Page 3 of 3 FirstFirst 123
Results 41 to 48 of 48
Like Tree1Likes

Thread: Decompiling Java class and breaking cipher

  1. #41
    rajma is offline Member
    Join Date
    Nov 2013
    Posts
    20
    Rep Power
    0

    Default Re: Decompiling Java class and breaking cipher

    You know why I'm interested in this, because I'm not making a program that will only print something to client, something must be saved to database, it depends on client's actions and it must be checked if any of values/variables aren't changed, for example: you have 5 score points, game ends, hacker changes to 999, server updates, cool now game screwed.

  2. #42
    Tolls is online now Moderator
    Join Date
    Apr 2009
    Posts
    11,792
    Rep Power
    19

    Default Re: Decompiling Java class and breaking cipher

    Quote Originally Posted by rajma View Post
    I'm to curious, to mad that someone can break this, one friend just came to my web and broke everything in my JWS... just by downloading simple hacking programs...
    ?
    How on earth did they do that (short of a DDOS)?
    JWS = Java Web Server?
    Please do not ask for code as refusal often offends.

    ** This space for rent **

  3. #43
    gimbal2 is online now Just a guy
    Join Date
    Jun 2013
    Location
    Netherlands
    Posts
    3,648
    Rep Power
    5

    Default Re: Decompiling Java class and breaking cipher

    I've been assuming it is Webstart.
    "Syntactic sugar causes cancer of the semicolon." -- Alan Perlis

  4. #44
    jim829 is offline Senior Member
    Join Date
    Jan 2013
    Location
    United States
    Posts
    3,375
    Rep Power
    5

    Default Re: Decompiling Java class and breaking cipher

    So just encrypt the data using some algorithm. You can have the key scattered throughout the program. You can store the score intermingled amongst bytes of random values in the encrypted file (so they would have to reverse engineer the file to figure out how to change it). You could include an MD5 digest on the data to detect unauthorized changes.

    Will it be defeatable? Yes! Will it be easy? No! Why so paranoid?

    Regards,
    Jim
    gimbal2 likes this.
    The Java™ Tutorial | SSCCE | Java Naming Conventions
    Poor planning our your part does not constitute an emergency on my part.

  5. #45
    Tolls is online now Moderator
    Join Date
    Apr 2009
    Posts
    11,792
    Rep Power
    19

    Default Re: Decompiling Java class and breaking cipher

    Oh yes...that makes more sense.
    Please do not ask for code as refusal often offends.

    ** This space for rent **

  6. #46
    rajma is offline Member
    Join Date
    Nov 2013
    Posts
    20
    Rep Power
    0

    Default Re: Decompiling Java class and breaking cipher

    Yes it's Java Web Start, maybe paranoia, because I believe that it will happen, there are a lot of curious people, also competition between projects. Imagine you're creating your project a years, without knowing how to protect your program that operates together with database, you publish it, after few weeks someone downloads hack program and changes everything, unknown values in database, the project ruined. :/ I believe that encrypting variables is not enough, because they see client code, java classes decompiled. You don't have to be so smart to decompile it and use it as a weakness. There are a lot of ways to change something in my program, I just need best security, I know they are, because there are a lot of games and programs that have it, client-server communication.

    The only way without thinking to secure connections, ask client for username or password or something like that, then check on server side if it is correct. But it is not enough really...
    Download CheatEngine in the internet, tick a "Freeze", boooom, project screwed... unknown/limitless values...
    Last edited by rajma; 11-22-2013 at 04:17 PM.

  7. #47
    kjkrum's Avatar
    kjkrum is offline Senior Member
    Join Date
    Apr 2011
    Location
    Tucson, AZ
    Posts
    1,060
    Rep Power
    6

    Default Re: Decompiling Java class and breaking cipher

    Consider yourself lucky if anyone ever uses your project at all, much less cares enough about it to hack it.
    Get in the habit of using standard Java naming conventions!

  8. #48
    rajma is offline Member
    Join Date
    Nov 2013
    Posts
    20
    Rep Power
    0

    Default Re: Decompiling Java class and breaking cipher

    I really didn't get so deep in this, till my friend instead of playing used cheats, then my world painted black There a lot of people doing this, even not programmers...
    http://www.gabrielgambetta.com/fpm1.html
    There are many things that can be done to prevent cheating, but the most important one (and probably the only really meaningful one) is simple : don’t trust the player. Always assume the worst – that players will try to cheat.
    Last edited by rajma; 11-22-2013 at 06:10 PM.

Page 3 of 3 FirstFirst 123

Similar Threads

  1. Decompiling java class files
    By ancr2001 in forum New To Java
    Replies: 11
    Last Post: 05-15-2012, 05:59 PM
  2. Problem with Cipher class in javax.crypto
    By vinayak.top in forum Advanced Java
    Replies: 4
    Last Post: 02-25-2011, 09:11 AM
  3. Correct architecture when breaking up a class?
    By porchrat in forum New To Java
    Replies: 17
    Last Post: 09-26-2010, 04:58 PM
  4. How to cipher a string without using Cipher class?
    By arnab321 in forum New To Java
    Replies: 1
    Last Post: 09-08-2009, 11:19 PM
  5. Java Decompiling Help
    By RyanOLP in forum New To Java
    Replies: 1
    Last Post: 11-27-2008, 04:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •