• Advertisement
Sign in to follow this  
  • entries
    570
  • comments
    2427
  • views
    216335

Untitled

Sign in to follow this  

124 views

Today I was goofing around with CheatEngine some more, simply because I find it interesting how easy it is to hijack code. So Hippo and I were mucking around in a certain game (both with CE open), and of course, the first thing I started looking for was the address of the health.

It only took a couple minutes to find it, and freezing the value in memory only kind of worked - since Hippo was hosting the game and the health, technically, is kind of done on the server-side my frozen value didn't really do all that much. Dur dur.

But I needed my godmode, because Hippo was using a speedhack and flying around the map. So I click another button, and find the code which writes to that value in memory. Bingo - two instances. So I hop over to the first one and open up the assembly. Now, I know hardly anything about ASM, but I see a jmp (well, it wasn't a jmp, it was the short-jump thingy, can't remember the opcode for it) and decide to cut the branch. This is basically as simple as setting the Zf flag in the register. So I ticked the box.

I go back in-game, and to my delight, Hippo's attacks no longer deal damage. Why? Because I killed some part of the collision check process. Whoo whoo.

At this point, the server started to lose stability (we were mucking around a lot), but Hippo (being the host) also managed to warp himself around the map (by changing his local position, since he was the host it worked; I doubt it would have worked for me, a client), give himself unlimited ammo/energy, and a couple of other things.

Now, I'm not an experienced hacker, and Hippo had never used CheatEngine before, and yet we were able to completely tear apart this game in about an hour. Sure, a lot of the data was maintained by the server, but a huuuge problem with game developers these days is that they really don't know how to prevent cheats, simply because they don't know how its done.

I would therefore encourage everyone to go and pick up a copy of CheatEngine, just to see the tools of the trade. I don't encourage using said tools in a manner other than educational purposes, however, many people who play your games will not share the same restraint Hippo and I have.

As Sun Tzu once wrote, "To know your Enemy, you must become your Enemy."
Sign in to follow this  


3 Comments


Recommended Comments

Memory editing is only the tip of the iceberg. You also get into the realm of OpenGL / DirectX and client hooks when you get into dealing with the real game-hackers. It's not as easy as one would think to prevent this, but as you said there are some simple things developers can do to make it more difficult to cheat in games.

Share this comment


Link to comment
Depends on the genre. For fast-paced FPS games, yeah, that's going to be a problem (read: wallhack). But for other ones (MMORPG Platformer) a memory editor is going to be much more dangerous.

The choice of tools comes down to what's available, what exploits are left open, and what was overlooked in development. I could argue that, in some situations, a buffer overflow exploit can be much more devastating than some API hijack (like, putting a "crash string" in the lobby of the online game server).

In any case, the point is clear: As developers, we should all be familiar with the tools and techniques used in hacking our own software. Because if we don't know what we're fighting, we won't know how to defend against it.

Share this comment


Link to comment
I would agree with you that memory editing is far more dangerous in m(m)orpg's. Having had a large hand in the fps game-hacking scene though, I was referring moreso towards that end :P. I don't tend to play too many mmorpg's.

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Advertisement