Mikuni, on 13 March 2012 - 05:40 AM, said:
Why this idea wont work:
Following the success of my popular meter application
Through a separate application it would be possible to catch a whole bigger range of hackers with near 100% accuracy, including glidehack, teleports, no-animation, speed increase, auto-pot and others. Now the issue with this, is that it would rely on directly reading into the client process memory/network data, the same way radar hack and other applications in every mmo out there work.
Given enough interest in this, and keeping in mind you'd be directly breaking the EULA (while still not letting you cheat in any form, no radar map or anything of the sorts), I might start working on something. Would you be willing to use it? Please vote
~ I would develop it with a private Aion server, then pick the memory offsets every patch from dissasembling other hack applications like AionScript.
Lets assume Player(A) does 4 skills on Player.B,
Player(B) suddenly has a lag spike of 2 seconds,
4 of Player(A) skills have successfully landed on Player.B at the server already,
Player(B) is waiting to receive this data at his client,
Player(B) lag spikes finishes and they receive all 4 hits at the same time due to the lag spike,
hack detection detected = false positive.
In some scenarios, glide hack detection is possible, but not in all scenarios.
For example, using distance = speed * time calc and assuming the player has glided up from his original location its possible, but gliding down:
Player(A) is idling,
Player(B) current location is seen by Player(A),
Player(B) has 2sec lag spike as he is gliding down,
Player(B) is still gliding down and changes direction though no update has been made at the server,
Player(B) lag spike finishes and update is made at the server and extreme distance change is seen on Player(A) client in a small amount of time.
glide hack is detected = false positive.
Now the theories i've mentioned are assuming lag spikes, but this is also the case between someone who has a 200ms ping and someone who has a 800ms ping.
Player(A) ping 800ms, location is sent to server,
server receives packet in 800ms,
server send data to player(B),
Player(B) receives packet in 1000ms and Player(A) location is updated 1second later than Player(B) client.
Teleport hack? = false positive.
Same for 50ms and 100ms, will your application know the ping of the client(A)? possible, will your application know the ping of potential hacker client? impossible.
Imagine that Player(A) is a good PVPer, and he starts raping Player(B),
Player(B) just had somebody start downloading on the same network as he is and he doesn't actually notice that his ping was spiking and by the time he's dead and checks his ping, the other person on his network has finished downloading. So Player(B) ping is back to normal.
Your app detects attack speed hacks were used = false positive.
(which by the way, on official servers, the servers only allow a +- amount of attack speed due to latency and each skill has a timer which is calculated on the server not the client. An actual attack speed hack is actually almost
useless on official servers
due to this restriction)
So, with your detection methods, there would still be people screaming hacks at people who are not using hacks and there would be more false positives detected than actual hacks detected (guaranteed).
This post is directed at Mikuni, as I guess that he will understand all of what i've said. So i don't expect to see any reply's saying that i'm talking crap and you've seen the hacks of attack speed etc, unless you understand how client > server topologies actually work.
Oh and lets not forget that you are still asking all users of it to break the terms and use of the client..
I'm not saying that the idea is bad (catching hackers), It's just your idea wont work and there WILL
be more false positives than actual hackers and btw, I like your damage meter.
This post has been edited by dazrulez: 13 March 2012 - 09:37 PM