I'm coding a C++ WinAPI DLL for a game, it includes a small anti-cheat function, but it can be easily bypassed if someone decides to NOP (0x90) the whole anti-cheat (I'm not PRO in reverse engineering but I'm sure it's possible to do).
Is there anyway to prevent my DLL from being modified?
Even if you can stop people from modifying your DLL, there's nothing stopping someone from replacing your DLL with their own version that behaves just like yours in all aspects that your .exe can determine, but that does something different in some particular aspects - unless you keep an entire copy of the DLL in the .exe too.
It is better spending time and effort on making it hard to cheat than hard to change the .dll. Say for example that we have a Pac-Man game (because most people would be familiar with it), then we could send the number (and locations?) of all the "white pills" that Pac-Man ate on the path, and the time it took to get there. If the game then edits the .dll to give 10x the score for each white pill, or edits the game so that Pac-Man moves 10x faster, you can verify that it can't be right, because at each level you'd know how fast Pac-Man moved, and how many points per white pill Pac-Man should get. Number of times the player got killed and such could also be included in this information sent to the server.
A similar principle can be be applied to a "shoot-em-up" game, or a game that relies on buying and selling stuff, or whatever. If you have a detailed log of what the player did to get the score, you can validate that "this is possible" or "this is impossible to acheive, because you can't get that score from shooting down 10 space-ships in 1 second, as one space-ship takes 10 hits to shoot down, and it takes 1 second to fire each round".
I'd say you'll be better off moving any anti-cheat functionality to the server side, or if it's not a multiplayer game, then don't bother trying to stop cheats at all.
One thing you could do though is generate a hash of your DLL and check it in the application code against a known value or against a service or website. You could also use the hash value of the file for some other tasks as well essentially forcing the hacker to extensively modify the game code not just the anti-cheat function. That may deter people.
But the comments are right, with enough time and resources anything is hackable, you just need to make it not worth the time.
Related
I'm currently working on a C++/SDL/OpenGL game. I've already made a few small games, but only local ones (no netcode). So I know how to make the engine, but I'm unsure about the netcode.
Can I firstly create the full engine for split-screen play and later on add the netcode or will this make everything complicated? Do I already have to take netcode into consideration while programming the basic game engine or is it also okay to just put it on top of the game after it runs fine on one machine?
It's a 2D shooter type game, if that matters. And no, I don't like to change my choice of programming language/window manager/api because I already implemented the bare bones of the game. I'm just curous how this issue is approached best.
In theory, all you need is a good enough design. Write enough abstract classes and BAM! you can pop out one user interface (i.e. local-only) for another one (networked). I wouldn't believe the theory, though.
It's possible to do what you want, but it involves taking into consideration all of the new issues you address when dealing with networked gameplay - syncing views for multiple users, what to do when one user drops their network link (how to detect when one user drops their network link, of course), network latency in receiving user input, handling lag on one side and not the other. Networked programming is completely different, and some of the aspects (largely ones dealing with synchronization) may impact your core engine itself. Even "just showing two views" gets a lot tougher, because you now have data on two completely different machines, and the data isn't necessarily the same.
My suggestion would be to do the opposite of what you're hoping for. Get the networking code working first with minimal graphics. In fact, console messages will be far more important than pretty graphics. You already have experience with making the graphics of other games - work the most questionable technology first. Get a good feel of all the things the networked code will ask of you, then focus on the graphics afterwards.
Normally for a network oriented game there are five concepts too keep in mind:
events
dispatcher
synchronization
rendering
simulation
Events. A game engine is a event software, that means over a state of each generic object in the game (can be a unit, GUI, etc), you do an action, that means, you call a function or do nothing.
Dispatcher take each event change and dispatch that change to another subsystem.
Synchronization means that over a change of event, all clients in network must be advised throw his dispatcher over that change, in this way all players can see the changes of other players, render and simulate same things at same time.
Rendering The render read parameters and relevant states for each object and draw in screen. For example, is you have a property for each unit named life_points, you can draw a normal unit if life_points>50 and a damage unit if life_point>0 and life_point<50 and a destroyed unit if life_point=0. Render dont make changes in objects, just draw what read from them.
Simulation read every object and perform some task taking on count states and properties, for example, if you have cero point of life, you mark the state of a unit as DEAD (for example) or change de GUI, or if a unit get close to another of a enemy team, you change the state from static to move moving close to that another unit. Plus this, here you make the physics of units, changing positions, rotations, etc etc... as you have all objects synchronized over network, everybody will be watching the same thing.
Best regards.
Add in netcode as soon as you can. If you don't do this you may have to overhaul a lot of the engine later in the dev cycle, so better to do it early.
It also depends on how complex the game is, but the same principles still stand. Best not to tack it on at the last second
Hope this helps!
I am making a server for a mmorpg somewhat soon, and I want to release a bot to go with it, since I don't want people having the ability to level to the maximum within a week or less but I don't want them to be discouraged from the amount of farming exp and items, so I want to make a bot that handles 1-8 accounts. I'm somewhat good with c++, do not tell me "use autoit" I am trying to make it look somewhat professional and actually work with the settings on their computer, I am good with the functions for windows.h but I can't figure out how to make the bot read or write to memory nor can I figure out how to use softice (not sure if I even have the correct one).
Now, the game is simple and I would have only 2 spells per account being used (long or short ranged) and monster icons and hp are always in the same x,y pos so the AI is very basic having all the accounts do the exact same things, but I can't figure out how to look at let alone edit the packets to allow my bot to work without having each account become the focus window at every step of the fight.
the reason for 1-8 accounts is that most people on the normal server have anywhere from 1-8 usually 4-8 once they reach higher levels to allow for them to be able to do things without searching for a group since most dungeons take up to 5 hours at higher levels and it would be easier to have all you need instead of being stuck half way through once someone decides that they have to get off or you need to leave.. you know how it can be. anyway,
it is strictly for my server, but its not up yet so I can't learn with it, and I'm not the host I am paying my friend to set it up but he has no idea how to make a bot so I'm looking for some help.
I would like help with
-some tutorials on or around the subject.
or
-someone to help me through it (I don't need much help, an hour or two would probably be enough for me to get in the right direction)
or
-the source code to someones bot (I could probably look through it to find what I need.)
or
-where to go to find someone to teach me (cheap)
Now Please don't post things like "you shouldn't cheat" I am making this for a server I am supplying, so its not cheating since I allow it and give people the program for free on my website. And if you say something like "you'll have to practice with it on the real server", Yes I will, but I would be using level 1 accounts in the "noob" area in a place nobody ever goes (plus on the real server the noob area has individual 200 people servers so even if I go on it I wouldn't disturb anyone) and I am only using it for practice and then I would edit it once my server was up, so I am not cheating to get farther in the game or anything, it is purely for the use in my server. I also ask that people take this somewhat seriously, I am fairly good with C++ I am just stuck since I can't find where to teach myself this.
Also, admins please don't shut this down I realize that this could be taken as I am violating the terms of service but if you read this, I am not. Since it is for own MY server and I am not using it to cheat, I have a viable reason for making this and I do really need help.
EDIT:
I found some information that said I need to learn about sockets and networking in C++. I have located some tutorials for networking, but I would greatly appreciate something on sockets (all I have found are useless tidbits of information).
In my opinion it would be way easier if the bot was a game-client itself. This way it could do everything a client could without hooking anything. The bot doesn't even need a useinterface, it could just run in the background. If this is possible depends on how modular your code is. In an ideal situation you could make a new application, referencing the game-client dll with the gamelogic and recieve requests from the server and send actions as a player would do.
Creating a bot that clicks on a client windows button is possible but complicated. But to help you with your request we need more info about how the client and server work. What languages are they written in, what APIs and Libraries are you using?
If you have no idea how to achieve this it and got no idea how the client works it would probably better for your friend to write the bot.
I am immediately placing this as a community wiki thing. I don't want to ask for help in programming yet or have even a specific question about programming, but rather the process and the resources needed to make such a game.
To put it simply: My college friend and I decided to give ourselves a really big challenge to further our skills in programming. In six months time we want to show ourselves a Pac-Man game. Pac-Man will be AI-controlled like the Ghosts and whichever Pac-Man lives the longest after a set of tries wins.
This isn't like anything we've done so far. The goal here, for me, isn't to create a perfect game, but to try and complete it, learn a whole bunch in the process. Even if I don't finish in the time, which is a good possibility, I would want to have at least tried this.
So my question is this: How should I start preparing myself? I already have started vector math, matrices, all that fun stuff. My desired platform would be DirectX 9.0c; is that advisable? Keep in mind that this is not a preference just for this project, but I wish to have some kind of future in graphics development, so I want to pick a platform that is future-safe.
As for the game development in general, what should I take into consideration? I have never done a real game before, so any and all advise to development of mid-scale projects( if this would be a mid-scale project ) is greatly appreciated.
My main concerns are the pit-falls and demotivators.
Sorry if the question is so vague. If it doesn't belong here, then I will remove it. Otherwise, any and all advise regarding making larger projects is greatly appreciated.
Given you've not tried this sort of thing before here's a few things I'd recommend.
Start with something other than DirectX (and presumably C++)
DirectX and C++ expose you to a lot of low-level stuff you can learn later. Keep things simple and perhaps try XNA and C# which is close enough you can port it later but will let you skip a lot of things like memory management and pointers for now.
Start with 2D instead of 3D
The original Pacman is 2D so you won't be needed vector math for now.
So where does that leave you?
Well, a few things to think about are the game loop, keeping things in sync, updating the screen and responding to user input.
These are great principles and will let you get something up and running a lot sooner. Do not underestimate how important it is to keep seeing progress - this is hard if you set the technical bar too high initially.
I'd go down this route (ordered to keep things fun and interesting)
Get a screen displaying - this is highly visual
Get a Pacman responding to user input
Get Pacman constrained to within the walls
Get a ghost responding to secondary user input - you can chase each other
Figure out some collision detection
Get the dots and power pills rendering so you can score and eat ghost
Render some more ghosts and figure out AI
Work out the code for finding when the level is complete
Make the map change and state reset when on a new level
Once you've got this working and running you can then decide if you want to play with better AI, 3D math or switch over to C++.
I had to write a pacman game in Java for an OO class. I found it to be very straightforward, possibly with the exception of figuring out the best way to map walls. After a bit of research, I came across this: http://javaboutique.internet.com/PacMan/source.html which uses bit-shifting to determine walls. It looks like complexity overkill, but I found it to be pretty elegant after I played around with the math a little. Other than that, pacman is a very array-friendly concept, so use an array for the board, some basic sprites, tinker with the speed and refresh, keep track of game data, and toss it in a loop.
As for the AI with the ghosts, there are articles written about them. Each ghost has a specific "strategy". Or you could roll your own..you could program them to be as easy as always heading towards pacman (or his general location/quadrant), or as complex (shortest-path) as you'd like.
Play pacman! This is the first task for your project!
I'd look at the original arcade cabinet assembly code for Pacman and the description of what it does. It's a real eye opener :)
Personally, here's what I would do:
study open source games to see what they do
buy a book about game programming (actually, I have a book about game programming already, but you probably want something more recent than that)
pick a toolset/game development library (Sourceforge, Google Code)
work through the tutorials that come with that library, possibly change to a different library if the API is too weird
come up with a requirements document
draw up a first pass design ("plan to throw one away"), try to have somebody review it
decide on a test plan
write up a schedule, not because I want to stay on schedule but because I want to break things down into easily-defined tasks
write the smallest complete game I could (eg., a Pac Man sprite that I can control inside a window: no maze, ghosts, score, lives, ability to die, etc.)
add features to that game until I've implemented the whole thing
Sounds like a good idea for a learning project! The 2 general things I recommend for your approach are
work in iterations
read a bunch about C++ and DirectX along the way
Start small -- write some code that does nothing more than draw Pac-Man on the screen. Then build on that by implementing movement across the screen. Then build the map boundaries and the inability to travel through them. And continue in this fashion, prioritizing the next task you need to complete, and then doing whatever it takes to complete it. Try not to make the tasks too big.
In order to figure out how to complete the tasks, you'll need to read. Books, web sites and existing code are all very helpful in figuring out how to do what you want. It's worth looking at several different ways to complete the same task, because some ways are better than other, or might better fit your project.
Good stuff! I am glad that Pacman motivates and inspires you.
Things to get started.
1) Decide on the development environment.
a) Are you building a standalone game or a networked game.
b) Which language are you targetting at to improve?
2) How well versed with AI?
3) How well versed with the programming algorithms techniques - like A * (A star) path finding, Dijkstra algorith, collision detection, hit testing or even recursive programming?
4) Are any of you talented in graphical design?
Good luck.
P/S FYI, if I were to write a Pacman game, I would do it in C# and Silverlight 4.0 (I can write C++ comfortably but my priority is to jump on the Silverlight bandwagon).
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
Something I've always wondered, especially since it inspired me to start programming when I was a kid, was how video game bots work? I'm sure there are a lot of different methods, but what about automation for MMORPGs? Or even FPS-type bots?
I'm talking about player-made automation bots.
To 'bot' a game, you need to be able to do two things programmatically: detect what's going on in the game, and provide input to the game.
Detecting what's going on in the game tends to be the harder of the two. A few methods for doing this are:
Screen-Scraping This technique captures the image on the screen and parses it, looking for things like enemies, player status, power-ups, game messages, time clocks, etc. This tends to be a particularly difficult method. OCR techniques can be used to process text, but if the text is written on top of the game world (instead of on a UI element with a solid background), the ever-changing backdrop can make it difficult to get accurate and consistent results. Finding non-text objects on the screen can be even more difficult, especially in 3D worlds, because of the many different positions and orientations that a single object may possibly exist in.
Audio Cues In some games, actions and events are accompanied by unique sound effects. It is possible to detect these events by monitoring the audio output of the game and matching it against a recording of the associated sound effect. Some games allow the player to provide their own sound effects for events, which allows the use of sound effects that are designed to be easy to listen for and filter out.
Memory Monitoring If the internal workings of the game are well understood, then you can monitor the state of a game by inspecting the game's memory space. Some cheat tools for console systems (such as the Game Genie) use this method. By detecting what memory the game updates, it is possible to detect what the game is doing. Some games randomize the memory locations they use each time they are launched in an attempt to foil this vulnerability.
Packet Analysis With appropriate drivers, you can intercept the game's data packets as they are sent to or retrieved from your network card (for games played online). Analysis of these packets can reveal what your game client is communicating to the server, which usually revolves around player/enemy actions.
Game Scripting Some games have a built-in scripting interface. If available, this is usually the easiest method because it is something the game software is designed to do (the previous methods would all typically count as "hacks"). Some scripts must be run in-game (through a console or through an add-on system) and some can be run by external programs that communicate through the game via a published API.
Generating input events back into the game is typically the easier task. Some methods include:
Memory "Poking" Similar to the memory monitoring section above, memory poking is the act of writing data directly into the game's memory space. This is the method used by the Game Genie for applying its cheat codes. Given the complexity of modern games, this is a very difficult task and can potentially crash the entire game.
Input Emulation "Fake" keyboard or mouse signals can be generated in lieu of direct human interaction. This can be done in software using tools such as AutoIt. Hardware hacks can also be used, such as devices that connect to the computer's USB or PS/2 port and appear to the system to be a keyboard, but instead generate fake keypress events based on signals received from the computer (for instance, over a serial port). These methods can be harder for games to detect.
Game Scripting As mentioned above, some games provide built-in methods for controlling it programmatically, and taking advantage of those tools is usually the easiest (but perhaps not the most powerful) technique.
Note that running a 'bot' in a game is usually a violation of the game's Terms Of Use and can get you suspended, banned, or worse. In some jurisdictions, this may carry criminal penalties. This is another plus for using a game's built-in scripting capabilities; if it's designed to be a part of the game software, then the game publisher is most likely not going to prohibit you from using it.
Once I wrote a simple MMORPG bot by myself. I used AutoHotkey.
It provides lots of methods to simulate user input -- one will work. It's tedious to program a working one in C++ by oneself (Or look into AutoHotkey's source).
It can directly search the screen for pixel patterns, even game screens (DirectX)
So what I did was to search the screen for the name of an enemy (Stored as a picture with the game's font) and the script clicks a few pixel below it to attack. It also tracks the health bar and pots if it is too low.
Very trival. But I know of an WoW bot that is also made using AutoHotkey. And I see lots of other people had the same idea (Mine was not for WoW, but probably illegal, too).
More advanced techniques do not capture the screen but directly read the game's memory. You have to do a lot of reverse engineering to make this work. And it stops working when the game is updated.
How does an individual person go about their day to day?
This is sort of the problem that AIs in games solve.
What do you want your entity to do? Code your entity to do that. If you want your monster to chase the player's avatar, the monster just needs to face the avatar and then move toward it. When that monster gets within a suitable distance, it can choose to bite the player avatar, and this choice can be as simple as AmICloseEnough(monster, player); or more complex or even random.
Bots in an FPS are tricky to get right because it's easy to make them perfect but not so easy to make them fun. E.g. they always know exactly where the player is (gPlayer.GetPosition()) so it's easy to shoot the player in the head every time. It takes a bit of "art" to make the bot move like a human would.
For FPS-style bots, you could take a look at the Unreal Development Kit. As I understand it, this has got a lot of the actual game source code.
http://udn.epicgames.com/Three/DevelopmentKitHome.html
bta gave a very good reply. I just wanted to add on saying that the different methods are suspectible to different means of detection by the gaming company. Hacking into the game client via memory monitoring or packet analysis generally is more easily detectable. I generally don't recommend it since you can get caught very easily.
Screen-scraping used with input emulation is generally the safest way to bot a game and not get caught. Many people, (myself included) have been doing it for years with no problems.
In addition, to add an additional step between detecting what's going on in the game and providing input, some games require extensive calculation before you can decide what kind of input to provide to the game. For example, there was a game where I had to calculate the number of ships to send when attacking the enemy, and this was based on the number of ships I had, the type of ships, and who and what kind of enemy it was. The calculation is generally the "easy" part since you can do that usually in almost any programming language.
It's called AI (artificial intelligence) and really isn't that hard to replicate, a set of rules and commands in the programming language of your game will do the trick. For example a FPS bot would work by getting the coordinates of your player's body and setting your enemy bot's gun to aim at that coordinate and start shooting when in a certain range.
Question
How would you go adding automated testing to a game?
I believe you can unit test a lot of the game engine's functionality (networking, object creation, memory management, etc), but is it possible to automate test the actual game itself?
I'm not talking about gameplay elements (like Protoss would beat Zerg in map X), but I'm talking about the interaction between the game and the engine.
Introduction
In game development, the engine is just a platform for the game. You could think of the game engine as an OS and the game as a software the OS would run. The game could be a collection of scripts or an actual subroutine inside the game engine.
Possible Answers
My idea is this:
You would need an engine that is deterministic. This means that given one set of input, the output would be exactly the same. This would inlude the random generator being seeded with the same input.
Then, create a bare-bone level which contains a couple of objects the avatar/user can interact with. Start small and then add objects into the level as more interactions are developed.
Create a script which follows a path (tests pathfinding) and interact with the different objects (store the result or expected behavior). This script would be your automated test. After a certain amount of time (say, one week), run the script along with your engine's unit tests.
This post at Games From Within might be relevant/interesting.
Riot Games has an article on using automated testing for League of Legends (LoL), a multiplayer online RTS game.
According to the developers, there are many changes to both the game code and game balance everyday. They built a Python test framework that is basically a simpler game client that sends commands to the Continuous Integration server that is running an instance of LoL's game server. The server then send the test framework the effect of the command, allowing the response to be tested.
The framework provides an event queue that records the events, data, and effect from a particular point in time. The article calls this a "snapshot".
The article described an example of a unittest for a spell:
Setup
1. Give a character the ability.
2. Spawn an enemy character in the midlane (a location on the map).
3. Spawn a creep in the midlane. (In the context of LoL, creeps are weak non-controllable characters that are part of each team's army. They are basically canon fodder and is a source of experience and gold for the enemy team. But if left unchecked, they can overwhelm the opposing team)
4. Teleport the character to the midlane.
Execute
1. Take a snapshot of all the variables (e.g. the current life from the player, enemy and normal characters).
2. Cast the spell.
3. Activate the spell's effects (for example, there are some spells that will proc on hit) on an enemy character.
4. Reset the spell's cooldown so it can be cast again immediately.
5. Cast the spell.
6. Activate the spell's effects on a creep (in the context of LoL, most spells have different calculations when used on creeps).
7. Take another snapshot.
Verify
Starting from the first snapshot, replay the events, and assert that the expected results (from a game designer's point of view) are correct. Examples of events that can be verified are: The damage is within the range of the spell's damage (LoL uses random numbers to give variance to attacks), Damage is properly resisted when compared with a player character and a creep, and spells are cast within its effective range.
The article shows that a video of the test can be extracted when the test server is viewed from a normal game client.
Values are so random within the gameplay aspects of development that it would be a far fetched idea to test for absolute values
But we can test deterministic values. For example, a unit test might have Guybrush Threepwood move toward a door (pathfinding), open the door (use command), fail because he doesn't have a key in his inventory (feedback), pick the door key (pathfinding + inventory management) and then finally opening the door.
All of these paths are deterministic. With this unit test, I can refactor the memory manager and if it somehow broke the inventory management routine, the unit test would fail.
This is just one idea for unit testing in games. I would love to know other ideas, hence, the motivation for this post.
I did something similar to your idea once and it was very successful, though I suspect it is really more of a system test than a unit test. As you suggest your random number generator must be seeded with the same value, and must produce an identical sequence each time.
The game ran on 50hz cycles, so timing was not an issue. I had a system that would record mouse clicks and locations, and used this to manually generate a 'script' which could be replayed to produce the same results. By removing the timing delays and turning off the graphic generation an hour of gameplay could be replicated in a few seconds.
The biggest problem was that changes to the game design would invalidate the script.
If your barebones room contained logic that was independent of the general game play then it could work very well. The engine could start up without any ui and start the script as soon as initialisation is complete. Testing for crashing along the way would be simple, but more complex tests such as leaving the characters in the correct positions would be more complex. If the recording of the scripts are simple enough, which they were in my system, then they can be updated very easily, and special scripts to test specialised behavior can be set up very quickly. My system had the added advantage that it could be used during game testing, and the exact sequence of events recorded to make bug fixing easier.
An article from Power of Two GamesGames From Within was mentioned in another answer already, but I suggest reading everything (or nearly everything) there, as they are all really well-written and apply directly to games development. The article on Assert is particularly good. You can also visit their previous website at Games From Within, which has a lot written about Test Driven Development, which is unit testing taken to the extreme.
The Power of Two guys are the ones who implemented UnitCpp, a pretty well-regarded unit testing framework. Personally, I prefer WinUnit.
If you are testing the rendering engine I guess you could render specific test scenes, do a screen captures and compare them to reference test renderings. That way you can detect if changes in the engine breaks anything, visually. You can write similar test for the sound engine, or even animation (by comparing a series of frames).
If you want to test game logic or scene progress you can do this by testing various conditions on the scripting variables (assuming you are using scripting to implement most of the scene and story aspects).
If you're using XNA (the idea could be extrapolated to other frameworks of course), you could use an in-game unit test framework that lets you access the game's state in the unit test. One such framework is Scurvy.Test :-)
http://flea.sourceforge.net/gameTestServer.pdf
This is an interesting discussion on implementing a full-blown functional tester in a game.
The term "unit testing" implies that a "unit" is being tested. This is one thing. If you're doing higher-level testing (e.g. several systems at once), usually this is called functional testing. It is possible to unit test much of a game, however you can't really test for fun.
Determinism isn't necessary, as long as your tests can be fuzzy. E.g. "did the character get hurt" as opposed to "did the character lose 14.7 hitpoints.
I have written a paper on that topic -
http://download.springer.com/static/pdf/722/art%253A10.7603%252Fs40601-013-0010-4.pdf?auth66=1407852969_87bc2e71ad5228b36738f0237084ebe5&ext=.pdf
This doesn't really answer your question but I was listening to a podcast on Pex from microsoft which does a similar thing to the solution you're proposing and when I was listening to it I remember thinking that it would be really interesting to see if it would be able to test games. I don't know if it would be able to help you specifically, but perhaps you could take a look at some of the ideas they use and apply it to your unit testing.