Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Everybody can modify their amounts of resources easily. #451

Open
nalemy opened this issue Jul 26, 2021 · 3 comments
Open

Everybody can modify their amounts of resources easily. #451

nalemy opened this issue Jul 26, 2021 · 3 comments

Comments

@nalemy
Copy link

nalemy commented Jul 26, 2021

I just analysed the function "gainResource" and found that you could use commands like "window['metal'] = 1000000;" in the console to modify the amount of the metal.
@WarpPrime
Copy link

Many web games have this issue; maybe if the save files are tampered with, the savegame is reset to avoid cheating. But all web games like this have this issue unless you somehow encrypt/hash the resource statistics

@nalemy
Copy link
Author

nalemy commented Jul 27, 2021

Yeah, that's just what I meant. You can try to encrypt the data or obscure the code to fix this bug.

@Mekomancer
Copy link

Anyone that knows there way around a browser debugger could easily change their resources, even if encrypted, by calling the encryption function to assign data, also obscuring code isn't going fix this. this is a static site and making the function or variables private would just mean they would have to do a quick search in the code, find the 'metal' variable, and add a break point and now the variable is inscope

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nalemy @WarpPrime @Mekomancer