Common hacker attacks there are two kinds.
The first simple and crude, called replay attacks.
The second is to modify Bowen.
1. replay attack
The so-called replay attack is an attacker posing as a client sends repeated on a valid network packet.
Example 1: Before the game we did a three card limit free pumping activities. That is, within 30 seconds can be pumped free card, which appears to be planning a very exciting part of the design, if you hand speed faster, you might grab more cards than others. For example, you point a draw card, it will pop flop effects, this popup will block all actions of the player, you have to read this for up to about 3 seconds effects can click again to draw cards button, that plan envisioned 30 s free draw card should produce up to about 10. The design problem? Immediately a hacker to tell (beat) us. Our investigation found in a database of cards a player has tens of thousands, this number takes about RMB several hundred thousand dollars of it, but the player does not recharge record, then carefully check the limit of 30 seconds was found to be smoke free card activity Caused. He was able to get thousands of free cards in a single event, which is why? The answer is a replay attack. Do not underestimate this simple and crude attack, he could break through the restrictions client interface operation, effective information sent directly to the server.
Example 2: a three games before we made a function of the collection of gold coins. His daily limit is three times each player has the right to levy. Daily reset time will be reset when the right to levy three times. So in theory, every player will have the right to a day three times a levy. Note that the server handling this bug is to produce the culprit.
// server processes imposed pseudocode
function Texas (the userId) {
// nonblocking fetched from the database when the number of times the player imposed
var = the await db.select Times ( 'db_users', 'today_texas_times', the userId);
IF ( times <= 0) {
the console.log ( 'collection times depleted operation is invalid');
return;
}
// increase in the number of coins and consumes a collection
await db.increase ( 'db_users', ' today_texas_times', userId, -1 );
the await db.increase ( 'db_users', 'COIN', the userId, 1000);
}
If the server code is written so, then the work will be able to replay attacks. This involves multi-threading problems. Replay attack on a time difference. Because the two almost simultaneously request message to this function, we db.select live and do not block the main thread, so it may come in texas twice in a very short period of time even inside many times, but this db.select operation to access the database It takes time. Then most likely this second visit return value is 1, then check it is legitimate, gold and finally add 2 times, the number of possible expropriation becomes -1.
How to defend replay attack it? It is common practice to add a status of the digital communication package, such as client and server after the connection from 1 to begin. Each time the client sends a message to the server later this figure will increase 1. The first few times that number in the tens of communication. If only such a simple replay attacks, the server will find the package inside serialNum with the server does not match the current serialNum. So you can find this replay attacks. Then you say "stupid hackers do, he will not notice the simple laws of the state of digital do?." In fact, most hackers will this level, because the network packets sent tools they use is so simple, it can replay attacks, if he did not go to trial results do not point or another game. Of course, if you come across a little hacking powerful point, he will forge the state numbers, then you only need to look at the state of the digital upgrade it. We do state of the digital pseudo-random number. For example, the server generates a first random number seed sent to the client. The client (Note that each client is different) by the server using the linear congruential pseudo random algorithm (RandomSeed * BigPrimeA + BigPrimeB) random number seed from the random number to the step number as that state. This makes the digital state of a hacker greatly increase the difficulty in prediction. Of course, this approach is not absolute security, but as the game is concerned, this level of security is enough. Of course, if you do the banking system, then this level of security defense is not enough.
2. tampered package
Example 1: package tampering well understood, is to modify certain parameters of the original packet. In general design idea one game server is client can not trust any packet that is sent by the client are likely to be tampered with. We have to do is to do the calibration work server. However, if the calculation of the amount of the check of some particularly large, we have to trust the data sent by the client. World of Warcraft players such as location update, check for this position must have a complete physical modeling to complete, to know the physical collision calculation is quite cpu consumption, this time we had the trust of the client to the server location information is synchronized . Some originally designed for mining teleport plug-in, even with a simple and crude "change gear (a modification of the speed of the game)" software can easily make World of Warcraft players movement speed is greatly increased.
Example 2: This example is more complex. Although the client server may not trust, but sometimes communicate with the server-party sites you may have to "trust." For example recharge problem in the game. First, the client application to the server game recharge $ 30, after the game server generates a single number to request an order-party payment, party payment platform will generate his own single number and a single number tells the operator that the game server information and client need to pay ( typically a url jump), the game server and then returned to the client payment link, under normal circumstances, in accordance with the client after the jump url normal pay, then the server-party payment after receipt of the money will "callback to" game server, this players really pay 30 yuan. Then the game server to the player's account recharge corresponding gold 30 yuan. But the problem is that if a hacker knows a callback address to the game server and tapping a callback package. Then the next time the hacker can click on a recharge 1,000 yuan, but this time he did not really pay 1,000 yuan, but the game is sent to the server via a message on the inside of the package 30 yuan to 1,000 yuan tamper with this callback messages, then the game the server that the user really recharge 1000 yuan, 1000 yuan will give the player a corresponding increase in gold.
How to defend against tampering bag? Generally defense may be encrypted by way of the message packet. Because the ciphertext message packet, the hacker can not modify the packet in the case of the text message contents of the packet can not be understood. Of course, encryption and decryption algorithms inside the client, if the client code is reverse out hackers, so he can still tamper with the message packet. But to some of the more strenuous. Learned cryptography students know wants absolute security of encryption and decryption is almost impossible, we just have to let hackers break when some of the more strenuous on the line. By the basic message packet encryption can block most hackers tampering with the package. Some students feel that the encrypted message packet is not intuitive, there is no other way to defense it. Another way is also very simple, the entire packet is to add a front and rear ends of the key agreement is formed by a sign md5 algorithm. Each message must verify the validity of this sign, it can issue messages defense package has been tampered with.
Technical Summary
We added sign field for verifying the legitimacy of the front and back of the packet inside the packet communication, serial column is added for ensuring packets are not replay attacks.