Darkfall: Unhackable Wars

Edit:┬áBoth of the remakes of DF 1.0 have some sort of detection for this, although I think it’s just that DF 1.0 in general already had teleport detection, not that the new companies programmed in detection themselves. New Dawn is particularly adamant about this and has made some of their own anti-cheats built off of the work of myself and other white/gray hat members of the community.

About a month ago I decided that my love-hate relationship with Darkfall was over and it was time to give back to the community (what’s left of it) one last time. This particular game company decided to simply brush under the rug every complaint or known hack so I decided to see what I could do to maybe force them to update. Very gray hat but hey, maybe they’d finally do something, right? Nope. Because at the time of editing, their game has been shutdown for an unknown amount of time, probably never to come back up. They blame the financial situation in Greece catching up to them.

Some history

Hacks have always existed in this game in one form or another, ever since the first iteration of the game came out years ago. Radar, ESP, sticky hack (basically an aimbot), and teleporting to name a few things. Up until this point I had never tried any of them except setting my velocity to fly around back in Darkfall 1.

Darkfall trusts the client with basically every piece of data it sends. Obviously it’s going to be hard to detect or hinder client hacks like radar, esp, and aimbots. All games are like that. But Darkfall is very trusting of the client so stuff like player physics, positions, and even projectiles (their creation anyway) are all client-side. I’m not sure what sort of cheats were being used behind the scenes. I’ve only played with a few people who have either said they had or I suspected of having wallhacks or radar, nothing more than that.┬áThis game also uses the best anti-cheat detection available: absolutely nothing.

Unhackable Wars

Back to projectiles. One odd thing about lag switching was that it allowed you to fire off about two dozen arrows in the same instant. Turn the switch on, fire your arrows, then undo the switch. Then watch as hilarity unfolds when whoever was in front of you instantly dies and flies back 100 feet or so. This is fine and all for those dime-a-dozen Nexon games that trust the client and install rootkits as an anti-cheat. Not so much for a pay-to-play MMO that hosts potentially thousands of players in one uninstanced world. I’ve always wondered just how much authority the server gives to the client. Teleporting is one thing, but is it trusting enough for the client to spawn projectiles at will? The short answer: yes and even from any location you want.

I whipped out my handy dandy Cheat Engine and after a bit of memory editing, scripting, and ASM code changing, Darkfall’s first public multi-hack was born. These videos highlight what you can do with low level characters. Obviously a leveled one would be far more annoying.

As of right now it features:

  • Instant teleport to anywhere and any height on the map based on map coordinates
  • Noclip to go through walls or zoom across the map
  • Velocity altering to fly around
  • Hovering to float under the terrain and loot graves
  • Wallhack
  • Detaching the camera from your character. Create projectiles, pick up items and relics, gank people, revive people, offer duels and have the duel ring appear a mile away, etc. from your detached camera.

This is actually some of the least horrible things I’ve found you can do. Playing for absolutely free, duping items, unbanning yourself, and spawning projectiles extremely fast just to name a few. It’s like these developers never considered security at all.

Afterthoughts

I decided to give the game a serious try for its sequel. Needless to say as soon as people got outplayed the first thing they would scream is hacks. Most game communities have these people, but Darkfall has by far the most amount of them I’ve seen besides Counter-Strike. I’m not even talking about hackusations I’ve personally received. Almost every person in the top 10% was a hacker according to the other 90%. Even if you showed them a recording of you beating them, they would make it seem like they actually believe it was impossible that this person could win over them legitimately. I got kicks out this, I’ll admit. Being able to kill a guy, take all his stuff that he spent potentially hours farming, then having him foam at you. Its sadistic nature attracted some very uncouth players. It also had no instances and it had Quake-like combat. Darkfall was one of a kind in this regard and it’s a shame no competent company has picked up on the idea.

One hilarious part of all this was watching my puush file download count rising after posting the first iteration of this hack. When everyone already thinks you’re hacking, it’s like nothing ever changed when you actually start doing it. And when you see people who so adamantly believed and complained you were hacking are now using a public hack you just created, it brings a weird sort of smile to your face.

Download

The cheat can be downloaded here in .ct format (source code) or here as an executable.

11 Comments

    • Reply

    How does banning work? Account / IP / MAC? Do they ban accounts with the same payment methods? (or I guess through a newly created steam account this wouldn’t matter anyway)

    • I assume just by account but they’ll probably ban by other methods if you become annoying enough. If you use Steam then payment information isn’t disclosed to the seller so the only piece of info they have is your IP and whatever information they can pull from your system when you play. I’ve heard of people getting IP banned from the account website. I know that your MachineGUID registry key was used in DF1 to prevent people making multiple trial accounts. It’s used for Windows cryptography but you can change it all you want unless you’re using BitLocker drive encryption, which no average user is going to use. Regardless, all of those methods can be bypassed.

      It’s really up to them to not allow these sort of ridiculously powerful hacks in such a type of game. I don’t mean in the form of anti-cheats, which only stop the dumbest (most) cheaters, but in the form of a smarter engine. Their programmers are long gone and their engine programmers are ancient history.

      • Reply

      I have literally been using this for 4 days now with my friend, we couldn’t be any more blatant and we still aren’t banned.

    • Reply

    The .exe grabs the position just fine, and the teleport works, but the keyboard commands do nothing

    Any ideas?

    • Have numlock on =X

      Also it fails to grab the camera addresses 50% of the time (will show 0 0 0). Press refind addresses if so although I don’t think that has to do with your problem.

        • Reply

        I use the num keys for potions and shit, but f7 for example is completely free with no binds, but the noclip doesn’t work either

        Not sure, refinding the address does fix the teleporting though when it breaks for whatever reason

        • Could be the standalone has hotkey problems, I didn’t test it very much. Use the CT file?

    • Reply

    Hey man, big fan of Noxious Net team play server.

    What’s your stance on the new DF iterations? Do you plan on making hacks for these? I feel like this is our last best chance at getting a DF back that we all want.

    • “That game STILL hasn’t died?”
      – 30% rating Steam review page

      Dunno yet. So far the only thing I’ve seen is ideas (mostly not very good ones) and them being able to get the server up. Nothing to indicate how good they are at what they do. A lot of names in their staff that I’d never imagine in any kind of dev or management position. So that remains to be seen. My prediction is it will get old players back for a while before an inevitable decline due to lack of interest from the general public.

      I’m not making hacks for them. In all likelihood the old UW ones work on it. I mean I’d love for a Darkfall made by competent developers with 1000’s of active players, but that’s almost a pipe dream. The engine and game is so old and convoluted that you’re better off remaking it in a new engine. I might check it out if I can get in one of the public tests or the game has been out for a while.

    • Reply

    Client crashes when trying to hover with the + key, same with num lock 1 for detached camera

    Maybe the stealth camera needs to be in first person? Not sure what the issue is with the hover though

    • Dunno. What version are you trying that on? I crashed a couple times on UW with it when using that stuff. Gotta make sure it’s all loaded properly.

      Also, be warned. Teleportation is detectable on one of the df1 remakes. It triggers something that alerts the GMs. Had an invisible one making footstep landing noises while following me, lol (new account, hwids, IP, so not just “because I’m jetboom”). Never bothered to figure out what triggers it, I don’t care that much about df anymore. One of them already tried to hardware ban me (really guys, did you think that sending hwids through your lobby via plain text is a good way to do this?). I’d be willing to bet the same detection method is on UW, just there’s no GMs to actually do anything. Does anyone even play anymore?

Leave a comment

Hey, so you decided to leave a comment! That's great. Just fill in the required fields and hit submit. Note that your comment will need to be reviewed before its published.