Online Game Security
- Quake III and its Hacks -
(related paper: A Systematic Classification of
Cheating in Online Games, Jeff Yanand and
Brian Randell. Submitted 2004)
Speaker: S. F. Yeung
Flow of this Presentation
• What is Game Hacks?
• How do Hacks Work?
• What can Hacks Do?
• How to Fight Against Them?
• How Hackers Fight back ?
• So, What’s Now?
• Possible Solutions
What is Game Hacks (or cheats)?
• A program that alters a game’s
performance
• Enhancing the abilities of the hacker (or
cheater)
• Giving an unfair edge over the other
players
What Hacks can/cannot Do ?
• Hacks can
– Reveal hidden information on the client side
– Assist your mouse/keyboard control
– Enhance your visibility or remove unwanted
visual effect
• Hack cannot
– Reveal information not exist in client side
– Alter the rules and logics of the game
– Alter the performance of other players
How do Hacks Work?
– Hard Coded
• Modify the game code
– External
• Retrieve information from the game indirectly and
alter the control of the game indirectly
– Driver Hack
• Modify the video driver to gain special visual effect
– Client Hook
• Inject code into the game’s memory in runtime
How do Hacks Work?
• Hard Coded
– Modify the game code directly and
permanently
– Easily to be blocked
Game Server
DATA
Game Program
Hack
How do Hacks Work?
• External
– Reside outside the game program
– Limited functionality
Game Server
DATA
Game Program
Color Model
Windows
Graphic
Display
Interface
Windows Mouse Control
Hack
How do Hacks Work?
• Driver Hack
– Modify the OpenGL driver so that objects
(including walls) become semi-transparent
– Difficult and dangerous to install
Game Server
DATA
Game Program
Hacked
Video
Driver
Display
How do Hacks Work?
• Client Hook
• The most advanced and popular today
• Inject code into the game’s memory in runtime
• Alter and control the game directly in runtime
Client
Game Server
DATA
Game
Running
Hook
What can Hacks Do ?
• Wall Hack
– See other players through walls
• Aimbot (aiming robot)
– Lock your crosshair on other players automatically
• Firebot (fire robot)
– Fire your weapon automatically once your crosshair
hover over another player
• ESP (extrasensory perception)
– Reveal and display hidden information
What can Hacks Do ?
• Wall Hack
– Driver Hack
• Make everything semi-transparent, you can see
others through walls, but everything become semitransparent may not be good somehow
– Client Hook
• Only show certain objects through walls, very
effective
Full transparency
Partial transparency
What can Hacks Do ?
• Aimbot and Firebot
– External
• Colored object model
• Scan the screen to locate target
• Interfere your control via Windows message
• Not very intelligent and inaccurate
– Client hook
• Access the game engine in memory, obtain target
position and take over your control directly
• Perfect accuracy if low network latency
Colored object model
What can Hacks Do ?
• ESP
– Client Hook
• Radar ESP and Map ESP
– Shows the location of enemies
• Text ESP
– Shows other players’ name, weapon, armor and other
variables
ESP showing Enemies’ name, weapon and their locations
How to Fight Against Hacks?
• Pure Server Environment
– Server will check against all game files,
players joining the server must have the same
config file, object models, sound files, etc.
– Effective against hard-coded hacks and
external hacks
How to Fight Against Hacks?
• 3rd Party Anti-cheating Software
– For example:
• PunkBustered (Quake III, RTCW)
• UT Pure (Unreal Tournament)
• VAC (Counter Strike)
– Players must install the anti-cheating software
in order to join a anti-cheating enabled server
– Acts like a virus scanner
– Auto updates with the new hack patterns
– Capture and send screenshots regularly
– Banns your serial number if any hack found
How Hackers Fight back?
• Anti-cheating Software Proof Hacks
– Cracks the anti-cheating software binary
– Alters the behavior of the anti-cheating
software
– Automatically disable the hacks each time the
anti-cheating software takes a screen shot
So, What’s Now?
• An update competition
– Most hacks will be banned several days after
public release
– Major hacks will have new version few weeks
after the previous one get banned
Possible Solutions
• Use secure network protocol
– Add checksum between every packets, makes
insertion or modification of packets difficult
• Encrypt all important variables
– Encrypt variables so that cheats cannot reveal
information from the memory
• Push all computation to the server side
– The client side only responsible for user input
and display rendering thus the cheats have no
way to alter the state or outcome of the game
THE END