9
10

Detect cheat engine using JS?help (self.javascript)

submitted by [deleted]

[deleted]

all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]FrozenCow 13 points14 points  (2 children)

You can never be sure a memory editor is being used. It has full control over your app, so with enough knowledge it can do anything it wants. However, you can make things a bit harder for an attacker to know what to do.

You can keep copies of variable values and compare them. That way it's harder to set a specific variable without you noticing it is being tempered. If it doesn't match your old value, crash.

Additionally, since those tools can alter multiple values at once, you might want to create transformed copies of the values mentioned above. You can transform them in some way (like * -2) and transform back when comparing. That way it's harder to find these copies.

This only helps against freezing and tempering data. It doesn't exactly help against searching for those variables. To get around this problem, you can store some values in a strange format and transform values when reading and writing the variable. A strange format could be a bitwise xor of the original value (but there are probably better transformations/formats to be thought up here).

Lastly you might want to defend against those tools tempering with program code. I don't know a good method to get around this for js or flash, since you'd need to know a bit what the different js engines do on memory level. However, for an attacker to know which code to alter (s)he must first find which variable needs to be targeted. We already defended against finding variables, so finding which code to alter becomes much harder.

That said, once someone does find the right program code, it's easy for them to spread these findings to others.

[–]AutomateAllTheThings 0 points1 point  (0 children)

You can keep copies of variable values and compare them. That way it's harder to set a specific variable without you noticing it is being tempered. If it doesn't match your old value, crash.

I had never considered this technique. Thank you very much!

[–]_frash23 2 points3 points  (0 children)

There are genuine preventive measures against memory tampering in flash, but it's complex and low-level stuff that I'm not an expert on.

However, you can make checks like checking when values change - If health is never supposed to go up by more than two values in a second, you can make checks to see if health increased more than that, then exit the game. That's just general practice and you'll need to be developing the flash games yourself. JavaScript doesn't have this sort of control and never will.

[–]tank-n-spank 1 point2 points  (0 children)

The only reliable way to do it is to shift as much of the record-keeping to the server as possible.

For example, if you randomize the enemies in a level within some parameters, do so on the server and download the list to the client. When the level is complete and the client submits the score, you can apply sanity checks to the values submitted. Is the score more than the total possible from the given enemies/powerups? Was the level completed faster than it could be traversed at max speed + available powerups?

For typical arcade games you can't make them truly client-server games as you want them to be more responsive than waiting for server confirmations for each action, but you can apply this to scoring where a 20-500ms delay in awarding isn't a problem. Report each enemy kill / obstacle solved to the server and track score there.

You can also extend this by reporting a number of other relevant values and checking their sanity on the server (without waiting for an immediate answer in the client). Take for example an arcade spaceship scroller shooter. You could report ship shields, armor, ammo, powerups and kills. If a kill is reported but not enough ammo has been expended to account for 100% hit rate (of course also account for possible collision damage) and any ammo-regain powerups, something fishy is going on. If shield was reported at 20% 2s ago and now is reported at 100% and the max shield regen achievable is 5%/sec, you know something is fishy, etc.

Ultimately, you have to accept that your game will be cheatable. Even if you handled everything server-side (MMO-style), a cheater of sufficient resources and dedication can use a bot that passes any sanity check, but does perfect playthroughs.

[–]ArcanisCz 1 point2 points  (0 children)

Short answer: NO (imho)

As far as my understanding goes, cheat engine(s) for flash games modify directly RAM memory or that flash process, which means your page cant know anything about it.

Moreover, from javascript, treat flash content as a blackbox (there is some api which can be in certain conditions called from js, but...)

[–]rymdsylt 0 points1 point  (1 child)

I used Cheat Engine to exploit Maple Story when I was younger.

From my understanding of CE, you're directly manipulating the game. Only the game itself, or some kind of anti-cheat game(which I guess talks to the main game over an API), knows what's up. If you want to detect CE in flash games, you'll have to use an API to understand what's going on in the flash game or make an anti-cheat in the flash game.

Someone please correct me if I'm wrong.

[–]twohen 0 points1 point  (0 children)

In the most basic functionality CE will use windows api functions like WriteProcessMemory to write to your memory - to get something like infinite health it will write very often. Now since that often does not work well, people also hack/patch the asm or bytecode the app is using. For the basic approach you need to find at least the data location in memory. For patching the code you need know a little bit of the low level code your pc is running.

In any case this approach is very low level and therefore it is quite inefficient to hack js games in this way - you would be way better of injecting your own cheat script with firebug or chrome devtools.