Pointer base address/offset obfuscation as an anti-cheating measure in games?
Question
I know this is a very specific question, but cheating in games is a hot topic, I was wondering if obfuscating base address of important pointers and obfuscating member variables offsets is a valid anti-cheating measure?
Member variables addresses usually change when the game is restarted, while base addresses of pointers are always the same, so cheaters find base addresses of game objects, which hold important data, then add offsets to get to member variables to read information stored inside them (like game->player[0]->health).
If game developers added a random number of variables (or just some data) before the declaration of the game class pointer and added some random length data before important member variables (eg before game->player and player->health), wouldn't it put an additional burden to cheaters? They would have to find base addresses anew everytime the game is recompiled, or find some other more time-consuming methods of finding important member variables in memory.
I'm not a C++ programmer, does C++ allow to do this during compile-time or maybe even during game launch? Are there any tools for that or would you need to write a custom parser for this? Or maybe this approach wouldn't work at all for some reason?
EDIT: I'm mostly talking about online games, where you have to connect to a game server, so I'm sure there is a way to make sure that cheaters can't avoid updating the exe file, if it was forced by game DEVs (by changing game packet structure for both server and client for example).
1 answers
solution1
0 2022-09-06 17:07:54
The way to make an online game cheap proof is to not trust the clients.
Everything else isn't going to work; you are just painting over the cheats, not blocking them.
The second best way is to validate that the system you are running on isn't corrupted -- detect cheating programs and their activities.
Something as simple as what you describe isn't going to slow down people hacking your game more than a few minutes the first time you do it, then seconds on later releases. Meanwhile it would waste resources and could make legitimate debugging by developers be a pain.
Security is about the ratio between the effort required by legitimate users and the effort required by illegitimate users. A good security system, like public key cryptography, has this ratio in the trillions of trillions of trillions. The system you describe has a ratio on the range of 3ish -- 3 times more annoying for cheaters (hacking the executable) than legitimate users (software developers) -- based on my guess. And 3ish sucks.
Anti-cheat measures should be looked at in two ways. First, if you are an established producer of major games, then you'll have a serious anti-cheat system already built, and you'll incorporate that into your games. If you aren't a producer of major games, then your goal is to become a major game, and cheating is basically not a big problem until you are. (The effort required to cheat at a game doesn't scale with the game user base; so games with larger user bases get more prolific cheats.)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.