Reputation: 78914
How to cheat and avoid cheating in Flash games?
I'm writing a small online flash game that keeps high scores of players. Obviously I'd like to keep the players from cheating and getting an arbitrarily high score.
What are the most common methods for cheating in flash games and what can I do to make it hard to use them?
Upvotes: 3
Views: 12221
Answers (7)
Reputation: 8845
If you want the game to only run on your server, you can also detect where the signal is sent from in your recieving trick, and ignore anything not coming from your domain. It will be a real pain to tamper with your codes, if you have to run from your dedicated domain to submit scores.
This also blocks out most of CheatEngine's tricks.
Upvotes: 1
Reputation: 1
I've been using GameInt API at http://www.gameknob.com with very good results since int are encrypted. It's really hard to hack down these values since this api uses a random key to make the xor encryption.
Hope this helps!
Upvotes: 0
Reputation: 1763
Depending on the style of game, it might be possible to verify high scores serverside by a type of "replay" technique.
That is, rather than sending the high score to the server, send the record of the user's actions to the server.
This is not really suited for use in an action game, though for other types (such as Fantastic Contraption, or even Desktop TD) it is viable. Though maybe you would only enable it for special events (tourneys) or something like that, because for a popular game this would be fairly taxing.
Upvotes: 1
Reputation: 9442
Sites like http://nonoba.com, and http://www.mochiads.com have highscores APIs with some in-built protection, so that might be an option if it's just a personal project.
Upvotes: 2
Reputation: 27265
- Use a proxy such as Burp / Fiddler or Tamper Data Firefox Extension for easiest cheat.
- Read http://www.playnoevil.com/serendipity/ blog, that guy also released a book about cheating and protecting online games (especially flash)
- There are 3rd party solutions (mostly obfuscation - but really complicated)
- Obviously an attacker can use a decompiler and read the flash code, therefore don't assume that they don't know your code (Do not forget to obfuscate your code)
Upvotes: 2
Reputation: 18792
The most common way to cheat is to use Cheat Engine.
See it in action on YouTube, along with 100s of tutorials on cheating in the most popular games.
Keeping people from cheating is going to be nearly impossible. But there are several methods for securing the high scores table, which could be applicable to cheating in general.
Upvotes: 3
Reputation: 223003
To protect the high score as it's being sent to your server, either digitally sign it with a key embedded in your app, or else send an HMAC of the data (again, key embedded in app).
This suggestion assumes that people do not reverse-engineer your flash game. Not that this is hard, but in most cases, there are much easier ways to attack flash games, so this will raise the bar a little higher.
Upvotes: 1
Related Questions
- How can you implement an anti-cheat in a JS game?
- How to secure Flash Games from Cheat Engine?
- Flash game hacking
- Flash games hack, score is 49700?? How to improve flash games security?
- How to prevent cheating on a flash game by slowing down cpu?
- How to hack flash game timers?
- How can i prevent Cheat engine for my single player flash games?
- Secure your flash/actionscript game?
- Authoritative Flash multiplayer game server: twice the work?
- Abuse of Adobe Flash