The Daily Click ::. Forums ::. Klik Coding Help ::. ini file question
 

Post Reply  Post Oekaki 
 

Posted By Message

Del Duio

Born in a Bowling Alley

Registered
  29/07/2005
Points
  1078

GOTW WINNER CUP 1!GOTW WINNER CUP 2!GOTW WINNER CUP 3!GOTW WINNER CUP 4!Evil klikerHasslevania 2!The OutlawSanta Boot
5th December, 2005 at 21:05:04 -

Okay so I have a save game file in my game that uses an .ini and everything works out great. It's very easy to edit while troubleshooting, but it's just as easy for someone (the eventual player) to go into the file and cheat the bejeesus out of the game. You know, the ol' 9999 HP trick or whatnot. Is there any way to make it so it can't be edited by the user? I've heard about the encryption object, but just how does it work please? I don't want to screw up what I have by accident, because it was a big pain in the ass to do because of all the information the .ini has to store.

Thank you!

 
--

"Del Duio has received 0 trophies. Click here to see them all."

"To be a true ninja you must first pick the most stealthy of our assorted combat suits. Might I suggest the bright neon orange?"

DXF Games, coming next: Hasslevania 2- This Space for Rent!

Mr Icekirby



Registered
  18/12/2003
Points
  846
5th December, 2005 at 21:31:11 -

As a basic storage, INI is great. It wasn't meant to be secure. If you want a secure way to store things, you could use the binary object and write values like that where people don't really understand it. Plus you get a smaller filesize. I'm not sure how to use the encryption object so I can't really help you there.

 
Mr Icekirby says so!
OBEY ME!

Cecilectomy

noPE

Registered
  19/03/2005
Points
  305

Has Donated, Thank You!VIP MemberWeekly Picture Me This Winner!Cardboard BoxGhostbuster!Pokemon Ball!ComputerBox RedSanta HatSnowman
I am an April Fool
5th December, 2005 at 23:34:08 -

for the encryption object i think its just a character key so you can make an alternate alphabet. then when you read the ini you use the same character key to convert it back into what its supposed to be. i think

 
n/a

Radix

hot for teacher

Registered
  01/10/2003
Points
  3139

Has Donated, Thank You!VIP MemberGOTW WINNER CUP 1!GOTW WINNER CUP 2!GOTW WINNER CUP 3!GOTW WINNER CUP 4!
6th December, 2005 at 00:30:11 -

There are a buncha ways you can make inis more secure, http://create-games.com/cs_search.asp would probably shed some light.

 
n/a

Crazy Chris



Registered
  17/09/2005
Points
  35
15th December, 2005 at 02:07:32 -

the easiest way to stop people from going in the inis is to call it somthing like virus scan or windows start-up or you can all ways put it were no1 will find it

 
๑wH b |}FfIcULT, wHN WTh bIt 0F fF0Rt, 0U @N MposL?

Peblo

Custom ratings must be 50 characters or less

Registered
  05/07/2002
Points
  185

Game of the Week WinnerVIP MemberI'm on a Boat360 OwnerAttention GetterThe Cake is a LieCardboard BoxHero of TimePS3 OwnerIt's-a me, Mario!
I'm a Storm TrooperSonic SpeedStrawberryI like Aliens!Wii OwnerMushroomGhostbuster!
15th December, 2005 at 03:31:22 -

No, that just gets people irritated.

 
"Isn't it always amazing how we characterize a person's intelligence by how closely their thinking matches ours?"
~Belgarath

Kai Proton



Registered
  31/01/2005
Points
  148

Wii Owner
15th December, 2005 at 06:12:32 -

Maybe Having the File somewhere else in the PC is a good idea, unless the players get a look at the source code they would think all the save data is being saved in the EXE of your game..

it just needs a name that wont be suspect,

I was just working out on my game to use ini and called it system.ini but I didnt call the location, so it automatically went into the windows system dir. sooo.. When I re-read the values in the program it looked in an actual windows system file, and couldnt find the values I wanted...

the moral of the story is look for the file, stick something in the root with some kinda name like FWLog. or AVlog.


Its how I would stop access to the file, but at the end of the day if they want to play a home brew game the chances are they wont want to cheat it rather play it as its meant to be played.

 
----------------------
Time for a Sexy Party!
----------------------

Radix

hot for teacher

Registered
  01/10/2003
Points
  3139

Has Donated, Thank You!VIP MemberGOTW WINNER CUP 1!GOTW WINNER CUP 2!GOTW WINNER CUP 3!GOTW WINNER CUP 4!
15th December, 2005 at 08:50:27 -

No, that's a fucking stupid way of doing it. Any noobs reading this disregard the entire concept, if you try and hide files by pretending they're system I'm going to come to your home and eat your dog.

If you want to protect save games you can:
1. Encrypt the data using an encryption extension. Doesn't matter which. Pick one and learn how to use it.
2. Don't encrypt the data, but use a hashing extension to store the hashed concatenation of the data and a key at the end of the ini (the concept is a little more complex than plain encryption, but in practice it's simpler)
3. Use non-numeric data. One of my games stores the current level as one of a bunch of randomish words rather than a simple number. For example level 5 might be "elephant" or something.
4. Do nothing. People aren't going to bother with cheating until they're fed up with playing your game normally. I very rarely protect my save games for this very reason: if they've had enough of playing properly and can get a little more fun out of it by cheating, let them.

 
n/a

The Chris Street

Administrator
Unspeakably Lazy Admin

Registered
  14/05/2002
Points
  50116

Game of the Week WinnerClickzine StaffAcoders MemberKlikCast StarVIP MemberPicture Me This Round 35 Winner!Second GOTW AwardYou've Been Circy'd!Picture Me This Round 38 Winner!GOTM December Third Place!!
I am an April FoolKliktober Special Award Tag
15th December, 2005 at 11:15:33 -

You could use array. It's still crackable, but not quite as easily as INI.

 
n/a

AndyUK

Mascot Maniac

Registered
  01/08/2002
Points
  14458

Game of the Week WinnerSecond GOTW AwardHas Donated, Thank You!VIP Member
15th December, 2005 at 19:46:11 -

I remember Crystal Towers used a normal ini without encryption but if it was edited in notepad the game would give you a DON'T CHEAT screen of sorts. I tried it out after someone else was caught cheating and posted it here somewhere.

for my game, upon completion a number gets saved to the ini. And the game checks if the number is present before the minigame or level select can be played. That way there is no way of knowing how to cheat at the game. Well unless you can guess the group name and number.

 
.

Noyb



Registered
  31/05/2004
Points
  1117

VIP Member
16th December, 2005 at 00:57:28 -

Kai: If you just try to hide an unencrypted INI in the windows folder, it's ridiculously easy to find if you sort by date modified.

 
"Omg. Where did they get the idea to not use army guys? Are they taking drugs?" --Tim Schafer on originality in videogames

David Newton (DavidN)

Invisible

Registered
  27/10/2002
Points
  8322

Honored Admin Alumnus
16th December, 2005 at 06:55:52 -

What I did in CT was add a whole lot of unnecessary values to the INI (actually renamed a .sav) so that it wasn't clear which ones to change to do anything. This isn't secure as such, but it does mean that it takes a bit of trial and error to get it right. Trouble is it also takes a lot more effort to remember what you're doing when you're writing it.

The record of completed levels was done in the same way that Radix mentioned - by storing "passwords" of a sort instead of obvious values.

 
http://www.davidn.co.nr - Games, music, living in America

Tina Petersen



Registered
  19/09/2003
Points
  350
16th December, 2005 at 11:03:53 -

i use binary object! Set every variable up with its own offset, when writing a variable like numbers or so cloak them with different numbers example Lifes=9 then save it like Lives +7 or so, and when loading it to lives -7. Also i once uses cloaking by changing variables offsets in the save according to the progress in the game.. Binary rocks and pretty much everything is possible!

 
- Eternal Life, Or Your Money Back -
http://www.befun.dk/
Currently looking for a home (team)

Tina Petersen



Registered
  19/09/2003
Points
  350
16th December, 2005 at 11:06:30 -

Oh one more thing using CRC is also great! So that if the crc has changed which it always will do if edited! The game simply marks the savegame bad. And u cant use it anymore... Many new retail games also use this.. For hiding the crc just append it to some image file or sumthing making it hard to find. And when found neded to be edited to the exactly new crc which the edited savegame use.. This will annoy people cheating and will probraly make them stop..

Also u can save ur values using binary in another file! like an image file. without destroying the image!

Image Edited by the Author.

 
- Eternal Life, Or Your Money Back -
http://www.befun.dk/
Currently looking for a home (team)

Silveraura

God's God

Registered
  08/08/2002
Points
  6747

Game of the Week WinnerKlikCast StarAlien In Training!VIP Member360 OwnerWii OwnerSonic SpeedThe Cake is a LieComputerChristmas Tree!
I am an April Fool
16th December, 2005 at 11:51:51 -

Theres an extention called BlowFish, it does a great job at encrypting files, so that only the game can decrypt it (unless someone knows the decrypt key). The only trick to the object, is telling the game when to decrypt & encrypt the file, because it cant tell the difference between & encrypted & decrypted file, meaning it has the ability to encrypt files more then once, which can be a pain.

 
http://www.facebook.com/truediamondgame

Tina Petersen



Registered
  19/09/2003
Points
  350
17th December, 2005 at 04:05:06 -

Blowfish aren't really worth anything. tons of programs outthere which decrypt without password!

 
- Eternal Life, Or Your Money Back -
http://www.befun.dk/
Currently looking for a home (team)

Radix

hot for teacher

Registered
  01/10/2003
Points
  3139

Has Donated, Thank You!VIP MemberGOTW WINNER CUP 1!GOTW WINNER CUP 2!GOTW WINNER CUP 3!GOTW WINNER CUP 4!
17th December, 2005 at 05:13:37 -

Last time I checked Blowfish was pretty strong.

 
n/a

Peblo

Custom ratings must be 50 characters or less

Registered
  05/07/2002
Points
  185

Game of the Week WinnerVIP MemberI'm on a Boat360 OwnerAttention GetterThe Cake is a LieCardboard BoxHero of TimePS3 OwnerIt's-a me, Mario!
I'm a Storm TrooperSonic SpeedStrawberryI like Aliens!Wii OwnerMushroomGhostbuster!
17th December, 2005 at 06:48:44 -

http://www.google.com/search?hl=en&q=Blowfish+strong&btnG=Google+Search

 
"Isn't it always amazing how we characterize a person's intelligence by how closely their thinking matches ours?"
~Belgarath

Silveraura

God's God

Registered
  08/08/2002
Points
  6747

Game of the Week WinnerKlikCast StarAlien In Training!VIP Member360 OwnerWii OwnerSonic SpeedThe Cake is a LieComputerChristmas Tree!
I am an April Fool
17th December, 2005 at 13:59:42 -

You cant just decrypt without the key! The way the encryption is setup, depends on the key. The key is required so that the decryption program knows how to decrypt it, not so that it will let you. Without the key, the program will have no clue how to decrypt it. Blowfish is very effective. The array object will do a good job againced the n00bs who think its fun to crack the games save file with wordpad, but its easyly hacked with a hex editor, your best bet is to encrypt it somehow, and in MMF, as far as I know, blowfish is the most effective.

 
http://www.facebook.com/truediamondgame

Tina Petersen



Registered
  19/09/2003
Points
  350
17th December, 2005 at 19:07:29 -

Right i did a test! an BlowSurgeon cracked my encrypted file in 2 minutes.. So i dont know, it defiantly aint strong.. Only the newer versions, but the MMF extension one is an old obsoleted version, which uses the same algorithm for saving the password.. Surgeon gets that password and then decrypts. Just like cracking old zips with passwords! the 2 minutes was on a 150mb file! Wonder how long it will take for a savegame file
So back to base. the best method is hiding ur values in another file! like video, sound, image or even exe files that has an end function.. Else it would mess it up! Then use slight or heavy changes in the values..

Image Edited by the Author.

 
- Eternal Life, Or Your Money Back -
http://www.befun.dk/
Currently looking for a home (team)

Assault Andy

Administrator
I make other people create vaporware

Registered
  29/07/2002
Points
  5686

Game of the Week WinnerVIP Member360 OwnerGOTM JUNE - 2009 - WINNER!GOTM FEB - 2010 - WINNER!	I donated an open source project
17th December, 2005 at 22:39:04 -

That is a good method but not necessarily the best, but I'm really surprised that blowfish encryption isn't that strong. The Assarray object has a built in load\save encrypted arrays, so you don't have to worry about corrupting data by overencrypting.

Another method for ini's is to use 'codes' that you randomly make up. Eg:
[Levels]
4803284AKJDN=unlocked
OIFDSJF39341=unlocked

You just make random items and set them to true or whatever when the player unlocks that level. The next level could be 493029432AFV for instance which nobody would ever guess. This method isn't very useful for health or something though. Like others have said, checksums are a great way to go. Personally I like arrays though

 
Creator of Faerie Solitaire:
http://www.create-games.com/download.asp?id=7792
Also creator of ZDay20 and Dungeon Dash.
http://www.Jigxor.com
http://twitter.com/JigxorAndy

Radix

hot for teacher

Registered
  01/10/2003
Points
  3139

Has Donated, Thank You!VIP MemberGOTW WINNER CUP 1!GOTW WINNER CUP 2!GOTW WINNER CUP 3!GOTW WINNER CUP 4!
18th December, 2005 at 00:06:49 -

"BlowSurgeon" turns up zero results on Google. Combinations of "Blowfish", "Surgeon" and "Decryption" similarly turn up nothing relevant. Radix demands an explanation.

Image Edited by the Author.

 
n/a

Tina Petersen



Registered
  19/09/2003
Points
  350
22nd December, 2005 at 04:31:26 -

Try the underground

 
- Eternal Life, Or Your Money Back -
http://www.befun.dk/
Currently looking for a home (team)

Radix

hot for teacher

Registered
  01/10/2003
Points
  3139

Has Donated, Thank You!VIP MemberGOTW WINNER CUP 1!GOTW WINNER CUP 2!GOTW WINNER CUP 3!GOTW WINNER CUP 4!
22nd December, 2005 at 05:08:54 -

Oh, they have plenty of bullshit down there?

 
n/a

Tina Petersen



Registered
  19/09/2003
Points
  350
23rd December, 2005 at 12:09:59 -

yeah underground search has plenty of shit incl virus etc. porn popups and i can go on.. But when u somehow gets all that blocked. they got a few nice coinups!

 
- Eternal Life, Or Your Money Back -
http://www.befun.dk/
Currently looking for a home (team)
   

Post Reply



 



Advertisement

Worth A Click