Hello everyone,
I would like to share a Dynamic Anti-Hack system that I have been working on for a long time. After countless sleepless nights and intensive testing, I have finally brought it to a highly stable state.
The biggest advantage of this system is its flexibility; it does not bother legitimate players and features a learning and auto-calibrating structure that can be adjusted entirely according to your server's gameplay mechanics. It includes a comprehensive logging system (currently commented out with // in the source code). I used it for measurements during the development process, and you can easily enable it to monitor suspicious activities on your server in real-time.
Core Hacks BlockedSpeed / Teleport Hack
Fast Attack (7x / Wait Hack)
Range Hack
Wallhack
Auto Gather / Mob Puller (Mob Lock)
Fly Hack
Moving Archer Shots (Bow Hack)
What Has Been Done? / Recent UpdatesWhile developing the system, I made several improvements to eliminate "false-positive" alarms and maintain server performance:
Metin Stone and Cape (Lag/Desync) Fix: In previous versions, the lag caused by a massive group of mobs spawning while destroying Metin stones caused missed hits, triggering false positives. This was fixed by separating PVP and PVE multipliers. ATK_FLOOD_LIMIT and FLOOD_DIVISOR configurations have been optimized.
Bravery Cape / Mob Pulling Spam Protection: Previously, pressing the cape consecutively would immediately trigger the Bot Control (Captcha). Now, this has been converted into a time and repetition-based system. I configured it to allow up to 4 consecutive uses (this is fully customizable via AGGREGATE_INTERVAL / AGGREGATE_PENALTY).
Smart Bot Control System: The old system worked based on hit counts (e.g., triggering captcha after 1000 hits), which was too aggressive. It is now time-based with a multiplier system. To protect normal players, the limit is automatically cleared after 30 seconds of inactivity or when performing different actions (BOT_ATK_LIMIT).
Wallhack Revision: In the past, upon suspecting a wallhack, the system would teleport the player back to the initial point of suspicion, or send them to the village (GoHome) if they persisted. This frustrated players during legitimate scenarios like Guild Wars due to false alarms. Now, the system simply records the last legally taken steps and smoothly pulls the player back to their last valid coordinate.
Weapon and Mount Tolerances (Learning & Cache): All weapons (sword, dagger, bow, etc.) and mounts now have their own internal Attack Tolerance learning structure ([WEAPON_SPECIFIC_TOLERANCES] / [MOUNT_WEAPON_TOLERANCES]). Once limited, a Cache system steps in so the server doesn't get overloaded by constantly calculating attack speeds.
Migration of Settings to SQL: I realized that range issues were actually caused by mob collisions, not the Core structure itself. To prevent this and allow real-time management, I moved all settings and the logging structure to the player.sql tables. You can now adjust configurations directly via your database.
Auto-Calibration (Learning Mode)The system has the ability to perform its initial calibration entirely on its own. If you enable the LEARNING_MODE setting, the system analyzes the legitimate movements and attack speeds of your players to generate the most optimal tolerance values. If you want to make your server "hardcore" regarding cheat protection, you can always check the SQL logs and manually tighten these limits.
Important NoteThis is NOT a client-side anti-cheat software designed to block injected .dll or .exe files. This is a SERVER-SIDE ANTI-HACK system built directly into the game's source code, operating through mathematical verifications and limits. Whether you want to use it as is, adapt it to your current structure, or develop it further is entirely up to you. It is the product of day-and-night hard work. Enjoy!
Feel free to test it with known active hacks and share the results in this thread. If you experience any technical issues, don't hesitate to contact me. Also, if you have any logical ideas like "this specific hack could also be blocked server-side", let's discuss them in the comments!
Best regards!
NOTE: I apologize for the video resolution; YouTube wouldn't let me upload my regular videos because I don't have a verified page.
Previous Topic
la acest mesaj și conținutul se va afișa automat.
