Announcement

Collapse
No announcement yet.

[Plugin] Anti-Cheat System

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

    [GAUGING INTEREST] [Plugin] Anti-Cheat System

    [PLUGIN + SOURCE CODE] (Now Also Available on Unreal Marketplace):




    ----------


    Hello Unreal community!




    I'm back here at this forum section to share with you more cool things, once again:
    I present you 'SCUE4': a super straightforward easy to use Anti-Cheat system for UE4 Blueprint developers.




    This Anti-Cheat system implements a variety of techniques I've learned along the time (while making, playing and cheating games), to invalidate any memory injection into your most important stored values during game runtime.
    Just like CheatEngine injects code in your game, this Plugin enables you to fight back and punch the cheater in totally non intrusive ways. There's no data collected from hardware, no player privacy infringement or anything like that involved.
    A great solution to keep cheaters away from your game front-end client with ease.
    And best thing is: you don't need to be an software engineer to use it! I love how far Epic Games allow us to go with Blueprints, it's amazing.




    All you need for a start (very good step forward) to defend your UE4 game project against cheat creators and 100% BLOCK 'script kiddies' from cheating on your Windows games ever again with [CHEAT-ENGINE].
    If you're making a game based on Windows and you don't know what Cheat-Engine is, you'd probably like to take a crash course here: [CE-TUTORIAL]




    I will add more details soon, for now you can see the basics of how the tools work in this video:





    Another Video: Cheating in Candy Crush with Cheat-Engine: [http://sendvid.com/89re93xu]







    ----------




    º Some features:


    * No DRM; let people play your game offline and still no cheating.
    * Block CheatEngine + 165 other popular debuggers on Windows from reading your game RAM.
    * Special property types, blueprint compatible, blocks memory value injection.
    * No privacy violation; no special user credentials required to run.
    * Detects debuggers trying to attach the process.






    Some Drawbacks:




    Build for UE4 Windows games only (32bit & 64bit), for now.
    Cheaters will complain at you. a lot.




    ----------








    [Requirements]:
    ° Both Key Generator and the external scanner requires VS2015 runtime dependencies to run; you can find it in Microsoft's Download Center.
    ° External scanner also requires .NET 4 which is by default installed on up to date Windows desktops.




    [How To Use SCUE4]:




    (always backup your projects before installing plugins)
    ° Close UE4, unzip the files provided into your UE4 game project's folder. Executable libraries and code will be added to your project's Plugins folder;
    Then right click your .uproject file and choose 'Generate Visual Studio project files'. Then open the .uproject file; around ~1.6GB of C++ code will be generated, so be patient.
    You may have to convert your project to C++ project first, simply adding an empty C++ Class to your game.




    ° Open your game project in Unreal Editor, click Edit and go to 'Project Settings..'-> 'Maps & Modes'; In 'Game Instance Class' field, set 'SafeGameInstance' class as default.
    If you have another custom Game Instance, use it instead, but after installing the Secure-Client plugin you have to re-parent your Game Instance to be a child of SafeGameInstance.
    This will activate the anti-cheat system for your game. If you want the anti-cheat tool-set disabled, just replace the default Game Instance again.


    ° To observe Game-Guard's behaviour while developing in Unreal Editor, and to activate the anti-debugger that is disabled by default, you have to:
    - Create or re-parent a GameInstance Blueprint from the 'SafeGameInstance' class and set it as default in Project Settings.
    - Uncheck the 'Hide Game-Guard' and 'Allow Debugging' check-boxes from the Details panel.
    - You most likely don't want to block debugging while developing your game, uncheck it only when packaging in Shipping Mode and ready to publish.









    ° There's also now a new 'K-Generator' toolbar button on your Unreal Editor's toolbar; you can use it to create custom encryption keys for your Get/Set encryption nodes:









    ° That simple, plugin is ready to use; Whenever you need a Safe Type in your Blueprint code, when creating a property in 'Variable Type' search for "Safe" and all available types shows:
    (Safe Color Type have been added as well)







    ° The Key Generator creates a simple text file which you can copy new keys from, and paste into your Get/Set nodes if you desire to use custom encryption algorithm; but you don't have to.
    These custom keys are entirely optional, they provide slight increased security for your game code. In case you don't provide any key, a default internal one is used:











    [FAQ]:




    ° What is the performance impact in game when using SC Safe Types in Blueprint graphs?
    - As you can see from image below, the Safe Types provided to encrypt Blueprint properties have a very very insignificant impact in your game code;
    - Each call to a Get/Set node has a function footprint ranging from 0.00ms to 0.01 milliseconds. In comparison: a single Tick Event call can sometimes eat up to 4.00ms.









    ° What about Garbage Collection, how these types deal with GC?
    - The code generates no GC, UE4 will fire GC only when you destroy the Blueprint/Actor that was calling the Get/Set functions/nodes.




    ° Which Types are Safe Type supported?
    - You can encrypt the usual types used for Blueprint properties, such as:
    Boolean
    Byte
    Integer
    Float
    Name
    String
    Text
    Vector
    Vector 2D
    Vector 4D
    Linear Color
    Rotator
    Transform




    ° Does Safe Types support SaveGame tag, to be recorded by the Auto-Save Plugin?
    - Yes. Just enable SaveGame tag in advanced tab as usual and you easily get encrypted Save-Game data stored in your .sav files.




    ° Is networking, replication, supported for Safe Types?
    - The idea is Yes, must be, but I'm still working on multiplayer code to make sure everything is bug-free when running in authoritative servers thus I'm not 100% sure yet.




    ° Why I mark any Safe Type as 'editable', but values in Details panel are disabled and I can't change them?
    - Because Safe Types are hidden and Unreal Engine's Editor doesn't know how to translate their encryption algorithm. Then what Details panel displays there is just a 'fake copy'
    - of the real value which is possible to change or read only through the Get/Set node functions. If you could change values from Details panel, hackers could use the same route to
    - trace the fake value and use it to change the real, encrypted, one without bothering with any encryption secrets.
    - So to say, the only way you can change encrypted values is really through the Get/Set nodes which you can use in Blueprint graphs and/or its Construction Script to set default values.


    ° What if the Game-Guard external gets cracked to never return any positives?
    - Then your game itself through the SafeGameInstance class will take over and run an internal Game-Guard system; the class is built to force a crash in the game at this case.
    - This internal built-in code is compiled inside the game and only runs if the external solution have being bypassed. You don't have to config anything for this, it's automatic.








    ----- -----






    [this is part of the tools you get from this system, encrypted data types! I will explain them later. click image to see full size]:


    [Types]:









    [Operators]:

















    ----- -----

    Source of the external scan process (SCUE4x64.exe); You can edit it and recompile to stop crashing the processes that you don't want it to close;
    Updated code in Game-Guard.cpp are courtesy of Jason Bentley:

    https://www.dropbox.com/s/3so2x9cf5y...Guard.zip?dl=0
    199
    Why are we not funding this? I totally need it!
    60.30%
    120
    I would use it; maybe yes, maybe no...
    34.67%
    69
    Nah... I don't care about cheaters. Don't need it.
    5.03%
    10
    Last edited by BrUnO XaVIeR; 04-15-2017, 01:30 PM.
    | Savior | USQLite | FSM | Object Pool | Sound Occlusion | Property Transfer | Magic Nodes | MORE |

    #2
    This could be useful.

    Comment


      #3
      Using memory injection to cheat in League of Legends;
      Since RiotGames implements zero client-side data encryption... we can hook the values, hook the DirectX API and build a bot that responds instantly to property changed client-side (no need to send fake packts through the network).
      This is possible by using Kernel32 to read/write to a process memory on Windows; the methods are the same used by CheatEngine or even UE4/VisualStudio debugger:



      With encryption implemented, the people selling this hack would need to at least brute-force a lot of data or even crack the game client; instead they simply read computer's RAM and use it externally for an undetectable cheat, because Riot leaves everything there open for anyone to see.

      -----


      Cheater using memory injection in Dota2 to defeat top ranking players; similar to what is used in LoL, but much less developed..:

      Last edited by BrUnO XaVIeR; 01-15-2016, 04:09 PM.
      | Savior | USQLite | FSM | Object Pool | Sound Occlusion | Property Transfer | Magic Nodes | MORE |

      Comment


        #4
        Interesting. I was working on a similar concept. Does your system primarily focus on protecting variables in memory? I'd love to actually talk about the methods being used... but sadly I know that runs the risk of workarounds being developed if the details are public. Would be nice to see a short video of it in action though!

        Comment


          #5
          Originally posted by ChipNinja View Post
          Interesting. I was working on a similar concept. Does your system primarily focus on protecting variables in memory? I'd love to actually talk about the methods being used... but sadly I know that runs the risk of workarounds being developed if the details are public. Would be nice to see a short video of it in action though!
          What this plugin actually does involves a bunch of steps that regardless of we talking about it or not, to workaround would require reverse engineering the game code anyway.
          (Is important to always clarify that this is not an 'anti-crack' solution (does any exist?); engineers can pretty much reverse to source code anything if they're willing to invest the time and money required for that. If your standalone/client exe is cracked there's not much you can do beyond patching and releasing constant updates)

          However if nobody has interest upon cracking your code, this is enough to stop external apps from cheating because most of the people using memory injection really don't know much or anything at all how to crack a software.
          I used to publish a class like some pieces of what is in this Plugin for Unity in Unity Asset Store; some small scale games made to be publish through Unity's webplayer and facebook ecosystem produced by EA and Square-Enix was using the memory protection code, along with many other indie games for PC and iOS.
          I've published it as open source code in Asset Store and funny thing is: a russian guy took a copy of the code and then created a thing he calls 'Anti-Cheat toolkit' and sold the thing for 10$ bucks lol, he poses like an expert to sell those C# scripts, but he doesn't really know what he's doing... Btw, I didn't bother with that since I've decided to make it open anyways and wasn't too much interested in dedicate myself to keep that always up to date.

          At first, after discussing what could be done to prevent memory injection within dev communities along 2011~2014, many devs were implementing kinda stupid solutions like what you can see in some good discussions:
          http://gamedev.stackexchange.com/que...top-games?lq=1
          None of that actually work of course.

          Some believe that doing something like this can stop cheat engine users and still use it; but for more skilled cheat users that is easily bypassed:
          public struct SafeFloat {
          private float offset;
          private float value;

          public SafeFloat (float value = 0) {
          offset = Random.Range(-1000, +1000);
          this.value = value + offset;
          }

          public float GetValue ()
          {
          return value - offset;
          }

          public void Dispose ()
          {
          offset = 0;
          value = 0;
          }

          public override string ToString()
          {
          return GetValue().ToString();
          }

          public static SafeFloat operator +(SafeFloat f1, SafeFloat f2) {
          return new SafeFloat(f1.GetValue() + f2.GetValue());
          }
          // ...the same for the other operators
          }
          Then many decided to do some fancy stuff like storing value behind a XOR operation, and they've done for quite a while. Still works for many cases...
          But then some skilled CheatEngine user can do something like this in CheatEngine, and ruin your encryption:
          alloc(TypeName,256)
          alloc(ByteSize,4)
          alloc(ConvertRoutine,1024)
          alloc(ConvertBackRoutine,1024)
          define(XOR_KEY,0e59d3a5)


          TypeName:
          db 'XOR Algoritm',0


          ByteSize:
          dd 4 //4 byte real value and 4 byte encryption key right after it


          //stdcall int ConvertRoutine(unsigned char *input);
          ConvertRoutine:
          [64-bit]
          //rcx=address of input
          mov eax,dword [rcx] //eax now contains the bytes 'input' pointed to
          xor eax,XOR_KEY
          ret
          [/64-bit]


          [32-bit]
          mov eax,dword [esp+4]
          mov eax,dword [eax]
          xor eax,XOR_KEY
          ret 4
          [/32-bit]


          //stdcall void ConvertBackRoutine(int i, unsigned char *output);
          ConvertBackRoutine:
          [64-bit]
          //ecx=input
          //rdx=address of output


          xor ecx,XOR_KEY
          mov [rdx],ecx
          ret
          [/64-bit]


          [32-bit]
          //[ebp+8]=input
          //[ebp+c]=address of output
          push eax
          push edi
          mov eax,dword [esp+C]
          mov edi,dword [esp+10]
          xor eax,XOR_KEY
          mov dword [edi],eax
          pop edi
          pop eax
          ret 8
          [/32-bit]
          ----- -----

          This Plugin, I've decided to do none of that;
          What it actually does is, for each of the property types, it introduces a custom C++ struct type blueprint compatible which has custom Get() and Set() methods.
          The only way to access the real value for one of these properties is by using the Get/Set functions. If you access the resulting value from, let's say this returning int:


          Whatever is returned by the Get/Set functions is just a mirror copy of the actual value, which is encrypted in memory by a method I've created.
          The thing about this is: every time you call Get() or Set() nodes, memory address of encrypted value is changed, mirror value is updated from encrypted value and then returned.
          That means your own game doesn't really know where the actual value is really stored until the Get/Set nodes are called and right after called, the location in RAM changes again
          With that procedure in place, CheatEngine can't "freeze" (for any case it has managed to locate the stored value) the address because the game isn't using it anymore anyway.
          'Freezing' the address is what I was doing at that Candy Crush video, to give me infinite moves.

          In case the cheater decides to track the real stored value using the deep debug view tool, he may locate the value in memory; but he can't simply change the value because he'll have to understand how the value is stored and decipher the encryption key that isn't a simple XOR operation.
          To decipher a simple, say 100 int, value he must know the code/decode functions understanding how they work and find in code the 'decode key' to insert the right value because even int,float,byte,transform number values are stored as a char* array encrypted by a key like this one randomly generated:
          bcCdfGiJmnNOPqQrRtuwWyZ012478@#aABeEIjkloSUvVxY59`^{%&*()_-=[]DFghHKLMpsTXz36~!$+/|\}';:,<>?.
          Cheater can't simply type 3E8 (1000) to change the points value to 1000 in debugger. That won't work; the game won't understand the number and whatever value he was trying to change will become zero instead.
          To insert the correct value in case this insane guy managed to find the call stack to Get() and Set() and inject code to make it stop changing memory addresses and manage to finally freeze the value (congratulations to any cheater capable of doing that btw), to make it work he must know the encryption key and insert the correct value, in case of that key posted above, the value of '1000' points would be: 63626262, instead of string of 1000 ( 31303030 ).

          But then, the plugin allows you to create encryption keys; the key is not fixed and you can attach a different key for every single new Safe Int,Float,Etc property you create and each of them will be encoded/decoded by a different encryption key stored in memory.
          You don't have to use the same keys of every other game, and don't have to use a single key for every values in your game
          You can go crazy and generate a ton of keys for your blueprints like:
          ADFKMnNqQtuvWZ16!'<\@~^&*(_-+|[abEHjJmpPsVz479`#$%)=/{;]}:,>?.BcCdefgGhiIklLoOrRSTUwxXyY02358
          dfFgGhiIJklLmMnpPqRstTVwWyY0135ceEHjoOrSUv2678`^+/[{:._)(&%$#9aAbBCDKNQuxXzZ4@~!*]<\?>,;'}|=-
          aABcCdeFgGJKLMnNOPrRTUwWXy138^=EfHiklpqsSuxYzZ025679#*(-<+/|[}bDhIjmoQtvV4@~`!$%&)_]{;>\':,?.
          bBCdgkmOqTY03:{]|=-(*&^#!`~9876aADeEfhHiIjJlMNopPQrsStuvwxyZ24cFGKLnRUVWXz15@$%)_+/[,<.\?>;'}
          ABceEHiqtWxy45`$%&-:>?01379~!#^CDImnsSTu268@['*()_=+/|]{};,<.\abdfFgGhjJkKlLMNoOpPQrRUvVwXYzZ
          GIKqRtuUY(/|'>.][+_)*&^%$#!~987aACEfhHJkmMnOQrxzZ5@`-={;:?\<,}bBcdDeFgijlLNopPsSTvVwWXy012346
          ABCDfhLoOrsSVWyZ039!#$&(+{>?~@8eEFiIKPvz67='<\.,:;}][|/-_)*^%`abcdgGHjJklmMnNpqQRtTuUwxXY1245
          dfghHLOpRTvVXy8`^&)/};~!#$%*(_-AbBcDeEFiIjJkKlmnNoPqQsWYZ4567@aCGMrStuUwxz01239,<>\=+|[]{':?.
          They'll have to crack reverse your game back to C++ code just to cheat and doing that to a UE4 game isn't as easy as reversing Unity games to original code like you can see HERE!
          Reversing a UE4 game to code costs time and money, I would simply give up...

          -----

          And there it is, I've just told everything about how the UE4 anti-cheat system work; still I have no clues on how to bypass this thing, I didn't manage to hack anything yet although in Unity I would simply extract the .NET dlls and change their code.
          If you have any idea of how you would workaround this and cheat in the game I would love to know :O
          Last edited by BrUnO XaVIeR; 02-12-2016, 10:13 AM.
          | Savior | USQLite | FSM | Object Pool | Sound Occlusion | Property Transfer | Magic Nodes | MORE |

          Comment


            #6
            Interesting approach for sure - I like it. Speaking of the RE front though, the one concern I'd have is that there are a few people who are doing RE even though the majority aren't. Eventually there's definitely the possibility that someone will step through the code to find the get and set functions and either patch them or create a hook to modify them much like you would with a crack. Considering cheat sites seem to be doing decent business (and there's a challenge to overcome which is all some people are looking for) I think it'd only be a matter of time before someone decided to tackle the problem and that's a huge problem if there are a large number of games using the same solution.

            My initial thought was to do something similar to what you have, but add in validation for game files (likely server-based for my game and encrypted as well just to add a few more hoops). The big one I was thinking of tackling though is periodic checks for common debuggers along with proactive measures like terminating the game process and/or debugger, or functions to automatically add a UUIC/cd-key/etc to a global banlist/watchlist when running debuggers are detected. Since that can cause potential problems (i.e. developers getting bans, etc) features like the ban list would need to be configurable per game, but it'd be nice to at least have the option. There are a lot of possibilities to make their life harder, it's really just limited by creativity.

            It's not foolproof, but having your game or debugger being told to kill itself regularly when trying to dig into the system would be annoying to deal with for sure. There's no real way to permanently solve problems like this, but you can make it tedious enough that most people will give up, or want to charge a decent amount of cash for their hack.

            I've only recently been tinkering with any real reverse engineering though, so I could be overthinking things a bit.

            Of course, some games would do better storing, modifying, and validating all these variables server-side - or at least the critical ones - but that does come with it's own set of issues. Either way though, there's definitely a lack of security focus in the industry so it's nice to see people trying to implement solutions.

            Comment


              #7
              Yeah, we have a tendency to throw everything at the server and say "check that!";
              That eats game's data transfer bandwidth though and a game that could be played by low connections end up requiring high speed internet to run.

              The big one I was thinking of tackling though is periodic checks for common debuggers along with proactive measures like terminating the game process and/or debugger
              This plugin already do that as well. But it won't attack Visual Studio, Valve's VAC will ban you if you play a VAC enabled game on Steam with Visual Studio open. but since we all use Visual Studio to develop, this plugin won't attack VS.
              We can turn on/off the cheat process notifier tool while developing the game. That's how I've recorded the video of cheatengine and the game did nothing; with the notifier tool enabled, your packaged game would simply kill the CheatEngine process on Windows.
              | Savior | USQLite | FSM | Object Pool | Sound Occlusion | Property Transfer | Magic Nodes | MORE |

              Comment


                #8
                Originally posted by BrUnO XaVIeR View Post
                Yeah, we have a tendency to throw everything at the server and say "check that!";
                That eats game's data transfer bandwidth though and a game that could be played by low connections end up requiring high speed internet to run.
                I know not everywhere has decent network connections, but this isn't an issue for some types of games imo. If it's a game that is competitive, or focusing heavily on multiplayer, a minimum connection speed really should be assumed. If someone is playing on a subpar connection they're going to end up reducing the enjoyment for people they get grouped with. With gigbit connections becoming more common over time, I think this issue will really work itself out. I'm really just talking about making a comparison to something along the line of md5 hashes which wouldn't be all that bandwidth heavy. At the same time, it will eat up some client resources if you're calculating files - so I'd really only look at doing it on launch, and if other suspicious behavior is detected.

                In any case, it's something to consider, as modified clients have been a thing for quite some time and are still used for things like some forms of headless botting, etc.

                Originally posted by BrUnO XaVIeR View Post
                This plugin already do that as well. But it won't attack Visual Studio, Valve's VAC will ban you if you play a VAC enabled game on Steam with Visual Studio open. but since we all use Visual Studio to develop, this plugin won't attack VS.
                We can turn on/off the cheat process notifier tool while developing the game. That's how I've recorded the video of cheatengine and the game did nothing; with the notifier tool enabled, your packaged game would simply kill the CheatEngine process on Windows.
                Nice! To be fair, I do occasionally use things like cheatengine for development, but that definitely doesn't seem to be the most common use.

                Will you be releasing a source-code version for people that want to tinker with it?

                Comment


                  #9
                  Originally posted by ChipNinja View Post
                  I know not everywhere has decent network connections, but this isn't an issue for some types of games imo. If it's a game that is competitive, or focusing heavily on multiplayer, a minimum connection speed really should be assumed. If someone is playing on a subpar connection they're going to end up reducing the enjoyment for people they get grouped with.
                  I don't think that I've ever played a game that transferred more than 100 kilobytes per second combined up and down. League of Legends, for instance, used ~80MB per hour back when I played. Might be a bit higher these days. Still less than streaming 360p videos on Youtube.

                  Connections speeds usually aren't the problem IMO. People often share their network and wind up with someone consuming a disproportionate amount of bandwidth, giving them high ping, or they have poor wireless connections, ISP giving them a bad route to the game servers, etc.

                  Comment


                    #10
                    Originally posted by MuchToLearn View Post
                    Connections speeds usually aren't the problem IMO. People often share their network and wind up with someone consuming a disproportionate amount of bandwidth, giving them high ping, or they have poor wireless connections, ISP giving them a bad route to the game servers, etc.
                    @MuchToLearn
                    Kind of on a tangent, but I wasn't intending to imply that the connection speed is the biggest concern for games in general. As far as gameplay is concerned, yes latency is going to be the biggest factor to consider - which honestly can be introduced in all sorts of ways.

                    Ignoring correlations between throughput and latency for this conversation, most of that communication you're referencing is consisting of small messages/updates, such as what the player is currently doing, updating what other players are doing, etc sent rapidly. Sending hash files is well outside of the average expectations by up to 6 or 7 times the combined traffic you mentioned each time it's sent. Note that number is coming from a WIP that's lacking a lot of assets and not using a single pak file, so it could be higher or lower depending on the exact setup of a game. Depending on the frequency they're being sent and received and the size of the hashes for comparison it could affect performance.

                    More importantly (in this context at least), upload speeds are much lower than download speeds. Considering we've already established a client isn't able to be trusted due to potentially modified game files, the only reasonable way to check the validity of the files is to hash them locally on the client and upload them to the server, which of course is heavily reliant on both bandwidth and latency.

                    Here's why the bandwidth matters:

                    The average upload speed in the United States (for example) is 5 Mbps, which equates to 619 kb/s. For reference: 1 megabit/s = 0.125 megabytes/s. My local "High Speed" internet providers have ~50% of their offerings at 1 Mbps (128 kb/s) up, a single plan at 2 Mbps (256 kb/s) up, and only the highest pricing tiers sitting at 5 Mbps up.

                    In my testing my hash files for numerous paks came out to 620kb which would need to be sent for validation. Assuming the client is able to use all available bandwidth (generally they don't), that still delays all other updates by at least a second including location, actions, status changes, etc. If those updates are delayed by a second, you run the risk of future updates falling even further behind, constant rubberbanding, etc. Being OOS as a player just plain out sucks for everyone. To be fair, a single pak doesn't cause the same problem - but this is more to highlight what I was driving at.

                    The point I'm driving at is depending on the exact methodology, and the exact connection we're talking about, it could be a not so insignificant thing to consider. Sure, the majority of your traffic is going to be affected far more by latency since that determines when you receive updates which are minuscule in size, but if you're sending larger files it has the potential to delay those updates for some users enough to cause a poor end user experience. Granted there are ways to optimize this sort of traffic, but that can't be an automatic expectation.

                    Sorry to go OT @BrUnO, I may have gotten a little carried away.

                    Comment


                      #11
                      @removed

                      Sorry for this mistake.

                      Comment


                        #12
                        Like an AntiVirus D:!
                        Find PE of a program (CHEAT) to kill :P
                        UE4 should have a maintained list with PEs to every cheat and a system like VAC to never get a DLL injection in owns games.

                        Regards!

                        Comment


                          #13
                          Originally posted by Corey88 View Post
                          @removed
                          Sorry for this mistake.
                          It's not blueprint code; it is a C++ library that generates blueprint custom types that can be used both on C++ game code and blueprint game code

                          Originally posted by s4ng3r View Post
                          Like an AntiVirus D:!
                          Find PE of a program (CHEAT) to kill :P
                          UE4 should have a maintained list with PEs to every cheat and a system like VAC to never get a DLL injection in owns games.
                          Yeah kind of;
                          It can also detect if someone is trying to attach a debugger or already did attach it to read through game code.
                          The plugin usually will request the game to close (if you enable this option) when no authorized debugger is attached to shipping build standalone game.
                          Engineer would try to bypass that by changing the code in disassembler and save to .exe then run the game without this check; but then the game knows if it's image size has been modified
                          It has layers and layers. The experienced engineer will actually remove each of these deffense layers, but he'll never be 100% sure if he did really remove everything to be undetected until he reads through the whole game code... and that may take from months to years depending on size of your game code base. :s
                          | Savior | USQLite | FSM | Object Pool | Sound Occlusion | Property Transfer | Magic Nodes | MORE |

                          Comment


                            #14
                            A friend asked an interesting question... He wanted to know if this plugin can detect and burst cheat engine when it's ran in 'stealth mode', when they change every info about cheat engine in every file/folder/registry; like in this image:
                            (in this image everything used to identify Cheat Engine's exe process is changed and erased then most anti-cheats can't see that it is running)







                            And the answer is... Yes, it is detected easily; when someone does that, your game using this UE4 Plugin will still know that player is using CheatEngine, OllyDBG, ArtMoney, whatever.
                            (although that is smart and really helps bypassing some commercial game-guard solutions out there)
                            But I won't discuss how, because this is something that didn't come under their radar yet and I believe will take a while before they figure out what's going on. This is the fun part of the job
                            Last edited by BrUnO XaVIeR; 01-20-2016, 10:33 PM.
                            | Savior | USQLite | FSM | Object Pool | Sound Occlusion | Property Transfer | Magic Nodes | MORE |

                            Comment


                              #15
                              I am really interested on this plugin Mr BrUnO.

                              I was wondering something. Would this system works on online games where a client acts as a server and other clients connect to him? What I mean is having no dedicated server that holds data. As you see, all the data will be held within the files of the clients.

                              I know that it is easier to keep variables safe if you own a server just like many MMORPGs does. Because in the end client files do not contain any important data other than 3dmodels etc. Though if you cant afford a server, you have to keep those informations in game files directly.

                              In this case, imagine someone played the game for a while and have reached level 5 rank in the game. This info is now contained in the files of the game. Lets say the guy wanted to increase his level to 50, THEN wanted to start the game.

                              How would the plugin know if the file is changed before the game starts? Or my fears are just noobish?

                              Sorry if I didn't make any sense! Thank you for your time and reading!
                              Fighting Game Template: PROJECT: Unreal Fighter 2D

                              Comment

                              Working...
                              X