Host impersonating player hack?

Is it possible for the host to impersonate a player by altering the packets being sent to every other player in the game?
H = host
P = player
E = everyone else
P sends packets saying he moved to x. H gets packets but instead of telling E that P moved to x, H tells E that P moved to where H moved and that H moved to where P moved. So it basically swaps the players names or character model. Also, player P doesnt even know he is being impersonated because although E sees P where H is meant to be, on P screen he is still in the proper position, its just that other players see P as H.
This basically means the H can make it seem like P is doing anything such as hacking and giving P a bad rep.

Please tell me if this is correct and if there is any way to prevent it with unity networking or at least let the players know that this impersonating is going on so they can get rid of H and not P.

Thank you :wink:

Theoretically, there is no such thing as full hack proof software. No matter how much time and effort you spent perfecting your anti cheat, someone with enough skill and time will be capable of reverse engineering it, hacking it, and then distributing a trainer for it. Of course you can make it very very hard, but never impossible!

what you didnt know is that wall hacking and aim botting is made memory side, you can impersonate all you want, the models are still stored in memory. thus wallhacking and aimbotting made properly are undetected even on the bestest anti-cheats. if movement if made server side only that alone prevents speed hacking, teleports, collision hits, etc. Unity API isnt capeble of preventing wall hack or aimbots, to make that you need c++ and good bit knowledge about data stored in memory, even then you need to keep your anti-cheat engine updated because hackers will always find an way around.

I thank you for taking the time to give a reply, however I feel as if your reply is a bit irrelevant. No where did I ask about wall hacks or such. I am very aware of that being client side, as well as there being many ways to hack. Im not worried about the hackers hacking with their own character, im worried about the host of the game which controls all packets being sent impersonating an innocent player in the room to make everyone think that player is the hacker and not the actual host. Is there a way to at least make it so the host cant tell all other players in the room that H is P and P is H (in other words their character skin/model/name switch)? Like perhaps have a server besides just the host, that can make sure that the host cant just change the packets being sent or at least warn the other players that he is?

If its still not clear… You mentioned only the server(host) can prevent speed hack etc… But what if the server(host) makes a player speed hack. Is there a way for an outside server to do a simple check or something to prevent or at least warn players that the player you see hacking is innocent?

if the server is authorative doesnt matter what the players does client side, everything is calculated server side, so even if they move their player the server should correct their position in the next packet.

About packet snifing as long as you check and limit the data your recieve on the server, theres not much they can do, lets say the client sends MoveFoward(100000000);

on the server if you have

MoveFoward(int Speed)
{
Speed = mathf.Clamp(0, 100);
}

Doest matter what they send in the packet the server limits the value by itself.

About your impersonating example, if you give ppl access to GameServers, even if you make a MasterServer to check data against, its pretty easy (even more in unity) to edit the .exe code to bypass that.

The number one rule is if the player as access to it its not safe or reliable.

Giving Valve Engine Source as example the Game Hosts has the ability to wallhack, speedhack, god mode, and a bunch of other things built in to help moderate the server. if the game host is a dumb ass, players will not play on it again. Method used in css (counter strike source)

In the more recent cs:go they implemented ranked play, and those servers are hosted by valve itself so theres no admin cheating, in normal games the players have the ability to host theyr own server and play gods, but then they play alone.

On the valve engine, you said the host can do speed hack, but can he also make a player in the room speed hack? I assume yes.
You say in the cs:go that the host can play god and play alone, but what if the host does play god, except he doesnt make his character hack, but another players in the server. H gets a packet from P that says P is looking somewhere random. H then sends E that P is looking right at a player at all times (aim hack), however H doesnt tell P that he is looking at a player so P is clueless while other players think he is hacking with a client side hack.
Or what if P moves around, but H doesnt tell E that P is moving. You get this invisible hack type of deal and P is once again clueless. When P shoots E the hit will be valid since H sees where P is, but E has no idea.

Is there any way to prevent this? Somehow have a master server check what the host is doing or have the master server connect to all players and give them all a code for the packets that only they know and not the host (I know this probably wouldnt work, its just to give you an idea as to what answer I am looking for). How would you know you are playing on a server with a hacking host if that host himself never hacks, but makes it so it seems like other players are, giving them a bad reputation?

Perhaps this is why valve doesnt ban players off reports by other players. They use VAC to see what the player does on his side, check files and such. They cant trust hack reports because of this impersonating problem. The only hack reports you can trust is if the hacker was obviously the host.

yes they can change speed values of specific players, turn god mode on for them etc.
Doesnt matter how the code interprets the packet sent, because the hacker will decode it and send what he wants, you only need to bullet proof your interpetration like hardcoded speed values, check colisions with positions from server.

The simplest way to prevent what your saying is to check from where the request was sent and only the character owner can take actions with it (AFAIK its built in on unity network already) so player from IP-X cannot move player from IP-Y, etc.

Adding an Master Server doesnt make sence, for that you dont provide Dedicated Servers to players and just host your own. Instead of Having 2 separate servers doing the same thing.

Couldnt the host just alter what ever code that says “this packet came from IP-X” to make it say “this packet came from IP-Y”? Or perhaps take all packet content from IP-X and switch it with the packet content in IP-Y.
I know non hosts cant impersonate.

And the point of adding a master server along with a host is not for them both to do the same thing, but take different roles. For example… The host handles all actions in the game, but the master server will handle a “vote to kick” system. This way if the host of the game is hacking, players can talk to the master server to kick the host and start a host migration or something in that sense. You wouldnt want the host of the game handling the kick system because he can just bypass it.

Basically I am at the conclusion that it is possible for the host to impersonate another player and make it seem like they are hacking when they are actually innocent. My main question now is how can we prevent or warn players that the packets sent from IP-X have been tampered with.

Maybe an example of a way to warn players that IP-X packets are being altered would be something like this…

MasterServer = M
Host = H
Player 1 = P
Everyone else = E

P sends packets saying he is shooting his rocket every 3 seconds. H alters packet to say that P is shooting his rocket every .2 seconds (rocket spam hack). E detects a spam hack from P and asks M to do a packet check. M asks P to send M and H a packet, but M gets one with a timestamp that matches the games time along with the shooting packet being sent. E gets the packet from M and checks P packets sent by H around the timestamp time to look for a matching packet. If non are matching, give off a big alert that P packets are being altered.

However this may not always work as it requires E to keep doing checks for hacks and they might not detect one. Doing all those checks could also slow down the game. Is there any other way that would take less power?

i think you dont understand that the host is the server owner you cant kick the server owner and as an owner he “has” the rigth to do whatever he wants to players come as guest’s if the owner allows them to join, if you dont want them to mess you with servers you dont give access to them.

Source Engine provides those cheats built in their servers and 90% of the hosts dont bother using them other than moderate the server what makes your game so special that the players cant click the disconnect button and join a trolless server?

No they cant change the socket header if they do so the reply back will be sent to them instead of the original owner, wich is sorta of an advanced client side hack lol.

Its seems your are overthinking the issue realy.

I edited my last reply while you made yours so possibly read what I edited to give a better understanding.

There are host migrations in games, meaning the game doesnt die when the host is gone. Why couldnt there be an outside source (MasterServer) that forced the host migration by just choosing a new host and telling everyone to connect to that new host and then kick the old host?

You say they cant change the socket header, what about the content in the socket? Couldnt H just swap the content, or better yet, completely ignore packets being sent from P and send any packet he pleases.

Also… about not changing packet header…
http://en.m.wikipedia.org/wiki/IP_address_spoofing
Also go to the “services vulnerable to IP spoofing” and you see RPC
Of course this is wiki, so it could be wrong.

I would love to get other opinions on this.

UDK doest that, when the host dies, it automaticly chose another player to be the host, the netcode and logic is also embeded on the client.

All your P, M’s E’s are client side check’s thus can be hacked by the player to, the player cant determined the attack speed, the client just says to server he his shooting, the fire rate is calculated server side as everything.

CIA, NASA, GOV, gets hacked no matter what you do YOU WILL GET HACKED. i never saw an hack like that for an online game, what makes you so sure someone will do it for your gameservers ? isnt the cheater propose to be better than everyone else other than use a cheat to make someone better than him ?

Like i said you are overthinking the security layers needed on a gameserver, if you make your RPC autorithive only, you are good to go, client is only a renderer of info sent by the server. All dedicated servers back from the Unreal Tournament days provides some sort of admin “cheating”.

Every Host Player will have access to stored var´s etc altough you can obfuscate your code, its just a matter of time until the hacker knows the meaning of them.

Here is an good pdf for you to understand it better → https://zdresearch.com/wp-content/uploads/2013/04/Exploiting-Online-Games.pdf

So what you are basically telling me is that not only can the host impersonate other players and make it look like they are hacking, but there is also no way to prevent or at least warn other players that the hacks P is doing is actually H … Not even with a MasterServer.

Id like other people to give their opinions as well.

P.S you said P, E, and M are client side, but M Is the server I would run. Clients have no access to it. Think of H and M working together to make one game room, except H is controlled by a player while M is by me.

You never saw a hack like this? Perhaps you have, but just didnt know since the host was impersonating the player. Thats kinda the point of this hack. Who ever said prople hack to be better? There are plenty of hackers who do it for the lolz. Who just want to make people mad and such. This hack the host can do can make him look like hes the innocent one while making the actual innocent one get hated on.

Also, lets not mention “overthinking it”. Take this question as if its just for discussion purposes.

well if you already know they are hacking you just dont let them play, if he is the host you pass control to other player and simply disconnect the cheater? no need to warn anybody in UDK netcode for exemple players dont even know they are the host’s even when the host disconnects other player take is place without any noticeable dealy.

Impersonating other player whitout him knowing is impossible because you cant take some actions without being noticed and it would also confuse the server. to be honest would be easier to hack another player machine than try to IPSpoof packets.

i dont think you understand dedicated game servers or local host and what they are for, you also are talking about the most dificult type of hacking that exists only a few ppl and HARDWARE can do it properly.

keep one thing in mind, THERE IS NO WAY TO BULLET PROOF AGAINS HACKERS. you want to add another server to check something that adds more delay to the request making the game more unsync and unplayable.

and no that type of hacks for games doesnt exist, not because its not possible, its just because its not worth the effort. as long as you encrypt your packets hackers will leave you alone also make the server authoritive and your good to go.

for ex worse than your impersonating hack are memory hacks, you can simple change health values or any other value stored by the server… and again doesnt matter how much you try to obfuscate it, if the hacker realy wants to do it, HE WILL.

The answer for hacking discussions are the same doesnt mater the subject, eventualy you will get hacked.

Undetectable hacks cost 40/60 €-usd, if someone spends that amount of money for the lolz… they must have some mental illness lol.