Jump to content

Cheat Engine

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Zakblade2000 (talk | contribs) at 15:05, 22 March 2013. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Cheat Engine
Original author(s)Eric "Dark Byte" Heijnen
Developer(s)Open Source
Stable release7.5 (February 23, 2023; 15 months ago (2023-02-23)[1]) [±]
Repository
Written inLazarus, C (Kernel Module)
Operating systemWindows, Mac (in development)[2]
Available inEnglish
TypeReverse engineering, Debugging
LicenseAdaptive Public License
WebsiteOfficial Website

Cheat Engine, commonly abbreviated as CE, is an open source memory scanner/hex editor/debugger created by Eric Heijnen ("Dark Byte") for the Windows operating system..[3] Cheat Engine is mostly used for cheating in computer games, and is sometimes modified and recompiled to evade detection. This program resembles L. Spiro's "Memory Hacking Software", TSearch, and ArtMoney. It searches for values input by the user with a wide variety of options that allow the user to find and sort through the computer's memory. Cheat Engine can also create standalone trainers that can operate independently of Cheat Engine.Cheat Engine's latest version is 6.2.

Features

Cheat Engine can view the disassembled memory of a process and make alterations to give the user advantages such as infinite health, time or ammunition. It also has some Direct3D manipulation tools, allowing you to see through walls, zoom in/out and with some advanced configuration allows Cheat Engine to move the mouse for you to get a certain texture into the center of the screen. This is commonly used to create aimbots.

Cheat Engine can inject code into other processes, but doing so can cause anti virus software to mistake it for a virus. There are versions that avoid this false identification at the cost of many features (those which rely upon code injection). The most common reason for these false identifications is that Cheat Engine makes use of some techniques also used in trojan rootkits to gain access to parts of the system, and because some executable files are too small (16KB or less), and therefore get flagged as suspicious. Newer versions of Cheat Engine are less likely to be blocked by anti virus programs so features like code injection can be used without problems.

Cheat Engine can produce Game Trainers from the tables. This feature was removed prior to versions 6.1 but has been implemented in version 6.1 and onwards. Trainers generated by Cheat Engine are heavily bloated and slow and are mainly used for test purposes, however, they have been used by famous trainers groups too for their releases.[4]

Coding

Two branches of Cheat Engine exist, Cheat Engine Delphi and Cheat Engine Lazarus. Cheat Engine Delphi is primarily for 32-bit versions of Windows XP. Cheat Engine Lazarus is designed for 32 and 64 bit versions of Windows Vista. Cheat Engine is, with the exception of the Kernel Module, coded in Object Pascal.

Cheat Engine exposes an interface to its device driver with dbk32.dll, a wrapper that handles both loading and initializing the Cheat Engine driver and calling alternative Windows kernel functions. Due to a programming bug in Lazarus pertaining to the use of try and except blocks, Cheat Engine Lazarus had to remove the use of dbk32.dll and incorporate the driver functions in the main executable.

The Kernel module, while not essential to normal CE use can be used to set hardware breakpoints and bypass hooked API in Ring 3, even some in Ring 0. It is compiled with the Windows Driver development kit and is written in C.[5]

Cheat Engine also has a plugin architecture for those who do not wish to share their source code with the community. They are more commonly used for game specific features, as Cheat Engine's stated intent is to be a generic cheating tool These plugins can be found in several locations on the cheat engine website, and also other gaming sites.[6]

Cheat Engine Lazarus has the ability to load its unsigned 64-bit device driver on Windows Vista x64 edition, by using DBVM, a virtual machine by the same developers that allows access to kernel space from user mode. It is used to allocate nonpaged memory in kernel mode, manually loading the executable image, and creating a system thread at DriverEntry. However, since the DriverEntry parameters are not actually valid, the driver must be modified for DBVM.

References

  1. ^ https://github.com/cheat-engine/cheat-engine/releases/tag/7.5
  2. ^ "Port To Mac". Retrieved 17 June 2011.
  3. ^ "About Cheat Engine". www.CheatEngine.org. Retrieved 2008-03-20.
  4. ^ "CE Trainers Mass Use". Deviated Trainers. 2012-05-18. Retrieved 2012-05-18.
  5. ^ Valk, Kevin (2008-12-20). "Cheat Engine - Trac - compileinfo.txt". Cheat Engine trac. Retrieved 2008-03-20.
  6. ^ "Contributing to CE". Cheat Engine forums. 2007-01-24. Retrieved 2008-03-20.

External links

Retrieved from "https://en.wikipedia.org/w/index.php?title=Cheat_Engine&oldid=546306534"