hngopher.com

       [HN Gopher] Hacking GTA V RP Servers Using Web Exploitation Tech...
       ___________________________________________________________________
        
       Hacking GTA V RP Servers Using Web Exploitation Techniques
        
       Author : hazebooth
       Score  : 64 points
       Date   : 2023-08-29 18:35 UTC (4 hours ago)
        
 (HTM) web link (www.nullpt.rs)
 (TXT) w3m dump (www.nullpt.rs)
        
       | Jerrrry wrote:
       | I miss these kinda posts, so rare now.
       | 
       | I know XSS is dying due to CORS and DLL injection is mooted by
       | ALSR, that API's are usually authenticated and authorized, but
       | damn...
       | 
       | I wish there was a more collective place to showcase modern
       | exploits, they just hit nice in the feelies.
        
         | [deleted]
        
         | rainonmoon wrote:
         | CORS doesn't prevent XSS and isn't designed to.
        
         | shitlord wrote:
         | ASLR doesn't stop DLL injection.
        
           | l33t7332273 wrote:
           | I think GP confused DLL injection with return to libc.
           | 
           | I see why; in return to libc, which is prevented by ASLR, you
           | are injecting the control of flow into the middle of a
           | DLL(that DLL is libc). The terminology is a little confusing.
        
       | serf wrote:
       | it's nice seeing someone open with telling everyone that GTA V is
       | some of the most poisoned online gameplay with regards to
       | cheating.
       | 
       | I don't agree with the conclusion that it's because it's peer-to-
       | peer. that's not why -- it's because of lazy developer methods
       | and a lower prioritization of security effort.
       | 
       | the biggest genuine effort that Rockstar puts into anti-cheat
       | effort is an occassional memory-structure shuffle to kick sand
       | into cheat-engine users eyes, and the occassional honey-pot that
       | bans a few hundred people -- and these efforts come after begging
       | Rockstar for years to do _something_ , and the most it
       | accomplishes is selling additional copies of the already dirt-
       | cheap game.
       | 
       | These ban cycles and 'enforced ignorance' to the problem nets
       | them more profit than it would otherwise; disenchanted players
       | play less, reducing infrastructure costs -- and banned players
       | buy another 2 dollar copy of the game -- but it kills user
       | experience outside of single player entirely.
       | 
       | They don't care. I get it, but it sucks -- and it's not some GTA6
       | thing, they _never_ cared.
        
         | usr012384 wrote:
         | This post is about private servers using a 3rd party mod called
         | FiveM. How do you expect Rockstar to police them?
        
         | usui wrote:
         | Rockstar doing something about cheaters on their online
         | experience won't affect a thing for what this post is talking
         | about. The exploit in this post is for FiveM servers, a third-
         | party mod. The interactions on here are not usually peer-to-
         | peer.
        
         | mavamaarten wrote:
         | Yeah, they absolutely don't care. It cannot be hard to detect
         | griefing and obnoxious cheating by just looking at player
         | behavior. How hard can it be to detect 90000000000 in-game
         | dollars to be added to players, how hard can it be to detect
         | that someone is blowing up everyone in the server, ... They
         | just don't care, and it's a shame because GTA V still holds up
         | as a fantastic game even after all these years.
        
         | [deleted]
        
       | curiousgal wrote:
       | That was a very nice write-up!
        
       ___________________________________________________________________
       (page generated 2023-08-29 23:00 UTC)