MindArk: Bug Exploit

Discussion in 'MindArk' started by HoloSquad, Oct 6, 2012.

  1. Vulnerabilities in games pose particular opportunities for hackers and even other gamemakers, who may be interested in trying to steal a competitor's players, Ferrante said. Shutting down a competing game could be particularly lucrative for another gaming company.
    "This is something we have seen," Ferrante said. "We have a lot of companies that ask for these kinds of denial-of-service attacks to attack competitors. This is really a big concern for companies."
    The first problem the pair presented is a denial-of-service vulnerability in Call of Duty: Modern Warfare 3, made by Activision. Auriemma showed in a video how the server administrator received a warning when he remotely crashed the server running the game.
    Auriemma masked some details in his presentation so as to not give too much information away, but he and Ferrante are planning to release advisories on the two vulnerabilities next Tuesday, the launch day for "Black Ops II," the latest game in the Call of Duty series. Ferrante said they are willing to work with Activision but aren't going to volunteer the information, since their research is part of their business.
    The second problem relates to CryEngine 3, a graphics engine developed by Crytek for use in its own and other companies' games.
    Auriemma's demonstration showed an attack on CryEngine 3 within the game Nexuiz. The attack, at the server level, enabled him to create a remote shell on a game-player's computer.
    In the demonstration, Auriemma caused a graphic of cat riding a rocket to be displayed on the victim's computer.
    "Once you get access to the server, which is basically the interface with the company, you can get access to all of the information on the players through the server," Ferrante said.
    In general, game companies don't seem to be very focused on security but rather on performance of the game itself, Ferrante said. Adding security checks can slow down games, and if the companies don't deem the problem a very critical issue, it will usually be ignored.
    "These are games that have a very large market," Auriemma said.
     
  2. btw. is it fixed ?
     
  3. Wistrel

    Wistrel Kick Ass Elf

    well ma always take it very seriously.... plus they made a lot of changes to fir the square peg in their round hole so who knows if the exploit applies.
     
  4. Well the speedhack in CE only speeds up the application or software thats why mobs and water and trees move faster when enabled.
    No fix yet.
     
  5. Hillarious...back in the days MA offered up to 5000 PED if you reported such things. But I just got a "thank you, will be forwarded to the desired team" for reporting a working "run faster then everyone else while messing with the winsock.dll" back in 2008. (reported multiple times)

    That just showed again how support reads/handles urgent support cases.
     
  6. Wistrel

    Wistrel Kick Ass Elf

    So I take it this wasn't fixed yet...?

    Out of interest how do MA detect this "memory debugging" you talked of Hollosquad? I know there is something in the EULA about allowing MA to check your computer for the bad juju. Are they looking for particular processes running or is there something about this memory debugging that is identifyable?

    I was thinking, if they scan for processes then surely they could test for this Cheat Engine Program running and that would stop people using it to speed up cryengine?
     
  7. Wistrel

    Wistrel Kick Ass Elf

    Searched around a bit and I can see at least one person was clearly looking at Entropia Memory post vu 10 (cryengine) for "some reason". This guy appeared to have some interest in XYZ coords.

    http://www.cheatengine.org/forum/viewtopic.php?t=488537&sid=6eb9262b109b18a49359bfc87456e097

    I wonder what he was on about with "static" offsets.... I wouldn't have thought any memory address was always the same...?

    Ho Hum. Doesn't look like he got an answer anyhow
    Wistrel
     
  8. I don't know if its been fixed yet been a while since last time i looked at this , if any one was to test would not do it on main account and too much risk to even try.
    I do think it has been fixed though unless their is another way i don't know about or any has talked about or keeping it private, or maybe an update to cheat engine.
    once a cheat/hack is detected have to wait for a patch for the cheat from the maker from other games out their APB to name one.

    For detection its an anti cheat like: Punkbuster , Fair fight , Warden , Steam Valve anti cheat. I don't know what MA have maybe something custom made to detect stuff.
    MA don't snoop on computers its more like a process handler or something , Punkbuster kicks for unallowed driver or software.
    Maybe there was just a flaw with all this the way i suspect it , it could be wrong if MA systems detect a change then it flags and does a search then decides on action.

    I mean what if cheat engine memory editor was able to crash MA's servers it only takes 1 flaw or egg in the nest maze to cause something that goes against the rules
    how to force a computer to divide by 0.

    I think speed was static because all one had to do in cheat engine for speed hack is tick the small square box never had to search for address or anything only add
    the Game process , address and all other stuff is dynamic don't know much about it all though i say this through logic of the brain and mind.
    The cheat engine forum has a lot articles and knowledge on the subject.

    I do believe their is a small group or a few that does these things exploring within EU
    off topic any one watching Mr Robot?
     
  9. Wistrel

    Wistrel Kick Ass Elf

    I get that you are saying there is a tickbox so it is easier than most other hacks however surely that tickbox changes "something" in memory and therefore could MA detect it?
    i.e. although a speedhack is pre-programmed by CheatEngine developer that surely just means someone already did the hard work of working out what in memory to change...

    It isn't a magic button is what I am getting at. There are still changes going on under the hood, if MA can detect "anything" then surely they can detect speed hacks too?

    Wistrel
     
  10. It changes something under the hood yeah icing on the cake, don't know what it changes.
    Could MA detect it it depends on a lot of stuff when this info first came out it was undetected only say a few people was using it then leaked onto forums more people became aware of it then MA got to read info through support and forums and people complaining then i think they fixed it.
    MA can detect debugging with cheat engine if they fixed the speed tick box flaw then they can probably detect cheat engine altogether.
    MA can't really detect everything like a god some flaws have to exist man made after all. the question is not much of can they detect it
    its more of what do they do or use to detect it, best i can say is research anti cheat software.

    Don't think i can explain it better than my post above reply earlier and the anti cheat. A lot of stuff comes into the equation in this field its not magic after all
    Don't claim to be a L33t hacker or have tons of knowledge just find this an interesting subject i don't venture into this much anymore just don't think
    its worth the time.
     
    Last edited: Jul 28, 2015
  11. Wistrel

    Wistrel Kick Ass Elf

    It is certainly interesting, as you say, they have to do "something" to detect things like Cheat Engine (if indeed they do detect it). The obvious ones would be to scan the names of running processes or look for windows with names that they know are associated with cheat software... or even check to see what is installed on a computer maybe? While this is crude it is probably effective however there might be some reasons for a person to have that software installed that have nothing to do with Entropia. I don't think MA warn against any software though in the EULA... just that we consent to let them monitor us and that we cannot de-compile the game or intercept/analyse traffic to/from the servers.

    It sounds like you are proposing MA currently take a reactionary approach to defending against hacking... i.e. unless someone tells them some bad voodoo is going down, they are none the wiser and will likely not have anything in place to detect it.

    btw you don't have to talk about this if you are uncomfortable/out of your depth. I just thought it was an interesting topic but I don't want to cause any upset. There isn't a lot else going on here at the moment sadly...

    Cheers
    Wistrel
     
  12. NotAdmin

    NotAdmin Administrator

    I use CheatEngine regularly. In fact, more often than I play Entropia nowadays.
     
    • Winner Winner x 1
  13. I guess I'm saying they take reactionary and precaution into defending themselves against hacking and malicious activities.
    I also think with window names one could just rename the window to say chrome or hide malicious attacks in a way.

    I still hold my belief they don't spy on computers and monitor everything the way I see it they detect for hooks into the program
    modifications of program or see something fishy at play.
    Skilled and motivated hackers can hack anything one advantage would be to know what MA do or use to detect stuff.

    I'm ok talking on this kind of subject but at times it can get intense I don't want to go into the black hat scene, prefer grey or white.

    I found this from another site I have link if you want to read it all here is a quote from it. (Cryengine forum)
    This is what happened with EU some users using cheat engine fell through the ground, don't know if one anything more about that but ideas could lead to being invisible
    in pvp.
     
  14. Wistrel

    Wistrel Kick Ass Elf

    "they detect for hooks into the program modifications of program or see something fishy at play." How do they detect hooks? For example does Frapps "hook" the game? or those things like PEAss? etc.

    You don't need cheatengine to go through walls, into places you are not expected to go, or get under the terrain in Entropia. It can happen by accident or McCormmick easily enough ;) On Monria you just walk ;)

    Wistrel
     
  15. Wistrel

    Wistrel Kick Ass Elf

    Development tool or for mucking around with other games?
     
  16. I'm finding it hard to explain for detection topic, look into anti cheat software and a few google search's it will explain it
    a little bit better than I can, I have a website link with vast info on anti cheat http://www.unknowncheats.me/forum/anti-cheat-bypass/
    that forum link sub forum has topics/threads on anti cheat. A few hours study will tell you a lot. link is safe but do research first.

    I also have CE but rarely open it these days.

    When I messed with CE I did fall through the ground at old oil rig at ashi so it was like forced, long time ago.
     
  17. Wistrel

    Wistrel Kick Ass Elf

    ok I'll add it to the reading list thanks
     
  18. Will bookmark this thread for future reference I forgot I made it, if I find anything interesting or discover anything will update.
     
  19. As of a few days ago, it seems Xane is up to his usual tricks, so MA hasn't fixed anything there and hasn't banned him for whatever he is doing to fly faster in space than normal.
     
  20. try to send a support case to MA when you get solid evidence use recording software for proof, Also bring attention to it on forums might scare people away from doing it and put them on a watchlist by MA.
     
    Last edited: Aug 5, 2015
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.