Spoofing attacks possiblity?
Posted: Mon Dec 21, 2015 5:33 pm
There could be a slight vulnerability, in which commands and actions could be spoofed.
As the client-server architecture gives a lot of power to the client in BZFlag.
It is to my understanding, the client sends actions (such as jump) to the server which then sends them to other clients(so they would interpret whether a tank has jumped or not, for example).
This technically allows one to send spoofed commands or actions to the server, for example making someone else's tank jump in a bad situation.
As the client-server architecture gives a lot of power to the client in BZFlag.
It is to my understanding, the client sends actions (such as jump) to the server which then sends them to other clients(so they would interpret whether a tank has jumped or not, for example).
This technically allows one to send spoofed commands or actions to the server, for example making someone else's tank jump in a bad situation.