Hey guys, thank you for your suggestions but that is for persisting data. My persisted/network data is already encrypted.
The video I showed is in memory hacking. Imagine you had a variable that tracked money in your app and you had 100 money, the hacking software scans all heap/stack addresses matching 100 and modifies them.
It is very difficult to stop hackers, I wrote a lot of the original versions of GameShark and Action Replay and we wrote extensive code to find infinite lives etc. you can try all the things in this thread but I can tell you we could pretty much hack anything for GameShark/Action Replay, Nintendo and Sony tried all sorts of things to stop us but we usually found a way round it.
How hard would it be to succeed in hacking an iOS device in a similar way if it were jailbroken?
Jail broken iOS is the same as rooted Android.
Can’t you just encrypt the values?
I mean, everytime you save it, save it encrypted, and everytime you niid toi change it -> decrypt it -> modify -> and encrypt.
Let us know what you did at the end :blink:
How great was the scam?
One player, 10 players, 100 players, 1000+ players scammed you… ?
You have how many players, 1 million + ?
I assume if scam was less then 10% of the all buyers, then this is something “acceptable”…
I’m seeing a lot of confusion regarding the actual problem.
You guys all rock for trying to help, but @adrianm is not having a problem with the persistent storage (saved values).
Instead, he wants to find a way to prevent hex-edits of the in dynamic-memory values.
i.e. Some players are changing the values as the game is running, not the values saved to ‘persistent-memory’.
But how many players do you think will (are able to) do that? Under 5% … or?
Its a tiny percent (less than a hundred per million)… fake IAPs are much more common. I was noticing some weird values in my db. Values like 2147483647 for in game resources (which just happens to be the max value you can store in an Int).
I came across the YouTube video when Googling for hacks and it was something I had never seen before so was sharing it as much as asking for advice really.
I also get players asking for their user name (when the game doesn’t require one) as there are other websites saying they will hack but they need a user name. These force you to do surveys, download other games and probably get infected by malware in return for max game resources. Obviously this is impossible.
If it gets more prevalent then I might code an encrypted in memory data-store (and let Ed turn it into a plugin).