Cheat Engine

xTopkek · How do I cheat? Reputation: 0 Joined: 21 Jan 2017 Posts: 5

So hi.

I do know that multiplayer game's are not beeing supported or whatever..

Im not asking for help for a cheat or w/e just a thing to discuss.

I've been cheating in an mmorpg since about 4 years, and since some weeks they patched the usage of those memory editors.

The game has no anticheat client or anticheat in any way.

So when you open the game login etc... and inject the cheat engine it crashes after 5-40 seconds.

So the weird thing is, even when I do NOT attache CE to the .bin of the game it crashes after 5-40 seconds even with other process name an so on.
Am i right with the thinking that the game is checking my WHOLE memory, because I dont like it when programs who shouldn't check it, check it.
Besides that, this would be illegal af too.

grz

STN · Posted: Sat Jan 21, 2017 12:47 pm Post subject:

Its not illegal, you modifying it however is illegal.

It is hard to tell what's the issue without knowing game's name.

xTopkek · How do I cheat? Reputation: 0 Joined: 21 Jan 2017 Posts: 5

Fiesta, i don't think it's known.
Editing clientsided "settings" worked/ works bevor it closes.

But besides that, i was doing something else not even injected into the games client, so it has to be reading the whole memory which isnt legal in germany afaik. It's only allowed to look into its own dedicated memory segment aint it ?

atom0s · Posted: Sat Jan 21, 2017 2:17 pm Post subject:

Actually, a game scanning your process list or reading information from other processes is illegal unless it is stating in their EULA / ToS that you have to agree to allow it while using their software. And you editing another processes memory is not illegal.

If anything it sounds like they are doing some basic checks for Cheat Engine and other debuggers, be it by window title, process name, or even some older methods of looking for common layout details on each window that is currently open. It's not too hard to determine what's being done if you look into some API being used.

For seeing if they are detecting your process, you can check for:
- CreateToolhelp32Snapshot
- Proces32First/Process32Next
- Module32First/Module32Next
- (Using PSAPI) EnumProcesses

For seeing if they are detecting by windows:
- EnumWindows / EnumChildWindows
- FindWindow / FindWindowEx

Granted these are user-mode API that are easily avoided by using their Nt counterparts and/or a driver to kernel mode detection, all depending on how their game is implemented to detect things.

xTopkek · How do I cheat? Reputation: 0 Joined: 21 Jan 2017 Posts: 5

Since im pretty tired and im not that deep into it i just looked in its bin what it's calling even i didn't checked all i'll do that tomorrow.

What i got right now is this

ulysse31 · Posted: Sun Jan 22, 2017 2:28 am Post subject:

xTopkek · How do I cheat? Reputation: 0 Joined: 21 Jan 2017 Posts: 5

The renaming was the first I tried to which didn't worked.

Later I started the cheatengine in a sandbox and it worked, I didn't even thought it would find other processes lol.
Some weeks later the sandbox method got patched too.

grz

edit: even some hexeditors cause a shutdown of the game lol

ulysse31 · Posted: Mon Jan 23, 2017 2:09 am Post subject:

atom0s · Posted: Mon Jan 23, 2017 1:35 pm Post subject:

There are a handful of ways things try and detect Cheat Engine, it is not just by its process name. There are detections for:

The process name.
The process path. (ie. C:\Program Files\Cheat Engine 6.6\asdfasdf.exe still shows its Cheat Engine via the path.)
The window titles. (Not just the main window, all windows that CE makes.)
Control layouts to detect the 'look' of the CE window.
Control names to look for certain things like the buttons to open the memory editor.
The driver by its name.
The driver by its path. (See above.)
File checksums for pre-packaged CE files.
File names for modules that CE loads and/or injects. (ie the VEH debugger.)

If you want to bypass an anti-cheat with Cheat Engine, the easiest method is to compile your own Cheat Engine and rip out everything you never use. Make it as bare bones as possible.

Cheat Engine is open source, so download it here and start editing away:
https://github.com/cheat-engine/cheat-engine

xTopkek · How do I cheat? Reputation: 0 Joined: 21 Jan 2017 Posts: 5

Okay i managed to get it nondetected now.

It still gets shut down wenn I edit any values...

++METHOS · Posted: Sun Mar 12, 2017 11:11 am Post subject:

You are discussing a mmorpg, which is prohibited per the forum rules. Since you have disclosed the name of the target, this thread should have been locked.

Reported.

pellik · Posted: Sun Mar 12, 2017 11:12 am Post subject:

You're either going to need to do battle with the detection method or use a different method to change your game.

First see if attaching the debugger causes an exit. The game might be checking the validity of the values, it might be watching itself for hooks. Either way if you're really quick and lucky ultimap may catch the detection code if you're quick with it.

Better yet is that there are numerous examples of other ways to hack games on the websites out there that don't censor multiplayer hacking. You just have to know a little C.