Programmer's Corner - Preventing Game Trainers from Modifying Your Game

Backup and Security Solutions 10% off all products with promo code: VISI-P1YR
Get the Programmer's Corner FireFox Search Plug-In

Preventing Game Trainers from Modifying Your Game

A game trainer is an external program that modifies settings in your game. These settings can make the gameplay easier, or downright simple for someone to play your game.

Some game trainers modify (increase/decrease) values, such as your health, or lives. Others prevent those values form changing. So you never take damage.

If you just want to know about the protection methods you can just go on further but if you want to see these protections at work, I recommend having this software before you continue.

Before I begin let me explain what a trainer is. A Trainer is a seperate program that has the ability to access the Primary memory used by another program in an
attempt to change valuable data ( in this case ammunition, health, Lives etc.)

In short Trainers are like external cheat codes. They seem to be fun if you are the gamer but if you end up being a developer it's a lot frustrating as the whole action and difficulty of the game is lost.

Even though trainer protection is not very critical it still is a good way to ensure that the game is played the way it is meant to be played. Some game developers are now trying to stop creating cheat codes in their games since the whole point of the game is lost.

An example is the game Uplink Hacker Elite by Introversion in which the patch for version 1.3 onwards disables cheats.   CD-Protection schemes do not prevent cheats from being used, CD-Protection schemes are used to prevent piracy. Trainers turn out as substitutes for cheats. This Article will help game developers to make trainer creation difficult if not impossible.

I would like to discuss the techniques that don't work first.

PROTECTION MECHANISMS THAT DONT WORK

 

(i).Some people think that displaying a value such as health in a graph stops beginners from making trainers.But this is not so.Assuming you are playing a game in which your health is displayed in the form of a graph. Now you start the trainer maker program which can search for values within an application.Nowadays these Apps have become so intelligent that they can even monitor changing values. So in this case we would set the search mask for "a decreasing value" and do our best in the game to keep losing health. Eventually the address is found. Overcoming this is explained later.

(ii)Another frequent method used is to use floating point numbers to store data. But Again Trainers allow mere users to search for float and double values.So this wont work either.

(iii)Adding/Subtracting/Multiplying/Dividing Numbers and using the result as the actual data has also lost importance. Because all you have to do is to find the value when your health(or whatever) is FULL and then "Freeze" the memory location as your health decreases. This way people can even overcome this protection without even knowing the calculation mechanism.

(iv) Using two or more variables even of different data types isn't of much help the reasons of which are the same as the one described above.

These are the basic protection mechanisms used to fight trainers but dont work. Now we shall see what really can be done to stop trainer creation.

MORE POWERFUL PROTECTION MECHANISMS

1) THE PLAIN CONDITIONAL

If you tell a software developer that you check the value of a variable just after you assign a value to it he might think that you are the dumbest programmer but it is not so. Look at this example that stops the game when a trainer is detected.

While Executing the code below make sure TSearch is Started and the EXE is included as a process. Then keep searching for 100/90/80 as the output is shown.
When you find the memory address freeze it or modify it and see the MessageBox Popping Up!!

#include <iostream.h>
#include <windows.h>
#include <conio.h>
#include <stdlib.h>

void trainer()
{
  MessageBox(0,"TRAINER DETECTED!","WARNING",MB_OK);
  exit(0);
}

void main()
{
  int health=100;
  cout<<"HEALTH="<<health><<endl;
  getch();
  health-=10;
  if((health+10)!=100)
  {
    trainer();
  }
  cout<<"HEALTH="<<health><<endl;
  getch();
  health-=10;
  if((health+20)!=100)
  {
    trainer();
  }
  cout<<"HEALTH="<<health><<endl;
  getch();
  health-=5;
  if((health+25!=100))
  {
    trainer();
  }
  cout<<"HEALTH="<<health><<endl;
  getch();
  health-=5;
  if((health+30)!=100)
  {
    trainer();
  }
  cout<<"HEALTH="<<health><<endl;
  getch();
}

So checking whether the value has been actually assigned is a very simple yet effective measure.A Similar type of protection is used in "Prince of Persia: Sands of Time".Try making a trainer on this game and you will see an ERROR Message and the Game will Quit.

2) RELY on SECONDARY STORAGE INSTEAD OF PRIMARY STORAGE

As long as your game is not using big-time graphics it's not a bad idea to store such data into files. Start TSearch again and test this program.

#include <fstream.h>
#include <conio.h>

void main()
{
  int health;
  char *fname="E:\\aaa.txt";
  ofstream out(fname);
  out<<100;
  out.close();
  ifstream in(fname);
  in>>health;
  in.close();
  cout<<"HEALTH="<<health<<endl;
  getch();
  out.open(fname);
  out<<90;
  out.close();
  in.open(fname);
  in>>health;
  cout<<"HEALTH="<<health<<endl;
  getch();
  in.close();
  out.open(fname);
  out<<80;
  out.close();
  in.open(fname);
  in>>health;
  cout<<"HEALTH="<<health<<endl;
  getch();
  in.close();
  out.open(fname);
  out<<70;
  out.close();
  in.open(fname);
  in>>health;
  cout<<"HEALTH="<<health<<endl;
  getch();
  in.close();
}

The most interesting part of this type of protection is that even if we find the memory address and modify it or freeze it, the correct value still appears on the screen.However,then the file which stores the data has to be either encrypted or stored in Binary Format. With Binary Format you can only view the file correctly if you have the correct contents of the file structure.

3) MORE METHODS......

The previous two are some of the primary protection methods but the right one to choose depends on the type of the game. If the game requires speed and the FILE STORAGE protection wouldn't be perfect.If the game size is important the conditional may not be suitable. But the whole idea of setting up a Anti-Trainer protection is to surprise the people who make trainers. Using a DLL File or the Registry to store data while Running the game is very frustrating for the game-hackers as no one would expect keeping such data in DLL Files or in the Registry.

No developer is as of now interested in putting a trainer protection since game development takes a lot of time and effort. But a Neat Game is a game which only allows people to play the game the way it is supposed to be played.

Author Information:

Sanchit Karve

http://www.freewebs.com/born2c0de/

born2c0de@hotmail.com

Comments:

Add your comments here.

Name

Comment

You can also send feedback to feedback@programmers-corner.com

Roger Bacon - January 14, 2005 5:41 PM

The whole idea of anti-trainer code isa waste of time. What developer would care what a customer does with the game after they buy it. Maybe the programmer should spend more time on anti-piracy instead of anti-modification techniques.

bart simpson - February 24, 2005 11:05 AM

unless you dont know what you are doing you will be debugging the game and finding the application code to mempatch insted of chasing dma values. and no doubt i'd run into your little value check routine

P47R!CK - March 19, 2005 5:18 PM

Both of your methods are not just hard to implement but also rather useless.
A.) It's a big effort to implent such a method for each value. (especially if the modification factor alters dynamicly)
b.) The checks are slow.
c.) the checks are even easier to bypass (modern debugger simply can find all references to an offset...)
----------------------------
So what would help?
A good anti debug code and maybe storing the values serverside (if it's an online game)

anonymous - October 21, 2005 10:52 PM

i think people should be able to use trainers if they want to.

Lao - January 13, 2006 6:02 PM

If it was coded, it can be cracked. Even the most advanced encryptions can be cracked, but with the current technologies, not in a person's lifetime. The fact remains that it's not impossible to get through, and a breeze to an advanced game hacker. Besides, why waste your time trying to keep people from cheating? Some people enjoy it. Just because you don't think it's right doesn't mean it's wrong. If you're that worried about removing one of the things that makes games enjoyable for part of your market, then you're in the wrong business. Only try to keep mutliplayer games cheat-free. Everything else... let the player play like the player WANTS to play. After all, it's just a game.