Become host? - Githubissues

winstxnhdw / lc-hax

A powerful, feature-rich and highly performant internal cheat for the co-op indie horror video game, Lethal Company.

78 stars 25 forks source link

Become host? #237

Closed AverageVirusTotalEnjoyer closed 5 months ago

AverageVirusTotalEnjoyer commented 5 months ago

Maybe use the antikick to spoof host or something?

winstxnhdw commented 5 months ago

i honestly wonder if this is possible

AverageVirusTotalEnjoyer commented 5 months ago

It doesnt need to be kicking and stuff, it can just be stuff thaf the client couldnt do such as spawning enemies and other host only mods

joep26020 commented 5 months ago

It doesnt need to be kicking and stuff, it can just be stuff thaf the client couldnt do such as spawning enemies and other host only mods

he said that probably isnt possible but i wonder too, if you could spoof host to the server, could you spawn server-sided enemies??? or hell maybe even kick people!

AverageVirusTotalEnjoyer commented 5 months ago

i never doubt what winston and armorfid can cook up

AverageVirusTotalEnjoyer commented 5 months ago

@winstxnhdw did you cook?

winstxnhdw commented 5 months ago

not yet. the issue is getting the host's steam id, and whether that's sufficient to let me spoof their messages

armorfid commented 5 months ago

I highly doubt this is possible, since all traffic ultimately has to go thru the real host, and he inherently knows that you're not the host. This page states the following:

Creating a game object with Instantiate will only create that object on the local machine. Spawning in Netcode for GameObjects (Netcode) means to instantiate and/or spawn the object that is synchronized between all clients by the server. [...] Netcode uses a server authoritative networking model so spawning netcode objects can only be done on a server or host.

Even if you could somehow trick your own game to think you are the host, it wouldn't work since it can't directly communicate with other clients, and the server would just ignore your messages.

Spawning in stuff would require an exploit with a badly-coded RPC somewhere.

winstxnhdw commented 5 months ago

since it can't directly communicate with other clients

It can't? So are you saying every Server RPC request we do as clients are relayed to the host first and then the host relays it to all other clients? That sounds unlikely.

armorfid commented 5 months ago

That's certainly what the docs say: https://docs-multiplayer.unity3d.com/netcode/current/advanced-topics/ways-synchronize/

winstxnhdw commented 5 months ago

A ServerRpc can be used by a client to notify the server that the player is trying to use a world object (that is, a door, a vehicle, etc.)

Wording says "can be used" not "is used", does that mean it's possible the ServerRpc can call other clients without going through the server. Honestly, I am just coping rn 😭😭😭