Are dll's safe to use? What does Tale Worlds do to protect users from Trojans or Malware in mods?

Users who are viewing this thread

Hellspoodles

Recruit
Hi All,

I recently got into modding Bannerlord and it seems somewhat unsafe to use dll files for scripting mods instead of a custom scripting language that most games have. Are there any safety measures in place from the engine which prevent modders from doing malicious things? I am in no way close to a expert on malware and malicious programs, but I conducted a rudimentary test to see what is possible to do from a simple Bannerlord mod.

I made a "MyFirstMalware.exe" program, all it does is stay alive so that I can spot it from the task manager. I encrypt this file to prevent anti-virus checks that most file hosting sites from spotting that this is a malicious file. Not a very good encryption but good enough for a simple test. I put this encrypted file in my mod and had the mod decrypt the file, and then place it in my root directory (C: drive in this case) and then run the file. I loaded up my mod, ran the game, closed it out from the main menu, and checked task manager. My program was running in the background. If this had been a keylogger running in the background, I would probably have no idea.

Obviously, this isn't a terribly stringent test of anything. A good anti-virus software should be able to pick up on the malware once it starts running and kill it. Tale worlds shouldn't rely on end users having a good anti-virus though. There is a lot you can do from the C# interface as well, you might not even need an external program do do malicious things. There is a lot of things I can do and some of these things are really hard to detect if you don't know it's there especially for the %99.999 of people who don't have the skills or knowledge to look.

My test did not push the bounds of what is possible with Bannerlord malicious modding. Is there anyone with more experience in these things that knows the limits of what is and isn't possible?
 
Solution
I recently got into modding Bannerlord and it seems somewhat unsafe to use dll files for scripting mods instead of a custom scripting language that most games have

you actually didnt, because the modding tools (including the game code) is not yet available. What you are doing (like the others) is a temporary solution, a hack, until that day comes. How it will work in the future is something you will have to wait.

you can read https://forums.taleworlds.com/index.php?threads/taleworlds-modding-q-a.396260/

in Warband terms is something similar to using WSE.

if you are worried you should only use open source mods, as you can check their code yourself. Or decompile the others.
I recently got into modding Bannerlord and it seems somewhat unsafe to use dll files for scripting mods instead of a custom scripting language that most games have

you actually didnt, because the modding tools (including the game code) is not yet available. What you are doing (like the others) is a temporary solution, a hack, until that day comes. How it will work in the future is something you will have to wait.

you can read https://forums.taleworlds.com/index.php?threads/taleworlds-modding-q-a.396260/

in Warband terms is something similar to using WSE.

if you are worried you should only use open source mods, as you can check their code yourself. Or decompile the others.
 
Upvote 0
Solution
Thank you, I didn't realize that the current dll thing was a hack and not how the developers intended it. I did think the current method was quite odd. Trying to have any kind of user protection for this would be like trying fix the titanic with sellotape.
 
Upvote 0
The current way we are doing mods - by building C# DLLs and loading them via the default manager, is not at all secure. You could create a mod which scans the user's computer and uploads their entire hard drive's contents somewhere, or just honestly encrypts their whole HD and wamo you have ransomware on your hands.

This is why I think all mods right now should be forced open-source. And you shouldn't be installing them until multiple people vet them.

The only saving grace is Bannerlord does not by default start up in Administrator mode, so a bannerlord mod as far as I know cannot reformat your machine or do anything that's 'protected' by admin rights lol
 
Upvote 0
This is why I think all mods right now should be forced open-source. And you shouldn't be installing them until multiple people vet them.

Yeah, even if they are open source you can't verify the files submitted are the same as the files in the source so I guess the only safe way would be to build the source every time :/

I guess you could run the game in a VM somehow??
 
Upvote 0
The current way we are doing mods - by building C# DLLs and loading them via the default manager, is not at all secure. You could create a mod which scans the user's computer and uploads their entire hard drive's contents somewhere, or just honestly encrypts their whole HD and wamo you have ransomware on your hands.

This is why I think all mods right now should be forced open-source. And you shouldn't be installing them until multiple people vet them.

The only saving grace is Bannerlord does not by default start up in Administrator mode, so a bannerlord mod as far as I know cannot reformat your machine or do anything that's 'protected' by admin rights lol
It's possible to restrict the loaded assembly (.NET dll) for example to cannot use file system or network system. Or allow dlls only signed by taleworlds (modder will give them the source code and they will compile, sign and upload it).
 
Upvote 0
At this stage of modding TW can't really do something beyond giving people a disclaimer - use at own risk, etc. Otherwise it's like kalarhan writes above. They will also have enough work on their own, so I don't think they will start certifying dlls or mods.
In my opinion it will be like in Warband modding, everything can be used at own risk. Good markers are if many have downloaded it or the modder is known. Since modding is not supported yet by TW, they will also not force everyone to make his mod open source. It's all up to everyone of you if you install specific mods or not.
 
Upvote 0
Yeah, even if they are open source you can't verify the files submitted are the same as the files in the source so I guess the only safe way would be to build the source every time :/

I guess you could run the game in a VM somehow??

The idea of having it open source is so that you can compile it yourself, so that you know the built binary is the one that uses the open source code .
 
Upvote 0
Back
Top Bottom