OoT-Randomizer icon indicating copy to clipboard operation
OoT-Randomizer copied to clipboard

Published 20 hours ago verified publisher icon AmazingAmpharos

Cheating by reading the ROM

Open L-P opened this issue 6 years ago • 5 comments

PoC : https://github.com/L-P/OoT-DeRandomizer.git

Requires Go.

git clone [email protected]:L-P/OoT-DeRandomizer.git && cd OoT-DeRandomizer
git submodule update --init
make
./OoT-DeRandomizer [--ignore-gs] ROM

This takes an uncompressed z64 (big-endian) ROMs and create a spoiler log out of it. It's a little buggy but definitely usable.

L-P avatar Nov 18 '18 22:11 L-P

In response to your second point in the readme:

Encrypt the item and hint lists, let the player input a decryption key before starting the run. This is viable for online races where you can distribute the ROM beforehand and the key right before the run starts. This is the most efficient method that prevents offline ROM scanning.

I don't see how encrypting the ROM would help. As soon as you have the key the data is up for grabs. It might be a little distracting during a race to interpret the ROM but it could still give cheaters an edge.

I think Randomizer would be better off for now if this code wasn't available to all types of players, but it's really up to you.

phixtyseven avatar Nov 19 '18 00:11 phixtyseven

If you're using the source for 3.0, then yeah you'll be able to read it. The listed source isn't what was used to create the executables, and it doesn't have the encryption that the release uses. That's why it's required to use the release version for tournaments.

Unless you're saying this works with roms made from the release, in which case someone else will have to look at this, because I don't know what the encryption actually does

CMuncey avatar Nov 19 '18 01:11 CMuncey

There is no encryption. The executable version just uses a different random seed.

rlbond86 avatar Nov 19 '18 02:11 rlbond86

I've definitely seen a layer of obfuscation in the 3.0 release (compiled version only, with spoilers disabled). Having looked at it last week I was able to crack it pretty easily.

mzxrules avatar Nov 19 '18 09:11 mzxrules

I don't see how encrypting the ROM would help

Not encrypting the ROM but the item override and hint list, with the decryption done at runtime (eg. entering the key as the Save 3 name or a button sequence). Having to dump the ROM contents at runtime is harder and would require way more time and skills to pull off.
That's just an idea though, there might be better solutions.

L-P avatar Nov 19 '18 09:11 L-P