Unbeatable anti-cheat.

[gir489]

I have been attempting to break this game's anti-cheat for about 4 months now. I have found a big fat 0 number of exploits... I can't believe the only game I've never been able to hack the multiplayer for, is some $30 nothing game... I've hacked every game I've ever played online since Doom 2. Everything from Counter-Strike, to Battlefield 2, TFC, all of the Far Cry games that had MP, almost every single COD (including Warzone 1 and 2), PUBG, Apex Legends, Dota 2, League of Legends, Rise of Nations, Starcraft 1 and 2, Valorant, Fortnite, GTA IV and V (with BattleEye), untold numbers of mobile games. And the one game, THE ONE GAME I haven't been able to break is Factorio. I don't know what mad genius coding engineer you have working for you, but they deserve a raise.

I mapped out every single class, function, memory handler, Lua interface I could find with IDA, and not one of them is vulnerable. At first, I tried basic cheat-engine style of attacks. But I was being detected by the game flat-out, even so much the game would log in the file "Cheat engine detected, ignore log!." I thought: "How stupid are these guys leaving strings in the binary for attackers to find? I found out, it wasn't stupidity, it was brazenness... It would force-crash on functions that did basic sanity checks where it would store a backup of the value, and if the backup didn't match, it would just fail fast. Those were easy to patch out with ASM replacement, but what I couldn't defeat was the sync code. The MOMENT your client falls out of sync with another, you just desync. I tried Lua injection, I tried memory attacks, I tried packet crafting. NOTHING works. The moment the other client doesn't agree with what you said, they just drop. Absolutely outstanding work. You have finally given me a challenge. A challenge I could not best.

[NineNine]

Yeah. Neat.

What's the point of "cheating" in a sandbox game?

[eugenekay]

There are many ways to play the game. I am glad you are able to find Fun in looking for holes, even if it does make the Leaderboards less appealing for the rest of us…. Factorio sidesteps a lot of these competitive issues by not having one!

The flags which decide if a Save game is eligible for Achievements are the closest thing to an actual “Cheat” - and those can be cheesed with a Hex editor, using data on the game’s wiki. All that will earn you is “100% completion on Steam”, which is of dubious value. I am still working on obtaining them all organically myself….

Once you have started running the game’s Sandbox you have already connected to a Multiplayer server, downloaded the map, exchanged tokens, etc. As you’ve discovered, the deterministic nature of the Simulation makes it impossible to make changes outside of the Game’s rules, without causing a Desync… I have done some fuzz testing before running the Factorio daemon on my networks, and it seems pretty solid - though I would not trust it with root privileges or Private VLAN access, like any non-open-source program. All of the network paths seems resilient to un-authenticated packets - achieving a crash or Denial of Service requires you to Login, or resort to old-school packet floods to “slowdown” a server and cause players to drop. Abuse of the User Auth Tokens mechanism to impersonate other users is discouraged, so I have not touched that myself. You could maybe find some way to send “bad updates” to the server which come from your User Token (ie, manually crafting UDP packets as a fake client), but any reasonable multiplayer server would just ban you.

When you “Win the Game” in Space Age you are able to upload a package to the Galaxy of Fame…. It is already possible to cheese this using the Scenario Editor. While you could submit a carefully-crafted upload to the API manually, this would also not be a great idea.

So yeah, what’s the point? Just install some Overpowered Modules and use the Infinity Chest in Editor mode. It’s a Sandbox.

[FasterJump]

Forgive me if I'm wrong, but is this post about "hack", rather than "cheat"?

Anyone can use the in-game console to "cheat" in the game. Or, if it's about the achievements, by downloading blueprints/saves.

Of course, there is no point cheating in Factorio. Cheating in solo games is usually useful only if you are bored and want to fast track to the end to be done with the game.

Anyway, back to the topic, it's interesting to know that Factorio's executable is so robust to tampering. I haven't read any FFF about that!

[Atraps003]

Factorio's robust multiplayer is underrated. A gem in the sea of kernel level "anti-cheat" spyware.

[Tertius]

It's not explicitly an anti-cheat. As far as I see how the engine implements multiplayer, it's just a byproduct of ensuring a consistent game state of all connected players. Its intended use is to find multiplayer-breaking bugs in Factorio itself and in any mods.

Since the engine doesn't work with a client/server model, every player runs the whole game map. The server is just managing the master game map, so every player gets the same map on connect. But the game runs individually on every player's computer. If someone injects an item or an action for cheating into his own map, this item and any usage of it would not appear for any other player, because there is no means to distribute that item to other game instances. The engine simply has no functionality to send and receive items. Any cheating would not have any impact on the other players.

Even if you were able to somehow disable the consistency check for everyone, you will not be able to transmit any cheated items or actions, since the engine has no means to send and receive such things.

The cheater would simply start to run a different map than the other players, so it is desynced, so it is disconnected by the consistency checks.
The only thing exchanged between the game instances are mouse and keyboard interactions. Any cheat is limited to user interactions - for example, if it is any advantage to click inhumanly fast, you can do that. But you cannot create 10 stacks of blue chips to cheat, because there is no way to make this known to the other player instances. And if you kill one player with a cheated weapon, this player isn't killed for any other player, since the other player instances don't have that cheated weapon. The only thing you can inject artificially is a 'fire weapon" action, since this is what the user inputs with mouse or keyboard, but not "do 1000000 damage", since the result of the action is computed by every player instance individually.

@gir489 It's a mystery to me why you even started trying to cheat by injecting the game. Anyone with a little bit of Factorio game engine (and modding) knowledge would know this cannot work. You wasted your time, and you could have known that.

[Nidan]

I like to split cheats into two groups:

• Resource based: Anything that gives you a resource benefit, regardless whether actual resources, unit health, etc.
  These will be detected (in multiplayer) by factorios deterministic nature, as several posters above already mentioned. Note that the server is prevented from using resource based cheats as well.
• Knowledge based: Anything giving you a knowledge advantage without changing the game state, e.g. removing fog of war.
  These are possible: Save the map locally, open it in a second instance of factorio, have fun exploring. A suitably edited client binary could offer the same options live. The debug options (F4) can leak quite a bit if information as well.

I haven't yet come across a game or set of techniques that prevents both kinds at the same time.

Edit: I should add a third kind to the list:

• Scripting: Executing legal actions, but with inhuman speed and/or reaction time.
  Possible using a suitably edited client binary.

[robot256]

When you look at the Factorio multiplayer system as a whole, it is a very short distance away from avionics-grade reliability and redundancy. The only thing missing is proactive error correction in some places. This happens to be the direction the developers chose to put a lot of their time and energy, and in my opinion it paid off.

Illegal actions are prevented by design or proactive measures, and everything else is explicitly allowed hy the modding API or wiki. There is no gray zone.

[J-H]

Factorio has raised my standards for software quality across the board.
Nobody at work understands when I'm grumpy about how inefficient and wasteful some programs (including OneDrive!) are.

[MEOWMI]

This is so interesting to hear. I'd thought about it several times, and it makes sense that it should hold up quite well, but I had no proof that it would work this well.

[HadesSupreme]

If there was some way to cheat in Factorio it without breaking consistency it would most likely be player input related. Something along the lines of "my mouse is simultaneously mining a building while also aiming and shooting at a biter". Or of course some kind of aimbot. Now obviously an aimbot is kind of superfluous on its own, but something like an aimbot that automatically cycles between different weapons for higher DPS or targets specific enemies with certain weapons seems possible.

[robot256]

an aimbot is kind of superfluous on its own, but something like an aimbot that automatically cycles between different weapons for higher DPS or targets specific enemies with certain weapons seems possible.

Totally possible to do within the modding framework. But you're talking about doing it outside the game for multiplayer/achievements in vanilla.