How to get rid of Scripts? (working harcoded)
by Jorge Luis Gandulfo · in Torque Game Engine · 09/30/2003 (11:49 pm) · 12 replies
Anyone could do this?
I mean i dont wan't my project to have all thouse scripts hanging arround, and i want to build an application fully compiled in C++.
Im using Visual Studio 6.
Im really new at this engine, started today, but want to start to work with it as fast as i can..
I mean i dont wan't my project to have all thouse scripts hanging arround, and i want to build an application fully compiled in C++.
Im using Visual Studio 6.
Im really new at this engine, started today, but want to start to work with it as fast as i can..
#2
Maybe there is a way to encrypt them and still make them usable by the engine.
mmm.. What about hosting em on a server? im just giving a tough..
Im working on a MMORPG, and security of data, against hackers or cheaters is very important.
10/01/2003 (12:14 am)
Well you are right about all, but isn't it a bit unsafe to have all thouse files arround for everybody to see?Maybe there is a way to encrypt them and still make them usable by the engine.
mmm.. What about hosting em on a server? im just giving a tough..
Im working on a MMORPG, and security of data, against hackers or cheaters is very important.
#3
10/01/2003 (2:09 am)
When a script is used by the engine, it makes a copy, and calls it filename.cs.dso, ect, and loads from those instead. When your game, or app is ready for distribution, the .cs files can be deleletd, and the engine will still run, from the .dso. These files are somewhat harder to edit, seing that they are mixed around abit, spaning over a couple of lines, with extra characters.
#4
What about hackers messing arround with some files to get info from the server.
Im a bit paranoid about this things.
And im sure there must be a real solution to this problem.
I will take a look arround at the code from wich the application reads a script.
10/01/2003 (2:14 am)
David im talking about real security, cheaters can do what they wish with that scripts.What about hackers messing arround with some files to get info from the server.
Im a bit paranoid about this things.
And im sure there must be a real solution to this problem.
I will take a look arround at the code from wich the application reads a script.
#5
10/01/2003 (2:21 am)
Yes, better file packaging would be good, something like a .pak file would be good for torque, something unique
#6
10/01/2003 (2:29 am)
But hey, all in all, no game is safe, every game can be hacked and edited, despite the use of secuirty, there are work arounds, developers take the risk of data being edited
#7
Mm. maybe using most of the logic in server side could work, i will have to figure out how to do that couse im pretty noob with this cs scripting.
Anyone have done something like this?
10/01/2003 (11:56 am)
Yep i know, but still you have to get a minimum protection to your project.Mm. maybe using most of the logic in server side could work, i will have to figure out how to do that couse im pretty noob with this cs scripting.
Anyone have done something like this?
#8
Fortunately the Torque network stream is pretty impossible to break into. Scripts basically fall into the client side category or server side category. Client side scripts can only get at the information you let them get at through code, so don't let them get at things that matter. If you are extra paranoid, only ship the byte code .DSO files, for added security (ie more paranoia) add a simple encryption scheme to the .DSO read/write routines. I highly recommend staying with the scripts.... you'll thank us later. ;)
--Rick
10/01/2003 (1:39 pm)
There is nothing inherently insecure about using scripts. If someone wants to hack your game they can just as easily wedge something in your tcp/ip stream, see counter strike for details (heh heh). Fortunately the Torque network stream is pretty impossible to break into. Scripts basically fall into the client side category or server side category. Client side scripts can only get at the information you let them get at through code, so don't let them get at things that matter. If you are extra paranoid, only ship the byte code .DSO files, for added security (ie more paranoia) add a simple encryption scheme to the .DSO read/write routines. I highly recommend staying with the scripts.... you'll thank us later. ;)
--Rick
#9
10/01/2003 (2:04 pm)
Jorge - everything is verified against the server, anyway. The only way someone can cheat is to modify the server to let them do it... and no system is immune to that attack.
#10
How is that all is verified with the server?
10/01/2003 (4:04 pm)
Well thanks for the info, i will stay with scripts then, but will try to use some encryption rutine.How is that all is verified with the server?
#12
Most asset files (models, textures) are verified by a checksum against the server's data so that people can't trivially modify their files.
The worst thing that the player can do if you have followed proper client/server design principles is a wallhack/aimbot style hack. Torque's networking code is efficient enough, however, that people usually don't even receive data for parts of the world they can't see, so things like that are of limited effectiveness. If you're really worried, you can license punkbuster style technology and make even that unworkable except for the most dedicated cheaters.
I suggest that you sit down with the Torque source and spend a week or two tracing through how all the multiplayer code works. Start in dnet.cc and work through NetConnection and GameConnection. Learn about NetObject. Read the tribes networking paper (in the resources). That will answer your questions better than a hundred forum posts.
10/01/2003 (4:52 pm)
The server runs the game simulation. The client sends the moves which the player has inputted to the server, and the server updates the player's position/state based on that. Ergo, the player cannot teleport around the world or falsify his health levels or so forth. The player can hack his client so that it appears that he has more life - but that's only visible to him, and the server will still make him act like he's dead when he has died.Most asset files (models, textures) are verified by a checksum against the server's data so that people can't trivially modify their files.
The worst thing that the player can do if you have followed proper client/server design principles is a wallhack/aimbot style hack. Torque's networking code is efficient enough, however, that people usually don't even receive data for parts of the world they can't see, so things like that are of limited effectiveness. If you're really worried, you can license punkbuster style technology and make even that unworkable except for the most dedicated cheaters.
I suggest that you sit down with the Torque source and spend a week or two tracing through how all the multiplayer code works. Start in dnet.cc and work through NetConnection and GameConnection. Learn about NetObject. Read the tribes networking paper (in the resources). That will answer your questions better than a hundred forum posts.
Torque Owner Dylan Sale
The engine is designed so that you make a C++ class. This is then created and used through the scripts. IE C++ code is there to make the bits that are used for the game (players or vehicles for example). The game itself is made through scripts (game logic and such).
Changing this would require a lot of changes to the engine. And you'd end up with something less powerful than what you started with.
If you want to work with it as fast as you can, I suggest you learn the scripting language.
Once you have made the scripts, (try TribalIDE for that), you can pack them inside a .zip file, which the enigine can access (I think, never actually tried this).