I was playing with the CheatEngine and saw that it can view all my string in a client side application. I wonder what should I do to make the cheat engine not see my string at runtime. I tried every kind of approach that I knew, but whenever I have a string CheatEngine can view it. I would like to prevent this, or at least the CheatEngine visualize encrypted strings instead.
How can I avoid cheat engine to see my strings at runtime
1.8k views Asked by Flávio At
2
There are 2 answers
10
Ludovic Feltz
On
Try to use SecureString class !
Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited.
Related Questions in C#
- How to call a C language function from x86 assembly code?
- What does: "char *argv[]" mean?
- User input sanitization program, which takes a specific amount of arguments and passes the execution to a bash script
- How to crop a BMP image in half using C
- How can I get the difference in minutes between two dates and hours?
- Why will this code compile although it defines two variables with the same name?
- Compiling eBPF program in Docker fails due to missing '__u64' type
- Why can't I use the file pointer after the first read attempt fails?
- #include Header files in C with definition too
- OpenCV2 on CLion
- What is causing the store latency in this program?
- How to refer to the filepath of test data in test sourcecode?
- 9 Digit Addresses in Hexadecimal System in MacOS
- My server TCP doesn't receive messages from the client in C
- Printing the characters obtained from the array s using printf?
Related Questions in .NET
- file download method in visual studio 2017
- Repository manager receives the wrong connection string in .net core
- MongoDb not connecting C#
- The current .NET SDK does not support targeting .NET Core 6.0. Brand new WPF Project VS Community 2022 17.9.5
- Why Scanning GSI on DynamoDb doesnt work as fast as expected when using CONTAINS?
- Are "blittable types" really unmanaged types for StructLayout Sequential
- Failed to fetch dynamically imported module on Blazor JS Interop
- Problem to upload several images per one request
- Implementing Azure AD B2C Authentication in .NET 8 Blazor Project (RenderMode: InteractiveAuto)
- Stripe connect payout - throws exceptions
- 'IOException: The cloud file provider is not running', when trying to delete 'cloud' folder
- Azure Application Insights Not Displaying Custom Logs for Azure Functions with .NET 8
- Convert C# DateTime.Ticks to Bigquery DateTime Format
- Socket.io nodejs server .NET connection
- Producer Batching Service Bus Vs Kafka
Related Questions in ANTI-CHEAT
- Is xxh64 hash suitable for file integrity check?
- How can I check that my Android app is not tampered with during runtime?
- Memory Access Control in Windows Memory Management
- Python Process Memory Detecting
- How could I detect if pyinput is being used on a Windows machine via remote desktop protocol?
- How to get notified when a new handle to my process is opened with OpenProcess from a foreign process?
- How can I detect Mouse Click simulated by SendMessage or PostMessage?
- Pointer base address/offset obfuscation as an anti-cheating measure in games?
- Preventing cheat in a clicker game in web
- Detect (or forbid) game bar within browsers
- How to use macro in an anti-cheat protected MMO?
- (C#) Why are the in-Game values not changed by my program?
- Is it possible to check through a browsers (javascript) if a user being controlled by a rtp
- Custom event: Instance trash mob requirement for quest completion
- How detect Cheat Engine?
Related Questions in CHEAT-ENGINE
- How to find a sequence of bytes on the target program from my injected dll?
- AOB scan wildcrad generaor
- Lua change string using a loop
- How to read wildcards in python?
- How would I go about finding an alternative to obtaining a static pointer address?
- Cheat engine address to Intptr?
- Memory Access Control in Windows Memory Management
- Where is the difference between those two Assembly code snippet's?
- How do you set new values to every address you find in gdb with "find" at once?
- Pymem doesn't read the right values while CE does
- why break point not work when using CE(cheat engine) to debug a game in Android emulator?
- How to block a MessageBox with IDA?
- If then how to use ReClass here without having to use a 1 gb padding?
- Search In Memory Using X32dbg
- Could not read memory at: 28, length: 4 - GetLastError: 299
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
What you are asking for is very difficult to accomplish, correctly.
Many will point out that the
SecureStringclass can be used to keep strings that are in-memory safe. There are a lot of caveats to using a secure string.string, you could just copy it into the SecureString by looping over each character. That doesn't accomplish anything though, because the original string is still there. It might get garbage collected later, but garbage collection does not mean the string's memory is zeroed. You could use unsafe code or platform invoke to zero a string in the CLR. However if your string is interned, you might end up breaking your program.SecureStringsecurely, and ensure the source of the secure string is zeroed. You can't really do much with aSecureString. Not of lot of APIs can do anything with them. At some point, you need to convert them back to a plain old string, use the string, and zero it. If the underlying API does anything insecure, like make a copy of it, then you won't be able to know where the copy is. And for that brief period of time where the plain old string exists in memory, an engine that is constantly monitoring your process's memory can grab it.What I am really driving at here, is that protecting a process's memory from someone that has Administrative rights on the box is more-or-less impossible, and the .NET Framework complicates that matter. The CLR is designed to manage memory for you, which can run counter to your needs of explicit memory management.