Message Boards

Topic: OdaHook  (Read 25137 times)

Offline napkins

  • Posts: 3
    • View Profile
OdaHook
« on: February 07, 2007, 09:25:18 »
Hello,
  You being of doom community probably know who I am.  I recently was being approached for a OdaHook.  I have not made this but someone has it

Quote
My friend want use odahook and wear out me his question about odahook
I will not name who sent this so no even ask.

I will never make hacks for odamex.  The only reason I made my others to see if other ports would realise closed source is not good.  It only took sthook in a few hours with my knowledge of zdoom so as long as a zdoom codebase it is not to be secure.  I think though my hacks only convinced them more closed source works someway.

So why I came here to tell you that there is most likely hack for odamex.  If you think it will help I can send you the source for my hacks.  If you just give them to zdaemon let me know and I will just open source them if you want look.

If you plan on securing odamex with open source I have suggestion.  Don't trust client for detection ever!  In open source this would easily be passed.  Instead look for perfect setting of the angles on server.  This could be worked around of course by chaning aim to bad occasionally.  Also if you could send extra players to a client and make them always behind wall or off map it could confuse hacks.  They would need look exactly like normal players of course on scoreboard and sometimes be visible in lag most likely.  Duplicate opponents would be most hard to detect.

I read the message again and could I be wrong?  Message is hard for me to read.
Quote
Hello. When you build OdaHook for Odamex?
My friend want use odahook and wear out me his question about odahook ("Do
not builded?", "You know: where odahook was been created" and many other
question)...
« Last Edit: February 07, 2007, 10:05:20 by napkins »

Offline Goatface

  • Posts: 3
  • Good. Bad. I'm the guy with the gun.
    • View Profile
Re: OdaHook
« Reply #1 on: February 07, 2007, 12:23:58 »
It's difficult to tell because of the imperfect English.

What language is the original message in? Maybe there is a better translation.
Apply twice daily.

Offline Chaindude

  • Posts: 2
  • Member
    • View Profile
Re: OdaHook
« Reply #2 on: February 07, 2007, 19:28:36 »
I think someone told him:

"A buddy of mine is bugging the shit out of me about hacks for Odamex. Do you know if an Odahook has been made? If not, when would you make one?... (etc)"

Certainly, someone who creates hacks for games can have any reasoning behind his motives, but "I did it so they'd realize closed source is futile" sounds silly to me. Maybe you wanted to show your coding ability, or perhaps you wanted to destroy the ZDaemon and Skulltag communities (and/or allow others to do so)?

On the other hand, the tone of your post here sounds like you're trying to give advice or help in terms of how to counter hacks. However, as your name is widely known in a negative manner (to the more involved members of the DooM community--particularly multiplayer), how do you expect people to trust what you say?

Even Carmack has numerously stated that *anything* on the client-side cannot be trusted, so no news there.

PS: I don't know you personally or have spoken to you, so don't think I'm trying to insult you or whatever. People other than myself (I'm sure) are probably wondering what your motives are.

Offline deathz0r

  • Administrator
  • Posts: 61
  • kick it oldskewl
    • View Profile
    • deathz0r's Place of DOOM
Re: OdaHook
« Reply #3 on: February 07, 2007, 21:49:38 »
I'll let someone more experienced with coding handle the rest of the topic, but:
If you think it will help I can send you the source for my hacks.  If you just give them to zdaemon let me know and I will just open source them if you want look.
I'd personally like to see the source code to this. I have no intention of giving it to anyone on the ZDaemon team.
Quote
I read the message again and could I be wrong?  Message is hard for me to read.
He's asking for you to make a OdaHook. He doesn't have OdaHook and neither does his friend.
« Last Edit: February 07, 2007, 21:50:46 by deathz0r »

Offline Russell

  • Developer
  • Posts: 70
    • View Profile
Re: OdaHook
« Reply #4 on: February 07, 2007, 23:10:36 »
I will never make hacks for odamex.
Well, if you have any ideas of exploits that could be
possible in the current source, you can always submit a
patch.

So why I came here to tell you that there is most likely hack for odamex.  If you think it will help I can send you the source for my hacks.  If you just give them to zdaemon let me know and I will just open source them if you want look.
We have no ties to those other ports, so no source is
distributed to them (they couldn't use it as they would
have to open up their code anyway, because of Odamex's
license)
I would be interested in seeing the source myself, but you
have my word that it wouldn't be distributed.

Offline napkins

  • Posts: 3
    • View Profile
Re: OdaHook
« Reply #5 on: February 08, 2007, 08:07:15 »
Quote
Certainly, someone who creates hacks for games can have any reasoning behind his motives, but "I did it so they'd realize closed source is futile" sounds silly to me. Maybe you wanted to show your coding ability, or perhaps you wanted to destroy the ZDaemon and Skulltag communities (and/or allow others to do so)?

Yes I created them for fun as well, but my main reason was to backup that closing source when based on zdoom will accomplish nothing.  I agree at this point they are wrong reasons because they did not work.  I thought they would simply update in a month or so and hack would just stop working and I would release source.  To bad zdaemon was a ass and launched viruses/etc instead of just releasing an update in a month.  My plan was to have hacks on zdaemon for a month, but after attacking some legit players not ones who cheated I no care anymore.  I NEVER wanted to destory zdaemon or skulltag, carn leaving skulltag ruined that bad too, and I am sad on this.

Quote
He's asking for you to make a OdaHook. He doesn't have OdaHook and neither does his friend.
This is good, i am sorry for the alarm if it was.

Hmm, yes ok then who to send the sources too.  They are very small, I don't really care too much anymore if zdaemon gets them or not.

Quote
Well, if you have any ideas of exploits that could be
possible in the current source, you can always submit a
patch.
I will look when I get some time, but exploits are probably easily detected when used.  Aimbot would be the real threat no?  This is not such an exploit.

Offline Ralphis

  • Administrator
  • Posts: 111
    • View Profile
Re: OdaHook
« Reply #6 on: February 08, 2007, 11:29:20 »
You can send the source to me, deathz0r, or Russell amongst a few others. We will get them to the proper people on our team

Offline Revenant

  • Posts: 2
    • View Profile
Re: OdaHook
« Reply #7 on: February 09, 2007, 18:32:38 »
napkins, if you plan on sending the *hook source to the Odamex team then I think it would be a good idea to also do the same for ZDaemon. I'm sure a fix would be made if they knew exactly how to protect against these exploits.

It's a shame that Skulltag is no longer actively developed because the "aimbot witch hunt" is just starting to unfold over there as well. (Case in point, <cp7>mentos)
« Last Edit: February 09, 2007, 20:55:48 by Revenant »

Offline napkins

  • Posts: 3
    • View Profile
Re: OdaHook
« Reply #8 on: February 10, 2007, 13:11:05 »
The sources can be found here

EDIT by deathz0r: Got them, it's not wise to link them publically for security reasons regarding other ports.
« Last Edit: February 10, 2007, 15:08:46 by deathz0r »

Offline Zorro

  • Posts: 65
  • Professional n00b
    • View Profile
Re: OdaHook
« Reply #9 on: February 11, 2007, 20:47:34 »
Since Odamex is open source, kiddies don't diserve to have hacks handed to them.  They had better get down and dirty and hope they avoid server-side cheat detection.
^^ this post has wasted part of your life ^_^

Offline excelblue

  • Posts: 4
    • View Profile
Re: OdaHook
« Reply #10 on: February 18, 2007, 21:33:14 »
The odd thing about the discrimination here is how a hack was released to a closed-source thing without first contacting the developers and telling them how it was done. Yet, when it comes to open source, the whole thing is turned around. This is completely unethical behavior.

What you should have done was first contact, and then release if nothing gets done in a reasonable period of time.

As for the "trojan" - that is not endorsed by the ZDaemon team. It's just the actions of one staff member acting on his own. The idea here though is that it was the quickest way to temporarily get rid of the problem while it was present.

Then again - in this case, would the difference between closed-source and open-source make any difference? Does open source make an app inherently more secure? You may have the ability to hack, but I'm pretty sure you'd definitely agree that a closed-source app requires a bit more work than an open source app to hack.

Offline Polie13

  • Posts: 2
    • View Profile
Re: OdaHook
« Reply #11 on: February 19, 2007, 13:46:49 »
The odd thing about the discrimination here is how a hack was released to a closed-source thing without first contacting the developers and telling them how it was done. Yet, when it comes to open source, the whole thing is turned around. This is completely unethical behavior.

First off, since when was creating a hack for a game "ethical" in the first place?

What you should have done was first contact, and then release if nothing gets done in a reasonable period of time.

It was released well over a few months ago. Nothing has been done yet, that should have been fair enough "contact" to show it, in my opinion.

As for the "trojan" - that is not endorsed by the ZDaemon team. It's just the actions of one staff member acting on his own. The idea here though is that it was the quickest way to temporarily get rid of the problem while it was present.

But is it not still the act of the staff in a whole to take up the actions of one of the Admins? Not like the ZDaemon staff did anything to stop him. And if you wish to speak on "unethical" terms, producing a trojan such as and releasing it without telling anybody it would maliciously infect your computer is pretty unethical, if not worse, then a game-hack will ever be.


Then again - in this case, would the difference between closed-source and open-source make any difference? Does open source make an app inherently more secure? You may have the ability to hack, but I'm pretty sure you'd definitely agree that a closed-source app requires a bit more work than an open source app to hack.

While hacking a closed-source game requires more time and effort then hacking a open-source game, the same results can be done. It's not the hardest thing in the world to find offsets... Actually, in quite a few cases it's fairly easy to just judge your hack off the last open-source copy of ZDaemon (which from a quick scan of the ZDHook src is what napkins did). I'm not saying I endorse the usage of hacks as a whole, but saying it's any bit harder to produce a hack for a closed-source game then an open-source game isn't the smartest thing in the world to say.


Just my 2 cents.

Offline excelblue

  • Posts: 4
    • View Profile
Re: OdaHook
« Reply #12 on: February 19, 2007, 15:45:27 »
First off, since when was creating a hack for a game "ethical" in the first place?

It's only ethical when it's not used. Creating hacks are a way to prove a point. It would have been perfectly ethical if he gave it to no one except the developers of the game.


It was released well over a few months ago. Nothing has been done yet, that should have been fair enough "contact" to show it, in my opinion.

You're saying that new binary releases that "break" the hack don't count? There were new releases with small modifications that were made to make the hack incompatible as a long term solution wasn't feasible at the time. It's slowly being worked on though. A reasonable time would have been much longer. Technically, I'm speaking of the time needed before the hack was released to the public. So, in this case, the time given was 0. It appeared on some cheating forums without an official notice to ZD at all.

But is it not still the act of the staff in a whole to take up the actions of one of the Admins? Not like the ZDaemon staff did anything to stop him. And if you wish to speak on "unethical" terms, producing a trojan such as and releasing it without telling anybody it would maliciously infect your computer is pretty unethical, if not worse, then a game-hack will ever be.

Any person can misbehave at any time. If a priest in a church engages in unethical doings, is the whole church responsible? Or, in government terms - if one congressman does something bad, is the whole government responsible? There was nothing that could have been done to stop him. Plus, there was already contempt. The trojan basically disabled the game - something you can expect from PunkBuster. After all, it only deleted doom2.wad (which they should have on a CD anyways).

While hacking a closed-source game requires more time and effort then hacking a open-source game, the same results can be done. It's not the hardest thing in the world to find offsets...

Yet it is work. Every single bit counts. It's like why I lock my door when a truly motivated criminal can kick it down or pick it (with ease).

Offline Manc

  • Administrator
  • Posts: 77
  • Fist to the face!
    • View Profile
    • odamex.net
Re: OdaHook
« Reply #13 on: February 19, 2007, 16:47:23 »
I'm not sure how this conversation got on to this zdaemon hack but there is no way to justify what Doom2pro did.  I don't care how you say it, the zd team knew he did it, didn't seem to care enough to bother, and all I see are people defending the idea that it's ok to delete doom2.wad of POSSIBLE SUSPECTS.  It's why "guilty until proven innocent" isn't such a nice way of thinking.
Odamex Web Administrator

Offline Polie13

  • Posts: 2
    • View Profile
Re: OdaHook
« Reply #14 on: February 19, 2007, 17:52:58 »
It's only ethical when it's not used. Creating hacks are a way to prove a point. It would have been perfectly ethical if he gave it to no one except the developers of the game.

You have to be entirely retarded to think anybody creates hacks just for the single goal of "proving" a point. Of course, that's what the real goal is but it's obvious he's going to use it. You spend any amount of time on anything you're going to want to use it. There are many other ways to be "ethical" about a slew of things without handing it directly to the developers; ZDaemon staff has proven numerous times they don't listen to what their player-base has to say so what do you think handing down a hack source would do anyway? Honestly, the only real way to grab attention is to release it. I see no un-ethical behavior in this.

You're saying that new binary releases that "break" the hack don't count? There were new releases with small modifications that were made to make the hack incompatible as a long term solution wasn't feasible at the time. It's slowly being worked on though. A reasonable time would have been much longer. Technically, I'm speaking of the time needed before the hack was released to the public. So, in this case, the time given was 0. It appeared on some cheating forums without an official notice to ZD at all.

I'll be quick to admit I haven't looked at ZDaemon's new 'binary' releases until recently, but looking at the ZDaemon 1.08.02 binary to the 1.08.03 binary looks exactly the same, therefore no measures were taken to stop it. Besides that, it's incredibly easy to just not update to .03 and continue using the hack. And yet again, what would be the over-all point of giving the hack to the developers if it wasn't first put in the publics eyes as "dangerous" addition to the game?

Any person can misbehave at any time. If a priest in a church engages in unethical doings, is the whole church responsible? Or, in government terms - if one congressman does something bad, is the whole government responsible? There was nothing that could have been done to stop him. Plus, there was already contempt. The trojan basically disabled the game - something you can expect from PunkBuster. After all, it only deleted doom2.wad (which they should have on a CD anyways).

Comparing this to a real-life situation with religion isn't that smart of an idea, but yes, on a technicality it is the church's fault for mis-leading the priest. The trojan did absolutely nothing except delete copyrighted material from the users end-PC. I see no freakin' possible way that was ethical no matter HOW you look at it, whether or not they should have a legal copy or not, you shouldn't have to worry about a person of the staff of the game you're playing at creating at a program that deletes your Doom2 and Zdaemon files.

Yet it is work. Every single bit counts. It's like why I lock my door when a truly motivated criminal can kick it down or pick it (with ease).

Work as it may be, it's just as easy to produce the same results in the same amount of time it would require to do it with the source open, and if you bothered to read the ZDHook code you would clearly see he hooks directly into the ZDaemon CL header files to accomplish many things.