This tutorial will basically be explaining to some people who aren't as good at visual basic than others, how to make a pretty good security system, so if they have don't know how to improve their security, or don't know what type of method to use. than they can read this tutorial.
:: Client Side ::
Make a new form called frmSecurity and make as many text boxes as you like(recommended 4 or more).
Make a command button and name it cmdSecure.
Go to frmLogin and double click the connect button and before end sub paste this in:
Code: If txtUsername.text = [Administrator's Account Username] & txtPassword.text = [Administrators Account Password]
Msgbox " You are attempting to login with an administrative account, if you own the account you may proceed, if you do not than do not login because if you do you are bound to be caught and banned." Then
frmLogin.hide
frmSecurity.show
End if
End Sub
Next get ready for some editing in frmSecurity. Double click the text boxes.
If you are using 4 text boxes than paste each of these into the correct box.
Rename the first box Sec, the 2nd box Sec2, the third box to Sec3 and the fourth box to Sec4.
We will use the numbers 1,2,3, & 4 to pass the Security System and allow you to login with your administrative account.
Double click the "Secure" button and paste this in:
Code: If Sec.text = 1 & Sec2.text = 2 & Sec3.text = 3 & Sec4.text = 4 Then
frmSecurity.hide
frmCharacters.show
I won't really put any server side tutorial up because you prety much have to go through the same process, but you have to open up the server source and add a frmSecurity form there.
I wish you luck if you are just learning to use visual Basic, but if you are already know how to use it than I hope my tutorial helped you. I wrote this tutorial from another family member's computer and he doesn't have visual basic so I tried to write this as error-free as possible, if there are any errors I will fix them when I test this out at home.
Thank you  !
Hello, I hope I didn't do anything wrong.
Did I ? :|
Ciao Wrote:Hello, I hope I didn't do anything wrong.
Did I ? :|
This isn't exactly security.. Not even close.
Well,
You are compiling an administrators user name and password into the distributable client in order to do a client-side security check? Um.
I don't know if someone has removed it from ms4, however there used to be server-side character creation check on "consty" - you should use that for reference.
This is bad, I think you should delete it or modify it because client side..
emphasize the word client O___O, you could make a AdminIP.txt,
check for the user who logged in matches any of the IP in that text file
and set their access to 4. When they log off set it to 0.
Im new to this stuff so im sorry if it wasn't really that great.
Ciao Wrote:Im new to this stuff so im sorry if it wasn't really that great.
The tutorial itself is fine, it's just that this offers virtually no security what so ever. Keep working on your skill, and I'm sure you'll be spitting out worthwhile tutorials left and right.
Thanks Nean, and Lea im sorry but I don't know what you mean by that :/
I want to take a guess though.
Would it mean that when you type something in, its stored and someone might be able to still get in either way?
try opening a .exe from notepad
-Cough- Pack your exe's if you don't want your constants to be readable -Cough-
-cough- clients dont need security -cough-
that entirely depends on what you have going on in your client.
some people would rather have everything happen on the server.
Robin, being different as usual, has a lot of stuff going on in his client.
just a matter of opinion.
Pbcrazy Wrote:that entirely depends on what you have going on in your client.
some people would rather have everything happen on the server.
Robin, being different as usual, has a lot of stuff going on in his client.
just a matter of opinion.
Your opinion is wrong :3
Pbcrazy Wrote:that entirely depends on what you have going on in your client.
some people would rather have everything happen on the server.
Robin, being different as usual, has a lot of stuff going on in his client.
just a matter of opinion.
Uhhh, doesn't matter if they'd rather have things in their client, it's bad security. Clients can be fooled, it's much much harder to fool the server. That's the reasoning behind the server access checks, rather than client access checks.
first off, how the fuck can an opinion be wrong? maybe controversial to yours but not wrong.
secondly, sure, you can do stuff on you're client, if you're looking to have a lot of players, and don't want your server to be slowed down, it may (may) be a better choice.
And yes, of course, you run into security problems, and will have to find a way to make it more secure. packing them, as jokeofweek suggested would be one way.
other wise of course, checks to the server for permission to do stuff, would be another. however a lot of the thinking and "AI" (as dumb as it may be in MS), could be used on the client, to keep down usage on the server. Of course, again, with proper security.
Dragoons Master
Unregistered
Pbcrazy Wrote:...however a lot of the thinking and "AI" (as dumb as it may be in MS), could be used on the client, to keep down usage on the server. Of course, again, with proper security. Impossible(w/ security)
please explain. I'd like to know.
THE CLIENT CAN BE TRICKED. How fucking dull do you get? The server can't be tricked (It's much much harder), therefore security checks in the client are pointless. The only way anything can be put in the client, is if it holds no threat of abuse, whatsoever.
Yeah the AI definitely can't be handled AT ALL in the client...that was just retarded.
ok sorry, but ya know, i haven't done much programming...in a long time.
so by tricked you mean sending a packet to it other than from the server?
Pbcrazy Wrote:ok sorry, but ya know, i haven't done much programming...in a long time.
so by tricked you mean sending a packet to it other than from the server?
Let me paint a picture for you. Say the game you want to hack is MS based. Say they handle everything client side. What's to stop you from picking up a vanilla source, programming your own client and doing whatever the fuck you want? Kinda the same way with packet hacking and hex hacking.
Its got nothing to do with security,
how the fuck would the AI be client-side? I mean honestly, tell me, I'd like to know.
Fox Wrote:Its got nothing to do with security,
how the fuck would the AI be client-side? I mean honestly, tell me, I'd like to know.
It COULD be client side, but it's very unsafe and would make the game, literally, different for every player even if they were standing next to each other. As their client would process the AI differently than the other player's.
Which would basically make it feel cheap and not so much as an online game, but an online social hangout.
|
