I believe that what happened in one Mario 64 speedrun, where Mario teleported on top of level, skipping most of it, and no one was able to reproduce it anymore
@@HeavySandvichGuy1 I heard that story too, and was really hoping for it to be true.Sadly, it turns out it may have likely been something else. I did watch a video essay/documentary about this incident and it is most likely some rare software glitch based on the levels geometry and not a space particle
@@HeavySandvichGuy1 woah your information is out of date sonny. it had nothing to do with that. TTC was just too big for the ram to handle so weird stuff happens (not just that one spot either) the whole cosmic ray myth was debunked recently.
Keep in mind it also means "you can only get screwed once", because if it's a memory error, or some crapware you inadvertently installed trying to edit the wrong part of memory because the programmer had only 2 brain cells competing for third place, or badly translated coding books, you still haven't downloaded any cheat or "cheat engine" (which is merely a tool, just like hexedit and the rest), and YET you are already banned/tagged as a cheater for life. People thinking HUMAN MADE code is perfect and cannot do any false positive are AS DUMB as cheaters. When thousands of logitech hardware users are banned, deprived of what they bought, and THEN insulted and refused an answer by some crappy entitled anti-cheat company reps, under the pretense they NEVER do any error; only for the reps to be pulled by the scruff and their noses dipped in their own steaming pile of poo, by someone who actually understand what happened and proved they "detected" a windows update as a false positive, even though it takes 6 weeks+ for new drivers to be approved my MS, and Logitech provide those free of charge, and they are a good 1/3rd of the market so it DEFINITELY should have been looked at by said anti-cheat company... THAT tells you everything there is to know about anti-cheats. They offer no security, no reliability, they require always stronger access to your devices and files, requires you to not have a linux installed freely because "omg secure boot is required" or some other crap, and even when proved wrong, they'll shift the blame... The only anti-cheat that is actually WORKING is one that is SERVER-SIDE and can be checked AFTER THE FACTS. Take RIOT's LoL, it is unplayable now because of that vanguard crap allowing itself into your operating system, doing whatever it wants to your OS and files, being promoted by a chinese company which has no regard toward privacy, and is actually being forced to do this by the CCP, using LAWS they passed that FORCE the entity to give the data they have, OR implement a way to obtain the data, else they be considered traitors to their country. Also that law allow them to OPENLY LIE about the fact such things are required of them. That vanguard crap is still bypassed daily, there are even streamers on TWITCH showing it regularly cheating on Valorant, to prove the anticheat is a joke. You still lose league points if there is a cheater in the game, and there are still people doing things ULTRA OBVIOUS, like using the "Flash" summoner spell (with usually very long cooldown) MULTIPLE TIMES PER SECOND. You'd guess such a thing should be verified server side... but hey... surely with only the billions they are making, they are a bit short on change to assign it to anyone to fix... Should be pretty simple : develop a thing to check the replays, since they STORE IT ANYWAY, and verify that what happened in-game is LEGIT. a quick pass on all the summoner's spells durations, a quick pass on the cooldowns usage, a more detailed analysis of the damage dealt and animation timers (like "this guy is not supposed to move while casting this skill", "this shot has been empowered but the effect applied twice", etc). You don't even need to do an in-depth analysis on every game, only on those with cheat reports, and if they fixed their awful client, they could actually have a mode were you allow them to use some cpu time for "checking someone else's replay"; Give it to do to 10 other people across the world, the results should always be unanimous anyway, and if something is spotted, you analyze it YOURSELF to actually BAN the cheaters. but at least, you have PROOF of it that anyone can then witness (Here is the wall of shame, let people SEE what it is about so they can actually RECOGNIZE when people are cheating)
In this case doesn't seem to have floating point errors, since the random value is generated and stored in binary, not inputed in decimal, then converted to binary.
@JaceGameplay it can still easily result in floating point precision errors. There simply aren't enough numbers in the IEEE standard for every represented number between 1 and 2 to have one and only one representative between, say, 10,000 and 20,000. The magnitudes just won't always line up, one side will be more relatively precise than the other. And if this is managed by something like when "add score" { secret_add_score = add_score * magic_anticheat_number score += add_core secret_score += secret_add_score } Then you are going to easily, quickly, see floating point precision errors slightly fudge your value. Once it gets fudged once by one of those operations, it'll never fleet unfudged
@@ferociousfeind8538 if the multiplier had a relatively short and precise binary representation, like 1.0625 being 1.0001 in binary, then it would work fully precisely for long enough.
me too, I used to use cheat engine more, now i just use it if the grind it terrible or i want to start off a game with something, I wont use it for multiplayer games though, just singleplayer, never cared about leaderboards so I think thors approach is fantastic, im ok with achievements being disabled too, then when i play a legit run on a game I can use them to track my legit progress
@@darkelftenak funneling them also stops them from trying to get into the real score boards, sometimes even because they're not realizing it. Just a bunch of 9999999999 scores huddling in leaderboard hell.
I also really like this! I like using cheat engine for a lot of things in games. Mostly just to save time in grindy games. But I also hate the idea of messing with other people's stuff, so I try to avoid using it with games that have leaderboards or rankings. I don't actually care about my own ranking, but I know other people do, and I don't want to mess with someone else's experience if they want to try and top the leaderboards. So I really appreciate this strategy sidestepping the problem for me!
So what you're saying is that if you cheat you get access to a special VIP leaderboard? Because my heart is telling me I wanna be on whichever one has the higher numbers.
@@shytendeakatamanoir9740 They are banned from the normal leader boards, not from the cheater board, if I understand him correctly here. So you can try again cheating
Wait a minute. I recognize that number, but that's java.MAX_INT, aka the maximum positive number an positive int can be in java. It's a 32 bit number, while a float(ing) point is a 64 bit number(, so if you ignore the decimal, it can be a much larger number). Thor said he used a float, not an int. What's going on? Are people assuming thor used an int instead of a float? o_O
@@agalerex problem is - you can find exact value even if it is float/double whatever with cheatengine just changing searched value for type you think it is if you want, but my personal way to deal with decimals is 'Scan type - Value Between"
Meanwhile here I am using Cheat Engine to just wander around the Egyptian Afterlife in AC Origins without being attacked so I can sightsee to my heart's content.
There are definitely good uses for Cheat Engine Hell, a lot of youtubers who dig through files and make videos on them (like in Dark Souls) very likely use it just for demonstrations It can be great in single player use, the only real issue is multiplayer That and... I mean Some challenge runs require cheats at game start for inventory modifying Funniest one is beating the game a lot And then just saying "why not" and doing a cheat run ti watch the game break
I wonder how many scores are going to end up as "Boobs" in the score now that he's told us this just to have a shame wall of the word Boobs in number form as a joke just to mess with him even at the cost of being banned from normal scoreboards
Was gonna say something about IPs and hardware IDs but you managed to get around both issues... though I think League has VM detection so that part might not work @kugelblitz1557
Well the only way anyone gets past it because of this video is: They watch this video They play his game They want to cheat They would have messed up with cheat engine otherwise They successfully find the score, alt score, AND modifier variables They then hack the rest of the game to get a high score And the final results are believable I’m cool with those odds
@@AlexPBenton or instead of changing some certain values in memory you could instead edit entire functions in assembly, like "player collects ball increment score by 1", now you change the function so that it increments the score by 10000 instead, or you dont edit this function but instead call it over and over effectively raising your score, or do something like godmode, noclip, whatever to make it easier to raise the score, in the end there's always an way.
@@AlexPBenton the tricky part is you'd have to figure out the value which is separately stored by the game. if you don't know _how_ the game is actually storing that value, or what even alters it, it can be tricky to reverse engineer even with cheat engine. FOR EXAMPLE, in most games i've noticed currency, XP, or similar values are stored as 4 or 8-bit floats. This is also, usually, the default configuration of cheat engine. HOWEVER, many times i've also found these values are not stored as floats. awhile back I was playing both NieR Replicant and Gestalt on a PS3 emulator (this was before the remake was released). I had played all the way through on Gestalt, and wanted to do a run with Replicant using a subtitle mod. To speed it up, I wanted to give myself a ton of gold, or quest items, or whatever just to ease up on the grind. HOURS of searching, testing, reverse-engineering, and I could never land on the right memory address for the things I was wanting to change. As it turned out, these values were all stored as big endian, which required a modification of cheat engine to even make those kinds of values discoverable. from what he described, both the score value you see and the score value kept by the game are stored as different kinds of values. otherwise, both would show up when doing a search in the memory for your changing score. you would have to run through a lot of possible options before finding the correct value. and you may not even find it, because this is also obfuscated since it's technically a multiple of a randomly generated floating point on game startup. not saying it would be impossible, im sure if someone was sweaty enough they could datamine it out. but for the average cheat engine user it would be very difficult.
Honestly, using cheat engine for Single Player games is quite cool. Messing around and finding values for no cool-downs and infinite stamina i pretty fun. But for multiplayer games? Probably not as cool.
@TJackson736 Yeah, like good old halos or cod custom maps and game modes. But yeah, CE for singleplayer is goated. I'm not farming for hours or spending 80% of my playthrough running from first step to Haligtree roots. (Elden ring).
@@TJackson736 if you run the server, then all you really need is for server to give those values, as servers are used to validate player data. yes this comment is a very minor nitpick, and you didn't say anything egregiously wrong (i just thought people might wanna know)
@@TJackson736 I might be wrong here, since I played it too long ago. Age of Wonders 2 Shadow Magic(and probably Wizard's Throne also) when you use cheatcode granting gold/mana to not only you, but all players, in multiplayer hot-seat including. For most games cheats and cheatengine doesn't work properly or at all outside of singleplayer. People usually don't care what you do in SP, just don't brag that you achieved something using cheats, if you want to brag about something - make it fair and square.
@@leonardoraele The most common way to compare two floating point numbers for equality is; |a - b| < EPSILON If difference is LESS than some predetermined threshold (epsilon) then they are "equal" (enough). The problem is always deciding what epsilon should be, but its always a tiny number like 0.001 Depending on the application it might be better to avoid the need to compare floating points in this way, or use decimal formats instead.
Don't do that. You'll be chasing an appropriate value for epsilon until the end of time, and getting seemingly random edge cases forever. Floats aren't random. You just need to understand when it is and isn't safe to compare them.
There're also view this value memory or something that I cant never understand. I'm not learning the basic so that is understandable, but dang anyone learn to code go through all these number is quite something.
what if: higher score lower nummber or use 4 nummbers that keep changing and the game just calculates the score from that only progamners would be determant enought to find those values
That's why I prefer games like Stellaris where I'm free to modify MY game as long as it doesn't ruin multiplayer or achievements for others. Most games nowadays have neither console for player, nor a way for the player to start the game in "I don't want achievements and am going to cheat to have fun, thank you" mode. People still memorize cheatcodes of San Andreas and Vice City two decades afterwards for a reason, lol:D
@@stormjin2242 Not really, even if they ban your public facing IP, the worst case is you call up your ISP to give you a new one. It's tedious, sure, but still possible to bypass with relatively low effort.
@@stormjin2242literally every method to detect if a player is a banned player can be circumvented if the cheater is spiteful enough. I also doubt Thor would apply the full brunt of his security experience to reinforce the leaderboards from interference. Software bans, IP bans, network bans, full on Hardware bans are not insurmountable.
@@stormjin2242 Most home isp recycle IP addresses at some point with DHCP as IP changes when lease expires. Typically you have to pay for a static(locked) IP. Check your IP around the ban, recheck you IP periodically. When it changes make a new account and keep rocking and rolling. Source: not on a game, but reddit account shenanigans.
Cheat engines great for single player games that you just want to mess around with. Got a soft ban from COD for having it on my system(maybe it was wemod). Never used either while playing. Kind of annoying that detection software can flag for bans even if its not in use.
I've never had an issue with this, but it does cross my mind since I use cheat engine for all kinds of single player games. Honestly, I feel like all mods require some sort of program that could be detected as a cheat.
One of my friends plays a lot of idle games, and uses cheat engine for speed hack to save years of his life. He usually has 5 or 6 running at a time. Helldivers 2, back when we played, would CTD if he didn't close all his instances.
@andrewwaldschmitt4757 the sad thing is there's no real way to distinguish between people like myself and your friend and the real cheaters with these kinds of detection systems. In the end it makes me scared to play any myltiplayer games because I really would hate to lose the close to 300 games on my account all because I like to add QOL features to my gaming experiences offline.
This exactly happened to me got banned from warzone 1/MW and vanguard. I was using it for GTAV and emulator games in offline single player games. Is there a way around this does any know?? Do I have to uninstall battlenet completely until I uninstall cheat engine?
@@w451-qx3kx can you? It would show like 500m results (depends on game size) even if you do unchanged value for hours there would be way too much results to try to eliminate by hand
Honestly, I think it’s a really good idea. I think speed runningboards should put people who cheated on their own separate board to see who can cheat the best so they can still enjoy their hobby with other people who enjoy cheating just as much as them!
@@Healcraft This is achieved by having access to your machine's kernel. It is ring 0 access. No-one should have ring 0 access except very, very experienced and knowledgeable technicians and the backend systems of your actual operating system. If someone wanted to, they could download, delete all of the data present on your machine, including sending you malware or ransomware, using the program that is forcing kernel-level access.
Suddenly, champions of breakfast was cheated to hell and back. Well, no, probably there's more to it than that and this is one of many tricks. But still, that would be kinda funny.
if he's telling us this, it means he doesn't think it will be an issue for us to know, which means there are other anti-cheat methods in place. If this was the only line of defence, he'd say something like "we do something to the score, i won't say what, and then store that modified value somewhere else"
@@nodrance also, he didnt give us the actual number (mostly because its a painfully long and probably randomized on runtime). if we want that number we have to go hunt it ourselves... which funny enough he does tell us how to do lol. (find "score". Traceback. Look for an instance where a value between 1 and 2 is being multiplied to the value that is added to score. Super simplified and im 200% sure theres a few other ways of doing this)
@@link_team3855 If you can find where the multiplied score-value is kept that's all you need because, if the system works as described you can easily cheat the safeguard by just changing the value of the multiplied score-value as well. Well, first you need to read it and do some arithmetic to figure out the float value, but that's literally just basic division. Then (so long as this is actually how it works and also the only line of defense) boom, you've got a successfully cheated score value.
My assumption is that this one is "safe" to explain because it's also something that would be relatively obvious to a determined opponent anyway. I also assume that there's probably also a second value with a more involved hash function, if not the saved score value itself being a decoy that gets checked against some other set of operations that actually maintain the score information. If you wanted to reverse engineer all of that against the work of an offensive security specialist, you'd probably have an easier time decompiling the code... or you could simply git gud.
For all the people talking about floating point errors, that's not how floating point numbers work. They're not some sort of RNG. What Thor is doing is: if(score * salt != hash) cheated = true; score++; hash = score * salt; score * salt will always equal hash, because hash is *defined* as score * salt. What *isn't* safe is this: if(hash / salt == score) // floating point error! (And presumably it isn't just salt*score, but salt*score*gold*xp, or whatever important resources are easy to manipulate.)
It was a long time ago but a net hiccup caused a game I can't remember to accuse me of using a cheat engine. This was back when these things where first coming around. It was honestly annoying to be accused of something cause of bad net.
@@norwegiansmores811 no you don't. Everyone always 100% believes someone is guilty no matter what. I accept that i can't change anyones mind. But i did get it fixed so i was right in the end.
@@StablerGames the inherent value yes - this is what i don't get about why people cheat... you are making your 'win' a "fake win", it means nothing now. like buying a trophy from a trophy store for yourself. wierd
@@Munenushi tbf there's two types of cheating in games, there's cheating and "cheating". I've done a fair amount of both in my time. Ya know, abused the occasional save state in retro games, used a mod to unlock something that would have taken me like 20 hours in a game I liked, but not that much. It's generally a victimless crime if done in a single player experince. "Cheating" though, that's all fun, when I was a kid I used cheats up the wazoo for GTA4 cause I did not care about the story or progress really, I just wanted to mess around in the open world with a helicopter. "Cheating" is goated.
@@TheWrathAbove i agree with you. i just dont understand the Cheating (captialactual) for accolades or placement on a Leaderboard... perhaps it is my own personal issue, but i just think it takes all the meaning out of it
@@Munenushi There's two different types of let's call it "competitive cheating". Low stakes and High stakes. Low stakes cheating tends to be stuff like using aim bot in a regular competitive match, or cheat engine to get a top leaderboard placement, or even stuff like taking extra money from the bank in Monopoly. Generally speaking, there's no real consequences for low stakes cheating (nor should there be tbh) at worst you're banned which while upsetting isn't a real world consequence. While I've seen sone eliteism from people that do low stakes cheating it's rarely about pride but rather "intelligence". People that posit cheating is the optimal way to win (technically not wrong, I guess) so it's the best way to play. Alternatively you see a lot of low stakes cheating from people that aren't very good who convince themselves that cheating is justified since it's the only way they can win. Some games can also cultivate a culture of cheating which is something World of Warcraft struggled with due to the number of bot accounts, and we also saw with Escape from Tarkov where so many players were using Wallhacks to the point where many deemed that the only way to be on an even playing ground. I would generally argue there's not much pride in this kind of cheating, and getting on the top of a leaderboard is done for it's own sake, not because they think being on the top of the leaderboard matters. High Stakes cheating is stuff like faking breaking respected world records or hacking during a major tournament for money. Obviously this can have a lot bigger consequences, such as being kicked out of a community, or even jail time. You see it a lot these days with videos discussing faked speedruns. Generally speaking these are due to pride. Most of the time, we see that the people doing this are extremely skilled already, the reason they cheat is to take a shortcut. A justification that "I could do this legit... but" this goes beyond even video games since obviously professional sports has had several doping scandals, some of which even fall into that same culture of cheating mentioned before(the Tour de France being a recent-ish example). This is the type that is actually doing so for accolades (or just money but those people's motivation is self-explanatory) and it's not hard to understand why they do it. There's this idea that they've worked so hard that they deserve the reward, and so they justify to themselves that a little fib wouldn't hurt. TL;DR: There's not much pride in leaderboards like this, people just do it cause they can and there's no real consequences. People that do cheat for accolades do a lot of mental gymnastics to justify to themselves that they deserve the accolade. Also, some games cultivate a culture of cheating so they feel justified because it's practically impossible to win without cheating.
In older RPG Maker versions, the integer value stored in memory actually followed the formula (2 * value + 1). Not sure if that was supposed to be an intentional protection against cheating (albeit pretty easy to circumvent once you know the formula) or just a technical detail of how the engine works.
technical detail on that one from rpg maker having to be optimized for multiple systems, basically a little extra convulution here means less convulution trying to get it to work right on the next computer
You have to know, or expect, this form of anticheat, and you don't have a second chance if you screw up. If I have to guess, this is just ONE of the methods he uses to catch cheaters...
@@araulius2132 Wdym tech illiterate? So you are telling me, that to be tech literate, you have to instantly realize that the game stores a separate value to catch cheaters?
@@araulius2132I can be pretty tech illiterate, but at least I know to turn off any of that kind of software before playing. But a lot of games do system checks and can give you a ban on its installation, which kinda sucks for some people who like using it on SP games, like me.
I'd love a game that embraces the cheat, not straight up "My score is now 1Krillion", but something where you could have a separate leaderboard where people put an actual fight getting a high score but with some fun cheats x')
the people only wants a shrimple big head mode leaderboard, floor is lava leaderboard and no friction leaderboard (like ice floors but no deccelerating)
My favorite was an anti-piracy tool. There is a sim game where you play a game development company. If the game detected you were playing a pirated version of the game it would still let you play but your company in the game would be plagued by software piracy and made it nearly impossible to turn a profit.
@@roberteltze4850 They didn't quite use an anti-piracy tool. Rather, the devs for Game Dev Tycoon uploaded a slightly modified version of the game where it'd do that. The idea was so popular within the fanbase that it later got turned into an alternate mode for the game too, albeit with mechanics that make the game beatable
@@roberteltze4850Game Dev Tycoon doesn't detect if you've pirated it. It uses a completely different version of the same game put up by the developers on various game piracy sites. They also semi-recently put piracy mode in the main game as a more difficult option
It's interesting just how much people can do with CE I think the Real Time Corruptor is based on it and the kinda things it can do to games is amazing. It even lets you save corruptions to replay them in exactly the same way
6 месяцев назад
No matter how long I have been using Cheat Engine, I always get nostalgic for good old Cheat O' Matic, same deal as CE just for us oldies back in the early 2000's
Cosmic rays caused a unique Super Mario 64 glitch that can't be replicated, so it can definitely get you banned by changing the score. It's also only one variable out of millions though, so the odds are tiny.
@@ebx ok? so? implementing those measures will still greatly reduce the number of cheaters. and for competitive games, reducing the number of cheaters is a must if you want your game to last
@@ebx yeah no shit thats the nature of cheats the point of anticheats is to realize when people are doing those workarounds also water is wet, fire is hot etc etc
he shows, in real time, the fundamental flaw with using this method to permaban people, errors happen, false positives are still treated like solid convictions.
I have recently been studying Python so I understand that it is a very basic term but hearing you say float and actually knowing what it meant made me happy. I have felt like I've retained nothing but that was a nice boost for me.
Ok but I used to just check which values changed after increasing my score until I find the only values changing with score, that way I can change both values at the same time 👍 There are better ways to fix this but they're more complicated
It's the same thing though as a kid being curious about setting off a mouse trap. If they set it off with their hand they'll feel the consequences. There are other ways of satiating curiosity besides putting yourself at risk.
@@chemplay866 the permaban isnt that bad when its just the leaderboards. I doubt somebody using cheats was gonna get somewhere big on the leaderboards anyways
I mean, using a cheat engine is okay for OFFLINE games; have fun with that! But if you try to use it in online games and get banned for it... It's your fault, man! Don't complain about it.
exactly. The multiplication value is also stored in the memory, so all you'd have to do is find a way to reliably read that value and either adjust your cheating with that value, or set that value to 1.0 and now you can cheat to your hearts content. Obviously takes far more work than just downloading cheat engine and punching a few numbers into it.
I feel like part of the "you can only screw up once" angle is that you would need to extensively study the values before you can even begin to fiddle with them, or else you're just completely locked out. So while it's not ironclad, it's also not hard to trip.
That's if you just modify the value in memory. Someone who knows what they're doing can modify the assembly to the update the value when it's saved or retrieved so the antichrat check doesn't detect a modification.
Was gonna say this. There are gurus who find ways around this with or without cheat engine. Usually though, they make trainers and sell/distribute them.
Its more complicated than that. The random multiplier means its difficult to know exactly how much the "verification value" has been altered by and therefor it is difficult to tell how much to change that value in order to not get caught this way. Even if you change both values there is no guarantee that you will get the multiplier right. There's ways around this of course, but it does introduce some level of complexity and sometimes that's all you need to stop casual cheaters. The hardcore folks will get through but you can then deal with that much more limited group later.
You look for what writes to that address and then u inject a script overwriting the code that adds to ur score. Also, it’s possible to just hash the values for ur anti-cheat. Now the security number changes on update but not reliability up or down.
That's a great idea. I love writing cheats for games, it's 1/2 the fun I have when I get a new game. I don't care about leaderboards so that method lets me have fun writing cheats and playing the game how I want to play it yet keeps the leaderboards clean for people that don't want to use cheats and care about that stuff.
Why not write your own game ? If the play style of the game you are trying to play isn’t your style ? You are just editing and manipulating someone else’s work ….. kinda lazy and dumb if ya ask anyone with a brain unless it’s single player…….
Hey could you explain to me what thor is talking about in the video? I mean, his process of multiplying with floating point numbers. Why does he reverse them in the end?
@@gregh5061 It's cheat detection. Assembly code is hard to follow. Say you want to write a cheat that gives you more money. You look at the money in game and search the game's memory for that value. That usually comes up with thousands of addresses. Then you buy something and search those results for the new value which will narrow the result. There may have been thousands of the first value, but far fewer that had that first value and then had the second value after it changed. Repeat until you have the address where money is stored. You can set that value to a new number to get more money, and use debugging registers to find the code that changes that memory so you can inject code into the game that will find that address instantly after you restart the game because that address is set at run time and will be different each time you start. So what Thor is talking about is having a second 'hidden' value that is tied to what the game thinks the money should be. Say you buy something and there is code that reads your current money, subtracts the cost, then saves your new money. When saving your new money the code will also multiply your money by some number and save that somewhere else. The code that cheats for you knows nothing about this second address, it's an order of magnitude more difficult to follow all the code through to try and find something like this, and the cheat works without it so why bother. When your money is next read, say when you try to buy something else, that hidden value is also loaded and compared to what it should be and if it is different it will flag you as a cheater. Thinking like variables using pseudo-code: `void setMoney(int money) { player.money = money; hidden.money = money * 3; }` and `int getMoney() { if (player.money * 3 != hidden.money) flagAsCheater(); return player.money; }`. So you have 1000 credits, then player.money is 1000 and hidden.money is 3000. When you cheat you make player.money to be 999999, but hidden.money is still 3000. When `getMoney()` runs it sees that 999999 is not equal to 3000 and flags you as a cheater.
To be a bit more specific, cheat engine is also in machine language. Because most of the modifying isnt just look for different values of number each time, but finding the source of that number generated in hexadecimals.
You can also check for values that increase, decrease, or don't change per scan. This is how you find the values of unknown elements, especially mutated ones like this one. Nice vid
same, or some pay2progress random clicker game with no leaderboard, I don't wanna spend 6 months waiting for the same thing someone who pays gets in a day, I can just do it myself
Fun cheat engine story, way back in like 2010ish, Facebook had a Bejeweled game. This game shared your high scores with friends, alongside a replay of your gameplay. The game speed could be modified by cheat engine. (At least, I'm pretty sure that's what we used). So we figured out we could crank the game speed down to like 1fps. Then made the absolute craziest combos you can imagine, literally nothing had time to sit on the screen for longer than a second in the replay, the whole screen was just clearing instantly, constantly. It was the craziest bejeweled replay anyone had ever seen. It was glorious. We got banned from the leaderboards.
So as a kid there was a Roblox game that actually did this. I remember after going through a couple of accounts I figured it out. They touted their game as unhackable because of this too, which was pretty funny. So your level dictated your power, which would in turn both scale your attack's damage AND their size. EXP scaling was exponential so they never expected people to reach a level where attack sizes would be an issue. I'd wait until the guy who made the game would log on, and then I'd shoot a couple blasts at my feet in the middle of the map. From everyone else's perspective they just randomly died out of nowhere with no indication of what happened. The attack's mesh was so massive that their characters and cameras were entirely inside it, meaning they couldn't see the attack. The sound only played from the single point in the center where I was, so most players couldn't even hear it either. It was basically an invisible nuke. Told the guy who made the game about it afterwards, of course. He put sanity check limits on levels and AOE sizes after that.
You're missing the point. The point is that simply finding and changing the score *appears* to work until the score is submitted, at which point your account is permanently relegated to the cheaters' leaderboard and you need a new one to try again. It's not bulletproof by any means, but it's a cleverly simple countermeasure meant to filter out most would-be cheaters. The only ones to pass that filter would be cheaters who are highly motivated, very cautious, armed with foreknowledge or are using a cheat made by somebody else.
@@majorgnu I understood the point, but as someone who did it in my teens its almost such common practice especially for the main values like health, ammo, experience, etc that it was just something you did. Sure an absolute newbie that doesn't understand pointers could get caught up on that system, but I believe even back around 2004 when I was doing this the cheat engine recompiles people would make had tutorials built in that taught you how to find pointers.
back in the 2000s and early 2010s, cheat engine was a popular tool for hacking flash games and commonly values were multiplied by 8 to avoid easy cheating. its a really useful tool for learning "hacking" though.
You also gave future cheaters the instruction on how to get arround it: you search for values that go up as you increase your score, repeatedly, until you get all numbers that go up, then you observe the change in them and edit them together respectively. I have played arround with this when I was younger and lots of games did similar solutions as you have pointed out. There is one indie platformer with serious following and leaderboards -not naming it here, so people do not abuse the knowledge - that created a number of rng floaters to double check the value and after random checkpoints throughout the levels created new floaters for the double checking method, which made hacking the points almost impossible until some people with insane determination to cheat their way to the top figured it out. What I am saying - you can work against it easily, but if the cheaters know, they will find a way arround it, it's an arms race.
Unless people run ECC RAM, it's not unlikely that a bit will change and this comparison fails, due to random chance. So a cheat detection system like this is a bit tricky, because you *will* get false positives.
Cheat engine community has strong nerds as well, treating events as time series, and doing parsimonious statistics. You can not eliminate that with a linear multiplier, try non linear functions, or just hash it.
I had something like that but it was more devious, it's a number format that saves a multiplier and a constant, and when it's modified, the multiplier and constant are also changed, so unless you decompile the game you can't find the base value, because it can decrease in memory while increasing the value stored.
I remember "trainer" programs working the same way where you could track changes in value. For instance having 100gil in a FF game i would find all the values that equal 100. Then buy a potion for 25gil changing the total held to 75gil. You could then narrow it down to values that changed from 100 to 75 and find the value that's tied to the in game currency and modify it.
The best use of cheat engine I've seen was the "number of players slider" for the 32bit versions of Borderlands. I did as the name suggested, allowed the game to function as though more players were connected. As the game scaled difficulty to number of players then the game became more challenging and more fun! That should have been an option within the games. Cheat engine was used to find the memory location of the number of players but the slider was hand coded to hook and alter the memory location.
I mean, it has A LOT of tools to analyze memory, to extend that you see connected values, or compare entire snapshots of memory. It trivial to overcome such style of protection
lol that verbal floating-point precision error was just too perfect
Conclusion: Thor is being run with Cheat Engine
Thor runs on JavaScript
@@FourOneNineOneFourOne JavaScript uses the same floating point representation nearly every other language uses.
Thor is a computer confirmed
@@DominoPivot ☝️🤓
Says "1.005"
Writes "1.004"
Thor's mind is an enigma
he modified it with cheatengine
Don’t Translate!
อย่าอ่านชื่อฉันนะ.
It's got rounded, as he said there's a bunch of numbers further
Nope, floats are just like that.
(Yes, yes, I know you need a lot more zeros before this actually happens.)
It would have to be a digit 5 or more after the 4 then. Wecan only assume but what if it wasn't o.o@@spookyscarygraviton5944
Imagine getting banned after a particle from deep space hits a transistor representing your score and turns a 0 to a 1
Bad space particule! But also do not entice space particules to come hit your computer, because that's cheating
I believe that what happened in one Mario 64 speedrun, where Mario teleported on top of level, skipping most of it, and no one was able to reproduce it anymore
@@HeavySandvichGuy1 I heard that story too, and was really hoping for it to be true.Sadly, it turns out it may have likely been something else. I did watch a video essay/documentary about this incident and it is most likely some rare software glitch based on the levels geometry and not a space particle
yeah i was going to say, how many decimels is he matching this to, because anyone with non ecc ram will run into this slightly
@@HeavySandvichGuy1 woah your information is out of date sonny. it had nothing to do with that. TTC was just too big for the ram to handle so weird stuff happens (not just that one spot either) the whole cosmic ray myth was debunked recently.
"You can only screw up once, and everyone screws up once."
"I only botted once and a I lost my WoW account of 10 years!"
"Eat my entire @$$"
He was a blizzard employee
Don't Bot on your main....
"Eat my ass!" 😤
Keep in mind it also means "you can only get screwed once", because if it's a memory error, or some crapware you inadvertently installed trying to edit the wrong part of memory because the programmer had only 2 brain cells competing for third place, or badly translated coding books, you still haven't downloaded any cheat or "cheat engine" (which is merely a tool, just like hexedit and the rest), and YET you are already banned/tagged as a cheater for life.
People thinking HUMAN MADE code is perfect and cannot do any false positive are AS DUMB as cheaters.
When thousands of logitech hardware users are banned, deprived of what they bought, and THEN insulted and refused an answer by some crappy entitled anti-cheat company reps, under the pretense they NEVER do any error; only for the reps to be pulled by the scruff and their noses dipped in their own steaming pile of poo, by someone who actually understand what happened and proved they "detected" a windows update as a false positive, even though it takes 6 weeks+ for new drivers to be approved my MS, and Logitech provide those free of charge, and they are a good 1/3rd of the market so it DEFINITELY should have been looked at by said anti-cheat company...
THAT tells you everything there is to know about anti-cheats. They offer no security, no reliability, they require always stronger access to your devices and files, requires you to not have a linux installed freely because "omg secure boot is required" or some other crap, and even when proved wrong, they'll shift the blame...
The only anti-cheat that is actually WORKING is one that is SERVER-SIDE and can be checked AFTER THE FACTS.
Take RIOT's LoL, it is unplayable now because of that vanguard crap allowing itself into your operating system, doing whatever it wants to your OS and files, being promoted by a chinese company which has no regard toward privacy, and is actually being forced to do this by the CCP, using LAWS they passed that FORCE the entity to give the data they have, OR implement a way to obtain the data, else they be considered traitors to their country. Also that law allow them to OPENLY LIE about the fact such things are required of them.
That vanguard crap is still bypassed daily, there are even streamers on TWITCH showing it regularly cheating on Valorant, to prove the anticheat is a joke.
You still lose league points if there is a cheater in the game, and there are still people doing things ULTRA OBVIOUS, like using the "Flash" summoner spell (with usually very long cooldown) MULTIPLE TIMES PER SECOND.
You'd guess such a thing should be verified server side... but hey... surely with only the billions they are making, they are a bit short on change to assign it to anyone to fix...
Should be pretty simple : develop a thing to check the replays, since they STORE IT ANYWAY, and verify that what happened in-game is LEGIT. a quick pass on all the summoner's spells durations, a quick pass on the cooldowns usage, a more detailed analysis of the damage dealt and animation timers (like "this guy is not supposed to move while casting this skill", "this shot has been empowered but the effect applied twice", etc).
You don't even need to do an in-depth analysis on every game, only on those with cheat reports, and if they fixed their awful client, they could actually have a mode were you allow them to use some cpu time for "checking someone else's replay"; Give it to do to 10 other people across the world, the results should always be unanimous anyway, and if something is spotted, you analyze it YOURSELF to actually BAN the cheaters. but at least, you have PROOF of it that anyone can then witness (Here is the wall of shame, let people SEE what it is about so they can actually RECOGNIZE when people are cheating)
"And everyone screws up once" Clearly this is all a plot by Thor to make sure he's never dethroned from the top spot of the leaderboards.
I like this p f p
He probably also has the top spot of the cheaterboards 😂
Floating point errors: “sorry kiddo, you’re perma-banned. Them’s the rules.”
In this case doesn't seem to have floating point errors, since the random value is generated and stored in binary, not inputed in decimal, then converted to binary.
@JaceGameplay it can still easily result in floating point precision errors. There simply aren't enough numbers in the IEEE standard for every represented number between 1 and 2 to have one and only one representative between, say, 10,000 and 20,000. The magnitudes just won't always line up, one side will be more relatively precise than the other.
And if this is managed by something like
when "add score" {
secret_add_score = add_score * magic_anticheat_number
score += add_core
secret_score += secret_add_score
}
Then you are going to easily, quickly, see floating point precision errors slightly fudge your value. Once it gets fudged once by one of those operations, it'll never fleet unfudged
@@ferociousfeind8538 if the multiplier had a relatively short and precise binary representation, like 1.0625 being 1.0001 in binary, then it would work fully precisely for long enough.
Only from the standard leaderboards, not the game.
@@JaceGameplay You don't know what you're talking about. Floating point calculation errors have nothing to do with conversion.
I really like that strategy. Doesn't keep them from enjoying the game, but does keep them from being able to mess with everyone else's rankings.
me too, I used to use cheat engine more, now i just use it if the grind it terrible or i want to start off a game with something, I wont use it for multiplayer games though, just singleplayer, never cared about leaderboards so I think thors approach is fantastic, im ok with achievements being disabled too, then when i play a legit run on a game I can use them to track my legit progress
@@darkelftenak funneling them also stops them from trying to get into the real score boards, sometimes even because they're not realizing it. Just a bunch of 9999999999 scores huddling in leaderboard hell.
Just insults them online for having fun.
yeah totally a-ok
I also really like this!
I like using cheat engine for a lot of things in games. Mostly just to save time in grindy games. But I also hate the idea of messing with other people's stuff, so I try to avoid using it with games that have leaderboards or rankings. I don't actually care about my own ranking, but I know other people do, and I don't want to mess with someone else's experience if they want to try and top the leaderboards. So I really appreciate this strategy sidestepping the problem for me!
So what you're saying is that if you cheat you get access to a special VIP leaderboard? Because my heart is telling me I wanna be on whichever one has the higher numbers.
Don’t Translate!
อย่าอ่านชื่อฉันนะ.
The higher of the high scores
Also, you only have 1 try at it! So be sure to make it count!
it's full of cheaters though
@@shytendeakatamanoir9740 They are banned from the normal leader boards, not from the cheater board, if I understand him correctly here. So you can try again cheating
the fact that the regular leaderboards are filled with 2,147,483,647 scores shows that this method is very effective
Wait a minute. I recognize that number, but that's java.MAX_INT, aka the maximum positive number an positive int can be in java. It's a 32 bit number, while a float(ing) point is a 64 bit number(, so if you ignore the decimal, it can be a much larger number). Thor said he used a float, not an int. What's going on? Are people assuming thor used an int instead of a float? o_O
@ that’s the integer limit everywhere not just in java and the steamworks api only accepts integer scores
@@agalerex problem is - you can find exact value even if it is float/double whatever with cheatengine just changing searched value for type you think it is if you want, but my personal way to deal with decimals is 'Scan type - Value Between"
You think you're on the regular leaderboards?
@@funforall9741 yes
I really like this, it doesn't stop the cheater from playing ever again, it just stops them ruining the leaderboard
Meanwhile here I am using Cheat Engine to just wander around the Egyptian Afterlife in AC Origins without being attacked so I can sightsee to my heart's content.
...you just convinced me to give it a try.
Loved the afterlife area, I was so high level at that point I just enjoyed casual walks while dealing with those scorpion things or whatever they were
There are definitely good uses for Cheat Engine
Hell, a lot of youtubers who dig through files and make videos on them (like in Dark Souls) very likely use it just for demonstrations
It can be great in single player use, the only real issue is multiplayer
That and... I mean
Some challenge runs require cheats at game start for inventory modifying
Funniest one is beating the game a lot
And then just saying "why not" and doing a cheat run ti watch the game break
Or trying random shit out alone in multiplayer game to see if it work
To then use it in normal game whit no cheat
Photo Mode?
the smart thing about this, that a lot of other game devs get wrong, is that the game continues to function as normal
id rather ban cheaters from gaming entirely.
In a singleplayer game??? @MasterBasser
@@woopi8003 if it has a leaderboard, it's a competitive multiplayer game actually.
@@MasterBassergood luck with that one.
@@MasterBasser You clearly did not play any old GTA games. Cheats were the shit back then.
I wonder how many scores are going to end up as "Boobs" in the score now that he's told us this just to have a shame wall of the word Boobs in number form as a joke just to mess with him even at the cost of being banned from normal scoreboards
E
Make a new steam account running over a VPN on a virtual machine just to play through once and cheat for that 😂
Was gonna say something about IPs and hardware IDs but you managed to get around both issues... though I think League has VM detection so that part might not work @kugelblitz1557
80085?
@@AR15ORIGINAL Hehehehe you said 80085
The cosmic ray about to flip a bit in my score variable:
"Just doin my job"
it’s funny how thor talks about it like it’s not super easy to bypass. he literally did the reverse engineering for you in this video too
thats why he said "everyone screws up once." cheaters will always be found out eventually.
Well the only way anyone gets past it because of this video is:
They watch this video
They play his game
They want to cheat
They would have messed up with cheat engine otherwise
They successfully find the score, alt score, AND modifier variables
They then hack the rest of the game to get a high score
And the final results are believable
I’m cool with those odds
@@AlexPBenton or instead of changing some certain values in memory you could instead edit entire functions in assembly, like "player collects ball increment score by 1", now you change the function so that it increments the score by 10000 instead, or you dont edit this function but instead call it over and over effectively raising your score, or do something like godmode, noclip, whatever to make it easier to raise the score, in the end there's always an way.
@@deineMudda952 He probably has two functions, one for regular score and one for alt score
@@AlexPBenton the tricky part is you'd have to figure out the value which is separately stored by the game. if you don't know _how_ the game is actually storing that value, or what even alters it, it can be tricky to reverse engineer even with cheat engine.
FOR EXAMPLE, in most games i've noticed currency, XP, or similar values are stored as 4 or 8-bit floats. This is also, usually, the default configuration of cheat engine.
HOWEVER, many times i've also found these values are not stored as floats. awhile back I was playing both NieR Replicant and Gestalt on a PS3 emulator (this was before the remake was released). I had played all the way through on Gestalt, and wanted to do a run with Replicant using a subtitle mod.
To speed it up, I wanted to give myself a ton of gold, or quest items, or whatever just to ease up on the grind. HOURS of searching, testing, reverse-engineering, and I could never land on the right memory address for the things I was wanting to change. As it turned out, these values were all stored as big endian, which required a modification of cheat engine to even make those kinds of values discoverable.
from what he described, both the score value you see and the score value kept by the game are stored as different kinds of values. otherwise, both would show up when doing a search in the memory for your changing score. you would have to run through a lot of possible options before finding the correct value. and you may not even find it, because this is also obfuscated since it's technically a multiple of a randomly generated floating point on game startup.
not saying it would be impossible, im sure if someone was sweaty enough they could datamine it out. but for the average cheat engine user it would be very difficult.
Honestly, using cheat engine for Single Player games is quite cool. Messing around and finding values for no cool-downs and infinite stamina i pretty fun. But for multiplayer games? Probably not as cool.
It would be cool if you could run a server that gives everyone the same cheats.
@@TJackson736private servers where that's fine is cool. But there also tends to be neat altered private ones out there too
@TJackson736
Yeah, like good old halos or cod custom maps and game modes.
But yeah, CE for singleplayer is goated.
I'm not farming for hours or spending 80% of my playthrough running from first step to Haligtree roots. (Elden ring).
@@TJackson736 if you run the server, then all you really need is for server to give those values, as servers are used to validate player data.
yes this comment is a very minor nitpick, and you didn't say anything egregiously wrong (i just thought people might wanna know)
@@TJackson736 I might be wrong here, since I played it too long ago. Age of Wonders 2 Shadow Magic(and probably Wizard's Throne also) when you use cheatcode granting gold/mana to not only you, but all players, in multiplayer hot-seat including.
For most games cheats and cheatengine doesn't work properly or at all outside of singleplayer. People usually don't care what you do in SP, just don't brag that you achieved something using cheats, if you want to brag about something - make it fair and square.
That "equal" scares me since it will never be equal if it's a float lol
It will if you use precision rounding, especially if it isn't some engineering project where intense accuracy is required
It's rounded or there's tolerance for the precision error.
@@gregklein4846 How do you round for precision?
@@leonardoraele The most common way to compare two floating point numbers for equality is;
|a - b| < EPSILON
If difference is LESS than some predetermined threshold (epsilon) then they are "equal" (enough). The problem is always deciding what epsilon should be, but its always a tiny number like 0.001
Depending on the application it might be better to avoid the need to compare floating points in this way, or use decimal formats instead.
Don't do that. You'll be chasing an appropriate value for epsilon until the end of time, and getting seemingly random edge cases forever.
Floats aren't random. You just need to understand when it is and isn't safe to compare them.
Laughs in “what accesses this value”
There're also view this value memory or something that I cant never understand. I'm not learning the basic so that is understandable, but dang anyone learn to code go through all these number is quite something.
cheers to those who finished the CE tutorial
Came here to post this. Keep an array for updates.
@@NightFyreTV 😭😭😭 was gonna say this
what if: higher score lower nummber
or use 4 nummbers that keep changing
and the game just calculates the score from that
only progamners would be determant enought to find those values
i love how casually you say the most useful development tips. As always, thanks for sharing man
That's why I prefer games like Stellaris where I'm free to modify MY game as long as it doesn't ruin multiplayer or achievements for others. Most games nowadays have neither console for player, nor a way for the player to start the game in "I don't want achievements and am going to cheat to have fun, thank you" mode. People still memorize cheatcodes of San Andreas and Vice City two decades afterwards for a reason, lol:D
Thor encrypted his own mind data, writing 1.004 when saying 1.005 :V
The amount of stress you put on "permanently banned" makes it almost sound like it still means something in this day and age.
the shine on the armor of morality never dulls...
it does, depending on how the ban is implemented, nobody in your house may be able to ever touch the program again
@@stormjin2242 Not really, even if they ban your public facing IP, the worst case is you call up your ISP to give you a new one. It's tedious, sure, but still possible to bypass with relatively low effort.
@@stormjin2242literally every method to detect if a player is a banned player can be circumvented if the cheater is spiteful enough. I also doubt Thor would apply the full brunt of his security experience to reinforce the leaderboards from interference.
Software bans, IP bans, network bans, full on Hardware bans are not insurmountable.
@@stormjin2242 Most home isp recycle IP addresses at some point with DHCP as IP changes when lease expires. Typically you have to pay for a static(locked) IP.
Check your IP around the ban, recheck you IP periodically. When it changes make a new account and keep rocking and rolling.
Source: not on a game, but reddit account shenanigans.
Cheat engines great for single player games that you just want to mess around with. Got a soft ban from COD for having it on my system(maybe it was wemod). Never used either while playing. Kind of annoying that detection software can flag for bans even if its not in use.
Get wrecked noob!
I've never had an issue with this, but it does cross my mind since I use cheat engine for all kinds of single player games. Honestly, I feel like all mods require some sort of program that could be detected as a cheat.
One of my friends plays a lot of idle games, and uses cheat engine for speed hack to save years of his life. He usually has 5 or 6 running at a time. Helldivers 2, back when we played, would CTD if he didn't close all his instances.
@andrewwaldschmitt4757 the sad thing is there's no real way to distinguish between people like myself and your friend and the real cheaters with these kinds of detection systems. In the end it makes me scared to play any myltiplayer games because I really would hate to lose the close to 300 games on my account all because I like to add QOL features to my gaming experiences offline.
This exactly happened to me got banned from warzone 1/MW and vanguard. I was using it for GTAV and emulator games in offline single player games. Is there a way around this does any know?? Do I have to uninstall battlenet completely until I uninstall cheat engine?
This protection is so easy to bypass 😂
When the game lags, freezes or glitches and the scores doesn't match up and suddenly you're permanently on the cheater board.
Spoken like someone without a clue what they're talking about
@@amcmahon134 okay buddy
@@Ninisty The arithmetic for this is done in millionths of a second and is completely lag proof and glitchproof.
@@amcmahon134 nothing is perfect 👍
@@Ninisty Some things are in fact impossible, and the failure points that you are describing cannot follow from the algorithm described in the video
The guy called Unknown Initial Value:
the guy called debug writes to this location:
that wouldn't work since 1.0004 doesn't change and instead you would again modify score resulting in a ban
@@Herib104 you would find the hidden value though
@@w451-qx3kx can you? It would show like 500m results (depends on game size) even if you do unchanged value for hours there would be way too much results to try to eliminate by hand
@@Herib104 that would be searching for the multiplier they are saying search for the multiplied value
The funniest part of this is I know someone would purposely just try to end up on the highest spot of the cheaters leaderboard for the memes
thats a first come first server type of thing. every cheater can max out the score. whoever does it first is the one on the top of the board forever.
Honestly, I think it’s a really good idea. I think speed runningboards should put people who cheated on their own separate board to see who can cheat the best so they can still enjoy their hobby with other people who enjoy cheating just as much as them!
"and I know you cheated" lmao he loves to clarify
Note how he doesn't mention the handy "Find what writes to this address" button
I love the fact that some games just shit themselves if you have "Cheat Engine" running
some do when you just have it installed but not using it
@@Healcraft stay away from those games.
@@Healcraft This is achieved by having access to your machine's kernel. It is ring 0 access. No-one should have ring 0 access except very, very experienced and knowledgeable technicians and the backend systems of your actual operating system.
If someone wanted to, they could download, delete all of the data present on your machine, including sending you malware or ransomware, using the program that is forcing kernel-level access.
@@Devdraco riot games with vanguard or blizzard games
@@Healcraft Which game does this? I've never heard of a game not running just because you have an application installed.
"Find what accesses this value"
Suddenly, champions of breakfast was cheated to hell and back.
Well, no, probably there's more to it than that and this is one of many tricks. But still, that would be kinda funny.
if he's telling us this, it means he doesn't think it will be an issue for us to know, which means there are other anti-cheat methods in place. If this was the only line of defence, he'd say something like "we do something to the score, i won't say what, and then store that modified value somewhere else"
technically, if thats the ONLY detection check (which it probably isnt) then just dont alter the score itself directly
@@nodrance also, he didnt give us the actual number (mostly because its a painfully long and probably randomized on runtime). if we want that number we have to go hunt it ourselves... which funny enough he does tell us how to do lol.
(find "score". Traceback. Look for an instance where a value between 1 and 2 is being multiplied to the value that is added to score. Super simplified and im 200% sure theres a few other ways of doing this)
@@link_team3855 If you can find where the multiplied score-value is kept that's all you need because, if the system works as described you can easily cheat the safeguard by just changing the value of the multiplied score-value as well. Well, first you need to read it and do some arithmetic to figure out the float value, but that's literally just basic division. Then (so long as this is actually how it works and also the only line of defense) boom, you've got a successfully cheated score value.
My assumption is that this one is "safe" to explain because it's also something that would be relatively obvious to a determined opponent anyway. I also assume that there's probably also a second value with a more involved hash function, if not the saved score value itself being a decoy that gets checked against some other set of operations that actually maintain the score information.
If you wanted to reverse engineer all of that against the work of an offensive security specialist, you'd probably have an easier time decompiling the code... or you could simply git gud.
For all the people talking about floating point errors, that's not how floating point numbers work. They're not some sort of RNG.
What Thor is doing is:
if(score * salt != hash) cheated = true;
score++;
hash = score * salt;
score * salt will always equal hash, because hash is *defined* as score * salt.
What *isn't* safe is this:
if(hash / salt == score) // floating point error!
(And presumably it isn't just salt*score, but salt*score*gold*xp, or whatever important resources are easy to manipulate.)
This doesn't prevent you from just increasing the points values you would get. As those values are also in memory.
It was a long time ago but a net hiccup caused a game I can't remember to accuse me of using a cheat engine. This was back when these things where first coming around. It was honestly annoying to be accused of something cause of bad net.
we believe you....
@@norwegiansmores811 no you don't. Everyone always 100% believes someone is guilty no matter what. I accept that i can't change anyones mind. But i did get it fixed so i was right in the end.
Game Wizard let you do this kind of stuff in 1994. I don't think it was "just coming around" when you got banned.
"You can only screw up once, and everyone screws up once" hits pretty hard and true
I will never cheat on a video game. It takes away the value if you actually win or get a good score.
@@StablerGames the inherent value yes - this is what i don't get about why people cheat... you are making your 'win' a "fake win", it means nothing now. like buying a trophy from a trophy store for yourself. wierd
@@Munenushi tbf there's two types of cheating in games, there's cheating and "cheating". I've done a fair amount of both in my time.
Ya know, abused the occasional save state in retro games, used a mod to unlock something that would have taken me like 20 hours in a game I liked, but not that much. It's generally a victimless crime if done in a single player experince.
"Cheating" though, that's all fun, when I was a kid I used cheats up the wazoo for GTA4 cause I did not care about the story or progress really, I just wanted to mess around in the open world with a helicopter. "Cheating" is goated.
@@TheWrathAbove i agree with you. i just dont understand the Cheating (captialactual) for accolades or placement on a Leaderboard... perhaps it is my own personal issue, but i just think it takes all the meaning out of it
@@Munenushi There's two different types of let's call it "competitive cheating". Low stakes and High stakes.
Low stakes cheating tends to be stuff like using aim bot in a regular competitive match, or cheat engine to get a top leaderboard placement, or even stuff like taking extra money from the bank in Monopoly. Generally speaking, there's no real consequences for low stakes cheating (nor should there be tbh) at worst you're banned which while upsetting isn't a real world consequence. While I've seen sone eliteism from people that do low stakes cheating it's rarely about pride but rather "intelligence". People that posit cheating is the optimal way to win (technically not wrong, I guess) so it's the best way to play. Alternatively you see a lot of low stakes cheating from people that aren't very good who convince themselves that cheating is justified since it's the only way they can win. Some games can also cultivate a culture of cheating which is something World of Warcraft struggled with due to the number of bot accounts, and we also saw with Escape from Tarkov where so many players were using Wallhacks to the point where many deemed that the only way to be on an even playing ground. I would generally argue there's not much pride in this kind of cheating, and getting on the top of a leaderboard is done for it's own sake, not because they think being on the top of the leaderboard matters.
High Stakes cheating is stuff like faking breaking respected world records or hacking during a major tournament for money. Obviously this can have a lot bigger consequences, such as being kicked out of a community, or even jail time. You see it a lot these days with videos discussing faked speedruns. Generally speaking these are due to pride. Most of the time, we see that the people doing this are extremely skilled already, the reason they cheat is to take a shortcut. A justification that "I could do this legit... but" this goes beyond even video games since obviously professional sports has had several doping scandals, some of which even fall into that same culture of cheating mentioned before(the Tour de France being a recent-ish example). This is the type that is actually doing so for accolades (or just money but those people's motivation is self-explanatory) and it's not hard to understand why they do it. There's this idea that they've worked so hard that they deserve the reward, and so they justify to themselves that a little fib wouldn't hurt.
TL;DR: There's not much pride in leaderboards like this, people just do it cause they can and there's no real consequences. People that do cheat for accolades do a lot of mental gymnastics to justify to themselves that they deserve the accolade. Also, some games cultivate a culture of cheating so they feel justified because it's practically impossible to win without cheating.
In older RPG Maker versions, the integer value stored in memory actually followed the formula (2 * value + 1). Not sure if that was supposed to be an intentional protection against cheating (albeit pretty easy to circumvent once you know the formula) or just a technical detail of how the engine works.
technical detail on that one from rpg maker having to be optimized for multiple systems, basically a little extra convulution here means less convulution trying to get it to work right on the next computer
MTool is a way more convenient tool for Rpg Maker anyway ;)
"you can only screw up once, and everyone screws up once"
data corruption, random bit flips, yeah. so many ways this can go wrong.
Every game should have a cheater wall of shame.
Yeah there are times values will actually be corrupted by bugs, and just random errors. A non zero amount of people on that board are non-cheaters.
True but also isn't that every anticheat ever?
*claim* to be non-cheaters
Does it make you feel smart to go around constantly saying non-zero? You can stop now because it's not working. Such a stupid reddit phrase.
@@Connection-Lost you should always check for if value is non-zero when doing true-false checks in c
@@Connection-LostMan, calm down.
Cheat engine is a dynamic analysis tool, someone with good knowledge can bypass the check. It's still hard though
Yes, but most young people are tech illiterate, which explains why the check is so successful
You have to know, or expect, this form of anticheat, and you don't have a second chance if you screw up. If I have to guess, this is just ONE of the methods he uses to catch cheaters...
@@araulius2132 Wdym tech illiterate? So you are telling me, that to be tech literate, you have to instantly realize that the game stores a separate value to catch cheaters?
@@araulius2132I can be pretty tech illiterate, but at least I know to turn off any of that kind of software before playing. But a lot of games do system checks and can give you a ban on its installation, which kinda sucks for some people who like using it on SP games, like me.
Itd still be hard to figure out how the check works without hearing about it from Thor first
I'd love a game that embraces the cheat, not straight up "My score is now 1Krillion", but something where you could have a separate leaderboard where people put an actual fight getting a high score but with some fun cheats x')
the people only wants a shrimple big head mode leaderboard, floor is lava leaderboard and no friction leaderboard (like ice floors but no deccelerating)
My favorite was an anti-piracy tool. There is a sim game where you play a game development company. If the game detected you were playing a pirated version of the game it would still let you play but your company in the game would be plagued by software piracy and made it nearly impossible to turn a profit.
@@roberteltze4850 They didn't quite use an anti-piracy tool. Rather, the devs for Game Dev Tycoon uploaded a slightly modified version of the game where it'd do that. The idea was so popular within the fanbase that it later got turned into an alternate mode for the game too, albeit with mechanics that make the game beatable
@@roberteltze4850Game Dev Tycoon doesn't detect if you've pirated it. It uses a completely different version of the same game put up by the developers on various game piracy sites. They also semi-recently put piracy mode in the main game as a more difficult option
It's interesting just how much people can do with CE
I think the Real Time Corruptor is based on it and the kinda things it can do to games is amazing. It even lets you save corruptions to replay them in exactly the same way
No matter how long I have been using Cheat Engine, I always get nostalgic for good old Cheat O' Matic, same deal as CE just for us oldies back in the early 2000's
Imagine getting a bit flip in your ram and getting banned for it.
Tbh skill issue💀
Cosmic rays caused a unique Super Mario 64 glitch that can't be replicated, so it can definitely get you banned by changing the score. It's also only one variable out of millions though, so the odds are tiny.
@@NaudVanDalen that was debunked lolol
your computer will most likely fix it without you ever realizing
@@Drenchy the thing is it really doesnt matter if it was "debunked". Its a possibility either way. Cosmic rays can flip bits.
Cheat Engine is awesome for single-player games, but for multi-player and online leaderboards it definitely needs to have checks like this in place
there's always a way to work around those measures.
@@ebx ok? so? implementing those measures will still greatly reduce the number of cheaters. and for competitive games, reducing the number of cheaters is a must if you want your game to last
@@ebx yeah no shit thats the nature of cheats the point of anticheats is to realize when people are doing those workarounds also water is wet, fire is hot etc etc
Thor: "1.005" *writes a 4*
Me: "now I'm not a mathematical genius but that looks like a 4"
I just want to let you know, and I know it sounds crazy, but if you're writing a comment, then we know it's you writing it.
This is why it's a Float, not a Round number.
Thor-Float-point-precission-error.exe :D
he shows, in real time, the fundamental flaw with using this method to permaban people, errors happen, false positives are still treated like solid convictions.
I have recently been studying Python so I understand that it is a very basic term but hearing you say float and actually knowing what it meant made me happy. I have felt like I've retained nothing but that was a nice boost for me.
Ok but I used to just check which values changed after increasing my score until I find the only values changing with score, that way I can change both values at the same time 👍
There are better ways to fix this but they're more complicated
I assume you also hear excuses like "I was curious what would happen"
Excuse. Reason. People do be like that though.
I still think permabans are overkill
My favorite is “I gave the game to my little brother for a little bit. He must’ve been the one to cheat”
It's the same thing though as a kid being curious about setting off a mouse trap. If they set it off with their hand they'll feel the consequences.
There are other ways of satiating curiosity besides putting yourself at risk.
@@chemplay866 the permaban isnt that bad when its just the leaderboards. I doubt somebody using cheats was gonna get somewhere big on the leaderboards anyways
I see SkyNut I now understand
Imagine if everyone started cheating with new copies just so they can get the top spot on the cheater's list lol
Imagine you get a player named "Satan" that intentionally tried to get 666 on that wall of shame just for shits and giggles.
This is how the money printer works 💯
I mean, using a cheat engine is okay for OFFLINE games; have fun with that! But if you try to use it in online games and get banned for it... It's your fault, man! Don't complain about it.
I like how this guy is teaching me more in shorts than 30 minute videos
It's easy to stop people who don't know how to use cheat engine to it's fullest extent. This example sounds like it could be easily bypassed.
exactly. The multiplication value is also stored in the memory, so all you'd have to do is find a way to reliably read that value and either adjust your cheating with that value, or set that value to 1.0 and now you can cheat to your hearts content. Obviously takes far more work than just downloading cheat engine and punching a few numbers into it.
I feel like part of the "you can only screw up once" angle is that you would need to extensively study the values before you can even begin to fiddle with them, or else you're just completely locked out. So while it's not ironclad, it's also not hard to trip.
You'd need to know said values even exist in the first place to go looking for them
If you know.
A scoreboard for the biggest cheater ? This sound like a good idea for me 😂
That's if you just modify the value in memory. Someone who knows what they're doing can modify the assembly to the update the value when it's saved or retrieved so the antichrat check doesn't detect a modification.
Was gonna say this. There are gurus who find ways around this with or without cheat engine. Usually though, they make trainers and sell/distribute them.
This is Not stopping Cheat engine at all
Yep was gonna say that. He blocked the door, I'll go by the window.
Maybe i'll Pirate His Game and publish a Cheat engine config for it 😂
Honestly this just makes me wanna see who gets to the TOP of the cheater leaderboard LMAO
Probably whoever hits the integer limit first.
Or bottom of the board
That's actually a good idea, letting cheaters continue to play the game but only in a lobby of other cheaters
Mathematicians: it's a rational number
Programmers: haha number go floaty
That's why you use value up or down and narrow it down to the multiple values that are shared and change all of them ;)
Its more complicated than that. The random multiplier means its difficult to know exactly how much the "verification value" has been altered by and therefor it is difficult to tell how much to change that value in order to not get caught this way. Even if you change both values there is no guarantee that you will get the multiplier right.
There's ways around this of course, but it does introduce some level of complexity and sometimes that's all you need to stop casual cheaters. The hardcore folks will get through but you can then deal with that much more limited group later.
You look for what writes to that address and then u inject a script overwriting the code that adds to ur score.
Also, it’s possible to just hash the values for ur anti-cheat. Now the security number changes on update but not reliability up or down.
You can only screw up once, and everyone screws up once. Bleeeeeeeh, I like to think that that isn't true, where's my perfect runners
That's a great idea. I love writing cheats for games, it's 1/2 the fun I have when I get a new game. I don't care about leaderboards so that method lets me have fun writing cheats and playing the game how I want to play it yet keeps the leaderboards clean for people that don't want to use cheats and care about that stuff.
Why not write your own game ? If the play style of the game you are trying to play isn’t your style ? You are just editing and manipulating someone else’s work ….. kinda lazy and dumb if ya ask anyone with a brain unless it’s single player…….
Hey could you explain to me what thor is talking about in the video? I mean, his process of multiplying with floating point numbers. Why does he reverse them in the end?
@@gregh5061 It's cheat detection. Assembly code is hard to follow. Say you want to write a cheat that gives you more money. You look at the money in game and search the game's memory for that value. That usually comes up with thousands of addresses. Then you buy something and search those results for the new value which will narrow the result. There may have been thousands of the first value, but far fewer that had that first value and then had the second value after it changed. Repeat until you have the address where money is stored. You can set that value to a new number to get more money, and use debugging registers to find the code that changes that memory so you can inject code into the game that will find that address instantly after you restart the game because that address is set at run time and will be different each time you start. So what Thor is talking about is having a second 'hidden' value that is tied to what the game thinks the money should be. Say you buy something and there is code that reads your current money, subtracts the cost, then saves your new money. When saving your new money the code will also multiply your money by some number and save that somewhere else. The code that cheats for you knows nothing about this second address, it's an order of magnitude more difficult to follow all the code through to try and find something like this, and the cheat works without it so why bother. When your money is next read, say when you try to buy something else, that hidden value is also loaded and compared to what it should be and if it is different it will flag you as a cheater. Thinking like variables using pseudo-code: `void setMoney(int money) { player.money = money; hidden.money = money * 3; }` and `int getMoney() { if (player.money * 3 != hidden.money) flagAsCheater(); return player.money; }`. So you have 1000 credits, then player.money is 1000 and hidden.money is 3000. When you cheat you make player.money to be 999999, but hidden.money is still 3000. When `getMoney()` runs it sees that 999999 is not equal to 3000 and flags you as a cheater.
@@gregh5061so they can be accurately compared
To be a bit more specific, cheat engine is also in machine language. Because most of the modifying isnt just look for different values of number each time, but finding the source of that number generated in hexadecimals.
You can also check for values that increase, decrease, or don't change per scan. This is how you find the values of unknown elements, especially mutated ones like this one. Nice vid
Now cheaters gonna find your secret float number, your secret second value and modify all three values.
Yup
make both be 0 lol
Quite easy with pointer scan
I only use cheat engine on single player games when I've done everything and now just want to f around for fun.
Same here using in multiplayer online game is lame and really unfair to those who play legit. But yeah single player games why not use it?
same, or some pay2progress random clicker game with no leaderboard, I don't wanna spend 6 months waiting for the same thing someone who pays gets in a day, I can just do it myself
Cheat codes, trainers, and CE are some of the most fun I've had in games. Also saved a lot of my sanity not having to farm mindlessly.
Fun cheat engine story, way back in like 2010ish, Facebook had a Bejeweled game. This game shared your high scores with friends, alongside a replay of your gameplay.
The game speed could be modified by cheat engine. (At least, I'm pretty sure that's what we used). So we figured out we could crank the game speed down to like 1fps. Then made the absolute craziest combos you can imagine, literally nothing had time to sit on the screen for longer than a second in the replay, the whole screen was just clearing instantly, constantly. It was the craziest bejeweled replay anyone had ever seen. It was glorious.
We got banned from the leaderboards.
Note to self don't let the intrusive thoughts win in any of thors games
So as a kid there was a Roblox game that actually did this. I remember after going through a couple of accounts I figured it out. They touted their game as unhackable because of this too, which was pretty funny.
So your level dictated your power, which would in turn both scale your attack's damage AND their size. EXP scaling was exponential so they never expected people to reach a level where attack sizes would be an issue. I'd wait until the guy who made the game would log on, and then I'd shoot a couple blasts at my feet in the middle of the map. From everyone else's perspective they just randomly died out of nowhere with no indication of what happened. The attack's mesh was so massive that their characters and cameras were entirely inside it, meaning they couldn't see the attack. The sound only played from the single point in the center where I was, so most players couldn't even hear it either. It was basically an invisible nuke.
Told the guy who made the game about it afterwards, of course. He put sanity check limits on levels and AOE sizes after that.
Finding pointers in cheat engine is a really common thing to do. This will only catch amateur cheaters.
You're missing the point.
The point is that simply finding and changing the score *appears* to work until the score is submitted, at which point your account is permanently relegated to the cheaters' leaderboard and you need a new one to try again.
It's not bulletproof by any means, but it's a cleverly simple countermeasure meant to filter out most would-be cheaters.
The only ones to pass that filter would be cheaters who are highly motivated, very cautious, armed with foreknowledge or are using a cheat made by somebody else.
@@majorgnu I understood the point, but as someone who did it in my teens its almost such common practice especially for the main values like health, ammo, experience, etc that it was just something you did. Sure an absolute newbie that doesn't understand pointers could get caught up on that system, but I believe even back around 2004 when I was doing this the cheat engine recompiles people would make had tutorials built in that taught you how to find pointers.
back in the 2000s and early 2010s, cheat engine was a popular tool for hacking flash games and commonly values were multiplied by 8 to avoid easy cheating.
its a really useful tool for learning "hacking" though.
In that era I used ArtMoney for hacks... *Sigh* I want my tears back...
You also gave future cheaters the instruction on how to get arround it: you search for values that go up as you increase your score, repeatedly, until you get all numbers that go up, then you observe the change in them and edit them together respectively. I have played arround with this when I was younger and lots of games did similar solutions as you have pointed out. There is one indie platformer with serious following and leaderboards -not naming it here, so people do not abuse the knowledge - that created a number of rng floaters to double check the value and after random checkpoints throughout the levels created new floaters for the double checking method, which made hacking the points almost impossible until some people with insane determination to cheat their way to the top figured it out. What I am saying - you can work against it easily, but if the cheaters know, they will find a way arround it, it's an arms race.
Unless people run ECC RAM, it's not unlikely that a bit will change and this comparison fails, due to random chance. So a cheat detection system like this is a bit tricky, because you *will* get false positives.
your computer can and will detect this and correct it, its been a thing since before 64 bit operating systems
Wouldn't the cheater also be able to find the value, figure out the float, and circumvent the detection?
As someone who doesn't cheat, that's hilarious.
Anyone who used programmable GameShark would easily defeat that
Intelligence: Punishable
Yeah, that could surely stop dumb cheat engine users, but there's no way that stops an advanced user or someone trying to make money out of it.
Remembers the memory, then looks at the memory after you've done a action.
I just love that cheat engine works perfectly in gta 5 till this day😂
Cheat engine community has strong nerds as well, treating events as time series, and doing parsimonious statistics. You can not eliminate that with a linear multiplier, try non linear functions, or just hash it.
If everyone cheats, then no one cheats and the cheaters leader board becomes the leader board. 😅
much better than crashing the game because i accidentally left it on from messing around in singleplayer minecraft
What if that person finds the memory of that random float?
Thor just got banned from his own cheat engine 😂😂😂
Thor: You can only screw up once, and everyone screws up once.
After saying 5 and writing 4, touché.
"And everyone screws up once." - Not if you never cheat.
This is a very good description, since everything has some numerical value.
What's crazy is that this redundancy check is the same way things like QR codes and bar codes work
I had something like that but it was more devious, it's a number format that saves a multiplier and a constant, and when it's modified, the multiplier and constant are also changed, so unless you decompile the game you can't find the base value, because it can decrease in memory while increasing the value stored.
I remember "trainer" programs working the same way where you could track changes in value. For instance having 100gil in a FF game i would find all the values that equal 100. Then buy a potion for 25gil changing the total held to 75gil. You could then narrow it down to values that changed from 100 to 75 and find the value that's tied to the in game currency and modify it.
The best use of cheat engine I've seen was the "number of players slider" for the 32bit versions of Borderlands. I did as the name suggested, allowed the game to function as though more players were connected. As the game scaled difficulty to number of players then the game became more challenging and more fun!
That should have been an option within the games.
Cheat engine was used to find the memory location of the number of players but the slider was hand coded to hook and alter the memory location.
I mean, it has A LOT of tools to analyze memory, to extend that you see connected values, or compare entire snapshots of memory. It trivial to overcome such style of protection
You are a very fair Demi-God, Thor.