Online multiplayer in RMVXAce, is it possible?

Status
Not open for further replies.

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,548
Reaction score
3,305
First Language
Binary
Primarily Uses
RMMZ
Well, PiNG was just a small test I threw together in a few days after I obtained my server. For such a small project I didnt deem it necessary to go overboard with hiding the data.

Since then I have done a LOT of different things to enhance security - such as hiding that secure data within the dll itself. But the thing is, when ANY server-client code is left within the script editor, its only a matter of time before someone figures a way to abuse it somehow. :/
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,564
Reaction score
3,880
First Language
English
Ok so the messages are now being handled by a dll.


Are there any other security issues that you can think of?

But the thing is, when ANY server-client code is left within the script editor, its only a matter of time before someone figures a way to abuse it somehow. :/
Can you elaborate what you mean?


Why are you leaving server code in the client?
 
Last edited by a moderator:

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,548
Reaction score
3,305
First Language
Binary
Primarily Uses
RMMZ
ahh yea, I could have worded that better..

Lets say you have this method.

def method_to_process_POST(x,y,z,a)  @post_api ||= Win32API.new('dllname','funcname','#{x}','#{x}')  @post_api.call(y,z,a)end
At some point within your ruby code your gonna have to call that to process your post. this is the kind of thing that is left exposed and could be abused.
Obviously, for things like this the way you write the code itself has a huge impact on how secure it is as well.
 
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,564
Reaction score
3,880
First Language
English
Anyone can attach a debugger to your game while they're playing it and they'll see all of the method calls anyways. Want to introduce a custom exe that comes with anti-debugging functionality? Those will likely be subverted anyways.


Someone that has the ability to look at your code and figure out that you're using a particular DLL, a specific method, what you're passing to it, and can then reverse it and write their own calls is going to destroy your security regardless.


If you're worried about people tampering with your requests, have your server send a nonce to your client.


Have your client do something with that (preferably somewhere that is fast and not obvious) and send it back. This means that someone needs to actually go into your DLL and figure out how to build those messages.


I do not see this as a point on why RM is too insecure for netplay. It's just the potential that someone who knows anything about reverse engineering will have a somewhat easier time.


Your average player will not be able to crack it, regardless whether they know that you're making a DLL call or not.


Now the real problem in any game is someone that CAN hack it, to produce a tool that regular people can use, and distribute that. This has been going on since forever, and is not something I would even bother trying to defeat.
 
Last edited by a moderator:

Imploded Tomato

Veteran
Veteran
Joined
Sep 16, 2012
Messages
161
Reaction score
56
First Language
English
Primarily Uses
Honestly, I'm not that concerned about security issues. I'd be happy with just one online feature like Player versus Player. Then again if you wanted to, couldn't you have character stats stored on a server? Say your game has a limit to how high a character can reach his stats during single player play through and if someone wanted to hack the stats by abusing the net code, couldn't you just program a global event that would force the stats to stay as a constant once you've hit your assigned maximum stat limit? 

So say you wanted to take on the task yourself, what tools would you need to program a multiplayer feature in your game project such as PVP or COOP? I'm assuming RGSS3 and Ruby could handle the task alone?
 

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,548
Reaction score
3,305
First Language
Binary
Primarily Uses
RMMZ
Oh for sure, there will always be people who can break into things, nothing is ever gonna change that. Best one can do is make things at least a llittle time consuming for them in the hope it will act as a deterrent - ie, not worth the time..

@Encrypted Knight - yes, having limitations like that on your server would help for certain things such as using cheat engine to make your hp 50million. :p

Personally, I use Ruby, C++, PHP (for processing server requests - server side) and also MySql (for databases - server side).
 

Engr. Adiktuzmiko

Chemical Engineer, Game Developer, Using BlinkBoy'
Veteran
Joined
May 15, 2012
Messages
14,682
Reaction score
3,006
First Language
Tagalog
Primarily Uses
RMVXA
What aspects of an RM game would take away from the online experience when you're using "other engines"?
I'm talking about technical things there, like the speed of processing of RM, especially for graphical things. Going on with my comparison, on my computer for example, a few simple concurrent animations or other graphical updates (char sprites, etc) is enough to reduce FPS of the game. Now couple that with the possible amount of data to be synchronized and additional graphic updates that comes if you turn it into an MMO, that would present a possibly huge amount of FPS drop.


The only other engine that I've managed to use (I've tried some others but the dev kits are too power consuming) would be wc3's engine which was made like what, more than a decade ago? With it I could run several "animations" in the map without any FPS drop, along with high res textures and high poly 3D models. Though I've also tried some samples made on UDK and even with the graphics quality of the 3D models used there, it also runs fine.
 

Shaz

Global Moderators
Global Mod
Joined
Mar 2, 2012
Messages
43,409
Reaction score
15,212
First Language
English
Primarily Uses
RMMV
Moving to General Discussion, because it requires a huge amount of scripting, and you're not going to get anyone to do it for you as a script request (if you searched, you would have seen this requested over and over and never done). All that's going to happen here is a discussion of can it be done, and some techniques that might help, but probably nothing more.
 
Last edited by a moderator:

Protagonist7

Veteran
Veteran
Joined
Sep 14, 2015
Messages
85
Reaction score
9
First Language
English
Primarily Uses
Hm, I wouldn't want to make an MMO, but something that might be interesting to do with multiplayer would be something like Pokemon. You 'link up' to someone else's game and can trade items and battle. Would that be possible?
 

Shaz

Global Moderators
Global Mod
Joined
Mar 2, 2012
Messages
43,409
Reaction score
15,212
First Language
English
Primarily Uses
RMMV
What is it with the necroposting?


Protagonist7, please refrain from necro-posting in a thread. Necro-posting is posting in a thread that has not had posting activity in over 30 days. You can review our forum rules here. Thank you.


Closing this.
 
Status
Not open for further replies.

Latest Threads

Latest Profile Posts

Lately I have been taking a break from game and resource making so I won't get burnt out. But I am also interested in the Game Jams this site periodically holds. It'd be great if I knew when the next one, if any, is planned.
elexy 1.2.pngSome bust art to be cropped and cleaned. May use in special decision moments. Depending on how it looks in game I may cut it.
Tiamat-86 wrote on ATT_Turan's profile.
apparently since its turning 15 years old this year the ps3 is considered "retro". now how old do you feel?
guess that means im an "antique" gamer since ill still play games as old as i am.
"you know your getting old when your childhood console changes ethnicity" lol it turned yellow
I'm making Toilet in Wonderland 2. and tell vinny about it lol

Forum statistics

Threads
115,346
Messages
1,089,176
Members
150,021
Latest member
Jackitrick
Top