Table of contents
  1. Intro
  2. A first look at the target
  3. Simple reverse engineering
  4. A more in-depth RE
  5. Coding the cheat
Simple Game Hacking

Microsoft reports that gaming is the third most common activity on their platform, right behind browsing the web and email: So it's a pretty big deal, playing game's fun. But what's even more fun is to go under the shell, understand how they work and ultimately make them work the way you want them to work.

There's three different major ways to create custom cheats/hacks for a game;

  • GUI based macro system
  • DLL injection
  • Connect as a debugger and use Read/-WriteProcessMemory

The first and most formal approach is a GUI based macro system, it's popular because it's the easiest for people to do. You sample pixels from the screen and determine what to do next based on the information you gather, for example: when you're at full health you know it's gonna be red right here on the screen. When you're not, when you're at half health it's not gonna be red so you heal. Very easy to do, you can build a bot like this in a couple of hours just because it's so easy to interact with.

The second approach is DLL injection, you inject a DLL into the remote targets process memory which instantly becomes a part of the process. While inside the memoryspace you can access all data directly, you can grab a copy of a structure in memory from a pointer without doing any translations or such. It's very convenient, which makes it the most popular way of botting technology.

The third approach is based on a system where you connect as an external debugger, you read data from the target process and store it in your local program. Then you calculate and do whatever you need to do before you write data to the remote process. This is a great method, a little less detectable than a DLL injection. The approach is slightly more of a pain in the ass though because you can't just grab a copy of a structure in memory by following a pointer in your local cheat, because it's not going to point to anything. So you have to translate everything from the remote process memory to your local cheat.

This tutorial will cover how to connect as a debugger in order to make a god mode cheat for a game called SinkSub Pro, the game is a great target for reverse engineering because the EULA it comes with does not forbid reverese engineering of the game. It only forbids you to distribute illegal full versions of the game, so we'll try to avoid that.

Semper Fidelis
© Copyright Warpzone Entertainment 2012 - all rights reserved