Separate names with a comma.
Discussion in '3DS - Flashcards & Custom Firmwares' started by KazoWAR, Dec 4, 2013.
Pokémon X/Y v1.2 is out, and it blocks Battle-Analyzer.
Good job KazoWAR.
i saw a topic about this... and this counters this thing the person released right?
If you feel like it a version that lets you choose what information you send over would be great. Totally troll the cheater with wrong moves and stuff.
Also great job!
Great job, sir.
lol Nintendo might put you on the Not As Bad as we thought list
Yeah, but this will in turn lead to "Anti-anti Cheat" and so on and so forth. Only way is for a fix to come from Nintendo.
are nintendo going to do this?
Kazowar you are a hero! I might pic up the game again now. I hope Nintendo blocks it themselves later on. Please no insta-check or shit anymore.
Always enjoy hack, counter hack*, especially if more than one of the parties working to different ends is not an official source. I would love to discuss the counters to this but I guess for obvious reasons it would not get anywhere. "if you keep it running it will not work for the next battle" says to me it might actually be one of the harder ways to counter though.
*I know I already linked it in the last thread but I really like the film too
i love that clip
how does this exactly do its job? sends garbled (unencrypted data), while keeping all encrypted data healthy?
As I understand it gamefreak failed basic network security and sent everything unencrypted, unobfuscated and in the same manner every time, this includes the selection of pokemon for a battle (I guess for caching/preloading the moves reasons as well as maybe some failed attempt at move validation at a higher level, however I am told similar things happened for earlier games with cheats so it might have been a bit of code reuse. Either way gamefreak screwed up at a truly amateur level for this). The only protection they have is tamper detection which means we can not inject arbitrary data and why there is no injection option at present.
First we say simple trade detection programs. This has since been advanced quite a bit if the current trade checking programs are anything to go by.
The battle analyser then also noted that team selection in battles was transmitted in plaintext and made a decoder. As this is trivial it is also one of the reasons why we have not bothered to slow or stem the spread of the program, I would not have as nice a GUI and decode options but I reckon at some level I could probably have a simple filter string written for wireshark over a lunch break.
From here you really want to know two things
The OSI model of networking.
Signal jamming is done in one of three ways
You stop the signal. Putting something in a Faraday cage is the main example of this, a bit hard to do in software though.
You jam the frequency. I am told some people did DDOS opponents off the internet and thus win by default as it were (dropped connections counted as losses). In normal radio signals this requires a lot of power.
You fiddle at protocol level. You pretend to be another base station, you send data that looks valid at first pass and other such things. This is harder to do as you have to know the protocol but takes considerably less power. This is what we are playing at here.
The OSI model then.
Network communications happen on many levels, it is not complex but more than I have the inclination to go through right now. http://www.washington.edu/lst/help/computing_fundamentals/networking/osi should cover it though. Depending upon the setup your network scanner snatches the packets quite low down where the packets pokemon decides to use are validated at a higher level (it could be the Presentation layer but I would not be surprised to see something at the Application layer as well). As wifi communications and internet communications are inherently unreliable though it expects to see some measure of broken packets and packets coming out of order and all sorts of things like that.
My guess is then as we do not have the source the analyser snatches things at a low level, filters out what it needs with some basic filters and then decodes the packets to get the info.
To counter the analyser my guess is some valid data is snatched and used as base for the upcoming battle. As the analyser is working at a much lower level and does not or can not validate it as the game would it is fooled and displays wrong data.
There are various ways the analyser could be brought back for a while pending Nintendo's getting their act together.
Nintendo encrypting player to player packets. This could be interesting actually. For a normal PC program I would have a recompiled version up within the hour but if they have to make it a patch and have it work on top of the existing setup (what we have seen of the 3ds says it is not as bad as the DS would have been but it is not a full computer or even like the last round of home consoles), with the gateway working as it does though the question will soon probably have to turn to cheats and memory reading or at least a higher level of validation.
"start it up before connecting to the other person and stop it after the battle is over. if you keep it running it will not work for the next battle."
This provides some insight as to what might be happening and why I guess it was a packet snatched rather than a prebaked stream or something generated randomly on the fly. It might also be that KazoWAR saw the obvious counters to it and acted accordingly (if it uses the same seed values or handshake values then it makes further filtering trivial) or it could be a simple issue with broadcasting at the right time but I doubt that.
what it does is sends packets tat contains the data battle-analyzer is looking for. once it gets an ip/mac of the opponent it goes in to a spamming loop, and needs to be stopped/started to start looking for a ip/mac again. it enough for now, but probably easily countered as well.