Thread: Addressing Security inside NPC?
View Single Post
  #1  
Old 09-01-2017, 09:34 PM
maximus_asinus maximus_asinus is offline
RIP DarkCloud_PK
Join Date: Oct 2001
Location: Canada
Posts: 3,745
maximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond reputemaximus_asinus has a reputation beyond repute
Addressing Security inside NPC?
How secure are attr[] values from a memory editor? I'm defining them serverside and using them to sync data between the server and client. I'm wondering if because of their nature, will a player running a trainer be able to redefine these values?

A stripped down version of my script:

PHP Code:
// level NPC
function onCreated() {
  this.attr[1] = ITEM;
  join("CLASS");

PHP Code:
// class NPC
function onActionCHECK() {
  addweapon(this.attr[1]);
}

//#CLIENTSIDE
function onPlayerTouchsMe() {
  // triggeraction CHECK

As you can see, IF this.attr[1] is accessible by a trainer then the player could inject code to give himself any item on the server.
__________________
Save Classic!
Reply With Quote