fwaggle.org

School’s out, the bell’s silent, the school furniture‘s all put up, the halls are empty and there’s a noticeable absence of books in your kids’ lives. What are you to do with them?

Put ‘em to work grinding up video games, that’s what. I made err.. let Nick play Guitar Hero 5 today on career mode. Because GH5 is the first guitar hero game that doesn’t require you to go through and play the entire game before you get to play all the songs, we never really bothered with career mode, but I wanted some of the trophies.

Now, about 6 hours later of us taking turns, I’ve gotten to the end of the career mode and plucked most of the low hanging fruit from GH5′s trophy bush.

Oh and mini-review, GH5 isn’t actually terrible. Rock Band 2 has the upper hand with regards importing music (and DLC too, I think) but you can end up with a good 60-70 extra songs if you own World Tour and Smash Hits. You may hear that the soundtrack isn’t much to sneeze at, but honestly it’s not bad – it’s just not obvious, like GH3‘s soundtrack was.

Plus the guitar that comes with it is quite possibly the best rhythm game peripheral available right now.

The PS3 is finally starting to get some great under-$10 software now (and it’s no longer just relegated to the odd deal and 800 of last-years’ sports titles), so I thought I’d update my wish-list:

• Guitar Hero III (~$4.50) – I already have this, but can’t play it because I only have Rock Band peripherals. It quite possibly has the best sound track of any rhythm game so far, and you can pick it up for under a tenner after shipping.
• MotorStorm (~$5) – I’m hesitant to buy this, because for some reason I have trouble playing games without trophies these days.
• Rock Band (~$5) – I plan on picking this up after I get the second one, for the express purpose of importing all the songs into 2.
• Unreal Tournament III ($5) – I’m hesitant to buy this because I never thought Unreal itself was such a great shooter. There’s been a ton of awesome games built off the various Unreal engines, but I never got into UT at all. It does have trophies though.
• Guitar Hero: World Tour (~$5.50) – I just picked this up for a song, it totalled about $6 after shipping. Not recommended if you don’t have any peripherals for either GH or Rock Band, but if you have GH5, you can import about 30 songs for the cost of the game + $3.50 (assuming the person you buy it from never used the code). Also, no trophies.
• SOCOM: Confrontation (~$5.75) – SOCOM4 is coming out soon, so expect the player base on this game to tank even further. If you’re a die-hard SOCOM fan (or were), I really do recommend this game despite the fact it’s mostly a ghost town. You can still get a game easy, and they’ve fixed all the flaws – it’s almost vintage SOCOM.
• Mirror’s Edge (~$7.50) – The first of our list of games that’ll burn you over ten bucks once you count shipping, Mirrors Edge is beautiful, fun (once you get the hang of the controls), a little frustrating, and way too goddamn short to have paid $60 for. It’s worth the $11 or so though.
• Terminator: Salvation (~$9) – A competent 3rd person shooter that accurately captures the feeling of desperation of the story, and will be the easiest platinum trophy you’ll ever get.
• Star Wars: The Force Unleashed (~$9.98) – My brother in law paid $40 for this not too long ago, and it honestly wasn’t worth it – I’d have been mad if it was my $40. If you really like Star Wars, then it’s worth it. If you don’t mind a reasonable 3rd-person platformer/beat-em-up or want the trophies, it’s probably worth the ten bucks.
• Soul Calibur IV (~$9.98) – I used to love Soul Calibur on the DreamCast, I’ve never played 4 but I’m guessing it’s more of the same, and there’s a cameo by a star wars character too if that’s enough to float your boat.
• Skate 2 (~$9.98) – I almost linked to the original Skate, which is in sub-$5 territory now, but I decided against it… Skate 2 is better in most every way, is trophy enabled, and has more multiplayers on it (for now, until Skate3 wrecks that). If you can get over the weird… I mean “innovative” control system, it’s stupid fun.
• Burnout: Paradise (~$10.50) – an “Honorable Mention” on this list because I haven’t seen it creep under ten bucks yet, but this game gave me plenty of hours of fun and it’s a great multi-player driving experience.

I have an idea for a Playstation Minis game that I would actually spend money on. Boulder Dash! Someone needs to acquire the rights for it, and turn it into a mini – I seriously lost weeks of my life to this game back when all I had to game on was a Commodore 64.

It’s a 2D game where you basically dig around through a maze, collecting diamonds. You can dig through dirt, but there’s also brick walls and other nastiness you can’t dig through. There’s boulders of course, which can fall and kill you, and you can push them around to solve the maze as well.

Timing is everything, snatching loose diamonds as they fall between two boulders isn’t uncommon, and some of the levels it’s only possible to collect all the diamonds if you flawlessly execute a movement through the maze at the perfect time, snatching them all up before they’re buried under boulders forever.

The game mechanics are simple, the level designs are fiendish, and I really think it needs to be ported to the PS3.

After years of halfheartedly resisting the craze, yesterday we happened upon an entire set of Rock band at a yard sale for ten bucks. I was on the fence about buying it, but Sabriena seemed genuinely excited. She never complains about my lack of buying unique gifts for her, and while this wasn’t strictly speaking for her, when she seemed excited about it I knew I had to buy it.

We’re probably going to buy Guitar Hero World Tour on Half.com soon, because the software only is dirt cheap, all our instruments will work with it, and all the DLC we bought for GH5 is actually WT DLC so we can play it with that if something ever happens with Trevor’s GH5 copy.

I’m also going to look at buying the Rockband software for PS3, because the software that was with this set is for PS2, and we lack a working PS2 right now.

… at least, that’s what I have to keep telling people who just don’t grok encryption, and think it’s some magic pixie-dust that you just sprinkle on anything and it’s imbued with magical protection.

I was trying to explain this to some MMORPG folks, who think that just because the communication between the client and server are “encrypted” that they can’t be tampered with. They’re 100% wrong.

Enter fwagglePxE – a proof-of-concept piece of software hacked together over about three days of rage-filled coding, after the company that ran the game in question left a nasty server bug in their software, which essentially robbed me of about $300 worth of imaginary shit. That’s $300 real dollars by the way.

Anyway, the game in question? Basically it uses a heinous modified version of AES-128 as a symmetric key cipher. The server sends IVs for the the encryption at the start of the session, and then the client and server just stay in sync with the algorithm and everything’s good. Indeed if you don’t stay in sync, then the encryption works just fine.

The problem is, if you catch the beginning of the session all the way through until the part you want, the encryption fails horribly. fwagglePxE worked by sitting on my router, which intercepted the connection and handed it to my software. My software then connected out to the game server, and then maintained two encryption states – one for the client and one for the server. If I so desired, I could even use different IVs for the client!

I borrowed most of the crypto stuff from a private server group, I just modified it a tiny bit to make it work the way I needed it (as a client as well as a server). From there it was a simple matter of writing an ncurses interface that included hexadecimal printouts of the plaintext packets, ANSI color printing to make things a little easier to understand, and a simple command parser that included the ability for me to enter hexadecimal strings, representing the bytes I wanted to inject.

I eventually wound up writing parts into the editor that actually understood parts of the game logic, for example in the screenshot above you can see a couple of chat packets (spamming AAAAAAAA for example, and getting ready to spam six “@” characters)… I could do things like train it to ignore repeated messages from a single user that surpasses a certain threshold.

From the outside, it was probably the coolest thing I’d ever written. The feeling of elation I got when I got it to work was probably on-par with the feeling one gets when after hours of cracking, they finally get a “#” prompt on someone else’s machine. Technically it was the most advanced packet editor I knew of at the time, though a couple of people have written things that easily surpass my piece of shit. The code itself is terrible, a mish-mash of C++ written by someone who still thinks in C, and that’s why I never released it.

Anyway back to the rant at hand… imagine encryption as being a giant, impenetrable lead pipe. If the encryption is sound, at any point during the run of the pipe, there is absolutely no way you can see or tamper with things that are flowing inside the pipe.

However, if you can get to the ends of the pipe, there’s no reason you can’t take a peek there. That’s the thing most people don’t understand about encryption, is if you can control either end of the pipe then absolutely nothing can be guaranteed. “All bets are off” as many people like to say.

Which makes this entire rant more or less just a thinly veiled excuse to show off the only remaining evidence of my neato-elito packet editor.