Config.bin modifications

[morbid 0]

Would preventing modification of ofp files (by encryption) for the purpose of preventing cheating in multiplay also prevent people from making addons for singleplayer?

This would be most unfortunate since single player is still a very important part of ofp and expandability is what keeps games alive.

[Frag Haus Capt Morgan 0]

*EDIT FROM EARLIER REMARK*

All I have to say is. YUP and WOW

[suma 8]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (RedRogue @ Mar. 03 2002,02:02)</td></tr><tr><td id="QUOTE">If it can detect a modified or changed cfg file I do not see the great challenge a disconnect if detected feature would be. But in two replies from BIS I've been told a message would be sufficient...........<span id='postcolor'>

We want to implement such options in future, but first we want to be sure this messages is not showing unless you really perform some config modification. See topic "Modified config message" in this forum for more information.

[suma 8]

As you may have noticed, I changed the topic name to be more appropriate.

I hope A-Lone-Wolf will not mind he is no longer topic of this discussion. :-)

I did it because I am not used to read topic that seems to be full of personal quarrels, but this one seems to be worth reading. The topic name now better reflects this.

[BigQEd 0]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (ArmourDave @ Mar. 06 2002,14:25)</td></tr><tr><td id="QUOTE">Yep and it's 99% of the time people with the 'FragHaus Tag' that are causing the problems. Kegetys has done alot of good work for the community with his addons and without his input in the early days an awfull lot of addons wouldn't of ever been released. Not to mention the fact I haven't seen kegetys do anything against our rules. Like Placebo said, we dont want to have to take action against fraghaus forum members, but if the immature name calling and general bitching continues then we will be forced to do so.<span id='postcolor'>

First off I spoke to Placebo personally on ICQ. I have the log if you would like to see it Dave. I think you guys really need to step back on this and take a hard look. FragHaus players are some of your largest supporters and they are becoming frustrated... they are very noisy group but you definitely want them talking. They are a bunch of North American (US mostly) good ol boys.

Second... look at my posts. They are professional... and they are mere responses on a sophisticated level. I have merely responded. Sorry my responses are the Truth and if they offend someone I apologize. They however did in no way call anyone names or stoop to low levels. I am here because I care about OFP and BIS/Codemasters and their products.

Third...you do not understand FragHaus and what it is. FragHaus is the largest server network supporting OFP. We have hundreds of people posting on this list... however understand they are all individuals with individual views. They have their own minds... I do not control them.

Fourth... you need to look at all the topics and you will see Keg is as much to blame as any other individual. I know he may be your 'friend' but understand he is definitely no more important to this community than others.

Fifth... either lock down the topics you feel are going wrong or learn to read them in their entirety. I know being a Moderator for such a large forum is not easy... but guys you must realize that you have multiple societies clashing here. It's truly a melting pot full of different people from different parts of the world. The US and Canadian people are VERY aggressive and sometimes lacking in typing skills (heh)... while the guys from Europe (and abroad) are pretty snippy and short as well as sometimes self-righteous. Realize that people are VERY different.

Sixth... I apologize if the above statements in my fifth point offended anyone from N. America or Europe. It is a generalization and my feelings. You see my wife is from Europe (Holland) and I have had more personal encounters with the differences in the cultures than most... and that is how I see it Sometimes we argue over stupid things because our minds sometimes just aren't insync. Due to the differences in culture backgrounds.

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (Suma @ Mar. 06 2002,16:31)</td></tr><tr><td id="QUOTE">As you may have noticed, I changed the topic name to be more appropriate.<span id='postcolor'>

Thanks Suma. Drak had mentioned to me that he wished he could change the topic name. He said he was upset at the time he did it because of all the cheating going on. He really hates cheats...

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (Suma @ Mar. 06 2002,16:18)</td></tr><tr><td id="QUOTE">We want to implement such options in future, but first we want to be sure this messages is not showing unless you really perform some config modification. See topic "Modified config message" in this forum for more information.<span id='postcolor'>

Cool. Thanks Suma.

[suma 8]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (WKK Gimbal @ Mar. 03 2002,07:22)</td></tr><tr><td id="QUOTE">I think it may help to hinder addons (which actually acts like patches) from altering the classes already defined in the master config.bin, but only allow them to add NEW classes on top of those.

Cheat:

class LAW: AT3

{

     hit=9000;

};

This one will MODIFY the existing LAW.<span id='postcolor'>

This is exactly how things should work since 1.20, and it is almost as they worked. Most config entries are protected agains addon modification. There was one small hole - one type of fields that was considered in integrity check but write access was allowed. This hole should should be fixed now.

Conclusion is:

This is how things work since 1.45.

[Frag Haus Capt Morgan 0]

WOW AGIAN!

Well said Ed.

Pretty much what I said but had to edit it and turn it into YUP AND WOW. Lets face it I got really nasty in it and just blantly disrespectful. But I edited because I said I would no longer make those sort of comments. Plus oops stop typeing now before evil arrogant and down right mean side takes control!

You are absolutely right on all parts.

[BigQEd 0]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (Suma @ Mar. 06 2002,16:57)</td></tr><tr><td id="QUOTE">This is exactly how things should work since 1.20, and it is almost as they worked. Most config entries are protected agains addon modification. There was one small hole - one type of fields that was considered in integrity check but write access was allowed. This hole should should be fixed now.<span id='postcolor'>

Actually I have yet to see a HOOK work using a-lone-wolf's decompiled code for 1.46 and 1.45 like used to happen prior to the release of 1.45/1.46. (via Satchels or other programs)

Can ANYONE confirm that you can't hook into the CONFIG.BIN now via CONFIG.CPP?

If this has been closed for sure then BIS did truly patch the majority of the cheats with the 1.45/1.46 release.

[suma 8]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote </td></tr><tr><td id="QUOTE">Actually I have yet to see a HOOK work using a-lone-wolf's decompiled code for 1.46 and 1.45 like used to happen prior to the release of 1.45/1.46. (via Satchels or other programs)

<span id='postcolor'>

I am afraid you misunderstood me somehow (or maybe I am not undestanding you now). Config.cpp replacements do work even in 1.46. What is fixed is that even addons placed in Addons folder could modify some (very few) config fields, resulting in "modified config" message.

[Angry Radish 0]

Did either of the last patches change anything relating to memory locations for info, or does that infinite ammo/no reload trainer still work? Haven't had the time to test it since the patch...

[Frag Haus Capt Morgan 0]

the 1.45 one does not but i am sure that will change

[suma 8]

Many offtopic posts have been deleted from this position.

I think this topic is quite important and I would like to ask all members and moderators to avoid personal quarrels here. If you need to quarrel, use PM. In you need to quarrel in public, please use some less interesting topic, preferably in OffTopic forum.

[BigQEd 0]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (Suma @ Mar. 06 2002,17:24)</td></tr><tr><td id="QUOTE">I am afraid you misunderstood me somehow (or maybe I am not undestanding you now). Config.cpp replacements do work even in 1.46. What is fixed is that even addons placed in Addons folder could modify some (very few) config fields, resulting in "modified config" message.<span id='postcolor'>

Hmmm... no i think we are straight.

What I was saying is that I haven't seen it done yet.

It seems a-lone-wolf will show "not a valid array" when you run it as the config.cpp

I had assumed that maybe it was now not able to. Or maybe it was more of a hope

[5thSFG Drak 0]

Thank You Suma !!!!!!!!!

I still think that we need the config.bin locked down to protect the Player's. No offence to the mod maker's cause most of you guy's do great work ! But I will take real and fair game play over a mod anyday !

And I dont mean to sound Mean or rude . but this hacked .cpp needs to be stopped . And well all need to come together to stop it ! If we dont it's CS all over again.

[kegetys 2]

Posting something on the topic, I have a few times noticed that some players who have slower internet connections (modem, isdn, ...) sometimes get a "player uses modified config file - timeout (possible cheat is used)" message, even when they dont use a modified config or anything else, they only have a slow connection.

[5thSFG Drak 0]

darn double post . Sorry

[Frag Haus Capt Morgan 0]

Yes well isn't their away to have a locked config and still release the so called need info to addon makers.  Or am I just being naive.  

Or will that still allow for an addon to be put in the folder that will modify the config anway.  As in the satchel charge addon or the psg1silenced addon that silenced the dragnov before the new patch.

Also why doesn't bis make that if the addon or any other form of the bis software is messed with that it corrupts the soft ware and kicks you to desktop.

Kinda like when you type the wrong command in the init ie

This addmagazine "steyraug" instead this addmagazine "steyrmag"

When it kicks you to desktop says something like Unfound ammo "steyraug" blah blah blah.

Just wonder if that would work to some effect or even possible

me plays dumb so I get a response

[BigQEd 0]

Actually BIS could lock it down and then release a type of SDK.

Not sure where they stand on that but I think that would be the way to go.

[suma 8]

Let me summarize the situation:

Addon makers (represented by Kegetys) think reading config.bin is very usefull when making addons.

Server admins (represented by Frag Haus) think modifing config.bin is very harmfull because it enables cheating.

If you read the lines above, you will see there is no direct confict between them. We need some solution that will allow addon makers to read config but will prevent cheaters to modify it. Fortunatelly this is pretty standard cryptographic situation that could be solved by using digital signature to check if config.bin was really provided by someone authorized to create it.

Unfortunatelly there is also something in between - non-cheating config modification, represented by Satchel, creator of "Dynamic range" sound replacement kit.

If we would implement digital signature like mentioned before, such modification would not be possible at all, as only modification signed by us would be accepted. Moreover, there would still be security hole of "second stage" cheats, that would modify config values after they have been loaded into memory.

Besides of digital signature, there is also possibility of server side authentification - which is what we are doing now. This way anyone can modify config.bin easily, but server is able to detect this modification and can decide if the player can play or not. This method also will catch most "second stage" cheats, because not file config.bin, but its memory representation is authentificated agains server version. I think that with addition of server side option that would enable server admins to force disconnecting users with modified config this can be very reliable way to fight with config-type cheating.

What is still open question is wheather the digital signiture should be here, as it would provide at least some level of protection to players that want to use config modifications.

[suma 8]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (BigQEd @ Mar. 04 2002,01:19)</td></tr><tr><td id="QUOTE">Not true. I have made MODs without using .cpps. The information is out there already to make MODs. CLOSE the bin now and make it unaccessible. It is no longer needed.

Maybe BIS could release the information needed for future changes in some sort of SDK.<span id='postcolor'>

I am afraid I have to confirm that reading config.bin is often most reliable and most complete way for addon makers if they want to learn something. We did not publish any documentation about meaning of different config fields - and it is very unlikely that we will publish it soon, as we do not have it.

[Rastavovich 0]

Suma, why don't you form a team that checks the addons and gives such a digital signiture.

For example, the ofp-editingcenter checks each addon if it has a certain standard, like variable-names, that are unique. They also look for a realistic background. If all that is correct, they put it on their website.

What if before releasing it to the peoples, the right digital signature is added (of course only if the addon doesn't allow unfair tricks).

Of course for that you have to give the possibility to add the correct signature to a few people. Or you form by yourself such a gremium, with a little more work for each of you:)

[Nagual 0]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (Kegetys @ Mar. 07 2002,01:42)</td></tr><tr><td id="QUOTE">Posting something on the topic, I have a few times noticed that some players who have slower internet connections (modem, isdn, ...) sometimes get a "player uses modified config file - timeout (possible cheat is used)" message, even when they dont use a modified config or anything else, they only have a slow connection.<span id='postcolor'>

I saw that message a few times tonight (posted something in one of the general forums). I have a cable connection, and the other players except one had pings around 60ms, but still showed the message. A few times it happened while waiting for others to load in briefing, so maybe its just that, a time out (?).

Also, to see officially encrypted and signed versions of things like Satchels pack would be fantastic (..drool)!

[Guest]

I haven't tried satchels sound pack yet, but would it not just be possible to decompress the sound.pbo, change the sounds, then recompress it? That way editing of the config.bin would never be needed and BIS could put a digital signature on it. Unless I'm missing something and it has more than just new sounds of course.

A server side option that would remove players with a modified config would solve alot of these problems also but from what I've seen the XX player is using a modified config file isn't too reliable.

Another option would only allow binary configs to work i.e OFP shouldn't load if the config.bin is uncompressed and is in CPP form. I'm no expert but that shouldn't be too hard, right? BIS could give satchel a hand converting his config.cpp to config.bin and as only 1 or 2 members of the community can turn the bin to cpp, then back again there would be very little danger of people cheating in that method.

[Nagual 0]

Im no expert either ArmourDave, but they sound like some good ideas.

[suma 8]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote </td></tr><tr><td id="QUOTE">but from what I've seen the XX player is using a modified config file isn't too reliable.

<span id='postcolor'>

Just to be sure we understand each other: There was bug in 1.42 which should be fixed now. Do you think that "modified config" message is not reliable even in 1.45 and later?

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote </td></tr><tr><td id="QUOTE">Another option would only allow binary configs to work i.e OFP shouldn't load if the config.bin is uncompressed and is in CPP form. I'm no expert but that shouldn't be too hard, right? BIS could give satchel a hand converting his config.cpp to config.bin and as only 1 or 2 members of the community can turn the bin to cpp, then back again there would be very little danger of people cheating in that method.<span id='postcolor'>

This would be quite shortsighted solution. Nobody can create bin config because nobody has to create it, when text config is supported. If we would disable support for text configs, I am quite sure there would be packing utility quickly available. I have also seen screenshots of upcoming config editor called "binedit", which seems to be able to edit configs directly in binary form. Once this tool becomes available, we would be in the same situation we are now.

One lesson that most developers learned: do not spend your time on making cheating or hacking more difficult. When fighting with cheats, you have to come up with solution that is in the very principle impossible to break, like server side authentification or digital signature.