Project Hyperion's Base [Incomplete]

[topblast]

This is not the full thing as yet but, why not release something for it as it is an educational base so to say. I have swayed off my original path to add increase security, I've tried to protect the hack from the user but I haven't yet protected the user's from the server, that is what I am hoping to do, see if I can explain to someone here how, users of this hack will always be protected from the server and the server will be protected from users (as much as i can. This is a long shot just so you know. For use on MPGH, remove internet features such as Login, Online Saving, and use offline, with local saving.

Now more than ever i should explain the project.

About the Project

Hyperion is a project that I created to solve a few VIP hack problems, while also being an education base. The concept is to allow users to log into their hacks, use the hacks that was permitted be the server, identified by the user type, weither be, VIP, Super User, Standard User or Guest. It is also hope to bring a feature allowing you to download the addresses / addies of a hack from the server so that less updates to a hack is required. Because the project is not Completed as yet, it is still very educational to many people, and to my self.
The project is also on ******, "Hyperion"

1. Graphics User Interface (GUI)
   
   
   • The Project uses Gwen. Gwen is an open source GUI library which support multiply renders(example: DirectX 9 and OpenGL). I am using a modified Gwen in this project to give it the best compatibility (to my knowledge) to the environments that hackers use. I choose Gwen because of its simplicity, the fact its open source and free also because it still looks good and wasn't to hard to get it working in a hooked environment(i lied, failed many times).
   • In-Game testing haven't started as yet so I cannot say that I am 100% sure that this preview/release will work, but why not learn something from it while you try to modify it.
   • Skins : Gwen supports Skins allowing you to have your own Gwen, by modifying the skin and thanks to my modification, you do not have to use external files, you can use byte arrays inside the hacks, I was also thinking about the capability to download the skins, i mean it is already in a byte array, surely downloading and changing wont be a problem.
     
   
   
2. Settings
   
   
   • Using JSON, I was able to create a make shift function that allows you to save specific data from the Gwen GUI. These settings can then be sent to the server, or pulled from the server, works perfectly from what I see, but modifications are recommended.
     
   
   
3. Security
   
   
   • ​The big topic everyone had was security. I tried my best and currently still trying my best to do this, just note I have limited knowledge of it, I did some reading but it didn't help so I got creative. Using dynamic GUIDs and 512bit Hash, I created this thing where, every time the user interacts with the database, the GUID changes, here is how it works. Upon login into the system, you are given a log-in GUID which is used for the features for other features later on, and the GUID will be changed when the user saves settings, load settings or log out. The reason I implemented this system is because of two things, User and Hacker. This limits the user to one system at any one time. You cannot login to your account, then have your friend login to the same account to share the hacks. It also isn't limited to one system like the other implementation is, where the GUID is stored on the system, and you cannot change systems without permission. Important / static content arriving to the server is hash upon arrival, login for example, the user name and password are hashed right at the start to protect the users from the database user. Yes I know people might change the server files so they can see the content, which is why I am going to add encryption to the client side, so not only does the server encrypts the content, but it is only processing encrypted 'static' content. The reason i only encrypt the static content is because Hashing the settings would making it 'un-decrypable' so you wont be able to load your settings. And the GUID is already encrypted, random data.
     I know some people might say that is a lot of stuff to be sending back and forth, and changing but if your able to play an online game, expect much more data to be transmitted, my only worry is that hacks using this base can have a lot of features, and the settings can get huge, about 50kb ~ 100kb, stuff u can download in 1 second from this you should understand that their is not that much to worry about with bandwidth.
     Example of the Dynamic GUID with 512bit Hash
     
     Code:

     57D4AD99EED761277DD7DF4087B6CBBACD25C86DD5C3C86A2461D8CC7437C2E5811DD9BD59DD674C6F3987D8F3A4B2D77A61CC7C8FF9B98F6E4C92562C6E5A14

   
   
4. Debugger (Logger)
   
   • ​I implemented a debugger which stores its information locally (I can ask for it to be sent, but because this is a base, not a full hack, I don't know what information the other users might ask for, so I left it locally and at request the user can send me the information if he or she wants. The debugger only works if the client file is compiled in debug mode. This is so you can get more speed out of the release versions.
   
   
5. Events
   
   • ​Because I was playing around in JAVA lately, I created a 'Runnable' class, allowing me to create functions using lambda and run them at some event, for example login. After a user login is successful, it calls the event for onLogin, which I used to start the Main Window.
   
   
6. String Encryption
   
   • ​The Strings in the hack are encrypted using XOR, I am planning on creating a string class but, like I said this is incomplete. The application I used to create these xor strings will be in the files also a how to install so you can use it to best.

Preview Pictures
This is limited because like i said Incomplete

 

GUI





Main Constructor[I Ran the Server on port 6112 because it was port forward and I had stuff i wanted to host, u can change the port]




Event Procedures

VirusTotal
Jotti

[ARGB]

very good job
im gonna use parts of this

[[MPGH]Flengo]

You forgot your virus scans. I had to remove a file since it had an outside link inside it. It was the Xor thing.

The rest is excellent work and I scanned the file for you.

Just so MPGH members know, this will not be allowed for use on MPGH. It could be possible in the near future if something is worked out for a public server to be used which would be managed by a staff member or something.

Anyway, at the moment that wont be. Excellent work as usual, Topblast

/Approved

[Cryptonic]

Doing an amazing job so far. Can't wait to see the finished product.

[topblast]

You forgot your virus scans. I had to remove a file since it had an outside link inside it. It was the Xor thing.

The rest is excellent work and I scanned the file for you.

Just so MPGH members know, this will not be allowed for use on MPGH. It could be possible in the near future if something is worked out for a public server to be used which would be managed by a staff member or something.

Anyway, at the moment that wont be. Excellent work as usual, Topblast

/Approved

I forgot about those, haven't post in a while i guess, sorry ^^

@ZysorceN is this the security u wanted?

[[MPGH]AVGN]

Wow your English has gotten a lot better lol.

[topblast]

Wow your English has gotten a lot better lol.

lol, that is thanks to a friend of mine, just being around him forces you to use good english.

[-Bl00d-]

its been a long time topblast i havent talked to you since teamstatic... good job you got this going good.

[ZysorceN]

I forgot about those, haven't post in a while i guess, sorry ^^

@ZysorceN is this the security u wanted?

what do you mean?

[topblast]

what do you mean?

You were talking about the security in the project proposal

[DeadCode]

Nice! If you guys just want GWEN modified to accept Byte Arrays I released one a little while ago: https://www.mpgh.net/forum/31-c-c-pro...d-sprites.html