always an underestimate (for security purposes), which means you may move the tracker forward slightly more than expected.

You must use a "/" for the tracker to begin, if the "/" follows a space that is not followed by a backspace, the tracker will not start - that means that basically the only significant chance of false positives occurs while messaging (/w, /r, /f m) where you start with a "/"... and after that you must move the tracker through "dro", "cra", "lef", or "win" while spacebar protection is not in effect (really only possible with many typos).

Good Huntin'

Post has been edited 1 time(s), last time on Apr 26 2012, 10:50 pm by jjf28.

TheNitesWhoSay - Clan Aura - github

Reached the top of StarCraft theory crafting 2:12 AM CST, August 2nd, 2014.

Apr 27 2012, 1:30 am Mouse Post #130

I also have some ways to detect hacks. I have some EUDs that detect the text in the beginning of a game that says what version it is. I also have some EUDs that detect whether a maphack is being toggled. I even have some anti-zerg/protoss mineral hack triggers, but I am not sure if they still work anymore, as I do not have the hacks lol.. Also, a way to detect a map hack is you can use a Dragoon with a disabled doodad state under the fog of war, and whoever can see it automatically crashes because that unit is so amazing

None.

Apr 27 2012, 2:06 am

Roy Post #131

An artist's depiction of an Extended Unit Death

Quote from Mouse

Also, a way to detect a map hack is you can use a Dragoon with a disabled doodad state under the fog of war, and whoever can see it automatically crashes because that unit is so amazing

Most hacks protect against doodad state crashes nowadays.

Also, detecting text is probably the most well-known anti-hack method.

Apr 27 2012, 4:22 am iCCup.xboi209 Post #132

Quote from

Roy

Quote from Mouse

Also, a way to detect a map hack is you can use a Dragoon with a disabled doodad state under the fog of war, and whoever can see it automatically crashes because that unit is so amazing

Most hacks protect against doodad state crashes nowadays.

Also, detecting text is probably the most well-known anti-hack method.

I tested this before and it actually works with the latest version of Oblivion

None.

Apr 27 2012, 11:35 am Mouse Post #133

Yes it does, I even have a map that it works with (I didn't make it my friend did, but that's not the point). It forces you to look at the spot under the fog of war in the beginning of the game. It also has an anti-automine which is really easy to develop. You just have a bunch of floating command centers over it so no one can see what you are doing. But you have a mineral stack, 1 for each player stacked up with a command center normal space away from it. Then you have each person with an scv next to the minerals with a line of firebats blocking them from going to the command center. And if at ___ point in time they gain minerals, then they obviously have auto-mine on which is in most hack compilations like Oblivion and FreedomHack and such.

EDIT: Told ya xboi xD

EDIT2: I also have a disconnect banner thanks to Roy

so that people cannot rage-drop when they get a defeat like in Oblivion where you have the option to not leave. Also, I found another way to do a drop banner with detecting Player IDs instead of displaying the text that is detected and then drops them.

Attachments:

Cat N Mouse Wasteland v2.scx
Hits: 7 Size: 101.44kb

None.

Aug 17 2012, 10:26 am staxx Post #134

I've updated jjf28's Anti-Hack to include.

/ndrop #
/pdrop #
/cdrop #
/scrash #
/screw
/drop #
/crash #
/left #
/win

Green = new additions
Yellow = from old version (2.1)

Attachments:

Anti-Drop_Hack 2.2.scm
Hits: 9 Size: 39kb

Post has been edited 1 time(s), last time on Aug 17 2012, 2:48 pm by staxx.

None.

Nov 6 2012, 5:25 am Mouse Post #135

The only thing that was relevant that you updated was the /screw function because the jjf's anti-drop hack detected /drop it didn't detect any other letters before it such as n for /ndrop or p for /pdrop or w/e you were saying. So in a sense, this is more or less a useless update lol...

None.

May 11 2013, 7:40 pm

Leeroy_Jenkins Post #136

Quote from staxx

I've updated jjf28's Anti-Hack to include.

/ndrop #
/pdrop #
/cdrop #
/scrash #
/screw
/drop #
/crash #
/left #
/win

Green = new additions
Yellow = from old version (2.1)

Needs /zdrop

None.

May 11 2013, 8:41 pm

jjf28 Post #137

Cartography Artisan

it already detects /zdrop

recall that I detect if '/', 'd', 'r', and 'o' are typed in that specific order without spaces inbetween, such that when typing:

Code

/ICANNdrop

'/' would be detected, 'I', 'C', 'A', 'N', and 'N' would be ignored, and 'd', 'r', and 'o', would be detected and flag that drophacking is occuring

TheNitesWhoSay - Clan Aura - github

Reached the top of StarCraft theory crafting 2:12 AM CST, August 2nd, 2014.

Mar 18 2015, 4:12 am o0SkiPz0o Post #138

Quote from Tank_7

Quote from SkiPz

Just means the Sniper maps need to be updated. I did the EUD's for a little while, not sure how long they used my triggers for though. Simple update should work.

So here we are in August 2011 and still no way to drop Oblivion from our games. Male genitelia in the mouth.

Ok so I forgot my password to log into my SkiPz account on here and the email recovery was of no help, but I'm the same person. I would appreciate a PM updating me of any and all hacks that bypass the Sniper Bald Lock 1.09a map. I did all of the anti-hack triggers for it and would like to know what hacks have been updated to beat it.

Thanks!

Options

Pages: < 1 � 5 6 7

Back to forum
Please log in to reply to this topic or to report it.
Members in this topic: None.

Global Shoutbox

[11:50 pm]

O)FaRTy1billion[MM] -- nice, now i have more than enough

[11:49 pm]

O)FaRTy1billion[MM] -- if i don't gamble them away first

[11:49 pm]

O)FaRTy1billion[MM] -- o, due to a donation i now have enough minerals to send you minerals

[2024-4-17. : 3:26 am]

O)FaRTy1billion[MM] -- i have to ask for minerals first tho cuz i don't have enough to send

[2024-4-17. : 1:53 am]

Vrael -- bet u'll ask for my minerals first and then just send me some lousy vespene gas instead

[2024-4-17. : 1:52 am]

Vrael -- hah do you think I was born yesterday?

[2024-4-17. : 1:08 am]

O)FaRTy1billion[MM] -- i'll trade you mineral counts

[2024-4-16. : 5:05 pm]

Vrael -- Its simple, just send all minerals to Vrael until you have 0 minerals then your account is gone

[2024-4-16. : 4:31 pm]

Zoan -- where's the option to delete my account

[2024-4-16. : 4:30 pm]

Zoan -- goodbye forever

Please log in to shout.

Members Online:

lil-Inferno,

RIVE,

Zycorax