I’ve been working on securing my server but have noticed that certain attacks seem to be very hard to stop(or impossible). Namely, spawning cars, peds, objects, weapons, etc. Sure I can list out each thing as blacklisted via anti-cheese, but there’s a chance they can always just spawn stuff in that’s not on the list. Also adding things to the list also removes them in game, so hackers can still find a way around. My question is, is it possible to scramble fivem natives?I’ve tried doing big replace all’s across my binaries and server resources, but it just keeps telling me my new name was not defined when I tried to call it in one of my resources. I get the feeling I am missing something, and this sort of thing is not possible (as I would have seen it posted elsewhere by now), but I wanted to be sure.
Thank you for disregarding my question entirely . I’m not asking about my own resources, I’m asking about natives. If you use a public resource/framework and you don’t scramble the server/network events, you’re spreading your cheeks wide open for an attacker.
Attackers don’t need access to server files. If they see you’re using a public resource/famework, they can just go to github, find the event names, then inject lua that calls those event names. This shit happens with ESX alllllllll the time.
So as it would turn out this basically not possible.
If this is enough for you I hope this helps!
For those who are still curious, my understanding is that natives are essentially baked into GTAV (hence why they’re called natives). The layer between the client or server and GTAV, is where FiveM lives. FiveM creates an API between alias’s and these natives (i.e. GetEntityCoords --> 0x1647F1CB), but these alias’s can be avoided entirely. If you had everyone who played on your server download a custom version of the FiveM client, you might be able to scramble the alias’s, however an attacker could simply call the native directly instead of the alias and avoid everything you just did.
This is correct. This is why people have been implementing server side listening natives for when clients execute certain natives.
The best thing to do is expand on what the server side is listening for so the most common exploits can be monitored and thwarted. This exists already in OneSync for creating objects, and explosive events being triggered as a couple of examples.
. I’m not asking about my own resources, I’m asking about natives. If you use a public resource/framework and you don’t scramble the server/network events, you’re spreading your cheeks wide open for an attacker.
Either way glad you found what you were looking for.