how a 'trainer' (cheats executable) work ? (hack of variables in sram ?)

Started by RemiD, April 28, 2024, 18:35:05

Previous topic - Next topic

RemiD

hi,  :)

i have reinstalled an old game that i have never managed to finish, and i have searched for some cheat codes ( infinite health would help :P )

no cheat codes by the developper of the original game :'(, but a 'trainer' (executable) made by some 'hackers team', to run before running the game, in order to have infinite health and infinite ammo.

so, how could this work ? ::)

my guess is that the 'hacker' has managed to identify the variables corresponding to 'health' and to 'ammo', in the sram, and created a program in order to always replace the values created by the original game, by maxed out values of the trainer.

am i right ?

any other idea ?

William

Use a trusted program like cheat engine. Well yeah they alter a programs memory using reflection I think but I don't know the exacts like if reflection does that but I think so. It is called reflection anyway. Halo 2 and 1 used to be hackable application runtime speed increase multiplayer but it became no fun, hacked or otherwise. Back in the day on single player there was an app that hacked Halo to pause but the player could still shoot energy blasts frozen in time & move around.
im still interested in oldschool app/gamedev

_PJ_

Yeah, that's the gist of it, it will ensure the relevant memory addresses revert to the "cheated" values, so require to remain "hooked into" the game's running process.

Whilst in my experience ( I used to use these trainers back in late 90's early 2000's for Tomb Raider and Legacy of Kain games because I wanted to see the story progress  ) they seemed to be generally 'clean', there is of course a huge risk that such software contains trojans and other malware because you don't know what else it may be doing and you are willingly executing it with possibly higher privileges too. Also, because they are often unsigned  or "unusual" programs, many AV security softwares may flag them as "PUPs" (Potentially Unwanted) regardless, so whislt you may believe it is safe to allow through, you still don't really know what might be happening alongside the wanted cheats.

That said, a numebr of these "hacking teams" pride themselves on the capabilities to successfully hack the games, so would not want their product to be assocaited with malware --- but that doesn't stop some other party adding their own malicious code into the original "clean" cheat.....

As always, use any "unofficial" software at your own risk :)

RemiD


RemiD

Quote from: _PJ_ on April 29, 2024, 14:25:10there is of course a huge risk that such software contains trojans and other malware because you don't know what else it may be doing and you are willingly executing it with possibly higher privileges too.
yes i know, 'malware bytes' does not like it :))


Quote from: _PJ_ on April 29, 2024, 14:25:10so whislt you may believe it is safe to allow through, you still don't really know what might be happening alongside the wanted cheats.
indeed... i have not used the 'trainer', yet, for this reason...

William

@RemiD that is interesting about windows allowing users to decide about an application they do not know about, i do not know how windows works.
im still interested in oldschool app/gamedev

nomen luni

You can read a game's memory using ReadProcessMemory on the Win32 API or reading from /proc/<process_id>/maps in Linux.
This gives you your memory array and then you can create a small program to look for memory changes to identify a variable we might want to change.
Example if we guess lives is stored as a byte, produce list of all bytes with a value same as number of lives. Lose a life. Get your program to check all those bytes and only keep the ones that have changed value to the new number of lives. Eventually it narrows down to one option, and you can poke a value back in there.

tboy

Have you considered altering the save file?

My thinking is this:

1) Start a new game
2) Save game
3) Backup this save file somewhere
4) Lose a life or 2, use ammo with a particular weapon etc...
5) Save game again
6) Compare original save file to the newly created save file
7) Note byte location of difference

It may work, may not.

Hope it's useful.