Discussion on the mechanism of Pokemon Go anti-counterfeiting GPS

Source: Internet
Author: User
This is a creation in Article, where the information may have evolved or changed.

Disclaimer: This article only from the technical point of view to explore the game defects, any organization and individuals may not use the content of this article to engage in illegal activities, please do not spread or use the loopholes mentioned in this article, otherwise the consequences.

Pokemon Go is a recent popular AR and lbs based collection to the game, the old IP called for a ticket player. The game is currently a lot of bugs, here is the 0.29.0 version and the mechanism of anti-mock GPs under Android platform.

Before reading the source code, the analysis is based on the actual test results, that is, black box testing.

The information currently known is:

1. There is a mechanism for detecting fake GPS information in the game, it is only in the client at present, as far as the server is not known

2. When the game detects that a user is using software such as a mock GPs, the words "failed to detect location" are displayed, and the interaction with the server end is terminated

3. Restart the game to solve the above problems

4. The game's detection program should be written in the resume event, that is, when you switch back from other programs to the game will be detected

5. There are several places in the game code for GPS positioning, one is timed, that is, every once in a while to locate a class of events, that is, after you finish scratching the elves or after the store to locate


Based on the above inference, there are a number of feasible hack methods, here are only one feasible:

First, a diagram.


From what we can see:

1. This hack is the time difference between using the fake software to modify the GPS cache and the system to regain the current position.

2. It is important to forge the switch timing of the GPS software, and if the system re-opens the GPS service after shutting down, the fake location in the cache will be overwritten by the new real location.

3. If the hack is successful, the game will show "GPS signal lost" such as the prompt, that is, the current GPS service is rebooting, the game will read the cache location, that is, we faked the location

4. If hack fails, the game will show "failed to detect location" such as the hint, that is, fake software is slow to close, when switching back to the game was discovered by the game, encountered this situation can only restart

5. In summary, this approach does not guarantee a 100% success, and the timing of the forgery of the software is largely determined by its success.


Finally talk about how to prevent such hack:

If the user has been hack successful, this kind of hack is more difficult to prevent. For the server, the behavior of the user is the GPS signal is lost in another place, this is very common, such as the user into the building or the area of poor signal, so it is difficult to logically filter out which users are fake GPS. If the user in a certain amount of time to move distance as the basis is also inappropriate, counterfeiters can forge a position in a small range, and there will be normal users to change the number of the brush (for example, you in China, let American friends to help you play).

If hack fails, the current penalty is to restart the game, which does not delay too much time. Reasonable measures should be to prohibit landing for a period of time. At present, it seems likely that the game manufacturers have a lot of debug and feature to do, so it is simply to prevent the users who have been driving counterfeit software, did not expect users to use the GPS cache to hack.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.