This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Game Security Framework Project"
Jason Haddix (talk | contribs) |
Jason Haddix (talk | contribs) |
||
| Line 77: | Line 77: | ||
=Server= | =Server= | ||
=In-Game= | =In-Game= | ||
| + | |||
| + | == Combat Exploitation == | ||
| + | |||
| + | Combat Exploitation is a in-game category of bug that is usually leveraged to give the player an unfair advantage over advisaries by manipulating game systems such as terrain, buff mechanics, etc. | ||
| + | |||
| + | === Terrain Exploits === | ||
| + | |||
| + | Terrain exploits often utilize bad ledges, walls, cliffs, etc, to render player(s) un-targetable by mobs. Thus allowing players to damage bosses or other players without being targetable themselves. This creates triviality in combat situations. | ||
| + | |||
| + | References: | ||
| + | |||
| + | === Buff/Debuff Stacking === | ||
| + | |||
| + | Buff/debuff stacking is a method where single target or group buffs/debuffs achieve higher than desired results on/for player(s) creating triviality in combat situations. | ||
| + | |||
| + | References: | ||
| + | |||
| + | * [http://mmogfails.blogspot.com/2013/06/yet-another-guardian-fighter-exploit.html 6/25/2013 - NeverWinter] | ||
| + | |||
=Wet-ware= | =Wet-ware= | ||
= Road Map and Getting Involved = | = Road Map and Getting Involved = | ||
Revision as of 08:30, 22 January 2014
OWASP Game Security Framework ProjectSome of the most prolific apps these days are video games. They are sponsored, scrutinized, monetized, and celebrated, just like many sports. They handle clients, servers, monetary transfers, social interactions, etc, with every bit the need of security that most internet hosted apps have (if not more in some cases). This NEW OWASP project will help classify the diverse types of game hacks that exist for some of the worlds biggest games. We'll use history as an example, and break down the flaws as much as possible, creating a do-not-do list of flaws new game companies can reference when creating new games.
DescriptionThe launch presentation can be seen here:
LicensingOWASP Game Security Framework Project is free to use. It is licensed under the Apache 2.0 License which has the fewest restrictions, even allowing proprietary modifications and proprietary forks of the project.
|
What is the GSF?OWASP GSF provides:
PresentationOMG He HAXX! and introduction the OWASP Game Security Framework
Project Leaders
|
News and Events
Classifications
| |||||||
Combat Exploitation
Combat Exploitation is a in-game category of bug that is usually leveraged to give the player an unfair advantage over advisaries by manipulating game systems such as terrain, buff mechanics, etc.
Terrain Exploits
Terrain exploits often utilize bad ledges, walls, cliffs, etc, to render player(s) un-targetable by mobs. Thus allowing players to damage bosses or other players without being targetable themselves. This creates triviality in combat situations.
References:
Buff/Debuff Stacking
Buff/debuff stacking is a method where single target or group buffs/debuffs achieve higher than desired results on/for player(s) creating triviality in combat situations.
References:
As of Jan 22, 2014, the priorities are:
- initial categorization
- historical research
- content creation and wiki creation
- PDF guide
Involvement in the development and promotion of GSF is actively encouraged!
You do not have to be a security expert in order to contribute.
Some of the ways you can help:
- Tell us of of a new game hack! Contact via email or twitter!
- Offer technical breakdown of attack we are not experts on or practical defenses against them.
