I was playing with the CheatEngine and saw that it can view all my string in a client side application. I wonder what should I do to make the cheat engine not see my string at runtime. I tried every kind of approach that I knew, but whenever I have a string CheatEngine can view it. I would like to prevent this, or at least the CheatEngine visualize encrypted strings instead.
How can I avoid cheat engine to see my strings at runtime
1.8k Views Asked by Flávio At
2
There are 2 best solutions below
10
Ludovic Feltz
On
Try to use SecureString class !
Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited.
Related Questions in C#
- Passing arguments to main in C using Eclipse
- kernel module does not print packet info
- error C2016 (C requires that a struct or union has at least one member) and structs typedefs
- Drawing with ncurses, sockets and fork
- How to catch delay-import dll errors (missing dll or symbol) in MinGW(-w64)?
- Configured TTL for A record(s) backing CNAME records
- Allocating memory for pointers inside structures in functions
- Finding articulation point of undirected graph by DFS
- C first fgets() is being skipped while the second runs
- C std library don't appear to be linked in object file
- gcc static library compilation
- How to do a case-insensitive string comparison?
- C programming: Create and write 2D array of files as function
- How to read a file then store to array and then print?
- Function timeouts in C and thread
Related Questions in .NET
- Does compiler optimize operation on const variable and literal const number?
- What is the point of definnig Asp.net Intrinsic Objects In different places and what is the different betwen them?
- Deleting Orphans with Fluent NHibernate
- IOrderedEnumerable to vb.net IOrderedEnumerable Conversion
- What is this namespace ITypeOfObjectsBoundToListBox ? Couldn't find it
- .net rest service with JSON string and consumed with java client
- What is best way to check if any of the property of object is null or empty?
- Telerik's WPF RadColorPicker NoColorText property not working
- Possible consequences of duplicate ProgId for different classes
- How are multiple requests to Task.Run handled from a resource management standpoint?
- Optimizing C++ call from C#
- Make a per-web-application object available to Web API and SignalR controllers
- System.ComponentModel.DataAnnotations.Schema namespace conflict
- LINQ Except/Distinct based on few columns only, to not add duplicates
- Not displaying content by its URL string - absolute urls
Related Questions in ANTI-CHEAT
- Android Games: Strategies to Defeat Memory Editors for Cheating
- Web service for UTC time to prevent mobile game cheating
- What are the most effective methods to detect bot application presence/activity (client-side)?
- How to prevent Rooted Android Phones from Installing my app?
- How can I avoid cheat engine to see my strings at runtime
- Memory Access Control in Windows Memory Management
- iPhone hardware & user timers getting out of sync over time
- Howto take latency differences into consideration when verifying location differences with timestamps (anti-cheating)?
- cheat prevention for browser based xmlhttp/js/perl/php game
- Send data from server based on player position
- Using memcpy to clone an entire region of memory into my own
- How could I detect if pyinput is being used on a Windows machine via remote desktop protocol?
- Custom event: Instance trash mob requirement for quest completion
- TruePlay interface
- Securing WebGL game code
Related Questions in CHEAT-ENGINE
- How do I get the (physical) baseaddress of an .DLL used in a process?
- Using Cheat Engine to accelerate time in a Flash program
- cheat engine debug breakpoint on IDA function addresses
- Some confusion with cheat engine function address and IDA subrutine
- Click Event On Object Created Using WINAPI in CE Lua
- Can i find memory adress of moving or making actions in games
- find out what instructions write to this memory address olly dbg cheat engine
- How can I avoid cheat engine to see my strings at runtime
- Where is the difference between those two Assembly code snippet's?
- Memory Access Control in Windows Memory Management
- Cheat engine address to Intptr?
- Does GDB support deductive memory scanning, like Cheat Engine?
- Executing function in other process through dll injection
- Why is id different through id() and through the cheat engine?
- How to read register values at specific instructions in C++ like Cheat Engine does?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
What you are asking for is very difficult to accomplish, correctly.
Many will point out that the
SecureStringclass can be used to keep strings that are in-memory safe. There are a lot of caveats to using a secure string.string, you could just copy it into the SecureString by looping over each character. That doesn't accomplish anything though, because the original string is still there. It might get garbage collected later, but garbage collection does not mean the string's memory is zeroed. You could use unsafe code or platform invoke to zero a string in the CLR. However if your string is interned, you might end up breaking your program.SecureStringsecurely, and ensure the source of the secure string is zeroed. You can't really do much with aSecureString. Not of lot of APIs can do anything with them. At some point, you need to convert them back to a plain old string, use the string, and zero it. If the underlying API does anything insecure, like make a copy of it, then you won't be able to know where the copy is. And for that brief period of time where the plain old string exists in memory, an engine that is constantly monitoring your process's memory can grab it.What I am really driving at here, is that protecting a process's memory from someone that has Administrative rights on the box is more-or-less impossible, and the .NET Framework complicates that matter. The CLR is designed to manage memory for you, which can run counter to your needs of explicit memory management.