|
Game trainers are programs made to modify memory of a computer game thereby modifying its behavior using addresses and values, in order to allow cheating. It can "freeze" a memory address disallowing the game from lowering or changing the information stored at that memory address (e.g. health meter, ammo counter, etc.) or manipulate the data at the memory addresses specified to suit the needs of the person cheating at the game. ==History== In the 1980s and 1990s, trainers were generally integrated straight into the actual game by cracking groups. When the game was first started, the trainer loaded first, asking the player if he/she wished to cheat and which cheats would like to be enabled. Then the code would proceed to the actual game. These embedded trainers came with intros about the groups releasing the game and the trainer often used to showcase the skills of the cracking group demo coding skills,〔(【引用サイトリンク】title=Defacto2 Group Information Page for Fairlight )〕 some of these groups focus entirely on their demoscene today〔(【引用サイトリンク】title=Razor1911 group demos )〕 In the cracker group release lists and intros, trained games were marked with one or more plus signs after them, one for each option or cheat in the trainer, for example: ''"the Mega Krew presents: Ms. Astro Chicken++"''. Modern trainers append their titles with a single + or writing "plus" and a number, as many have several functions. The number used represents the number of modifications the trainer has available, e.g. 'infinite health' or 'one hit kills'. Another difference is the inclusion of game version or digital download source of game. For example: "Hitman Absolution Steam +11 Trainer", "F.E.A.R 3 v 1.3 PLUS 9 Trainer" etc.〔(【引用サイトリンク】title=GCW list of trainers )〕〔(【引用サイトリンク】title=Listing by the famous scene trainer making group DVT )〕 Modern trainers also come as separately downloadable programs; instead of modifying the game's programming directly, values stored in memory are changed. In fact this has become such a norm now that trainers today by definition only modifies memory and any modification to the game exe is frowned upon and not considered a true trainer but a patch instead. With object-oriented programming the memory objects are often stored dynamically on the heap but modern operating systems use address space layout randomization (ASLR). Therefore, the only way to modify such memory in a reproducible manner is to get information from inside the game process. This requires reverse engineering methods like API hooking of malloc() and free(), code injection or searching for static access pointers. The trainer gets active when the object has been allocated and deactivates itself again when the object is freed. Modern operating systems also come with position-independent executables (PIE) for security. Together with ASLR, the binaries are loaded to a different virtual memory address each code execution. This makes the reliable modification of static memory values more complex. The load address has to be determined and subtracted from a found memory address to obtain a static memory offset. This offset is often exactly the address of the static variable within the PIE binary. E.g. the Linux tool scanmem supports PIE this way.〔(【引用サイトリンク】title=Scanmem: introduce region type and load address support )〕 For the configured memory offset the game trainer determines the load address as well and adds it back during run-time. The same method can be used for dynamic libraries as well. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Trainer (games)」の詳細全文を読む スポンサード リンク
|