A Way to save Vars

projectigi · #1 02-17-2008, 10:49 PM

Hi,

so i had the idea of doing untouchable vars

double saved(in 2 subvars)
in a format like
this.34klj66$&!$j5lkj325j^!"5623#152#5jlkjkrqewklj rw.varname
and second
this.fjklsdfjlk24jkl152lk4j6jl1tö3jlk1l34jk16jkl4 35lkj324jlk152.varname
so noone can access it easily, since they wont be able to find out the varname with the getdynamicvarnames and getvarnames functions disabled

now, my problem is, i wanna keep these vars after logout of the player, but i dont wanna save em to a file, npc or client./clientr. strings because then they get easily modified :/

any idea how i could save em?

Chompy · #2 02-17-2008, 10:52 PM

err, save them as base64 encrypted? then decrypt them on login?

Crow · #3 02-17-2008, 10:54 PM

Or use Skyld's encrypting example.

projectigi · #4 02-17-2008, 10:54 PM

well that still leaves room for people to decrypt them themself

DustyPorViva · #5 02-17-2008, 11:03 PM

Quote:

Originally Posted by projectigi

well that still leaves room for people to decrypt them themself

Um... if people could decrypt easily(or even with effort) then there'd be no purpose to encryption.
You can't say I won't encrypt because someone can decrypt it :o

projectigi · #6 02-17-2008, 11:41 PM

Quote:

Originally Posted by DustyPorViva

Um... if people could decrypt easily(or even with effort) then there'd be no purpose to encryption.
You can't say I won't encrypt because someone can decrypt it :o

i said im looking for a better way, hm i came up with the idea of endless trigger loops, dunno if that would lag the serv much xD

Inverness · #7 02-18-2008, 12:00 AM

Uh, yes it would lag alot.

Stop being so paranoid about people who are trying to hack variables. There is no perfect way to make everything secure and you need to live with that. Saving to file on server is a good method. Another is the base64 encryption.

If you keep the system logged it should not be difficult to find out if anyone is causing a problem.

I'm really getting tired of people who make all these off-the-chart scripts to prevent hacking before their server is even far enough on the map for anyone to want to hack in the first place.

Spend less time worrying about hacking and more time developing.

projectigi · #8 02-18-2008, 12:14 AM

i'm not worrying, just came up with a idea when playing diablo2 xD

Horrified · #9 02-18-2008, 01:04 AM

Quote:

Originally Posted by Inverness

Uh, yes it would lag alot.

Stop being so paranoid about people who are trying to hack variables. There is no perfect way to make everything secure and you need to live with that. Saving to file on server is a good method. Another is the base64 encryption.

If you keep the system logged it should not be difficult to find out if anyone is causing a problem.

I'm really getting tired of people who make all these off-the-chart scripts to prevent hacking before their server is even far enough on the map for anyone to want to hack in the first place.

Spend less time worrying about hacking and more time developing.

+rep

Best said words...ever.

coreys · #10 02-18-2008, 01:39 AM

Quote:

Originally Posted by DustyPorViva

Um... if people could decrypt easily(or even with effort) then there'd be no purpose to encryption.
You can't say I won't encrypt because someone can decrypt it :o

The only thing you can't decrypt is Navajo ;o

DustyPorViva · #11 02-18-2008, 01:54 AM

Quote:

Originally Posted by coreys

The only thing you can't decrypt is Navajo ;o

I never said it can't be decrypted.

Skyld · #12 02-18-2008, 03:07 AM

Quote:

Originally Posted by Inverness

Another is the base64 encryption.

Base64 encoding.

There is no encryption taking place with base64 alone.

Inverness · #13 02-18-2008, 03:10 AM

Quote:

Originally Posted by Skyld

Base64 encoding.

There is no encryption taking place with base64 alone.

Well, I've never used it so I wouldn't know (the difference). The only time I've ever stored something offline I used an md5 hash.

Skyld · #14 02-18-2008, 03:20 AM

Quote:

Originally Posted by Inverness

Well, I've never used it so I wouldn't know. The only time I've ever stored something offline I used an md5 hash.

Basically all base64 encoding does is turn characters into a simple representable form. Encryption is scrambling the data so that only the person holding the encryption password/details can later decipher it, which is what my encryption example does; it takes the input key, scrambles the data using it, and returns the scrambled result. If you try to decrypt the scrambled data using any different key, it won't work and will just return garbage.

cbk1994 · #15 02-18-2008, 05:10 AM

Quote:

Originally Posted by Skyld

it won't work and will just return garbage.

I learned that well when I used your encryption in my gun system which I should release but haven't ...

Crow · #16 02-18-2008, 04:16 PM

Skyld's encrypting example + callstack + only you having access to whatever encrypts and decrypts something. Should do it, I guess.