Is it possible to make a script unchangeable?

[brandos]

I would like to make a small script unchangeable after compiling the game. Hiding it would be also a good option.

Any ideas how to do this?

 

[Shaz]

By script, do you mean script? Or do you mean event?


Nothing is changeable after compiling the game, unless you or someone else uses the project to change it. Or unless somebody hacks it.

 

[Tsukihime]

Encrypting your data would make it harder to change.

 

[??????]

How would one gain access to your script after distribution?  It should be encrypted for release.

 

[brandos]

How would one gain access to your script after distribution?  It should be encrypted for release.

There are many decryption tools.

This is also the problem, if I could make one specific script unchangeable or invisible it would prevent the hackers to decrypt and delete it.

 

[Engr. Adiktuzmiko]

This is something I'm looking into, and so far I can't find a way to encrypt the whole Scripts file using another method while making it still usable by the game. AFAIK, we cannot really do it unless we could change the way that the game.exe (or maybe rgss dll) loads the script file.

You can do it for individual scripts to some extent, but the way to "decrypt" them will still be present in some form inside the Scripts file. 

 

[Tsukihime]

There are many decryption tools.


This is also the problem, if I could make one specific script unchangeable or invisible it would prevent the hackers to decrypt and delete it.

Common techniques used here include CRC's or any other form of error-detection to verify whether the data has been transmitted successfully (and whether it needs to be re-sent).


As a corollary, if the data has been intentionally tampered, then it will fail the validation check and your game will likely blow up in their face.


However, this only mitigates the problem, as a hacker could simply go and disable the error checking.


So a solution, if one chooses to go this route, would be to make it so that the error checking process is sufficiently difficult enough to alter.

 

[Engr. Adiktuzmiko]

or you could try the FEUX encryption services offered by Nathan... 

 

[??????]

There are many decryption tools.

This is also the problem, if I could make one specific script unchangeable or invisible it would prevent the hackers to decrypt and delete it.

it is possible to make certain scripts or methods extremely 'hidden'.. enough so that they are not even seen at all within the editor. But there is no way to make it actually 'safe'.  The FEUX system is probaby your best bet ^_^

 

[Zeriab]

Practically no, you cannot ensure that a script cannot be modified.

This kind of question sounds very much like how to protect a script taking care of communicating with some DRM tool.

You can do various kind of obscuration and obfuscation to make it harder to do. There are fun technical problems you can look into, and you can way too easily waste a bunch of time.

If FEUX is nice, simple and quick then that might be a good idea for you.

Know that the only way to truly prevent a script from being modified is not to create it in the first place. That, which does exists, cannot be modified.

*hugs*

 - Zeriab

 

[Engr. Adiktuzmiko]

Know that the only way to truly prevent a script from being modified is not to create it in the first place. That, which does exists, cannot be modified.

This is the fact. I've been seeing this question about protecting a file for maybe about a decade now and this is still the "best" answer.

 

[Khas]

Actually there is a way. You can create a dll to call ruby code from inside it - after it's compiled, your code is safe. 

There's an example on how to call ruby code from inside a dll (link removed - such technique is against RM's EULA).

Writing custom dlls may seem complex, but it's not that hard. Here's a tutorial on how to do that.

 

[whitesphere]

You can make it more DIFFICULT to modify the file by encrypting it using whatever method, but the fact is, when a hacker has access to the executable, they CAN eventually do whatever they want inside it, including modifying your script.

As long as someone has physical access to an executable, they can eventually modify it however they see fit. 

It's sort of like security in general.  Sure, you can have a top of the line car alarm put in, and that will deter the casual joyriders, but hardcore professional thieves just pull a tow truck up, dress themselves as AAA workers, and calmly put the car on their flatbed.  Then they take it back to their shop and disable the alarm there.

So, no, there is no way to make it impossible to modify an executable once someone has it.

 

[??????]

Actually there is a way. You can create a dll to call ruby code from inside it - after it's compiled, your code is safe. 


There's an example on how to call ruby code from inside a dll <link removed>.


Writing custom dlls may seem complex, but it's not that hard. Here's a tutorial on how to do that.

THIS IS A BREACH OF EULA - DO NOT PERFORM THIS TECHNIQUE

 

[Hudell]

THIS IS A BREACH OF EULA - DO NOT PERFORM THIS TECHNIQUE

I didn't know this. What part of the EULA is it breaching?

 

[??????]

Its because its calling functions that have not been documented by the programs distributors (ie, Degica), I was explicitly told that doing such things is not allowed. I made a custom game exe that employed similar techniques, the thread below;


http://forums.rpgmakerweb.com/index.php?/topic/33330-is-this-legal/


This is where I was informed of this.


So I mean yea, you can modify things doing that, but your game could also be sued by Degica themselves and you would pretty much (more likely than not) have to remove your game from wherever is is sold/hosted. :/


Edit:

Actually there is a way. You can create a dll to call ruby code from inside it - after it's compiled, your code is safe. 


There's an example on how to call ruby code from inside a dll <link removed>.


Writing custom dlls may seem complex, but it's not that hard. Here's a tutorial on how to do that.

Actually, just to touch on something else, its not 'safe' there either.  If someone can figure out how to use the calls within the RGSS301.dll, they can sure as hell find functions within your own dll ~ try and open it in notepad and go to the very bottom right...


Also - If you have your heart set on doing such things, you could alternatively write a .so extension....


https://dekitarpg.wordpress.com/2014/11/23/extending-rgss-ruby-with-c/

 

[Tsukihime]

Its because its calling functions that have not been documented by the programs distributors (ie, Degica), I was explicitly told that doing such things is not allowed. I made a custom game exe that employed similar techniques, the thread below;


http://forums.rpgmakerweb.com/index.php?/topic/33330-is-this-legal/


This is where I was informed of this.

No, your case is completely different from what khas is suggesting.


Win32API is not an "undocumented" function.

 

[Hudell]

I thought he meant that the game on rpg maker would call his dll, not that the dll would call code from the game or rpg maker or whatever?


Edit: Ninja'ed

 

[??????]

No, your case is completely different from what khas is suggesting.

Win32API is not an "undocumented" function.

I am not speaking about using Win32API. I am speaking about what he suggests "There's an example on how to call ruby code from inside a dll <link removed>." That kind of use of Win32API is against EULA. The thread I linked previously confirmed this.

Use of Win32API is fine, but not when your calling the undocumented functions within the RGSS301.dll, such as RGSSEval.

 

[Bex]

Would Obfuscation help in this Case of OPs first Question?