Solved

Protecting values from being memory hacked in C++?

Posted on 2009-05-08
20
539 Views
Last Modified: 2012-05-06
I have C++ application/game. Right now there are long/short values that represent shields, power capasity, and so forth.

I found out you can actually use a memory hacker (Like Cheat Engine) and freeze these values or change them to be higher for unlimited power. Which is pretty much an issue.

I wanted to know what I can do, if there is any coding to prevent memory hacking (For example steam has punkbuster or whatever).

I was also thinking if this is not the case, then I can modify the values to have a random seed each game added on in the value, then remove the seed when there used, and readd it when there stored again. Kinda like so theres a random value.. For example

Shields are 3000
Random value is 302
VAlue stored is 3302, when called it will remove the 302 to use, and then readd.

The issue with this is the games pretty big and would require a pretty big add to many values, and I'd have to find areas, so first I was wondering if there is any way I can stop memory hacking via coding or something like that.. Any suggestions?
0
Comment
Question by:Valleriani
  • 6
  • 5
  • 5
  • +3
20 Comments
 
LVL 30

Expert Comment

by:Zoppo
ID: 24336893
Hi Valleriani,

just an idea: maybe you could implement a fast method to calculate some kind of checksum over all values you want to protect. Then whenever you need to change a value you can first calculate the checksum anew and check if it equals the checksum calculated before, then change the value and recalculate the checksum. To hack this a hacker would have to determine the algorithm you use to calculate the checksum. You could add a random generated seed value to the checksum calculation which is initialized when the application starts. With this you can avoid that a hacker can just remember which checksum fits to which situation.

Of course this is not a real secure solution, but it will make it more difficult for hackers ...

ZOPPO
0
 
LVL 53

Expert Comment

by:Infinity08
ID: 24336930
If the server keeps track of the valid values, then a client can tamper with them as much as he likes ... The server's values are the correct ones, and the cheat attempt will soon be noticed/rectified.
0
 
LVL 53

Expert Comment

by:Infinity08
ID: 24336962
Or put differently : don't trust anything the client claims about those values. The values kept in the server are the authoritative values, and the only ones that are ever used. Sure, the user will be able to "cheat" and make the client display a different value (for the health level for example), but the server will still be using the correct (unmodified) value (and if the health level drops to 0 on the server side, the player dies, no matter what health level the client shows).
0
 
LVL 30

Expert Comment

by:Zoppo
ID: 24337151
Hm - is it a client/server game? Or a standalone game?

BTW, I don't know about tools like 'Cheat Engine', but if your application uses .net and those tools run as a different process it may be you could use protected memory to protect these values (see class ProtectedMemory).

ZOPPO
0
 
LVL 40

Expert Comment

by:mrjoltcola
ID: 24337338
If its a local standalone game, I think checksum is a good way to go, but I would go one step further. If performance is not an issue, and you don't have to access the values many thousands of times per second, then you can use a fast encryption mechanism to make sure the memory is not cleartext readable. In the end, for standalone games, I would just let the cheat cheat, he is only cheating himself.

If client/server, then I agree with Inifity's statement, tampering should not be possible, by design.
0
 
LVL 53

Expert Comment

by:Infinity08
ID: 24337937
>> In the end, for standalone games, I would just let the cheat cheat, he is only cheating himself.

Which is why I assumed it was a client/server game. If the user gets his fun from cheating, then why not let him ? As long as the cheating doesn't impact anyone else's game experience (which is true for a single player standalone game), there's no problem, is there ?
0
 
LVL 40

Expert Comment

by:evilrix
ID: 24338275
>> if there is any way I can stop memory hacking via coding or something like that
Package up yor game in a packer/protector. These provide a secure runtme enviroment that is resistant to hacking.

Examples; http://www.fileheap.com/software/protector_packer.html
0
 
LVL 86

Expert Comment

by:jkr
ID: 24343072
>>I wanted to know what I can do, if there is any coding to prevent memory
>>hacking

If you are on Windows, set up a memory page that has the 'PAGE_GUARD' attribute set, so that an exception is thrown when that page is accessed and you then in turn can validate if that acess is legitimate. See also http://msdn.microsoft.com/en-us/library/aa366898(VS.85).aspx ("VirtualProtect")
0
 
LVL 7

Author Comment

by:Valleriani
ID: 24343796
I am thinking about going through the checksum way, just a bit more hassly because I have to recode a good portion of it then, theres more then just shields, for example.

It is server/client yes.

The server does everything but player, the player is client side, much like Continuum, or Counter-Strike, which I believe just get inital values from the server and when changing stuff, but not during the main battle/fight, same for my game right now.

Also, how would I use page_guard/virtualprotect. Is there any examples around on how to use it? It seems like a great idea.

A Packer/Protecter would of worked -- If I could find any that actually worked and are free or are cheap.. Any suggestions to one that works good and is remotly cheap if thats the case?

The server will ventually do everything, client and server, however, if tis a couple day fix I will do it for now. I am currently working on adding a new game engine and throwing in DirectX, and upgrading the network coding, but that won't be done for a bit, and there are a few people who do abuse it once and awhile online, which is a shame.
0
 
LVL 7

Author Comment

by:Valleriani
ID: 24343798
^^ And rather, I will be going through the checksum way if other ways don't work. ;)
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 86

Accepted Solution

by:
jkr earned 500 total points
ID: 24343839
>>Also, how would I use page_guard/virtualprotect. Is there any examples
>>around on how to use it?

See e.g. http://www.codeproject.com/KB/security/AntiReverseEngineering.aspx ("An Anti-Reverse Engineering Guide") which addresses a similar issue. BTW, a checksum might be difficult to apply if these values are dynamic and will vary from time to time.
0
 
LVL 7

Author Comment

by:Valleriani
ID: 24345335
Hey jkr, I am trying it out now, a few things I noticed.

It stops 'debuggers/disassemblers' from working good, but the ones where you can change memory instantly (Like cheat engine) still seems to go through, is there anything here I s hould be specifically looking at/ I've tried a few here so far but might be doing something wrong..

Thanks!
0
 
LVL 86

Expert Comment

by:jkr
ID: 24345553
You mean the part with 'MemoryBreakpointDebuggerCheck()'?
0
 
LVL 7

Author Comment

by:Valleriani
ID: 24345602
Yes, my bad.

It seems to work well against WinDBG and other actual debugging processes, but against Cheat Engine or programs that just directly edit memory values/address it doesn't detect at all and the values can still be changed/
0
 
LVL 86

Expert Comment

by:jkr
ID: 24345716
You should change to code not to explicitly check for a debugger, since these cheads might not act as such (i.e. use 'DebugActiveProcess()' to attach to your program).
0
 
LVL 7

Author Comment

by:Valleriani
ID: 24345874
Thanks, I'll go play around with this and see what I can do.. Any suggestions on what a program like that could be using?
0
 
LVL 86

Expert Comment

by:jkr
ID: 24345894
Well, basically 'ReadProcessMemory()' and 'WriteProcessMemory()' to alter the values - but these will trigger teh exception when using a guard page.
0
 
LVL 53

Expert Comment

by:Infinity08
ID: 24348827
>> The server will ventually do everything, client and server, however, if tis a couple day fix I will do it for now.

>> and there are a few people who do abuse it once and awhile online, which is a shame.

These two are cause and effect. As long as you don't fix the first, the second will keep occurring.
Using memory guards, checksums, etc. will only slow the cheaters down slightly. It's not fixing the problem though. The only secure model, is to not allow the client to make any meaningful decisions (other than the normal game mechanics obviously), but let the server track and decide all important values.
0
 
LVL 86

Expert Comment

by:jkr
ID: 24348859
>>but let the server track and decide all important values.

That would be the ideal solution, but for action-driven online games, it bears a big risk: The infamous lag, which can render these games unplayable if not all players have a higher-than-highspeed connection. If you are interested in that issue, take a look at the docs and discussions at www.sauerbraten.org (a Cube engine based game)
0
 
LVL 53

Expert Comment

by:Infinity08
ID: 24348887
>> That would be the ideal solution, but for action-driven online games, it bears a big risk:

Just to clarify. The client would still be computing, and using its own values (which avoids the lag issue). They would just regularly get synchronized with the server's reference values. And a few important things, like player death, would trigger the server to immediately "end" the play session (or otherwise handle the death appropriately).

So, if the client cheats, he'll only be cheating on his own screen. None of the other players will be impacted by his cheating (ie. if the user uses an invincibility cheat, he'll appear to be invincible only to himself, but all other players and the server will still see his health go down until he's killed), and the cheater will gain no advantage from his cheating - in fact he'll get a disadvantage, since he'll think he's doing fine ("I'm invincible"), while in fact he's not.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Article by: SunnyDark
This article's goal is to present you with an easy to use XML wrapper for C++ and also present some interesting techniques that you might use with MS C++. The reason I built this class is to ease the pain of using XML files with C++, since there is…
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now