10 comments

[ 2.8 ms ] story [ 34.1 ms ] thread
I'm still not sure how it's going to modify the packets from the server side in any meaningful way though.. The packets that are issues server side are only modified on the client and so only if the client side is expecting some flag/value such as (item #) for example?
Its value depends on how safe the games netcode is. I used to play an FPS game where the hits were client authoritative and hackers edited enemy positions and made them stand in a row in front of the hacker. Hacker could easily wipe the enemy team with that.
An unrelated but practical example: I used to play a competitive ski racing game. You would race a course and upon finishing, your client sent the locally-determined finishing time back to the server, where it would end up on the global leader board. It was possible to modify the finishing time in-flight, and set it to whatever you wanted because the server had no way to know if a client was lying. To be fair, I did not succeed because the time was still "protected" by a hash whose input I could not be bothered to figure out.
Plenty of games don't bother to implement server-side-validation exhaustively. Including big Triple A titles (which is why anti-cheat providers make a killing with their ring-0 spyware).
I'm sorry but if you're reaching ring-0 ... You're not just playing games.. Or at least you shouldn't be.. Looking up on that, it's wild that publishers feel so entitled to have higher than root access to your machine.. For a game.

I realise there are some esports and those machines, fine, but wow.. If I want to play for fun, I need to hand over my whole system ?

Why did nobody object to this ???

"Fun" is often more compelling then "secure"
This looks interesting, but I find it hard to follow when half of the magic happens in some library I've never seen before. Would love to see something like this in plain code.

"github.com/chifflier/nfqueue-go/nfqueue"

"github.com/sergi/go-diff/diffmatchpatch"

"github.com/google/gopacket"

"github.com/google/gopacket/layers"

(comment deleted)
Packet editing is nice, but aren't most games using encryption by the time the packet leaves the client and is intercepted?