search

AmazingAmpharos / OoT-Randomizer

A randomizer for Ocarina of Time.
Other
296 stars 365 forks source link

Cheating by reading the ROM #194

Open L-P opened 6 years ago

L-P commented 6 years ago

PoC : https://github.com/L-P/OoT-DeRandomizer.git

Requires Go.

git clone git@github.com:L-P/OoT-DeRandomizer.git && cd OoT-DeRandomizer
git submodule update --init
make
./OoT-DeRandomizer [--ignore-gs] ROM

This takes an uncompressed z64 (big-endian) ROMs and create a spoiler log out of it. It's a little buggy but definitely usable.

phixtyseven commented 6 years ago

In response to your second point in the readme:

Encrypt the item and hint lists, let the player input a decryption key before starting the run. This is viable for online races where you can distribute the ROM beforehand and the key right before the run starts. This is the most efficient method that prevents offline ROM scanning.

I don't see how encrypting the ROM would help. As soon as you have the key the data is up for grabs. It might be a little distracting during a race to interpret the ROM but it could still give cheaters an edge.

I think Randomizer would be better off for now if this code wasn't available to all types of players, but it's really up to you.

CMuncey commented 6 years ago

If you're using the source for 3.0, then yeah you'll be able to read it. The listed source isn't what was used to create the executables, and it doesn't have the encryption that the release uses. That's why it's required to use the release version for tournaments.

Unless you're saying this works with roms made from the release, in which case someone else will have to look at this, because I don't know what the encryption actually does

rlbond86 commented 6 years ago

There is no encryption. The executable version just uses a different random seed.

mzxrules commented 6 years ago

I've definitely seen a layer of obfuscation in the 3.0 release (compiled version only, with spoilers disabled). Having looked at it last week I was able to crack it pretty easily.

L-P commented 6 years ago

I don't see how encrypting the ROM would help

Not encrypting the ROM but the item override and hint list, with the decryption done at runtime (eg. entering the key as the Save 3 name or a button sequence). Having to dump the ROM contents at runtime is harder and would require way more time and skills to pull off.
That's just an idea though, there might be better solutions.