Hello fellow map hackers,
I'm trying to find a way to make my activator more secure even against advanced users who run brute force hash decryption such as the one found here https://github.com/zach-cloud/JStringHash. I've already had 1 A-hole break in and make a mockery of years worth of custom hero work. Currently I've switched to a player name based activator instead of chat based and had it change my player name via SetPlayerName() after authentication so you'd need to name spoof and brute force the hash to get in. However this same A-hole is known to name spoof so that's not enough.
For now this person said that they "can't get it to work" when presented with my current setup however they used to give up when presented with a hashed activator and now they don't so I don't know if this is over.
First off, I'm wondering since I don't name spoof personally: are there are limits to what characters you can put in a name spoof. e.g could he be stuck because all the hash collisions he found have characters that you can't use in a battle tag?
I'm also curious if there is anything else I can do?
Making more secure hashed activators?
Moderator: Cheaters
-
- Newcomer
- Posts: 9
- Joined: October 24th, 2020, 2:45 am
-
- Newcomer
- Posts: 9
- Joined: October 24th, 2020, 2:45 am
Re: Making more secure hashed activators?
Another question: would a really really long string foil brute force attacks? Or is wc3's hash function too primitive for that to matter?
Would something like this be a good starting point for something more secure? https://www.hiveworkshop.com/threads/co ... -1.278664/
Would something like this be a good starting point for something more secure? https://www.hiveworkshop.com/threads/co ... -1.278664/