Anti-Cheat Toolkit: stop cheaters easily!

Hi,

Can InjectionDetector detect APK modifications that use APKTool to unpack the APK and repackage it with a non-original Keystore or repackage it after editing same files(xml or json or so or dll)?

Thank you.

 

Unity 2021.3.12f1
Target Platform : Android

 

Greetings @Timmi-Hsu,

Injection Detector does detects only managed assembles injected at runtime.

To detect apk modifications you can use the CodeHashGenerator.

 

Thanks for the extra info @haeggongs,

I've sent a DM with few more questions about your case.

 

Assets\Code\JsonDotNet\Source\Linq\JValue.cs(341,14): warning CS0436: The type 'JTokenType' in 'D:/Assets/Code/JsonDotNet/Source/Linq/JTokenType.cs' conflicts with the imported type 'JTokenType' in 'Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed'. Using the type defined in 'D:\Project\Assets/Code/JsonDotNet/Source/Linq/JTokenType.cs'.

Assets\Code\JsonDotNet\Source\Linq\JTokenWriter.cs(368,23): warning CS0436: The type 'JsonToken' in 'D:\Project\Assets/Code/JsonDotNet/Source/JsonToken.cs' conflicts with the imported type 'JsonToken' in 'Newtonsoft.Json, Version=13.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed'. Using the type defined in 'D:\Project\Assets/Code/JsonDotNet/Source/JsonToken.cs'.


...
...

Many warning messages appear.

 

Hi @haeggongs ,

Looks like you have JsonDotNet library added to your project in the Assets\Code\JsonDotNet folder while having it added somewhere else, for example, you may have added the Newtonsoft Json Unity Package which causes these warnings to appear. You need to keep only one Newtonsoft Json.NET library in your project to avoid this.
I'd suggest removing the Assets\Code\JsonDotNet and keeping package version only,

 

I just upgraded to latest version. Is the upgrade as easy as deleting the old folders and installing the new package? By that I mean will it recognize it and work?

 

Hi @RandomCharacters, yes it should work like this. If you update from very old version, it's expected to have some compilation errors due to APIs depreciation.

Please let me know if you'll have any problems updating.

 

I just upgraded and am getting a ton of errors. Where ever I reference obsuredprefs it gives an error. I must have erased something that referenced it ot it changed. It's been a long time since I used this so any help would be good. Although, it could be a different plugin too.

Did it change from
ObscuredPrefs.
to
ObscuredFilePrefs.
?


Assets\3-SCRIPTS\SCRIPTS-NoPlayerPrefs\AudioMixLevels.cs(40,17): error CS0103: The name 'ObscuredPrefs' does not exist in the current context


////////////////////////////////////////////////////////////
using System.Collections;
using System.Collections.Generic;
using UnityEngine;
using UnityEngine.Audio;
using UnityEngine.UI;
using CodeStage.AntiCheat.ObscuredTypes;
////////////////////////////////////////////////////////////
public class AudioMixLevels : MonoBehaviour
{
////////////////////////////////////////////////////////////
//VARIABLES
public AudioMixer masterMixer;
public Text sfx_TEXT;
public Text music_TEXT;
public ObscuredFloat currentVolumeOfSfx_FLOAT;
public ObscuredFloat currentVolumeOfMusic_FLOAT;
public Slider sfx_Slider;
public Slider music_Slider;
float sfx_Linear_FLOAT;
float music_Linear_FLOAT;
//OBS VARIABLES

////////////////////////////////////////////////////////////
void Start()
{
//Load componnents.
sfx_TEXT = sfx_TEXT.GetComponent<Text>();
music_TEXT = music_TEXT.GetComponent<Text>();
////////////////////////////////////////////////////////////////////////////
//Load SFX volume from player prefs.
if (ObscuredPrefs.HasKey("PP-" + "currentVolumeOfSfx_FLOAT")) ////ERROR
{
//Load from player prefs.
currentVolumeOfSfx_FLOAT = (ObscuredPrefs.GetFloat("PP-" + "currentVolumeOfSfx_FLOAT")); //ERROR
}
else
{
//No player prefs so make volume 0 db.
currentVolumeOfSfx_FLOAT = 0.0f;
//Save to player prefs.
ObscuredPrefs.SetFloat ("PP-" + "currentVolumeOfSfx_FLOAT", currentVolumeOfSfx_FLOAT); //ERROR
ObscuredPrefs.Save(); //ERROR
}
/////

 

1) I'm guessing that I need to add at the top:
using CodeStage.AntiCheat.Storage;

2)Also, what is the format for:
if (ObscuredPrefs.HasKey("PP-" + "currentVolumeOfSfx_FLOAT"))
and
ObscuredPrefs.Save();

I looked in the user manual and didn't see these (haskey and save). It gives warnings that using these lile this will be removed in the next API, so I guess I have to change over 10,000 of this in all of my projects.

3) I see that the set and get are different now. i am assuming I have to do:
ObscuredPrefs.Set<float>
and
ObscuredPrefs.Get<float>



Before I change hundreds of scripts with thousands of changes, I just wanted to confirm.

 

Hi @RandomCharacters

1. This is correct,

ObscuredPrefs

is now moved into the

CodeStage.AntiCheat.Storage

namespace.

2. ObscuredPrefs.HasKey() will not be deprecated, it shouldn't show any warnings when you use it. Just use it as usual:

var someKeyExists = ObscuredPrefs.HasKey("someKey");

.

Same for the ObscuredPrefs.Save() - it shouldn't show any warnings as API didn't change and not going to change.
Please let me know if you still see any warnings from these specific APIs.

3. Yes, now you can use generic Set \ Get like this:

Code (CSharp):

1. ObscuredPrefs.Set("someVar", myFloatVar);
2. myFloatVar = ObscuredPrefs.Get("someVar", 0f); // will figure out type from default value

or like this:

Code (CSharp):

1. ObscuredPrefs.Set("someVar", myFloatVar);
2. myFloatVar = ObscuredPrefs.Get<float>("someVar"); // will figure out default value from specified type

Please let me know if you have any questions.

 

I am guessing this changed at some point?

warning CS0618: 'ObscuredInt.ApplyNewCryptoKey()' is obsolete: 'This API is redundant and does not perform any actions. It will be removed in future updates.'

void Start ()
{
//Apply for public/static/serialized in Start()
lowestPageNumber_INT.ApplyNewCryptoKey();
highestPageNumber_INT.ApplyNewCryptoKey();
whichPageOnRightNow_INT.ApplyNewCryptoKey();

======================================
and this too?

warning CS0618: 'ObscuredInt.SetNewCryptoKey(int)' is obsolete: 'This API is redundant and does not perform any actions. It will be removed in future updates.'

void Awake()
{
//Set new default. Do this only 1 time in awake then all others in start.
ObscuredInt.SetNewCryptoKey(theBigOne_INT);
}
==================================
So, are these not needed anymore?

 

Yes, the

ApplyNewCryptoKey()

and

SetNewCryptoKey()

APIs are deprecated now.
If you wish to force a crypto key change, please use the RandomizeCryptoKey() API instead to assign a new random crypto key to your obscured type instance.

 

when you say depreciated, then what I am hearing is that I should just delete them. They are no longer needed.

I had this script in my bootstrapper scene. I vaguely remember it was needed. So I don't need this any more? Sorry, it's been a few years.

//////////////////////////////////////////////////////////
using System.Collections;
using System.Collections.Generic;
using UnityEngine;
//////
using CodeStage.AntiCheat.ObscuredTypes;
using CodeStage.AntiCheat.Storage;
/////
//////////////////////////////////////////////////////////
public class AAAAA : MonoBehaviour
{
//////////////////////////////////////////////////////////
//VARIABLES
//OBSVARIABLES
//Set in inspector to hide.
public ObscuredInt theBigOne_INT;

//////////////////////////////////////////////////////////
void Awake()
{
//Set new default. Do this only 1 time in awake then all others in start.
ObscuredInt.SetNewCryptoKey(theBigOne_INT);
}
//////////////////////////////////////////////////////////
}

 

Yes it's safe to just delete them.

 

Hello!
Which is safer - store obscured values in code or serialize them?
And is there a way to automatically randomize the keys, or do I have to do it manually?
Thank you!

 

Hi @Leonid

I'd say it's safer to store them in code if you do protect your code with external native protectors or do at least obfuscate it and use IL2CPP. Otherwise, it's not much difference - both serialized data and non-obfuscated IL are easy to inspect and reverse-engineer.

Keys randomization does happen automatically - each new obscured type instance has the own unique random crypto key.
You can still manually trigger randomization and re-encrypt data using a new random key with RandomizeCryptoKey() API call. Please refer to the API docs and User Manual for more info about this API.

 

I want to know why 2 ObscuredStrings can point to the same memory.
Now my 2 string value start to sync, which will cause problem. Ordinary string won't cause that.

Code (CSharp):

1.  
2. public ObscuredString string1;
3. public ObscuredString string2;
4.  
5. public void Test()
6. {
7.          string1 = string2;
8. }
9.  

 

Hey, that's because ObscuredString is an ordinary class (reference type), so it behaves like an ordinary reference type, while built-in regular string is a reference type that behaves like a value type.

We can't overload the assignment operator in C# to emulate the unusual string as a value type behavior, so there's no way to force this behavior for an ordinary custom class without changing it to the value type (structure), which would make ObscuredString a value type, breaking some other expectations you might have from the string reference type.

 

Thanks for the asset! I bought it along with Mfuscator and no cheaters in sight yet

 

Thank you!

 

I saw a way to disable the plugin via MelonLoader

You can find the game object with the controller and disable it it means deactivating the plugin. do you have a solution to patch it?

 

Hi @sly_88, there is no a single controller for all ACTk tools, they all work independently.

Anyway, please take a look at the Code obfuscation and overall code protection notes chapter in the readme to know more about how to make the code reverse-engineering and patching harder ^^

Don't hesitate to PM me if you'll need any extra guidance on this, I'll be happy to help!

 

thanks, MelonLoader doesn't seem to be working with my game now

 

@codestage send DM to you, plz check

 

Hi ,Is this plugin available for unity webGL? Are there any examples?

 

Hi yes all features do work with WebGL except CodeHashGenerator and managed injection detector.
Here is a live demo: https://codestage.net/uas_files/actk/demo