Like Tree1Likes
  • 1 Post By Uraldor

Stoping debug.

This is a discussion on Stoping debug. within the Windows Programming forums, part of the Platform Specific Boards category; I'm working on a game engine and wish to be able to stop debuggers from hacking my software. How do ...

  1. #1
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299

    Stoping debug.

    I'm working on a game engine and wish to be able to stop debuggers from hacking my software.

    How do I detect/stop debuggers?
    Links/Functions/Anything would help.
    Thx
    Try to help all less knowledgeable than yourself, within
    the limits provided by time, complexity and tolerance.
    - Nor

  2. #2
    Registered User
    Join Date
    Dec 2001
    Posts
    421
    Well, its a long, hard road to stop people from reversing and playing with your software.

    My advice, learn to break it yourself so you know how they do it, and then implement your own methods to circumvent those techniques.

    There are a few ways to detect if a program is being debugged. One way is to scan your own memory space for '0xCC' (the breakpoint byte/INT 3) and if you find it then you are being debugged (this'd be a separate thread of course). Have a search on the web to find more info on this.

    A CRC check over your own exe/memory space will also tell you if you are being debugged, or if someone has patched the process/exe.

    Most of the time when people break games and other software they use tools like NuMega's SoftIce. There are quite a few ways to detect if this is being used. Meltice is one way, which simply check to see if the vxd is loaded (but i think this only works on Win9X). So search for Meltice on google and i'm sure a few more links to anti-softice protection will come up. have a search for crackmes and tutorials on reverse code engineering... they'll give you a few hints.

    Using an exe packer (such as UPX) before releasing your software is also a good idea. It's not really hard to decompress, but it's another step that can be tricky for some people to reverse.

    You could also buy some proprietry/3rd party software that protects your own software..

    hope that helps.
    U.
    inu11byte likes this.
    Quidquid latine dictum sit, altum sonatur.
    Whatever is said in Latin sounds profound.

  3. #3
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299
    Thx for the reply.
    I've been studying and am to the point where I can crack my software.
    I use traps and triple test protection methods. Basically if one has been tampered with it knows.
    I'll look up 0xCC and softIce's(my personal fav.) VxD
    But would you be more specific about CRC?
    I've never heard that term before.

  4. #4
    Registered User
    Join Date
    Dec 2001
    Posts
    421
    No probs.

    well, being able to crack your software is good and bad, so you now get the idea of what people have to do to break it.

    Remember, if you implement a check for 0xCC, there will always be at least 1 0xCC in your code because you are typing into your source code. so make sure you keep this constant as part of the data section, and when you check for it dont search that particular section.

    CRC = Cyclic Redundancy Check/Count

    Basically when you run CRC over a block of data or a number, you end up with a resultant number. If at any stage you run the algo again over the same block and the resultant number is different, then something has changed. CRC is used alot in error checking in compression/decompression and data transfer/comms.

    do a search for it and you'll probably find a whitepaper somewhere.

    SoftIce is my fav too, i think anyone who's 'tinkered' with software will appreciate just how good it really is.

    cheers
    U.
    Quidquid latine dictum sit, altum sonatur.
    Whatever is said in Latin sounds profound.

  5. #5
    Evil Member
    Join Date
    Jan 2002
    Posts
    638
    If you give your binary to someone who really, really wants at it, its probably gonna get tinkered with. There really isn't any way around this.

    A question:

    Are you trying to protect your rights to your algorithms as a matter of intellectual property or are you trying to ensure that the game can function in a multiplayer setting without players being able to cheat?

    If the former, the law is often a better defense. If the latter, you may consider having the program check against the other users', or use some server-side validation of actions.

    Unless I'm just missing the point...

  6. #6
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299
    I'm trying to stop the usual way of hacking a game and creating cheats.
    I'm using server side verification but that causes its own problems. Like warping when the client lags.
    Also delayed actions. like firing weapons.

    So i'm including anti-debug methods which will let me reduce the warping and delay.

    I know there is nothing I can do to stop my code from being tampered with but i'm sure as hell going to try!

    Have you ever play a multiplayer game when someone was hacking?
    its chaos
    Try to help all less knowledgeable than yourself, within
    the limits provided by time, complexity and tolerance.
    - Nor

  7. #7
    Evil Member
    Join Date
    Jan 2002
    Posts
    638
    Sony does a good job of server side validation. You desync, you get booted. You lag, you get booted. Your system clock doesn't jive with theirs, you get booted.

    There is not a single cheater in a playerbase of over ten thousand.

  8. #8
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299
    Originally posted by Imperito
    There is not a single cheater in a playerbase of over ten thousand.
    Sorry but a few people cheat at sony games.

    Sony does do a good job of keeping out trouble makers but i've studied and cracked EQ and it wasn't hard.
    Some things have to be left alone but there are work
    around and endless possibilities of DoS attacks against other players.

    Using a normal debugger EQ like many other games crashed it.
    Thats why i'd like to learn the methods used.
    In my own code i've found many workaround.
    So far i've been able to make 8 cheats.
    And fixed 3.
    The others I tried to fix but i'm still working on it.

    CRC is working. Its detected my tanner. But i've already found a way to beat it. damn....looks like i'll have to change it a little.

    But anyway....
    Is their a way to see what process is editing the memory of another?

    I know I can use WriteProcessMemory(); to edit the memory.
    Thats what my tanner uses.

    I've seen tanner spy but don't know how it works. It recorded what memory has been edited and what the changes where.
    With softice on I see it is using calls to int3.

    Where can I get a list of all the int's and their uses?

    Do to a couple of PMs I received
    Another Disclaimer
    I would also like to comment on the subject content of this post and the importance of such matters.
    Using cheats on online games is not only lame, Its weak.
    Please don't do it.

    I am not using this information for
    quote "new ways to cheat that the games i suck at" end quote

    They ONLY reason i'm asking questions about the subject is to stop it from happening.
    Thx
    Last edited by Nor; 06-07-2002 at 02:34 AM.
    Try to help all less knowledgeable than yourself, within
    the limits provided by time, complexity and tolerance.
    - Nor

  9. #9
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299
    Here is a good artical about CRC
    http://www.4d.com/ACIDOC/CMU/CMU79909.HTM
    Try to help all less knowledgeable than yourself, within
    the limits provided by time, complexity and tolerance.
    - Nor

  10. #10
    Evil Member
    Join Date
    Jan 2002
    Posts
    638
    Was refering to Infantry, not EQ.

    Never played EQ.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Binary not built with debug info - why?
    By ulillillia in forum C Programming
    Replies: 15
    Last Post: 12-11-2008, 01:37 AM
  2. makefiles - debug & release?
    By cpjust in forum C Programming
    Replies: 6
    Last Post: 10-26-2007, 05:00 PM
  3. Debug --> Exceptions in Visual Studio 2005
    By George2 in forum C# Programming
    Replies: 1
    Last Post: 08-10-2007, 03:12 AM
  4. Results in Debug and Release mode are different
    By jaro in forum C Programming
    Replies: 11
    Last Post: 05-27-2006, 12:08 PM
  5. Ask about Debug Assert Failed
    By ooosawaddee3 in forum C++ Programming
    Replies: 0
    Last Post: 04-25-2002, 12:07 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21