Security Research in Massively Multiplayer Online RolePlaying Game MMORPG PowerPoint PPT Presentation
1 / 7
Title: Security Research in Massively Multiplayer Online RolePlaying Game MMORPG
1
Security Research in Massively Multiplayer Online
Role-Playing Game (MMORPG)
- Rick Zhong
- March 2008
2
- Sample MMORPG Architecture
- Large Distributed Computing systems
3
- MMORPG Hacking
- System Infrastructure Hacking
- EVE-online - SQL Server Hacked
- Second Life - SQL Server Hacked
- Game Application Hacking
- Game Communication/Protocol Analysis
- Emulation Server
- Protocol Emulation
- Game Client Reverse Engineering - Map revealers
- Client-side Automated Bot
- Macro Bots (WoW Autocombat Bot)
- Aimbot
- In-Game Hacking
- Client-side state information manipulation
- Gaming Logic Exploitation
- Camping
4
- MMORPG Hacking Approaches
- Modular / Structural
- Tool-based (BackTrack Version 3)
- Wild Wild West Style
5
- Client Authentication Protocol Analysis
- Tools used WPE Pro and WireShark
- MapleStory
- Protected by nProtect GameGuard
- Connect to FTP server for media contents
- Second Life
- https//wiki.secondlife.com/wiki/Hegemons_Login_An
alysis - Squid Proxy?
- TCP HTTPs login.agni.lindenlab.com
- LineageII
- Protected by nProtect GameGuard
- Eve-Online
- HTTPs
6
- nProtect Gameguard
- Gameguard nProtect - http//en.wikipedia.org/wiki/
GameGuard - It hides the game application process, monitors
the entire memory range, terminates applications
defined by the game vendor and INCA to be cheats,
blocks certain calls to DirectX functions and
Windows APIs and auto-updates itself to change as
new threats surface.
7
- For Discussion
- How to carry out the testing legitimately?
Recommended
