SlideShare uma empresa Scribd logo

The OWASP Game Security Framework

Transferir como PPTX, PDF
Daniel Miessler
Daniel Miessler

An OWASP Bay Area talk on the current state of the Game Security Framework.

Tecnologia
1 de 34
The Game Security Framework (1.0) Daniel Miessler & Jason Haddix
The Game Security Framework (1.0) Daniel Miessler & Jason Haddix
Daniel Miessler Director of Advisory Services IOActive daniel.miessler@ioactive.com @danielmiessler
Video Game Growth
History • This is the second try for the project • Tried originally in 2014, but nobody cared • They care more now 5
Concept 6
Structure • Normal, English sentences that are used to describe the entire scenario • Each sentence contains placeholders for the various parts of the risk malicious competitor attacks the server-side and takes advantage of limited server-side bandwidth and uses ddos to cause extreme lag that lets them win a match, resulting in frustrated users not playing the game anymore, which could have been avoided using ddos protection. 7
Attack Surfaces 8
Vulns 9
Exploits 10
Attacker Goals 11
Negative Outcomes 12
Defenses 13
Semantic Structure Actor attacks Attack Surface and uses Exploit to take advantage of Vulnerability to try to achieve their Goal, resulting in Negative Outcome, which could have been avoided by Defense. 14
Vulnerabilities 15
Ping + Teleport 16 1. Mess with your own connection 2. Server starts reporting your location sporadically 3. Allows you to pass through objects 4. BONUS: Avoid being attacked because you’re like a ghost Player attacks the network and takes advantage of throttling and uses connection degradation to cause extreme lag that lets them avoid harm, resulting in frustrated users not playing the game anymore, which could have been avoided using better code.
Moar Mosters 17 1. When logged in as an admin there are options to do lots of things, like call monsters 2. Players figure out they can execute admin commands as well (only the menu was missing) 3. They get in nasty PvP and call in tons of nasty mobs to crush enemies Player attacks the server and takes advantage of client-side filters and uses hidden admin commands to cause in game chaos that lets them survive pvp, resulting in frustrated users not playing the game anymore, which could have been avoided using server-side controls.
Midnight Store 18 1. Game bugs required the server to be restarted at midnight 2. If you were in the middle of a trade when the server went down, both players got both sides of the trade Player attacks the game and takes advantage of logic bug and uses knowledge of bug to cause item duplication that lets them unfairly increase loot, resulting in less need to buy things, which could have been avoided using better code.
Marvel at my DC 19 1. Play a Star Wars game on Android 2. Go into Airplane Mode in the middle of the game 3. Run Android hack to automatically win 4. Reconnect, advance on the ladder Player attacks the client and takes advantage of local hack and logic flaw and uses local hack to cause unfair ladder win that lets them, resulting in ladder chaos, which could have been avoided using better code.
Ooh Sparkly 20 1. Launching lots of graphics-intensive actions could cause frame rate drops 2. People load up on the most graphics-intensive combos and fire them off if they’re attacked 3. Nobody could kill them because they could run away while their game is lagging Player attacks the client and takes advantage of resource constraints and uses knowledge of bug to cause unfair pvp advantage that lets them avoid death during pvp, resulting in angry players and fewer users, which could have been avoided using better code.
Pink Unicorns 21 1. Players find hidden coordinates in network stream data 2. They hack the client to show hidden items on the map 3. They find hidden players and items before everyone else 4. PK or dramatically improved farming Player attacks the client and takes advantage of client-side filters and uses client modification to cause see hidden content that lets them pk and farm, resulting in frustrated users not playing the game anymore, which could have been avoided using client integrity validation.
Dishonorable Mentions 22 1. Convincing players to download a mod so we can “powerlevel you”. 2. Changing your username to look like a GM, and telling people to give you their items (for safe keeping). 3. Multiple buff stacking due to race conditions / logic flaws. 4. Death / looting issues that allow you to loot dead bodies and get their gear without the person losing the gear when they respawn. 5. Numerous DC logic flaws, where fighting, looting, purchasing is all broken when you DC your connection. As a developer, how would you handle it? 6. Powerleveling service takes your account for a day or so and you soon get a notification that you’ve been banned (they used you for money laundering). 7. …etc, etc.
Case Study 23
Mobile Cover Clipping 24 1. Use of a skill (Mobile Cover) allows players to skip content 2. Skipping content allows faster farming rates of bosses Player attacks the client and takes advantage of Game Mechanics and uses knowledge of bug to skip content that lets them farm items faster, resulting in angry players and fewer users, which could have been avoided using better code.
instancing and checkpoints 25 1. Players able to enter a different area (instance) to re-spawn bosses Player attacks the client and takes advantage of Game Mechanics and uses knowledge of bug to skip content that lets them farm items faster, resulting in angry players and fewer users, which could have been avoided using better code.
buff/talent stacking 26 1. Switching gear rapidly caused buffs or talents to “stack” allowing using talents to gain 1 shot kills, infinite money of headshots, etc. Player attacks the client and takes advantage of Game Mechanics and uses knowledge of bug to Gain In-game Currency and Enhance Gear, resulting in angry players and fewer users, which could have been avoided using better code.
Case Study 27
Current State 28 • Capturing as many bugs as possible • Categorizing them • Putting them into the framework
Current State 29
Current State 30
Future State 31 • Moar Bugz (we could use your help) • A video game Testing Methodology • Continuous improvement of schema • Additional ideas for improvement
Next Steps & Help 32 • If you know any game bugs, you can help out at this location: https://docs.google.com/spreadsheets/d/1Og08wyHsqtODBDkU_M2 zHAvdxc63GSu-OmT8NjCc9Ak/edit#gid=0 • We also just started a Slack channel, in case you don’t already have enough of those. • NOTE: I’m heading to London tomorrow for the OWASP Summit and this project is one of the sessions I’m leading there.
Summary 33 1. Gaming is big, and growing quickly (~90B/year by 2020). 2. Games are highly vulnerable. 3. The OWASP Game Security Project looks to help by making the risks easy to understand and communicate.
Thanks & Contact 34 • Jason Haddix Bugcrowd @jhaddix • Daniel Miessler IOActive @danielmiessler www.owasp.org/index.php/OWASP_Game_Security_Framework_

Recomendados

Siber Olaylara Müdahale ve Hukuki Boyutları
Siber Olaylara Müdahale ve Hukuki BoyutlarıSiber Olaylara Müdahale ve Hukuki Boyutları
Siber Olaylara Müdahale ve Hukuki Boyutları
Alper Başaran
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016
Matthew Dunwoody
 
Playing CTFs for Fun & Profit
Playing CTFs for Fun & ProfitPlaying CTFs for Fun & Profit
Playing CTFs for Fun & Profit
impdefined
 
The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...
The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...
The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...
Amy Jo Kim
 
2 D게임 프로그래밍 발표 자료
2 D게임 프로그래밍 발표 자료2 D게임 프로그래밍 발표 자료
2 D게임 프로그래밍 발표 자료
Lee Jungmin
 
Finding Evil In DNS Traffic
Finding Evil In DNS TrafficFinding Evil In DNS Traffic
Finding Evil In DNS Traffic
real_slacker007
 
Game genres
Game genresGame genres
Game genres
aealey
 
State of the ATTACK
State of the ATTACKState of the ATTACK
State of the ATTACK
MITRE - ATT&CKcon
 

Recomendados

Siber Olaylara Müdahale ve Hukuki Boyutları
Siber Olaylara Müdahale ve Hukuki BoyutlarıSiber Olaylara Müdahale ve Hukuki Boyutları
Siber Olaylara Müdahale ve Hukuki Boyutları
Alper Başaran
 
No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016No Easy Breach DerbyCon 2016
No Easy Breach DerbyCon 2016
Matthew Dunwoody
 
Playing CTFs for Fun & Profit
Playing CTFs for Fun & ProfitPlaying CTFs for Fun & Profit
Playing CTFs for Fun & Profit
impdefined
 
The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...
The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...
The Player's Journey: drive sustained engagement with Onboarding, Habit-Build...
Amy Jo Kim
 
2 D게임 프로그래밍 발표 자료
2 D게임 프로그래밍 발표 자료2 D게임 프로그래밍 발표 자료
2 D게임 프로그래밍 발표 자료
Lee Jungmin
 
Finding Evil In DNS Traffic
Finding Evil In DNS TrafficFinding Evil In DNS Traffic
Finding Evil In DNS Traffic
real_slacker007
 
Game genres
Game genresGame genres
Game genres
aealey
 
State of the ATTACK
State of the ATTACKState of the ATTACK
State of the ATTACK
MITRE - ATT&CKcon
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
Anurag Srivastava
 
레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2
레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2
레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2
Jun Hyuk Jung
 
Android Security
Android SecurityAndroid Security
Android Security
Arqum Ahmad
 
게임제작개론 9
게임제작개론 9게임제작개론 9
게임제작개론 9
Seokmin No
 
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
MITRE - ATT&CKcon
 
02. 게임 전투 공식
02. 게임 전투 공식02. 게임 전투 공식
02. 게임 전투 공식
Chanman Jo
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team Exercises
Haydn Johnson
 
어서와 게임기획은 처음이지?
어서와 게임기획은 처음이지?어서와 게임기획은 처음이지?
어서와 게임기획은 처음이지?
Lee Sangkyoon (Kay)
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
게임제작개론: #1 게임 구성 요소의 이해
게임제작개론: #1 게임 구성 요소의 이해게임제작개론: #1 게임 구성 요소의 이해
게임제작개론: #1 게임 구성 요소의 이해
Seungmo Koo
 
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
MITRE ATT&CK
 
Secure PHP Coding
Secure PHP CodingSecure PHP Coding
Secure PHP Coding
Narudom Roongsiriwong, CISSP
 
SOC Analyst Interview Questions & Answers.pdf
SOC Analyst Interview Questions & Answers.pdfSOC Analyst Interview Questions & Answers.pdf
SOC Analyst Interview Questions & Answers.pdf
infosec train
 
Privileged Access Management - 2016
Privileged Access Management - 2016Privileged Access Management - 2016
Privileged Access Management - 2016
Lance Peterman
 
Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015
Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015
Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015
AFCEA International
 
NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부
NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부
NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부
Eunseok Yi
 
The Cross Site Scripting Guide
The Cross Site Scripting GuideThe Cross Site Scripting Guide
The Cross Site Scripting Guide
Daisuke_Dan
 
Building an Empire with PowerShell
Building an Empire with PowerShellBuilding an Empire with PowerShell
Building an Empire with PowerShell
Will Schroeder
 
06. Game Architecture
06. Game Architecture06. Game Architecture
06. Game Architecture
Amin Babadi
 
The Game Security Framework
The Game Security FrameworkThe Game Security Framework
The Game Security Framework
Daniel Miessler
 
Боремся с читингом в онлайн-играх
Боремся с читингом в онлайн-играхБоремся с читингом в онлайн-играх
Боремся с читингом в онлайн-играх
Positive Hack Days
 

Mais conteúdo relacionado

Mais procurados

게임제작개론 9
게임제작개론 9게임제작개론 9
게임제작개론 9
Seokmin No
 
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
MITRE - ATT&CKcon
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
MITRE ATT&CK
 
The Cross Site Scripting Guide
The Cross Site Scripting GuideThe Cross Site Scripting Guide
The Cross Site Scripting Guide
Daisuke_Dan
 

Mais procurados (20)

Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2
레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2
레벨기획 프론티어 온라인 '이름없는 동굴' 던전_v2
 
Android Security
Android SecurityAndroid Security
Android Security
 
게임제작개론 9
게임제작개론 9게임제작개론 9
게임제작개론 9
 
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat IntelligenceATTACKers Think in Graphs: Building Graphs for Threat Intelligence
ATTACKers Think in Graphs: Building Graphs for Threat Intelligence
 
02. 게임 전투 공식
02. 게임 전투 공식02. 게임 전투 공식
02. 게임 전투 공식
 
How to Plan Purple Team Exercises
How to Plan Purple Team ExercisesHow to Plan Purple Team Exercises
How to Plan Purple Team Exercises
 
어서와 게임기획은 처음이지?
어서와 게임기획은 처음이지?어서와 게임기획은 처음이지?
어서와 게임기획은 처음이지?
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
게임제작개론: #1 게임 구성 요소의 이해
게임제작개론: #1 게임 구성 요소의 이해게임제작개론: #1 게임 구성 요소의 이해
게임제작개론: #1 게임 구성 요소의 이해
 
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
Driving Intelligence with MITRE ATT&CK: Leveraging Limited Resources to Build...
 
Secure PHP Coding
Secure PHP CodingSecure PHP Coding
Secure PHP Coding
 
SOC Analyst Interview Questions & Answers.pdf
SOC Analyst Interview Questions & Answers.pdfSOC Analyst Interview Questions & Answers.pdf
SOC Analyst Interview Questions & Answers.pdf
 
Privileged Access Management - 2016
Privileged Access Management - 2016Privileged Access Management - 2016
Privileged Access Management - 2016
 
Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015
Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015
Cyber CoE Doctrine Plan for 2025: TechNet Augusta 2015
 
NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부
NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부
NDC 2010 이은석 - 마비노기 영웅전 포스트모템 2부
 
The Cross Site Scripting Guide
The Cross Site Scripting GuideThe Cross Site Scripting Guide
The Cross Site Scripting Guide
 
Building an Empire with PowerShell
Building an Empire with PowerShellBuilding an Empire with PowerShell
Building an Empire with PowerShell
 
06. Game Architecture
06. Game Architecture06. Game Architecture
06. Game Architecture
 

Semelhante a The OWASP Game Security Framework

Боремся с читингом в онлайн-играх
Боремся с читингом в онлайн-играхБоремся с читингом в онлайн-играх
Боремся с читингом в онлайн-играх
Positive Hack Days
 
Cerny method
Cerny methodCerny method
Cerny method
Tim Holt
 

Semelhante a The OWASP Game Security Framework (20)

The Game Security Framework
The Game Security FrameworkThe Game Security Framework
The Game Security Framework
 
Боремся с читингом в онлайн-играх
Боремся с читингом в онлайн-играхБоремся с читингом в онлайн-играх
Боремся с читингом в онлайн-играх
 
Developers vs Cybercriminals: Protecting your MMO from online crime
Developers vs Cybercriminals: Protecting your MMO from online crimeDevelopers vs Cybercriminals: Protecting your MMO from online crime
Developers vs Cybercriminals: Protecting your MMO from online crime
 
SRS REPORT ON A ANDROID GAME
SRS REPORT ON A ANDROID GAMESRS REPORT ON A ANDROID GAME
SRS REPORT ON A ANDROID GAME
 
My Presentation.ppt
My Presentation.pptMy Presentation.ppt
My Presentation.ppt
 
Hacking
HackingHacking
Hacking
 
PHP games
PHP gamesPHP games
PHP games
 
Securing your Cloud Environment v2
Securing your Cloud Environment v2Securing your Cloud Environment v2
Securing your Cloud Environment v2
 
Requirement Engineering process on The Outer Worlds game
Requirement Engineering process on The Outer Worlds gameRequirement Engineering process on The Outer Worlds game
Requirement Engineering process on The Outer Worlds game
 
En game hacking
En game hackingEn game hacking
En game hacking
 
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
 
GDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple DevicesGDC Next 2013 - Synching Game States Across Multiple Devices
GDC Next 2013 - Synching Game States Across Multiple Devices
 
5 Steps to Ignite your Free-to-Play Revenue (without Advertising)
5 Steps to Ignite your Free-to-Play Revenue (without Advertising)5 Steps to Ignite your Free-to-Play Revenue (without Advertising)
5 Steps to Ignite your Free-to-Play Revenue (without Advertising)
 
Create a Scalable and Destructible World in HITMAN 2*
Create a Scalable and Destructible World in HITMAN 2*Create a Scalable and Destructible World in HITMAN 2*
Create a Scalable and Destructible World in HITMAN 2*
 
All This Game Cloning? What To Do Now?
All This Game Cloning? What To Do Now?All This Game Cloning? What To Do Now?
All This Game Cloning? What To Do Now?
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud prevention
 
CLUSTERED PEER-TO-PEER COMMUNICATION SYSTEM FOR MULTIPLAYER ONLINE GAMES
CLUSTERED PEER-TO-PEER COMMUNICATION SYSTEM FOR MULTIPLAYER ONLINE GAMES CLUSTERED PEER-TO-PEER COMMUNICATION SYSTEM FOR MULTIPLAYER ONLINE GAMES
CLUSTERED PEER-TO-PEER COMMUNICATION SYSTEM FOR MULTIPLAYER ONLINE GAMES
 
intern.pdf
intern.pdfintern.pdf
intern.pdf
 
Cerny method
Cerny methodCerny method
Cerny method
 
The complete srs documentation of our developed game.
The complete srs documentation of our developed game. The complete srs documentation of our developed game.
The complete srs documentation of our developed game.
 

Mais de Daniel Miessler

Mais de Daniel Miessler (12)

Practical IoT Security in the Enterprise
Practical IoT Security in the EnterprisePractical IoT Security in the Enterprise
Practical IoT Security in the Enterprise
 
The IoT Attack Surface
The IoT Attack SurfaceThe IoT Attack Surface
The IoT Attack Surface
 
Evolution of The Application
Evolution of The ApplicationEvolution of The Application
Evolution of The Application
 
Implementing Inexpensive Honeytrap Techniques
Implementing Inexpensive Honeytrap TechniquesImplementing Inexpensive Honeytrap Techniques
Implementing Inexpensive Honeytrap Techniques
 
Securing Medical Devices Using Adaptive Testing Methodologies
Securing Medical Devices Using Adaptive Testing MethodologiesSecuring Medical Devices Using Adaptive Testing Methodologies
Securing Medical Devices Using Adaptive Testing Methodologies
 
Peak Prevention: Moving from Prevention to Resilience
Peak Prevention: Moving from Prevention to ResiliencePeak Prevention: Moving from Prevention to Resilience
Peak Prevention: Moving from Prevention to Resilience
 
Adaptive Testing Methodology [ ATM ]
Adaptive Testing Methodology [ ATM ]Adaptive Testing Methodology [ ATM ]
Adaptive Testing Methodology [ ATM ]
 
IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015IoT Attack Surfaces -- DEFCON 2015
IoT Attack Surfaces -- DEFCON 2015
 
SecLists @ BlackHat Arsenal 2015
SecLists @ BlackHat Arsenal 2015SecLists @ BlackHat Arsenal 2015
SecLists @ BlackHat Arsenal 2015
 
RSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of ThingsRSA2015: Securing the Internet of Things
RSA2015: Securing the Internet of Things
 
The Real Internet of Things: How Universal Daemonization Will Change Everything
The Real Internet of Things: How Universal Daemonization Will Change EverythingThe Real Internet of Things: How Universal Daemonization Will Change Everything
The Real Internet of Things: How Universal Daemonization Will Change Everything
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Último (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

The OWASP Game Security Framework

  • 3. Daniel Miessler Director of Advisory Services IOActive daniel.miessler@ioactive.com @danielmiessler
  • 5. History • This is the second try for the project • Tried originally in 2014, but nobody cared • They care more now 5
  • 7. Structure • Normal, English sentences that are used to describe the entire scenario • Each sentence contains placeholders for the various parts of the risk malicious competitor attacks the server-side and takes advantage of limited server-side bandwidth and uses ddos to cause extreme lag that lets them win a match, resulting in frustrated users not playing the game anymore, which could have been avoided using ddos protection. 7
  • 14. Semantic Structure Actor attacks Attack Surface and uses Exploit to take advantage of Vulnerability to try to achieve their Goal, resulting in Negative Outcome, which could have been avoided by Defense. 14
  • 16. Ping + Teleport 16 1. Mess with your own connection 2. Server starts reporting your location sporadically 3. Allows you to pass through objects 4. BONUS: Avoid being attacked because you’re like a ghost Player attacks the network and takes advantage of throttling and uses connection degradation to cause extreme lag that lets them avoid harm, resulting in frustrated users not playing the game anymore, which could have been avoided using better code.
  • 17. Moar Mosters 17 1. When logged in as an admin there are options to do lots of things, like call monsters 2. Players figure out they can execute admin commands as well (only the menu was missing) 3. They get in nasty PvP and call in tons of nasty mobs to crush enemies Player attacks the server and takes advantage of client-side filters and uses hidden admin commands to cause in game chaos that lets them survive pvp, resulting in frustrated users not playing the game anymore, which could have been avoided using server-side controls.
  • 18. Midnight Store 18 1. Game bugs required the server to be restarted at midnight 2. If you were in the middle of a trade when the server went down, both players got both sides of the trade Player attacks the game and takes advantage of logic bug and uses knowledge of bug to cause item duplication that lets them unfairly increase loot, resulting in less need to buy things, which could have been avoided using better code.
  • 19. Marvel at my DC 19 1. Play a Star Wars game on Android 2. Go into Airplane Mode in the middle of the game 3. Run Android hack to automatically win 4. Reconnect, advance on the ladder Player attacks the client and takes advantage of local hack and logic flaw and uses local hack to cause unfair ladder win that lets them, resulting in ladder chaos, which could have been avoided using better code.
  • 20. Ooh Sparkly 20 1. Launching lots of graphics-intensive actions could cause frame rate drops 2. People load up on the most graphics-intensive combos and fire them off if they’re attacked 3. Nobody could kill them because they could run away while their game is lagging Player attacks the client and takes advantage of resource constraints and uses knowledge of bug to cause unfair pvp advantage that lets them avoid death during pvp, resulting in angry players and fewer users, which could have been avoided using better code.
  • 21. Pink Unicorns 21 1. Players find hidden coordinates in network stream data 2. They hack the client to show hidden items on the map 3. They find hidden players and items before everyone else 4. PK or dramatically improved farming Player attacks the client and takes advantage of client-side filters and uses client modification to cause see hidden content that lets them pk and farm, resulting in frustrated users not playing the game anymore, which could have been avoided using client integrity validation.
  • 22. Dishonorable Mentions 22 1. Convincing players to download a mod so we can “powerlevel you”. 2. Changing your username to look like a GM, and telling people to give you their items (for safe keeping). 3. Multiple buff stacking due to race conditions / logic flaws. 4. Death / looting issues that allow you to loot dead bodies and get their gear without the person losing the gear when they respawn. 5. Numerous DC logic flaws, where fighting, looting, purchasing is all broken when you DC your connection. As a developer, how would you handle it? 6. Powerleveling service takes your account for a day or so and you soon get a notification that you’ve been banned (they used you for money laundering). 7. …etc, etc.
  • 24. Mobile Cover Clipping 24 1. Use of a skill (Mobile Cover) allows players to skip content 2. Skipping content allows faster farming rates of bosses Player attacks the client and takes advantage of Game Mechanics and uses knowledge of bug to skip content that lets them farm items faster, resulting in angry players and fewer users, which could have been avoided using better code.
  • 25. instancing and checkpoints 25 1. Players able to enter a different area (instance) to re-spawn bosses Player attacks the client and takes advantage of Game Mechanics and uses knowledge of bug to skip content that lets them farm items faster, resulting in angry players and fewer users, which could have been avoided using better code.
  • 26. buff/talent stacking 26 1. Switching gear rapidly caused buffs or talents to “stack” allowing using talents to gain 1 shot kills, infinite money of headshots, etc. Player attacks the client and takes advantage of Game Mechanics and uses knowledge of bug to Gain In-game Currency and Enhance Gear, resulting in angry players and fewer users, which could have been avoided using better code.
  • 28. Current State 28 • Capturing as many bugs as possible • Categorizing them • Putting them into the framework
  • 31. Future State 31 • Moar Bugz (we could use your help) • A video game Testing Methodology • Continuous improvement of schema • Additional ideas for improvement
  • 32. Next Steps & Help 32 • If you know any game bugs, you can help out at this location: https://docs.google.com/spreadsheets/d/1Og08wyHsqtODBDkU_M2 zHAvdxc63GSu-OmT8NjCc9Ak/edit#gid=0 • We also just started a Slack channel, in case you don’t already have enough of those. • NOTE: I’m heading to London tomorrow for the OWASP Summit and this project is one of the sessions I’m leading there.
  • 33. Summary 33 1. Gaming is big, and growing quickly (~90B/year by 2020). 2. Games are highly vulnerable. 3. The OWASP Game Security Project looks to help by making the risks easy to understand and communicate.
  • 34. Thanks & Contact 34 • Jason Haddix Bugcrowd @jhaddix • Daniel Miessler IOActive @danielmiessler www.owasp.org/index.php/OWASP_Game_Security_Framework_

Notas do Editor

  1. Alright, thanks for coming. I want to talk this evening about game security.
  2. My name’s Daniel I’ve been doing security for about 18 years Background is in testing I do a lot of IoT stuff I run the consulting group for IOActive I read a lot, have a blog, and I play table tennis
  3. So why do we care? Tens of billions of dollars are being spent, that’s why. And it’s only growing.
  4. So my friend Jason Haddix originally started this project back in 2014, pitched it around, and nobody liked it. They weren’t ready. He was sad, and he shelved it. I kept trying to get him back into it, and finally a few months ago I pitched him on a new structure and now IT’S BACK!
  5. So the overall concept for the project is to help everyone involved in the gaming ecosystem understand and avoid the main ways games get hacked. It’s no longer for play, it’s for real now. There is real money to be lost, so we’re hoping there will be more interest this time around.
  6. So I was already doing something similar with the IoT Security project. Basically, the idea is that you have normal, English sentences that you use to describe any game vulnerability situation, and the sentences have placeholders to fill in the component of the risk.
  7. DANIEL: So this allows you to fill in all the different vulns we know about into these really clean categories, which are ACTOR, VULNERABILITY, EXPLOIT, GOAL, NEGATIVE OUTCOME, BUSINESS IMPACT
  8. DANIEL: Alright, so now we’re going to talk about a number of vulnerabilities that we’ve captured into the project.
  9. DANIEL
  10. DANIEL
  11. DANIEL
  12. DANIEL
  13. DANIEL
  14. DANIEL: Even better was the fix. Game, Everquest.
  15. Hundreds of others.
  16. So DIVISION was an example that Jason liked. It was a AAA title that was hugely popular and it arguably died in popularity because of hacks.
  17. So one bug was being able to skip content by moving through things.
  18. Another was being able to constantly re-spawn lucrative instances.
  19. Another was being able to super-buff your gear and kill by one-shotting.
  20. So the takeaway here is that they had something great and didn’t take the hacking seriously, and the game’s actual bottom line suffered as a result.
  21. So what we’re currently doing is getting as many bugs into the system as possible Categorizing them And making sure they don’t break the schema
  22. This is what an entry looks like on the site.
  23. And here’s the spreadsheet we’re using to capture bugs. We have a lot already.
  24. So the future state is — most importantly — getting more bugs in the system. We want to keep improving the schema so it’s easy to use and descriptive. We’re also working on a testing methodology, which I’m excited about.
  25. If you would like to help out, we’d love to get more input on: More bugs and examples with stories if possible feedback on the structure of the project whatever
  26. Gaming is not a toy anymore. It’s a business. Games tend to have massive vulnerabilities all throughout the stack. We want to help anyone involved in making or testing games to better understand and communicate gaming vulnerabilities so they can be avoided.
  27. So that’s what I wanted to talk about tonight, and I’m happy to take any questions.