Hello, I’m attempting to find Cheat engine in the list of running processes. But when I run a simple check it can’t find it even though i have it open. Yet if I use this same script in a Console Application (VS) it works fine.
public Text test;
IEnumerator Start()
{
yield return new WaitForSeconds(1);
print("loaded");
foreach (Process proc in Process.GetProcesses())
{
if (proc.ProcessName.ToLower().Contains("cheat") && proc.ProcessName.ToLower().Contains("engine"))
{
test.text = "u a haxor | " + proc.ProcessName;
}
}
}
There’s pretty much no reason to check for Cheat Engine on a single player game, and if you’re doing something multiplayer, you shouldn’t be relying on the client to give right information anyways.
So, as others mentioned, we need to differentiate between 3 or so scenarios here.
Singleplayer / local only Games
Locally or privat hosted Coop / Multiplayer Games
Multiplayer as a Service / MMO / Competitive / Monetization Ingame / …
In the third scenario, you clearly want or must have some cheat prevention mechanisms. This is usually approached by a client-server type architecture, where the server validates the data send from players and has authority over their actions. This is however accompanied with additional complexity and development time, as well as some necessary trickery to get around additionally introduced delays and so on.
In the second scenario you usually do not want to bother with cheat prevention mechanisms. While it can be a nice-to-have feature for the players hosting the game, it is usually not worth the above mentioned effort. You could implement the game using a similar client-server achitecture as mentioned above, but usually for smaller teams you cant affort to spend the amount of time required to make cheat prevention worthwhile. “Worthwhile” being a keyword here, since it’s hard to justify something which does not gain you anything in terms of gameplay experience or monetization.
Last but not least: singleplayer. Just dont. You will lose this war and there is nothing you can do about it. The files are on the local machine of the user. The game data is written into their local ram. There is nothing you can do about them altering it however they like. People who want to cheat, will find a way to do so.
So you can detect processes with the word “cheat” in it? Fantastic. People are simply gonna use some other cheat software, or rename the process. Meanwhile someone with a foreign but legit programm called “hacheatmahjat” is wondering why he cant play your games. You lost development time, some players suffer because of it, and those who truly want to cheat will still (easily) do so. Everybody loses.
Not to mention: it’s a singleplayer game. Why would you even want to dictate people how to play it? Some people enjoy cheating. They will cheat. Why bother with it? A lot of modern games even embrace this idea. Hades, for example, introduced an inbuild god-mode (which isnt really a god-mode, but simply damage reduction that scales over your deaths). Those who want to experience the game (for the story, for example) can do so, even if they suck, while the developer still has some control over the gameplay experience as a whole. If you want to control cheating, that would be an option.
Thanks for the fun exercise. I was able to defeat it within about an hour. I would have achieved it sooner but I had to start from the very beginning as I almost never use Cheat Engine and when I do it’s only with tables others have made. A few minutes of searching gave me the following script that needs to be placed in the CE autorun folder.
At first the script didn’t work at all so I added some debug lines to your script to see what was happening, and I quickly discovered that you were just searching if a string was contained in another and it was picking up this forum thread which was open. It was also detecting the settings window even though it wasn’t open.
Solving the forum thread window was trivial but the settings window confounded me for a while. I tried to be clever with complex solutions that I came across mention of but none of them worked. Finally I discovered that I could just open and close the settings window and it was removed from the list solving the problem.
All of the above was done with the sole purpose of showing people that this is a futile way to defeat someone that wants to cheat in a game. It’s not like it’s the only method available either. Modifying your game would have been a difficult task but that’s not even necessary as I can simply recompile CE with new window titles.
Right, keep in mind that Cheat Engine is just an ordinary Delphi application. A really long time ago I’ve written a small delphi command line tool that can manipulate / enumerate any window in the system. It could even change the parent of windows or set a new region. Of course you can also change the title of the window. So with that tool I can change the title of any application, even those which do not support this ^^.
It’s really a pointless fight. Most anti cheat systems also scan its own application for injected DLLs and stuff like that. However in the end you’re never save. The worst case is if the game runs in a virtual machine and you use cheat engine or something similar on the host system. So you’re actually manipulating the virtual memory of the virtual machine. This is undetectable by the game. The only thing the game could detect if it double / triple buffers all vital variables and check for discrepancies. This is a lot harder, but also doable.
An important point is, as Kurt always points out: It only takes a single script kiddy to develop a hack for your game and once it spreads everyone who wants to cheat can.
I just searched my old HDD and found my “window handler”. This is an excerpt of the full tree view of all windows currently open (actually 1790 …).
I’ve highlighted an notepad instance (“Unbenannt” means “unnamed” in german). The yellow part is the window class, the while part is the “HWND” (window handle) and the blue part is the title.
Executing wh2.exe Win(Unbenannt).Info gives me
This is what the window looks like:
When executing this command: wh2.exe Win(Unbenannt).Rename(I HAVE A DIFFERENT TITLE NOW)
The window changes to this:
As I said, it works with any window I could even parent my taskbar to that notepad window. Though this can be dangerous ^^ closing notepad means the taskbar gets destroyed…
So yes, looking for a window title does not really solve the problem and just has a lot potential for false positives.
You’re correct, but I don’t think the average script kiddie will be able to recompile cheat engine with a different title.
This is just an extra layer of security, a well-protected game should also have protected memory, obfuscated code, etc.
It is also possible to further extend this, for example, add simple checks to make sure the found HWND is not a browser window or windows explorer. So yes, my solution is not perfect, but it adds a layer of protection.
Not to mention, it adds a way to F over legit people running legit programs with “weird” titles. Which might be due to different languages. Or simply legitimate words containing the term you search for, like “escheat”, which is a juristic term. The average “script kiddy” does not need to do anything at all. One single person need to find a way around this “layer of defense” as you call it, or “horrible idea” as i’d call it, and then everybody gets around it for free. Guess what, several such solutions exist in this thread alone. Which reduced the requirement to get around it from being an “advanced script kiddy” to “being able to google”. I fail to understand how you can still think of this as a good idea after rading all the input offered by the people here, but it’s your game.
This is actually a very good way to make sure nobody hacks your game.
The more time you spend on this, the less time you will spend on your game. The less time you spend on your game, the fewer people will play your game. The fewer people you have playing your game, the fewer hackers you will attract. The fewer hackers you attract, the less often your game will get hacked.
You don’t have to recompile cheat engine. Changing the title of the window(s) is a feature built into the tool. One of the simplest to achieve. Literally two lines in a text file that you place in a folder. Like I said I was able to accomplish it in an hour with almost no knowledge. If anything I would classify it as trivial for a script kiddie to accomplish.
That said a script kiddie will only have to worry about coming up with the solution themselves if your game is not popular. Popular games almost always have dedicated threads on the CE forums with premade tables. Elden Ring had a thread within a week of release and it uses a proper anti-cheat system not a hack job like yours.
I just searched my old HDD and found my “window handler”. This is an excerpt of the full tree view of all windows currently open (actually 1790 …).
