1. Help us improve the editor usability and artist workflows. Join our discussion to provide your feedback.
    Dismiss Notice
  2. We're looking for feedback on Unity Starter Kits! Let us know what you’d like.
    Dismiss Notice
  3. We’re giving 2017.1 beta testers a chance to win t-shirts and a Nintendo Switch. Read more on the blog.
    Dismiss Notice
  4. We want to know how you learned Unity! Help us by taking this quick survey and have a chance at a $25 gift card
    Dismiss Notice
  5. Unity 5.6 is now released.
    Dismiss Notice
  6. Check out all the fixes for 5.6 on the patch releases page.
    Dismiss Notice

Anti-Cheat Toolkit: stop cheaters easily!

Discussion in 'Assets and Asset Store' started by Dmitriy-Yukhanov, Aug 20, 2013.

?

What Unity version(s) are you using?

  1. Unity 5.6.* +

    26 vote(s)
    78.8%
  2. Unity 5.5.*

    6 vote(s)
    18.2%
  3. Unity 5.4.*

    2 vote(s)
    6.1%
  4. Unity 5.3.*

    1 vote(s)
    3.0%
  5. Unity 5.2.*

    0 vote(s)
    0.0%
  6. Unity 5.1.*

    0 vote(s)
    0.0%
  7. Unity 5.0.*

    0 vote(s)
    0.0%
  8. Unity 4.6 +

    0 vote(s)
    0.0%
  9. Below Unity 4.6

    0 vote(s)
    0.0%
Multiple votes are allowed.
  1. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Dear Unity3D developers, I'm glad to share with you my first Asset Store contribution: Anti-Cheat Toolkit (ACTk)!​

    Short overview video:


    WebGL DEMO

    Current features:

    - protects variables in memory (tutorial)
    * prevents sensitive variables editing with any memory searchers, like Cheat Engine or GameCIH on Android
    * all basic types (int, float, string, etc.) and few Unity types (Vector3, Vector2, Quaternion) are supported
    * has optional tampering detection for all types
    LINQ is not supported yet and Unity3D-specific types (like Vector3, etc.) do not mimic original types API, thus you need to cast them to regular types before making anything special.

    - protects your PlayerPrefs saves (tutorial)
    * hides saved data from cheaters
    * optionally locks data to device with emergency recovery
    * detects cheating attempts
    * supports additional types: uint, double, long, bool, byte[], Vector3, Color, Rect
    * has neat editor with both ObscuredPrefs and regular PlayerPrefs support

    - detects speed hack (tutorial)
    * flexible and smart algorithm with optional cooldowns
    * detects CheatEngine's speed hack and probably some other such tools too
    * currently can't detect root-level speedhack on Android (more info)

    - detects time cheating
    * uses internet connection to check the difference between local and online time to detect time cheating
    * has optional interval and threshold

    - detects wallhacks (tutorial)
    * covers 3 common types of wallhacks:
    - shoot through the walls
    - walk through the walls
    - look through the walls​
    * uses generic sandbox approach allowing to detect unknown cheats

    - detects injections (tutorial)
    * detects any foreign managed assemblies injected into your application
    * PC (Win, Mac, Linux, WebPlayer) and Android are supported

    - third-party assets integration
    * full Opsive's Behavior Designer support
    * partial PlayMaker support (only detectors and ObscuredPrefs are supported since there is no effective way to integrate own Obscured types)
    * storage backend at the Mad Level Manager
    * used in Stan’s Android Native asset
    * used in Stan’s Ultimate Mobile asset

    More to come! ;)

    My goal - make simple yet effective toolset against some popular cheating methods to let you concentrate on game development, not cheaters - ACTk will make it for you.
    Of course, it's not pretend to be absolute protection solution, anything can be hacked by skilled and motivated person, especially on the client side!

    All currently implemented features were tested on few mobile devices running Android and iOS, as well as on few PC running Mac and both Windows x86 and x64. Generally it should work fine on all supported by Unity platforms, if opposite is not noticed in feature description, readme or API docs.
    Plugin compatible with micro mscorlib stripping level, .NET subset API level and works in IL2CPP.
    Binary serialization is supported, JSON is also possible.

    Price: $30

    Full sources, full API docs and few pieces of my soul included.

    Like it? Hate it? Please, be so kind and leave your review in Asset Store!

    Feel free to ask anything about ACTk; bug reports and feature requests are welcome!
    No holy wars about cheating/hacking protection methods please :p

     
    Last edited: Apr 13, 2017
    Pulov likes this.
  2. Izitmee

    Izitmee

    Joined:
    Jan 27, 2011
    Posts:
    3,221
    I already used ACT with my games, and I can only say it's awesome. Incredibly simple to implement, and very effective :)
     
    Dmitriy-Yukhanov likes this.
  3. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Thanks for your feedback, Daniele, as always! :)
     
  4. Zeblote

    Zeblote

    Joined:
    Feb 8, 2013
    Posts:
    1,151
    Maybe upload an example project (the button one is enough) to test it?
     
  5. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
  6. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Version 1.0.0.7 is sent to Asset Store team for review!

    New in 1.0.0.7
    - Fixed error in ObscuredString (now it works in WebPlayer without errors).
    - Fixed error in ObscuredFloat (now it works in WebPlayer without errors).
    - ObscuredFloat is memory wiser now.
    - ObscuredFloat.SetNewCryptoKey() accepts int now (was long).
    - Added changelog :)

    And I created a small page for ACT with changelog and some extra info: http://blog.codestage.ru/act/
     
  7. Crazy Robot

    Crazy Robot

    Joined:
    Apr 18, 2009
    Posts:
    933
    Sounds great,

    But how does it work on mobile (iOS, Android, Windows Phone, Blackberry)?

    Thanks,
     
  8. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, Crazy Robot!
    It should work on mobile same as on desktops - I'm trying to keep it platform independent! :)
    Some additional testing is still needed though (I tested it on Android mobile platform only so far, but it should be fine on iOS and all other mobile platforms as well).
     
  9. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    1.0.0.8 is out!

    New in 1.0.0.8
    - PlayerPrefsObscured now able to lock saved data to the current device. See PlayerPrefsObscured.lockToDevice field description in API docs.
    - Improved PlayerPrefsObscured stability and obscuration strength (use Get*Deprecated() methods to load data, saved with ACT 1.0.0.6 or earlier)
    - PlayerPrefsObscured now has own encryption key. Use PlayerPrefsObscured.SetNewCryptoKey() to change it from default value.
    - Created home page for ACT: http://blog.codestage.ru/act/

    Asset Store guys can't overtake me :p

    P.S.: Yey, demo video got 100 views on YouTube! :D
     
    Last edited: Aug 24, 2013
  10. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Latest 1.0.0.9 update was approved at Asset Store (finally)!
    It includes one tiny yet important fix:
    - Fixed data loss in PlayerPrefsObscured (use Get*Deprecated to read data saved with ACT 1.0.0.8 version)
     
  11. mrbroshkin

    mrbroshkin

    Joined:
    Aug 14, 2012
    Posts:
    28
    What happened with ACT on the Asset Store? Where I can find this tool?
     
  12. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, mrbroshkin, ACT was removed from Asset Store accidentally, I'm working on this issue, sorry for any inconvenience.
    Feel free to subscribe to this thread - I'll post here as ACT will be restored.

    Thank you for your interest in ACT.
     
  13. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
  14. MachCUBED

    MachCUBED

    Joined:
    Nov 26, 2011
    Posts:
    40
    Hi Dmitriy,

    Great project, but before I download it, I'd like to ask a question about iOS export compliance: if I integrate your plug-in into my app, will I have to get permission in order to export my app? You can find details here: http://stackoverflow.com/questions/...r-the-purpose-of-export-compliance-e-g-in-app

    Thanks in advance, if I can get a good answer, I will be able to switch over from SecurePlayerPrefs and/or CryptoPlayerPrefs (I can't seem to find any information on whether or not either one complies with US cryptography export regulations).

    MachCUBED
     
    Last edited: Oct 19, 2013
  15. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, MachCUBED!

    Current Anti-Cheat Toolkit version have simple and fastest possible symmetric encryption with key not exceeding 56 bits implemented under the hood.
    And this encryption is used to protect developer's intellectual property by hiding from hackers and cheaters sensitive information.
    These facts should claim exemption from the review accordingly to the information from page you linked to. Well, I think so, but not sure for 100%.

    Anyway, I'm open for discussion and will be glad to fix any issues you may encounter with my plugin while using it (even after buying, *cough*).

    BTW, I'll spoil a bit upcoming update - it will have additional hashing implemented (not encryption) to allow you "sign" your assemblies in Unity IDE (prob automatically, after Assemblies reloading) and check if assemblies are genuine at runtime just like you do with Application.genuine on iOS, but it will check assemblies only (if regular Application.genuine is not available) on desktops and all (I hope) mobile players (Flash Player and Web Player dismissed here, sorry), allowing you to react on cheaters, trying to alter your assemblies. It's WIP, so I'll post here more details about it as update will be ready for public.

    Please, let me know if you have any further questions on my plugin, and thanks for your interest in ACT!
     
    Last edited: Oct 19, 2013
  16. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Anti-Cheat Toolkit 1.0.1.0 update is ready and was sent to the Asset Store team for review (and ready for download by any customer)!
    - Added Assemblies signing functionality * EXPERIMENTAL *
    - Fixed web player detection, now ObscuredFloat can be used in static conditions (thanks Andriy Pidvirnyy)

    I'll quote here piece of the readme.pdf about new feature:

    In addition I'd like to mention any additional precompiled assemblies used in your project will not be checked for integrity ATM, this is possible to add in future updates.
     
    Last edited: Oct 19, 2013
  17. MachCUBED

    MachCUBED

    Joined:
    Nov 26, 2011
    Posts:
    40
    Thank you for your response Dmitriy. For further discussion, I have found Apple's own guide:

    https://developer.apple.com/library...nect_Guide/8_AddingNewApps/AddingNewApps.html

    The information is under "Authorizing for Export and Indicating Legal Issues" on the linked page and provides further details on Apple's export compliance. I am posting this because although your solution probably complies because it uses 56-bit symmetric encryption, you also said that you're not 100% sure of the requirements.

    MachCUBED.
     
  18. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    I see, thanks for your addition.
    I read about it a bit more and looks like all this crazy export stuff can be avoided using 7 byte or shorter keys for all Obscured variables to make encryption not satisfying for "symmetric encryption" as described in the a.1.a. of Category 5 Part 2 (of Bureau of Industry and Security Commerce Control List) thus not being threaten as "Information Security" in Note.4 a.1 of the Category 5 Part 2 document, thus allowing you to choose "Yes" for second question of the Apple's Export Compliance survey.
    Well, I think this is so, I have not enough lawyer skills to be 100% sure in this though.

    I use keys <= 56 bit for all Obscured types except ObscuredInt (it has 64 bit key, I'll shorten it in future version) by default. But I provide APIs to change encryption keys from default values for all Obscured types: SetNewCryptoKey(newKey), so just make sure you're setting there short enough keys and you should be safe.

    Actually I assume most users will use this API to change default encryption keys to increase their app security level a bit. Maybe I should add a kind of warning if default key is still not changed, I'll think about it.

    PS: If someone wish to obtain CCATS, here is a short guide for obtaining CCATS for your APP:
    http://zetetic.net/blog/2009/8/3/mass-market-encryption-ccats-commodity-classification-for-ip.html
     
    Last edited: Oct 22, 2013
  19. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Latest 1.0.1.2 update is available at Asset Store!

    1.0.1.2
    - fixed .meta files handling
    - moved Anti-Cheat Toolkit/Options menu item to the Window/Anti-Cheat Toolkit/Options
    - moved plugin into CodeStage directory (to compact placing of any future plugins I'll release)
    - reduced ObscuredInt default key length
    - attempt to fix async assemblies reloading issue

    1.0.1.1
    - Added assemblies signing process duration estimation
    - Fixed issues with Anti-Cheat Toolkit .dll import in Unity 4.x
     
  20. sonicviz

    sonicviz

    Joined:
    May 19, 2009
    Posts:
    943
    Last edited: Oct 26, 2013
  21. Zeblote

    Zeblote

    Joined:
    Feb 8, 2013
    Posts:
    1,151
    Wait, what possible use could this have
     
  22. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    sonicviz
    Thanks for heads up!

    Zeblote
    It allows you to add assemblies integrity checks in your app. So if someone will try to alter your assemblies (patch IL bytecode for example) to cheat something, you will be able to notice this and react accordingly, e.g. ban this guy in your game or change game behaviour to prevent his hiscore to be submitted, or whatever you like to do with him.

    Think of it as of Application.genuine analogue, but it should work fine on all mobile and desktop platforms (except Web Player and Flash Player), where regular Application.genuine usually is not working.
     
  23. Zeblote

    Zeblote

    Joined:
    Feb 8, 2013
    Posts:
    1,151
    But I could just patch that function (or it's usage) too, so what's the point
     
  24. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Well, you need to know it exists at all. When someone will patch assembly of some particular game first time there is high chance he will not know about this checks at all, so assemblies altering may be detected until all check will be found and patched, this gives you as developer chance to ban this guy for example.

    Anyway, I'll quote here what I said earlier:

     
  25. friuns3

    friuns3

    Joined:
    Oct 30, 2009
    Posts:
    228
    Hi, i don't use PlayerPrefs i save settings manually to file using BinaryWriter and upload to web server, is there way to encrypt byte[] array? or get and set encrypted data from PlayerPrefsObscured?

    or if i use some .net encryption how do i hide encryption key from hacker?
     
    Last edited: Oct 28, 2013
  26. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, friuns3!
    Currently ACT has no APIs to encrypt and decrypt byte arrays, I'll add this to TODO, thanks for noticing this.
    You could use any of Obscured types to encrypt data you write to the byte array itself though.
    E.g. you can encrypt string, write it to the byte array, save, then load, read encrypted string, decrypt.

    You can hide encryption key easily. If you have your web server - just send your key to the client on demand to avoid its storage in managed code.
     
  27. friuns3

    friuns3

    Joined:
    Oct 30, 2009
    Posts:
    228
    Thanks! didn't noticed EncryptDecrypt function)

    if send key from web server it can easily sniffed with HttpFox it also captures https. Is there way to prevent this?
     
  28. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Sure, but you could hide it using something simple, like Base64 + some custom tricks like string inversion, mixing, etc to hide your original key + send it with some other data, not alone if possible. This would be enough to hide it from mainstream cheaters \ hackers.
    And keep in mind main rule - if someone skilled will really wish to hack it - he will hack it, since all code and data placed in client is not secure anyway.
     
  29. Qmaks2

    Qmaks2

    Joined:
    Jun 2, 2012
    Posts:
    19
    Привет, Дмитрий!
    Приобрел твой Анти чит, но в некоторых случаях он не помог. Описываю ситуацию. Для моей игры есть чит на скорострельность оружия.
    У меня есть переменная shootInterval, я ее защитил, но чит все равно остался работать. полез разбираться глубже.

    и так у меня есть вот такой код в апдейте

    [​IMG]

    Тут смысл, что если шут интервал уже прошел, то дальше внутри выстрел генерируется.

    Мы видим что я сделал дебаг всех параметров, которые в этом if участвуют,и при активизации чита происходит странная вещь. Последний дебаг лог выводится false, то-есть в данном обращении основное условие ифа не выполняется, время для выстрела еще не подошло, но внутрь ифа мы все равно попадаем и таким образом получается выстрел в каждом апдейте!

    Как такое может быть и как от такого защищаться?
     
  30. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Привет!
    Если все действительно так, как вы описали (мы попадаем внутрь if'а, но условие false), то вполне возможно, что правят саму сборку и меняют условие на противоположное. Проверьте, нет ли изменений в сборке. Кроме того, в ACT есть средства для обнаружения таких вторжений в сборку (см. описание класса IntegrityChecker). Если проблему так и не удастся решить - предлагаю свзяться по скайпу (dmitry.you) для более оперативного решения проблемы.
     
  31. Qmaks2

    Qmaks2

    Joined:
    Jun 2, 2012
    Posts:
    19
    Весь чит представляет собой вот такйо скрипт для чит ингайна
    if ( checkbox_getState(sender)== 1 ) then
    stringListAddresses = AOBScan("FF 8B 47 4C D9 80 C4 00 00 00","*X*W-C")
    if (stringListAddresses==nil) then
    messageDialog("Не активировано!",1, 2)
    return end
    lenghtLines = stringlist_getCount(stringListAddresses)
    for i = 0, lenghtLines-1 do
    address = stringlist_getString(stringListAddresses, i)
    writeBytes(address, 0xFF, 0x8B, 0x47, 0xB4, 0xD9, 0x80, 0xC4, 0x00, 0x00, 0x00)
    showMessage("Скорострельность активирована! на пистолете не работает на других работает")
    return end

    Я добавился тебе в скайп, чтобы более подробно все обсудить
     
  32. Izitmee

    Izitmee

    Joined:
    Jan 27, 2011
    Posts:
    3,221
    Above this post, we can notice a new Anti-Cheat Toolkit feature in action: it now scrambles your forum posts so that they become undecipherable.

    :D
     
    Hagen and CliffracerX like this.
  33. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
  34. friuns3

    friuns3

    Joined:
    Oct 30, 2009
    Posts:
    228
    Can't compile on windows phone 8 platform, can you fix please? :)

    Error building Player: Exception: Error: type `System.Reflection.MethodBody` doesn't exist in target framework.
    Error: type `System.Reflection.MethodBody` doesn't exist in target framework.
    Error: type `System.Reflection.MethodBody` doesn't exist in target framework.
    Error: type `System.Security.Cryptography.MD5` doesn't exist in target framework.
    Error: type `System.Security.Cryptography.MD5` doesn't exist in target framework.
     
  35. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, friuns3! Thanks for heads up. I'll look into this issue. Looks like Windows 8 doesn't supports reflection (parts of it), so IntegrityChecker won't be available there =(
    I'll see what can I do here to allow compilation at all.
     
    Last edited: Nov 1, 2013
  36. ecc83

    ecc83

    Joined:
    Nov 23, 2012
    Posts:
    32
    Hi, I downloaded and imported ACT into my iOS/Android project. I'm not actually using any of the classes, but when I run my project I get the following output in Xcode:

    get_deviceUniqueIdentifier can only be called from the main thread.
    Constructors and field initializers will be executed from the loading thread when loading a scene.
    Don't use this function in the constructor or field initializers, instead move initialization code to the Awake or Start function.

    Best
    ecc
     
  37. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    ecc83, thanks for reporting this. I'll look into this issue as well.
     
  38. ecc83

    ecc83

    Joined:
    Nov 23, 2012
    Posts:
    32
    Given the reference to loading in the output, this might be relevant:

    I use a simple "loading" scene, with a single behaviour that calls Application.LoadLevelASync
     
  39. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Thanks for addition, it may help with testing of fix I'll implement.
     
  40. ecc83

    ecc83

    Joined:
    Nov 23, 2012
    Posts:
    32
    Hi, any update on this?
     
  41. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, I'm working on next update in small iterations right now. I hope it will be ready this or next week.
     
  42. Aurigan

    Aurigan

    Joined:
    Jun 30, 2013
    Posts:
    179
    Just getting this installed in my game - could you please add inc/decrement operators? ++ -- currently cause compile issues in Unity 4.3. Thanks!
     
  43. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Hey, Aurigan!
    Thanks for heads up! I'm already aware about inc/dec operators, this is in my todo for nearest update!
     
  44. Aurigan

    Aurigan

    Joined:
    Jun 30, 2013
    Posts:
    179
    Sorry to report that this doesn't appear to work at all for me. I'm declaring a var as :

    public ObscuredInt hackMe = 123456;

    Then using this: https://play.google.com/store/apps/details?id=org.sbtools.gamehack&hl=en to modify it. (this needs root permission). The hacking app both finds the var immediately and is able to update it. For anyone else testing Android memory hacking I also tried GameGuardian which worked only some of the time.
     
  45. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Thanks for reporting this! I'll look into it ASAP. Actually I'm working hard on new huge update right now and testing Obscured* classes on Android is one of my nearest steps in TODO. I'll keep you updated on my investigation.
     
  46. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Well, first quick tests show it's fine, ind ObscuredInt is safe. At least, GameCIH 3.0 can't find it in my test scene I provide with plugin.
    Could you please send me your apk, where you can cheat ObscuredInt?
    And could you please try to cheat ObscuredInt values in the test scene you got with plugin?

    Thanks!
     
  47. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Now I'm absolutely sure ObscuredInt can't be found using any memory searchers on Andoid (as on any other platforms). I tried few other tools and even tool you used, using both deep and multiple search, with and without de-encryption - nothing found.
    I tested it on very simple script:

    Code (csharp):
    1. using CodeStage.AntiCheat.ObscuredTypes;
    2. using UnityEngine;
    3.  
    4. public class Test : MonoBehaviour
    5. {
    6.     public ObscuredInt hackMe = 12345;
    7.  
    8.     void OnGUI()
    9.     {
    10.         if (GUILayout.Button("Change number randomly"))
    11.         {
    12.             hackMe = Random.Range(100, 10000);
    13.         }
    14.  
    15.         if (GUILayout.Button("Change number to 12345"))
    16.         {
    17.             hackMe = 12345;
    18.         }
    19.  
    20.         GUILayout.Label("Hack me: ");
    21.         GUILayout.Label(hackMe.ToString());
    22.     }
    23. }
    Please, make sure you used ObscuredInt, and not regular int instead.
    I'll be glad to know steps to reproduce your results though, looks like it's a bug or misunderstood here %)
     
  48. Aurigan

    Aurigan

    Joined:
    Jun 30, 2013
    Posts:
    179
    thanks for checking - I ran the test scene (everything was working just fine) then switched back to my game test and ... the anti-hack started working.

    Is it possible that something in the test scene helped? I did see this:

    ObscuredInt.SetNewCryptoKey(401001001);

    In the test so tried deleting my app/reinstalling on the off-chance this was getting stored and the default key was known to the cheating app. Everything still worked as expected after the delete/reinstall though. Starting to look like might have to chalk this up to user error somehow (doh!)
     
  49. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Thanks for confirming it works for you! Actually SetNewCryptoKey is optional method, you can ignore it at all and encryption still will work out-of-the-box.
    I'm not sure if something in test scene could help here, it looks really weird!

    Please, let me know if you'll encounter this issue once again (and repeat steps are welcome). Thanks!

    P.S. upcoming ACT update is going to be huge, stay tuned!
     
  50. Dmitriy-Yukhanov

    Dmitriy-Yukhanov

    Joined:
    Jul 27, 2012
    Posts:
    652
    Yey, next update went to the Asset Store team for review!
    All customers can already download it. If you have no link - send me invoice and I'll send you link back.
    Most common in this update:
    - plugin now sells with full sources! No dlls, only pure sources and full control from your side (obfuscate, modify, do whatever you need)
    - Flash Exporter support is back! Some features are not available there though, read full changes list for details
    - lot of bugs fixed and some feature requests are implemented (not all, some of them will be done in next update)

    Here is a full changes list
    1.1.0
    - no more dlls, plugin now comes with full source code included!
    - Yey, Flash Player exporter support is back! :D IntegrityChecker, ObscuredDouble and PlayerPrefsObscured.lockToDevice are not supported there though.
    - added increment and decrement operators support to the numeric obscured types (thanks Yuri Saveliev)
    - added ObscuredDouble! Not supported in FlashPlayer (use ObscuredFloat instead)! (thanks Andriy Pidvirnyy)
    - added correct analogues of toString() methods to some of the Obscured types
    - added PlayerPrefsObscured.ForceLockToDeviceInit() method to call device ID obtanation (noticably slow at first call) process at desirable time (at splash screen time for example)
    - added initial support for Windows Store (Metro) Apps (needs testing)
    - added initial support for Windows Phone 8 (needs testing, thanks friuns3)

    - PlayerPrefsObscured.lockToDevice field is now property, so please use PlayerPrefsObscured.LockToDevice instead. Sorry for inconvenience.
    - removed unsafe code in ObscuredFloat
    - fixed possible placement in memory not obscured float while using ObscuredFloat, oops :p
    - fixed possible data loss when using values equal to the crypto keys
    - attempt to fix "get_deviceUniqueIdentifier can only be called from the main thread" error (thanks ecc83)
    - fixed issue with different line endings on different platforms in IntegrityChecker causing it to think assemblies are not valid
    - fixed incorrect line breaks in the xml docs
    - assemblies signing now can't be enabled on known unsupported platforms
    - assemblies signing will be disabled after switching to the known unsupported platform
    - assemblies signing will be disabled if Stripping Level in Player Settings is not set to "Disabled"
    - changed PlayerPrefsObscured default encryption key. Use SetNewCryptoKey(e806f69e7aea3ee30fe27a6abfae967f) to read any data saved in previous ACT version with default key.
    - docs were fixed a bit
    - removed obsolete methods in PlayerPrefsObscured
    - minor fixes
     
    Last edited: Nov 17, 2013