serious security issue with Mechwarrior4: Mercs

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.games (More info?)

It has recently come to my attention that there is a
serious security issue within the core files for Mercs.
Being an avid member of the MW4 community, and a full
supporter of fan created mods to that game, I have beena
part of a Beta Test for a new mod to the game, which is
adding mechs, weapons and correcting some MS oversights,
such as "superturning" (using the mouse and a joystick to
turn faster than the trun speed of the game will normally
allow).

Here is the problem. There are two files that are checked
when the game starts: Core.mw4 and props.mw4. Right now,
Core.mw4 is secure, but props.mw4 is not. Problem is that
when the game CRC checks for valiadations, and anything
in props.mw4 will override the same line in core.mw4.

In laymans terms, the game is hackable. VERY VERY
hackable, for someone with the right tools. The only way
to fix this would be for the game to CRC check core.mw4
ONLY. The only way to make this possible is to change the
source code, to which MS will not allow acces, perhaps
smartly.

What can be done to fix this? MW4 has been going strong
much longer than any game of it's type, and while it may
not have the popularity of Halo, or UT2K4, it has a very
strong and loyal following. So loyal that they would
rather work to mod our current game than buy another and
move on.

Please help. We are begging in the most electronic way
possible...
 
G

Guest

Guest
Archived from groups: microsoft.public.games (More info?)

Let me start off by saying that I haven't done any modifications to MW4 or
looked into how it is done ( so I don't know for sure if this is necessarily
the file to alter for mods) , but I have done mods for other games and there
is always a game file that is modifiable. If there wasn't some mechanism to
allow the user to change what the game interprets there would be no mods.

Joshua Smith
DirectInput and OpenGL Test Labs
Microsoft
-----

Get Secure! www.microsoft.com/security

This posting is provided "AS IS" with no warranties, and confers no rights






"Concerned Lestavlo" <lestavlo@yahoo.com> wrote in message
news:384601c49f92$8cd7a1c0$a301280a@phx.gbl...
> It has recently come to my attention that there is a
> serious security issue within the core files for Mercs.
> Being an avid member of the MW4 community, and a full
> supporter of fan created mods to that game, I have beena
> part of a Beta Test for a new mod to the game, which is
> adding mechs, weapons and correcting some MS oversights,
> such as "superturning" (using the mouse and a joystick to
> turn faster than the trun speed of the game will normally
> allow).
>
> Here is the problem. There are two files that are checked
> when the game starts: Core.mw4 and props.mw4. Right now,
> Core.mw4 is secure, but props.mw4 is not. Problem is that
> when the game CRC checks for valiadations, and anything
> in props.mw4 will override the same line in core.mw4.
>
> In laymans terms, the game is hackable. VERY VERY
> hackable, for someone with the right tools. The only way
> to fix this would be for the game to CRC check core.mw4
> ONLY. The only way to make this possible is to change the
> source code, to which MS will not allow acces, perhaps
> smartly.
>
> What can be done to fix this? MW4 has been going strong
> much longer than any game of it's type, and while it may
> not have the popularity of Halo, or UT2K4, it has a very
> strong and loyal following. So loyal that they would
> rather work to mod our current game than buy another and
> move on.
>
> Please help. We are begging in the most electronic way
> possible...
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom