Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Anti DC Hack solution

J

juajua123

Junior Spellweaver
10 Happy Years
Joined
Aug 3, 2010
Messages
189
Reaction score
20
Hi everyone, i guess some of you know about the DC Hack, its a hack that disconnects all the players around the character, sending some packets to the server. My question is, is there a way to prevent it?, i mean a way to ignore/block the packets sent by the "hacker". And i dont mean a clientside anticheat like anticheats who detect running procceses or injection into the main, i mean server-side protection. Has anybody done it already?.
 
The Best DDoS Protected Servers
1Word

1Word

Don't be a hater
Loyal Member
Joined
Jan 27, 2006
Messages
950
Reaction score
208
By encrypting packets this can be achieved.
 
[RCZ]ShadowKing

[RCZ]ShadowKing

Kingdom of Shadows
Loyal Member
Joined
Jul 13, 2007
Messages
923
Reaction score
320
limit animations per second in gameserver function CGActionRecv
 
J

juajua123

Junior Spellweaver
10 Happy Years
Joined
Aug 3, 2010
Messages
189
Reaction score
20
From Mirraseq source, here is what i've done, is .18 GS

Main.cpp

Code: 
FunctionHook((DWORD)&CGActionRecv,0x040641A); // CGActionRecv hook offset {JMP 0044A760}

Player.h

Code: 
struct PMSG_ACTION
{
	PBMSG_HEAD h;
	BYTE Dir;	// 3
	BYTE ActionNumber;	// 4
	BYTE iTargetIndexH;	// 5
	BYTE iTargetIndexL;	// 6
};

struct AddObj
{
	int AnimTick;
	int AnimCnt;
};

#define off_LogAddTD 0x0635992C
#define off_objtable 0x0660F078
#define off_CGActionRecv 0x0044A760

#define OBJ_MAX 4000
void CGActionRecv(PMSG_ACTION * lpMsg, int aIndex);

Player.cpp

Code: 
void CGActionRecv(PMSG_ACTION * lpMsg, int aIndex)
{
	DWORD dwObj = off_objtable;
        AddObj *AddTab;
	AddTab = (AddObj*)malloc(OBJ_MAX * sizeof(AddObj));
	if (aIndex > OBJ_MAX)
		return;
		
	>>>>if (AddTab[aIndex].AnimTick == 0)<<<< Unhandled exception error if i comment out "if (aIndex > OBJ_MAX)
		return;"
	{
		AddTab[aIndex].AnimTick = GetTickCount();
		AddTab[aIndex].AnimCnt = 0;
		CloseClient(aIndex);
	}
	else
	{
		int tick = GetTickCount();
		if (tick - AddTab[aIndex].AnimTick >= 1000)
		{
			AddTab[aIndex].AnimTick = tick;
			AddTab[aIndex].AnimCnt = 0;
			CloseClient(aIndex);
		}
		else
		{
			AddTab[aIndex].AnimCnt += 1;
			if (AddTab[aIndex].AnimCnt >= 10)
			{
				Log.Add("[ANTI-HACK][MoveProto][%s][%s] Too many actions (DC Hack).", (LPVOID)(dwObj + 0x68), (LPVOID)(dwObj + 0x73));
				AddTab[aIndex].AnimTick = 0;
				AddTab[aIndex].AnimCnt = 0;
				CloseClient(aIndex);
				return;
			}
		}
	}
	
	CGActionRecvFunc(lpMsg, aIndex); // pCGActionRecvFunc CGActionRecvFunc = (pCGActionRecvFunc) 0x044A760;
}







IT compiles just fine, thing is, when i get in the game the function is well hooked, but, if i comment out "if (aIndex > OBJ_MAX)" so that it goes to "(AddTab[aIndex].AnimTick == 0", GS crashes in the marked line, under "unhandled exception error". I think AddTab is not working properly, any ideas?
 
[RCZ]ShadowKing

[RCZ]ShadowKing

Kingdom of Shadows
Loyal Member
Joined
Jul 13, 2007
Messages
923
Reaction score
320
Its obvious why it crash, it reach invalid pointer because aIndex goes over the limit of AddTab. If you define AddTab like
Code: 
short AddTab[255];
you will not be able to access AddTab[256] because its not allocated in declaration. By the way I have no idea why would you delete the line you marked. And this line
Code: 
AddTab = (AddObj*)malloc(OBJ_MAX * sizeof(AddObj));
you need to free the memory used for allocating AddTab once you're done with it else there will be what's called memory leak. A global preallocated instance of AddTab would be better.

.h
Code: 
struct PMSG_ACTION
{
     PBMSG_HEAD h;
     BYTE Dir;    // 3
     BYTE ActionNumber;    // 4
     BYTE iTargetIndexH;    // 5
     BYTE iTargetIndexL;    // 6 
};  

struct AddObj 
{
     int AnimTick;
     int AnimCnt; 
};

#define off_LogAddTD 0x0635992C 
#define off_objtable 0x0660F078 
#define off_CGActionRecv 0x0044A760  
#define OBJ_MAX 4000


void CGActionRecv(PMSG_ACTION * lpMsg, int aIndex);
.cpp
Code: 
AddObj AddTab[OBJ_MAX];

void CGActionRecv(PMSG_ACTION * lpMsg, int aIndex) 
{
     DWORD dwObj = off_objtable;
     if (aIndex > OBJ_MAX)         return;
     if (AddTab[aIndex].AnimTick == 0)
     {
         AddTab[aIndex].AnimTick = GetTickCount();
         AddTab[aIndex].AnimCnt = 0;
         CloseClient(aIndex);
     }
     else
     {
         int tick = GetTickCount();
         if (tick - AddTab[aIndex].AnimTick >= 1000)
         {
             AddTab[aIndex].AnimTick = tick;
             AddTab[aIndex].AnimCnt = 0;
             CloseClient(aIndex);
         }
         else
         {
             AddTab[aIndex].AnimCnt += 1;
             if (AddTab[aIndex].AnimCnt >= 10)
             {
                 Log.Add("[ANTI-HACK][MoveProto][%s][%s] Too many actions (DC Hack).", (LPVOID)(dwObj + 0x68), (LPVOID)(dwObj + 0x73));
                 AddTab[aIndex].AnimTick = 0;
                 AddTab[aIndex].AnimCnt = 0;
                 CloseClient(aIndex);
                 return;
             }
         }
     }
          CGActionRecvFunc(lpMsg, aIndex); // pCGActionRecvFunc CGActionRecvFunc = (pCGActionRecvFunc) 0x044A760; 
}
Somewhere before starting using the AddTab clean it like
Code: 
memset(&AddTab, 0x00, sizeof(AddTab));
 
J

juajua123

Junior Spellweaver
10 Happy Years
Joined
Aug 3, 2010
Messages
189
Reaction score
20
Ok, i done it, but why is it always returning in this part of the code?

Code: 
if (aIndex > OBJ_MAX) 
		 Log.Add("[DBG] return > aIndex > OBJ_MAX");
			 >return;

Why is that happening, if im a valid player inside of the game?

Is this okay?, i mean the memset location.

Code: 
void CGActionRecv(PMSG_ACTION * lpMsg, int aIndex) 
{
     memset(&AddTab, 0x00, sizeof(AddTab)); 
     DWORD dwObj = off_objtable;
     if (aIndex > OBJ_MAX) 
	Log.Add("[DBG] return > aIndex > OBJ_MAX");
	return;
     ...........
}

If i comment the "return;" there it shows "unhandled exception error" under this line
" AddTab[aIndex].AnimCnt += 1;"

Thanks for answering this noob questions.
 
Last edited:
[RCZ]ShadowKing

[RCZ]ShadowKing

Kingdom of Shadows
Loyal Member
Joined
Jul 13, 2007
Messages
923
Reaction score
320
You need to set OBJ_MAX value for your gameserver, if you don't know to search it with olly then set OBJ_MAX to something like 10000 or bigger just to be sure.

Memset is not good located, put it before you do the hook like
memset(...);
Hook(...);
 
J

juajua123

Junior Spellweaver
10 Happy Years
Joined
Aug 3, 2010
Messages
189
Reaction score
20
I have OBJ_MAX already set to 7400 wich is MAX in GS .18, but its still returning in the "if (aIndex > OBJ_MAX) return;", if i comment out that line it works perfectly.
 
[RCZ]ShadowKing

[RCZ]ShadowKing

Kingdom of Shadows
Loyal Member
Joined
Jul 13, 2007
Messages
923
Reaction score
320
Make this
Code: 
Log.Add("[DBG] return > aIndex > OBJ_MAX");
to
Code: 
Log.Add("[DBG] return > aIndex > OBJ_MAX %d", aIndex);
And tell me what value return.
 
[RCZ]ShadowKing

[RCZ]ShadowKing

Kingdom of Shadows
Loyal Member
Joined
Jul 13, 2007
Messages
923
Reaction score
320
You're sure you defined like
Code: 
#define OBJ_MAX 7400
?
I see no other reason why it return at that line.
If you delete the line it may happen to crash if player index is bigger than AddTab size.
 
icektz

icektz

Newbie Spellweaver
Joined
Oct 14, 2007
Messages
64
Reaction score
8
some simple ah who dont give warnings from Antivirus...
 
J

juajua123

Junior Spellweaver
10 Happy Years
Joined
Aug 3, 2010
Messages
189
Reaction score
20
This works, the hacker gets disconnected, but its still disconnecting people around, i checked and if i change from

Code: 
 if (AddTab[aIndex].AnimCnt >= 10)

to

Code: 
 if (AddTab[aIndex].AnimCnt >= 6)

It disconnects the hacker, but not the people around, as it should be, is it a risk to limit it to 6 instead of 10?, maybe some bug because of the limit may occur?. Thanks.

icektz said:
some simple ah who dont give warnings from Antivirus...
Click to expand...

You can use a client-side anticheat for some extra security, but they can bypass it, most of client-side anticheats arent effective, if you bypass them, you are done, what is needed is server-side anticheat, at least thats my opinion.
 
GM-Andromeda

GM-Andromeda

Junior Spellweaver
Joined
Jun 25, 2006
Messages
191
Reaction score
226
yea, server side AC, but u need to know how cheaters can compromise the server before doing anything.

that´s the problem there. =/
 
K

kameibr

Newbie Spellweaver
Joined
Nov 18, 2004
Messages
18
Reaction score
0
Can You put the code that you have sucess?
I try but I dont have sucess.
I give this errors:


1>.\Player.cpp(13) : error C3861: 'CloseClient': identifier not found
1>.\Player.cpp(22) : error C3861: 'CloseClient': identifier not found
1>.\Player.cpp(29) : error C2065: 'Log' : undeclared identifier
1>.\Player.cpp(29) : error C2228: left of '.Add' must have class/struct/union
1> type is ''unknown-type''
1>.\Player.cpp(32) : error C3861: 'CloseClient': identifier not found
1>.\Player.cpp(37) : error C3861: 'CGActionRecvFunc': identifier not found


Some help?
 
UnCleanOne

UnCleanOne

Elite Diviner
Joined
May 5, 2012
Messages
436
Reaction score
32
how can i protect my server from hacker?
like DC hacker or all can do of a hacker?
i didnt know what im going to do
there`s have a hacker who attack my server now

please help
 
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
175
Guests online
2,690
Total visitors
2,865
Totals may include hidden visitors.

Forum statistics

Threads
428,889
Messages
4,589,222
Members
279,618
Latest member
BennyBerminim
Most visitors online was 8830 , on 6 Feb 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top