*.dso files convert to *.cs files
by Martin Edmaier · in Torque Game Engine · 02/05/2002 (7:39 am) · 16 replies
Can anybody convert dso files.
Thankx,
Martin
Thankx,
Martin
About the author
#2
02/05/2002 (8:40 am)
Converting .dso's to .cs files is not advisible.
#3
02/06/2002 (2:08 am)
Just out of curiosity, why isn't it advisable?
#4
02/06/2002 (2:42 am)
Out of curiosity, Why would you want too?
#5
If someone could decompile our dso files, they could get the source. Which means they could hack the scripts, host a game, give themselves whatever they want, then save their character. Then they could go cheat on any server they want.
I want to know how pissible it is to decompile the dso's.
I'm curious as to what "not advisable" means. Is it possible? A waste of time? Do you just not want people to try? Will your computer explode?
To answer your question, I don't want to, other people might want to though.
02/06/2002 (2:52 am)
In our RPG we're distributing the dso's only. I have a master server set up with a player database on it. It saves and loads peoples' characters.If someone could decompile our dso files, they could get the source. Which means they could hack the scripts, host a game, give themselves whatever they want, then save their character. Then they could go cheat on any server they want.
I want to know how pissible it is to decompile the dso's.
I'm curious as to what "not advisable" means. Is it possible? A waste of time? Do you just not want people to try? Will your computer explode?
To answer your question, I don't want to, other people might want to though.
#6
You might want to consider putting this security critical code in the C++ code itself instead of the script.
-Tim aka Spock
02/06/2002 (2:56 am)
Like I said I was just curious :)You might want to consider putting this security critical code in the C++ code itself instead of the script.
-Tim aka Spock
#7
The only way around it is to hardcode everything, and I think that would defeat the purpose of the scrips.
Dark
02/06/2002 (3:03 am)
Most of it is. The part that talks to the database is hardcoded. But the rest of the item code isn't. Since the scripts control all of the game aspects, all someone has to do is give themself an item of their choice. Then the game will connect to the server and save it like any other item.The only way around it is to hardcode everything, and I think that would defeat the purpose of the scrips.
Dark
#8
02/06/2002 (10:20 am)
Why not just store all non-player specifiable information server-side?
#9
The client doesn't control anything having to do with gameplay. The game server controls everything game-related, including the items. Whenever a client joins a server, the server connects to the player database and downloads that client's character. Then the client plays and the server connects to the player database to save the character periodically.
So, the server does control everything. Do you mean I should make the player database server control everything? That would be a little hard to do.
Dark
02/06/2002 (12:11 pm)
There's the client, the game server, and the player database server.The client doesn't control anything having to do with gameplay. The game server controls everything game-related, including the items. Whenever a client joins a server, the server connects to the player database and downloads that client's character. Then the client plays and the server connects to the player database to save the character periodically.
So, the server does control everything. Do you mean I should make the player database server control everything? That would be a little hard to do.
Dark
#10
02/07/2002 (10:09 am)
Since your storing all the player information on the server... why do you have the player tell the server what weapons they have? All the client should be able to do is connect to your server, provide an ID number (encrypted) to the server and the server then gives the list of items back to the client. The only way to add an item to the players inventory should be from the game server, ie: client 456 picked up item #4, add it to the database. Or do I have this all wrong?
#11
02/07/2002 (11:04 am)
The client doesn't control anything. The server does. Everything gets encrypted before it's sent. Each versions gets a new encryption string to make hacking it that much harder.
#12
My point is, if the server controls anything, hacking the scripts wouldn't make a difference, as they couldn't change anything on their end anyways.
02/08/2002 (8:41 am)
Then why are you worried about people hacking the scripts?My point is, if the server controls anything, hacking the scripts wouldn't make a difference, as they couldn't change anything on their end anyways.
#13
The server that hosts the game is just a regular torque server. Anyone will be able to host. The game server periodically queues all the players playing on that server, at that time, and uploads their info to the player database server. If someone hosting a game server had access to the scripts, they could give themselves whatever they want. When the server save gomes along it will save the players, along with the hacked item, not knowing the difference.
Then the game server can quit hosting, and join any other game server. When the new game server downloads that player's info from the player database, it will also download the hacked item, and that player can play with it.
The only way around it is to not let people host their own games. And that would make it a little hard to get people to play.
02/09/2002 (9:27 am)
There are two servers. The one that hosts the game, and the one that gets the players uploaded to it (the player database).The server that hosts the game is just a regular torque server. Anyone will be able to host. The game server periodically queues all the players playing on that server, at that time, and uploads their info to the player database server. If someone hosting a game server had access to the scripts, they could give themselves whatever they want. When the server save gomes along it will save the players, along with the hacked item, not knowing the difference.
Then the game server can quit hosting, and join any other game server. When the new game server downloads that player's info from the player database, it will also download the hacked item, and that player can play with it.
The only way around it is to not let people host their own games. And that would make it a little hard to get people to play.
#14
02/11/2002 (5:30 am)
Could you check in the C++ code of the game server that the script files are intact (CRC check or something like that) before allowing to make an update to the player database server?
#15
02/11/2002 (7:03 am)
Create some MD5 checksums for your .dso files and check them to make sure they are correct. :-)
#16
We hijacked this thread :)
02/11/2002 (2:25 pm)
That's kind of what I was going to do. If it becomes a problem I'll put something in the player database to check everything being saved. If it's invalid then it won't save it.We hijacked this thread :)
Torque Owner Karsten "Clocks" Viese
// Clocks out