Any way to disable CloseConnection for master

The issue I have is a hacked client is able to kick all the player out of the room.
I haven't found any way to prevent this or disable the functionality for the room.
Any help would be appreciated.

Comments

  • Hi @sunstar3d,

    Thank you for choosing Photon!

    There is no way to disable it without changing client code.
    So I suggest you comment out or delete all code related to CloseConnection, change GameVersion / AppVersion and then release a new client update preferably force updates if you have that feature.
  • Hi John,
    Thank you for responding. My issue is the client is hacked to send the OpRaiseEvent(PunEvent.CloseConnection... My client doesn't ever call anything related to close connection. My concern is any hacker can just send the low level OpRaiseEvent and the server will just kick
    Whoever the hacker wants out. Nothing I do on the client side can prevent that if the server allows it.

  • Hi @sunstar3d,

    as @JohnTube already mentioned you can comment out all code related to the CloseConnection feature. This includes the handling of this certain event as well and is the most important part. Please have a look at the OnEvent function inside the NetworkingPeer class. In this function is a switch condition with a PunEvent.CloseConnection case. You can either remove or comment out the entire case or the code inside this case. This will remove the part of the CloseConnection feature, which is causing trouble in your specific case.
  • Hi Christian

    I will strip it of anything related to close connection. My concern is the hacker doesn't need to be using those functions and can just create the low level packet data itself and send it. Seems like a function to disable kick functionality from the server for this room would be the proper way to solve this. Seems like a big security hole where any player can take control of master and send closeconnection. This can be done to every app running on photon public cloud.
  • If you remove the related lines of code from the OnEvent handler, nothing will happen, if a client receives a PunEvent.CloseConnection event. You can have a look at this yourself: whenever a client receives an event, NetworkingPeer.OnEvent is called. Each default (or build-in) event is already implemented and gets processed if necessary. If you now remove a certain event case from the OnEvent handler, this event simply won't work anymore.

    Seems like a function to disable kick functionality from the server for this room would be the proper way to solve this.


    Since there is no possibility to kick a client server-side (at least not for this case), the idea behind CloseConnection is, to make a client call PhotonNetwork.LeaveRoom(false);. So you basically ask him to leave the room on his own and don't become inactive. In this case the server just forwards this certain message to the certain player (the one who should be removed from the game).
Sign In or Register to comment.