Stunts Forum

Stunts - the Game => Stunts Reverse Engineering => Topic started by: dreadnaut on October 27, 2021, 12:43:20 AM

Title: Small steps
Post by: dreadnaut on October 27, 2021, 12:43:20 AM
This thread might be more speculation than anything else, but let's say we could build a tiny patch for Stunts 1.1, what could be important and feasible?

Small things that I can think of, from reading what people have been working on:

Might not even require a full-recompile? Is something like "Stunts 1.1 - patch 1" close enough?
Title: Re: Small steps
Post by: Daniel3D on October 27, 2021, 07:50:34 AM
  • Moving the "Restart driving" menu entry further down the list
That is doable I believe.
That would make RH easier.

How about this for the opposite. For noRH
Title: Re: Small steps
Post by: dreadnaut on October 27, 2021, 07:44:02 PM
make RH leave a mark in the Replay
Cas did try that, and it is possible to leave a mark. The problem is that it is just as easy to remove it before uploading the replay, or to fake signatures, etc. So it's not really a solution.
Title: Re: Small steps
Post by: Daniel3D on October 27, 2021, 08:33:53 PM
I have a other way in mind. But it might break the game. I can only be done by rewriting part of the code. Only way to know for sure is to do it.
Title: Re: Small steps
Post by: Cas on October 30, 2021, 01:26:11 AM
On each of the possibilities....

About Vizcacha, why it didn't work and how it could work or not:

I failed with Vizcacha because I was making it as a form of TSR that operated on the Stunts as it was loaded in memory and I really didn't have an understanding deep enough about the memory structure that Stunts used at that time. What I wanted to achieve with Vizcacha is possible, although it's not an ideal solution, but it would help. One way of doing this would be to simply try again to do the same thing, but with a deeper knowledge on the memory structure. Another would be to instead, make it a patch that'd be compiled with Restunts. Then, this patched version of Stunts would be distributed without source, which would protect the mechanism, making complete disassembling (again) the only way to debug the encoding.

The idea with Vizcacha is that it wouldn't just be a mark that would be stored in NoRH replays, but the whole encoding of the file would change and it would be impossible to read it (even with Stunts, if that is better). Then this RPL would be passed to the tournament administrator, who would have a special copy of Vizcacha that can decode the RPL and produce a standard replay file, also confirming the file was produced with it. While disassembling is a lot of work, just for cheating, it is not impossible, so this isn't perfect anyway.
Title: Re: Small steps
Post by: dreadnaut on October 30, 2021, 11:51:50 AM
I don't really have time and head space for any of the reverse engineering work, but having read these threads for a few years now, I feel like as a project it's trying to go in many directions at the same time, with distant goals in mind.

And when you have large distant goals (e.g., a full new engine, a new menu system with plugins), you have high risks and very little movement. So I'm trying to understand if there are small goals instead, which can bring improvements on a shorter timeframe, while we learn about the larger, distant ones.

But maybe I have no idea of what I am talking about :)  You'll probably notice that my only contributions around here are more 'project management' than anything else:
Title: Re: Small steps
Post by: Daniel3D on October 30, 2021, 01:03:11 PM
Your input is greatly appreciated.
And yes we have a lot of ideas.
But we try to organise them on difficulty.

CAS his plan to write a whole new engine is his personal learning project and something he likes and wants to do.

The Ferrari edition was relatively easy.
Changes could be done directly to the binary.
For other things it is getting more complex.
So. Small steps, lots of research.
Title: Re: Small steps
Post by: Cas on October 31, 2021, 12:24:54 AM
When I call some of the items "projects", what I mean is that those individual items, each of them, would itself be a whole project of its own, not just a little piece of something bigger. For example, changing the order of the menu options with proper functionality would be "a project", which would take some time comparable to developing CarWorks, for example, or maybe a little less. Changing the needle colour, in contrast, if it works like I imagine, would be something that could be done relatively quickly.
Title: Re: Small steps
Post by: Daniel3D on October 31, 2021, 07:34:08 AM
I think that changes to the menu are possible.
Not easy, but doable.

Changing the opponent into a replay ghost might be possible. But that would take a lot of research.
I think that making it multiplayer is only slightly more difficult.
But it is worth investigating.
Title: Re: Small steps
Post by: Cas on October 31, 2021, 06:43:47 PM
I can tell you that those things are possible, but it's probably quicker to make a new game  ;D
These significant changes that I would really love to see are the ones that push me the most towards finishing my new engine.
Title: Re: Small steps
Post by: Overdrijf on November 01, 2021, 04:45:45 PM
This is a bit (well, a lot) of a random thought, but it was inspired by watching a random Youtube video, so that's actually kind of appropriate. The video was about Trackmania, where a bunch of cheaters got caught and after that a competition patch was made which intercepts a bunch of known ways to cheat.

So... would it be possible to produce a version of or mode for Stunts where you can not use replay handling? And could that version be made in such a way that you can identify from a replay file that this version was used, and so that one cannot easily modify the replays or edit replay handling back into the game without alerting this version check?

I don't think there's anything wrong with the honor system for our little community, so I don't think we actually need this, it's more of a thought experiment...
Title: Re: Small steps
Post by: Cas on November 01, 2021, 08:58:46 PM
Of course, one thing is the moral problem, another is the technical problem.

And yes, it is possible, but it is also always possible to find a workaround. What we can do is make it so that the workaround gets more complicated than just driving over and over until you get it right. The idea in the Vizcacha approach is still valid. It only failed because I wasn't very good at handling the memory fields in Stunts back then, not because the idea was bad.

Today, if I were to do that, I'd create a binary patch instead of a TSR, but the principle would be the same. You have a flag that turns on when you "Restart driving" or select "Drive" on the main menu. It also turns off if you load a replay or if you select "Continue driving". When you save a replay, if the flag is enabled, the replay is saved in a different format, encoded according to an obfuscated algorithm that nobody would have the source of (except the person that made it). Of course, the programmer of the algorithm can't participate in the NoRH tournament.

Then, the tournament administrator uses the other part of the software, one that decodes this into an actual replay file, thus confirming it has been made without cheating.

There are a number of problems to this nowadays, though. One is that, of course, you can disassemble the code, but if the patch is long enough and the code is obfuscated, that wouldn't help much because you need to generate the reverse code and that requires that you can comprehend what the original code does. Copying it is not enough. But more seriously, one could use DOSBox itself as a replay handling platform, pausing, saving the memory status, then reloading, etc. It's a lot more annoying than using Stunts replay handling system because you're forced to save all memory from time to time, but it can be done and there is no way to detect that.

With a new engine, this same thing could be done natively so DOSBox wouldn't be able to help, but I'm pretty sure that cheat programs exist that can save the memory status of a running program and retrieve it on modern systems as well.

A virtually infallible solution that I can think of is making NoRH tournaments "live". The game has to connect to an online server and reports every move in real time. Then the server provides validation.
Title: Re: Small steps
Post by: Daniel3D on November 02, 2021, 12:21:52 AM
An other point, at the moment it is easy to bypass. Reload a safe and continue driving from last frame resets the flag and you can set a high score.
So it has a low threshold to do so and it can't be detected. Also, it doesn't need special software. Doing this is lying.
If we would be able to make it so that the flag is not reset at continue driving and make a clearly different safe-file (either with a encoding or just with a marker in the file)
then you would need to actually edit the file to remove the RH flags. That has a higher threshold. Doing so is Fraud.
If somebody feels they need to go to such length to get a good score in our community, well I would be surprised.

It is not the point to make it watertight, we are not that big. Just make it difficult enough to think about it before doing it.
Title: Re: Small steps
Post by: alanrotoi on November 11, 2021, 05:50:40 AM
  • Moving the "Restart driving" menu entry further down the list
Is it possible to change the start position of the cursor in thst menu? I mean when you press ESC and the menu pops up the start position is in the first option ("back to replay" I guess). Maybe changing it to "Load replay" as default option makes your job easier (3rd or 4th position)
Title: Re: Small steps
Post by: Daniel3D on November 11, 2021, 07:47:13 AM
Yes that is just as possible.
I think we would have to change the order of all menu items but not their position.
So, if that's the case, it is not easier  ;D
Title: Re: Small steps
Post by: alanrotoi on November 12, 2021, 05:02:48 AM
I mean when you press esc the default option selected is the load replay (4th position) and not "bacl to replay" (1st position)
Title: Re: Small steps
Post by: Cas on November 13, 2021, 02:21:11 PM
If we can find the selector block routine, we can change the whole thing. It's not trivial, but it isn't super hard either. And probably, we'd be able to keep the size to avoid alignment problems.