Cheat Engine Not Showing Values
Charolette Antosh
Hey guys i have been testing the limits of age of mythology for a while now, in the search for the most op unit possible.
So i made osiris and zeus have like 10 to the power 38 hit points and 10 to the power 38 damage respectively with a 99 percent armor respectively, for making the most overpowered Rts charcters ever.
The hitpoints counter in Age of mythology always becomes negative after 2 billion, which means there is a visual cap right?,( but the 10 to the 38 hitpoints do work as i have tested and even confirmed through cheat engine).
Nope. he literally traverses across the screen, my speed is 10 to the power 38, so yeah the game does behave a bit weird like the character literally vibrating and stuff on screen.
But no crashes so far.
Btw, i gave a kronos titan a hitpoints value of 24 9s and a damage of 24 9s as well.
Osiris literally oneshotted hundreds of them, and no lifelost.
The power of being 14 orders of magnitude above a character.
It can't be done, is about DRM, but the same applies to anything which the user doesn't want on his computer including Anti-Cheat mechanisms. (Which has the tendency to be even harder to do than DRM.)
But why would you, really why would you? It's your customers computer, not yours, the customer does with his computer whatever he pleases to do with it. You have no rights about it. Your program is removed if the customer doesn't like it.
For multiplayer games it's not about designing the binary running on, but designing the communication. Letting the users just send "I've won with 20000 points" doesn't work, neither does "I've 2000 Gold". You'll need to simulate the game yourself and just let the players send what they are doing like "I ordered the soldier to move to point X/Y" or "I've bought Item number 43", not what the result of that actions are. The server decides what the results are, and who won in the end.
The first is not effective and won't stop any determined person from attacking your game - and it's also error prone. However, you can make it a lot tougher, not full proof, if you would like. Some common strategies are available all over the web but as other people have mentioned - you have to ask yourself if it's worth it.
The alternative, of course, is to just store everything on the server and make a game server that is a master. Not only is this expensive, requires upkeep, and increases development time... fans are not so impressed from the implementation of popular games like Diablo III. Or here. I should note for an online flash RPG like Adventure Quest this model has actually been working pretty well for them, however.
I can't provide much guidance on how to implement this type of approach as it's very broad, wide and requires a lot of planning. The basis to know is that the server decides everything and the client is nothing more than a mere input and display console.
As other answers have pointed out, even the best efforts could be potentially circumnavigated by a single hacker, and provided to the rest of your player base. You can still make effort against this, but look to other answers for suggestions how. This answer means to save you the trouble, if your game only aims to provide single player gameplay.
This misses the point entirely. Games are a form of entertainment. Generally, your player base is playing your game to have fun. If a player uses cheats in your game, there is a reason they are using cheats. It is safe to assume that that we can not guarantee each individual player's definition of fun; if they use cheats, perhaps that is their way of making your game more enjoyable, to them.
It is important to stress that this only works in single player games; if the player tells you they want to use cheats to have more fun in their game, no harm done. As soon as there are multiple players in the game, the exploits of that first player could become an unfair disadvantage to the other players. This is the only real situation where you should not allow cheating.
Maybe you can encrypt the values so that rookie memory edoits wont get to them, but all the communities, such as Cheat Engine, GameGuarian for Android, ArtMoney, Game Hacker ect have people that are going to be able to hack anything you process client-side and show the others how to do it or publish trainers.
Its is a futile effort to try and deter cheaters cleint-side in my opinion. Also not really fair, since it is their device and if they want to memory edit stuff happening on their device, why would you hinder them? The customer is king afterall.
Encrypt the player variables: scaling the value, adding a constant, etc. This brings a new problem: a hardcore hacker could disassemble your program and find the numbers you use for encrypting your player variables. For this, use random numbers. You can also scale up the values of your player variables and then add a random number such that the added number does not significantly alter the value (adding 10 or 20 to a scaled up value of 2000 does not make a lot of difference).
While the above code solves some serious issues, it is still crackable. The only information the hacker will need is: the player variables are accessed through a pointer (he could also find out by disassembling your game but it is going to be annoying and hard). Once the hacker has the address to your player variables along with other secret random variables, it is going to be an easy task for him to develop a cheat.
In my opinion, without disasembling, you cannot really write a hack tool for such a system. The result is unpredictable as you are going to add a random number to the player variabels each time it is modified. The range in which the player variables are stored isn't the same on every startup either.
Keep changing the address of the player variables occasionally. Does it hamper the readablity of the code? Well, it does to some extent but you can abstract the entire process in a single class which has well-explained comments. The interface provided by the class will have simple Set/Get functions. The frontend programmer wouldn't have to worry about the underlying complexity.
If you want to harden your game against cheaters, the best way is to buy a software solution that does that for you. There are several providers, and you can find quite a few of them by googling for "anti cheat breaks my game".
The professionals are much better at actually preventing cheats than you are, and much better at not breaking your game than you are (and still don't succeed 100%, at either of these). So if you feel there's value in putting such a solution into your game, buy it. Doing your own will be vastly more expensive.
Cheaters usually use tools like Cheat Engine, and to change a memory value they need to get the address for the value they want to edit. I've seen a video where the method to find the desired address is to look for, say, a health address. If you have 100 health, you would search for the value '100' in the memory. You'll get (probably) multiple addresses with values of '100'. Then, you try to change your health by taking damage or healing. You'll filter the addresses and search for the new value (e. g. '89'). You repeat this until you have one address. Now you can change that address and you'll change the in-game health value.
I think to prevent this, create some variables with gibberish names which get updated to the actual value every (n-th) frame. This way, if the cheater tries to seek the address, he will always have multiple options and will (probably) have to be patient to find the real address.
I mean its not that hard. You can keep 99% of the memory edit cheaters (those Game Guardian, Cheat Engine ect at bay by simple multiplying values. Even multiplying by 10 in the memory will keep most of the at bay.
Encrypt the hell out of it! Store important numbers broken up in multiple locations conjoined with other values so that they will constantly change! Use dummy numbers that if altered tells them they are cheaters.
I'm not going to help the hackers that much so bear with me. I will not mention any programs that I use to do this. You will have to figure that out. The only way to truly stop them is to know one thing. They do not want their hack program to be detected.
So far, all of the hacker/trainer users that I have defeated. The developer of the hack will put a detector on it to see if something is watching. If something is, then the hacker/trainer program will either close automatically on their end or it will only half work.
For instance in dirt 3, trainer users can make your car spinout automatically. But if you put up a detector on your end the cheats own detector will detect it and it will close part of the cheat. Not all of it.
The only part of the trainer program that I have seen effected from my meddling is super brakes(perfect braking) and the spinout(car losing control for no reason). I have mostly racing games as you can see. They are all from codemasters and sadly those games do get abused by cheaters quite often.
I believe that I am only able to stop them because of the way that we connect to each other while playing. It's probably the same reason that they could cause a spinout for a normal player that has no clue about security.
My biggest suggestion is to get a very good internet security antivirus(Norton, Mcafee, Avast, and all the other shitty av's will not help you). Be willing to spend $50 to $90 on a very good av that I have not listed and then learn how to experiment with it to effect online play.
It takes a lot of patience and a lot of guinea pigs. I've had a lot of success with this but also a lot of years of experience in dealing with trainer users. I don't know any code whatsoever. It has nothing to do with it. The code part, is locked down and you can't do anything about it. You could think that you can but it's just not possible to actually stop what they are doing on their end.
c80f0f1006