Jump to content

  • Log In with Google      Sign In   
  • Create Account


anticheat signature scanning


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
3 replies to this topic

#1 nuclear123   Members   -  Reputation: 119

Like
0Likes
Like

Posted 09 February 2011 - 06:31 PM

anticheat method for my game using signature scanning

Im currently wanting to open a file on my Hard Drive, and be able to scan it's contents to see if it has any bytes that match a specific pattern of bytes which i have stored in a byte array. Im curious as to how i can do this? will i need to use api functions, if so which ones should i read into? Also what would be an efficient way to do such a task? Can i accomplish this by opening a file in binary mode using the C++ fstream(i wanna scan in and compare the bytes to hex values for example)

i dont wanna see compare bytes like this 00000001(in binary) i wanna compare the equivalent in hex 0x0001....would i have to physically scan in the bytes and convert them to hex myself before i do a comparison? -thx!

Sponsor:

#2 nobodynews   Crossbones+   -  Reputation: 1849

Like
1Likes
Like

Posted 09 February 2011 - 07:59 PM

This is a terribly way to prevent cheating. Cheaters would just hack the code that does the scanning and make it so the scanner always says what it scans is correct.

But yes, you would read the data using something like fstream in binary mode. You said "would i have to physically scan in the bytes and convert them to hex myself before i do a comparison". That depends a great deal on what you mean, but probably no. When you read in the data from a file you store the data into a variable. If that variable is an integer data type ( http://www.somacon.com/p111.php ) then you can directly compare with any other integer data type. For example, if you had this code:

include <iostream>
#include <fstream>
using namespace std;

void Bar() { /* do something */ }

int main () {
  // assume the file exists and isn't empty
  ifstream file ("example.bin", ios::in|ios::binary|ios::ate);
  vector<char> memblock;
  ifstream::pos_type size = file.tellg(); 
  memblock.resize(size);
  file.seekg (0, ios::beg);
  file.read (&memblock[0], size);

  unsigned char foo = 0;

  if(memblock[0] == 0x10) { Bar(); }

  if(memblock[0] == 16) { Bar(); }

  foo = 0x10;
  if(memblock[0] == foo) { Bar(); }

  foo = 16;
  if(memblock[0] == foo) { Bar(); }
}
Each of those 4 if statements do the exact same thing. The compiler converts 0x10 and 16 to the same thing for you. Its all binary to the computer.


C++: A Dialog | C++0x Features: Part1 (lambdas, auto, static_assert) , Part 2 (rvalue references) , Part 3 (decltype) | Write Games | Fix Your Timestep!


#3 nuclear123   Members   -  Reputation: 119

Like
0Likes
Like

Posted 09 February 2011 - 08:12 PM

1.) what if the file is REALLY HUGE...reading the whole file into a vector would not work :/
2.) Wouldn't it be pointless to scan in the beginning of a windows PE? it seems like at the top of a .exe there is junk...such as msdos header....and it seems like this could possibly miss allign the reading of bytes and make the comparison not give correct results? Shouldn't you start right at the codes entrypoint or no?

#4 kiwibonga   Members   -  Reputation: 174

Like
0Likes
Like

Posted 09 February 2011 - 10:08 PM

To verify a file for integrity, you can use checksums or hashing (see google) -- this would allow you to make sure that the file was last created/modified by your program (or by someone who figured out how you generate your checksums/hashes).

If the file's really huge, read it in chunks.






Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS