|
| 31 Oct 2017 09:48 PM |
Keep in mind this is an idea I literally just thought of and I have never tried it. Also, this will probably be a fairly long thread so don't even bother tl;dr this.
Anyway so if you know anything about how people exploit on FE games you'd know it's generally by firing remotes which in some cases can be a problem because say you have a remote that awards cash when fired and it gets fired by an exploiter then they can get unlimited money. So I was thinking a bit about this and I think I might have come up with a way to avoid exploiters from firing remotes.
Again this is just an idea and I am not 100% sure if this would work because I haven't given it much thought. What if when a new server starts a random code would be generated and when a player joins that code would be sent to the local script via remote and then every time a remote is fired it will take the code as an argument and if the code isn't right then you'd kick the player or whatever you want to do. I might test this in a blank game today but if you have anything to add I would love to hear it :)
|
|
|
| Report Abuse |
|
|
mattscy
|
  |
| Joined: 06 May 2011 |
| Total Posts: 1079 |
|
|
| 31 Oct 2017 09:53 PM |
believe me ive thought of everything to do with this it wont work
hackers can see arguments passed through remove events and functions so they could easily get the code |
|
|
| Report Abuse |
|
|
|
| 31 Oct 2017 09:54 PM |
Oh rip, I forgot about that
|
|
|
| Report Abuse |
|
|
joe12006
|
  |
| Joined: 10 Sep 2017 |
| Total Posts: 447 |
|
|
| 31 Oct 2017 10:25 PM |
Right: Perform proper security checks
Wrong: wordspass / codes / hashes / etc
|
|
|
| Report Abuse |
|
|
soutenu
|
  |
| Joined: 09 Dec 2011 |
| Total Posts: 1021 |
|
|
| 31 Oct 2017 10:36 PM |
| @matt yeah but their exploits have limitations, if you fire it just as their client is loading they might not have their program ready to execute the script fast enough to catch the arguments for a key |
|
|
| Report Abuse |
|
|
mattscy
|
  |
| Joined: 06 May 2011 |
| Total Posts: 1079 |
|
|
| 31 Oct 2017 10:43 PM |
| no but from then on every time they use the ######## as one of their arguments in remote events/functions they can see what it is |
|
|
| Report Abuse |
|
|
chimmihc
|
  |
| Joined: 01 Sep 2014 |
| Total Posts: 17143 |
|
|
| 31 Oct 2017 11:06 PM |
No client-side verification will ever work.
Client-side = in their memory = they can access it.
If you store a code locally, they can access it. |
|
|
| Report Abuse |
|
|
Luckyxero
|
  |
| Joined: 26 Feb 2014 |
| Total Posts: 505 |
|
|
| 01 Nov 2017 02:32 AM |
| dont call exploiters "hackers" |
|
|
| Report Abuse |
|
|
JoshRBX
|
  |
| Joined: 19 May 2012 |
| Total Posts: 8778 |
|
| |
|
|
| 01 Nov 2017 03:26 AM |
| I don't program in FE but if changing game values is considered the problem then just make it so that the game checks for a event to fire off to the remote function. IE if a coin is not touched by this player, then the money that player earned out of nowhere isn't valid. |
|
|
| Report Abuse |
|
|
drager980
|
  |
| Joined: 25 May 2009 |
| Total Posts: 13385 |
|
|
| 01 Nov 2017 03:32 AM |
noone seems to want to do my idea of private/public keys with blockchains which reward crackers with 2 robux
|
|
|
| Report Abuse |
|
|