Results tagged “game” from Just Another Hacker

Game hacking - Hex editing memory

|
Only a few days after I posted my Hex editing save game tutorial, kees over at codeblog posted a quick recounting of how he hacked a game by hex editing the memory on linux.

If you liked my article you should find this interresting, http://www.outflux.net/blog/archives/2011/02/05/fun-with-game-memory/.

January tutorial

|
Last months tutorial ran a little over time. It was game related as it was written during winter-een-mas, but it is finally online without too many spelling mistakes.

The January tutorial is:
Game hacking - Hex editing save games
Before the internet most people would get their cheat codes from gaming magazines, gaming guide books or a BBS. In my circle writing walk throughs and cheat sheets for games and posting them to "our" BBS was the quickest way to fame. Modifying your save games to gain endless wealth or lives is very simple as still a valid technique today, and I'm going to show you how to do it.

In order to follow this "tutorial" you will need five things:
  1. A computer
  2. The internet (to read this article and download software)
  3. A hex editor (I use HxD)
  4. A game where you can save your progress
  5. Basic understanding of hex (or this cheat sheet)
For my tutorial I am using the free game Decker. It is a "hacking" game based on neuromancer/shadowrun. Grab a copy from http://www10.caro.net/dsi/decker/, microwave some popcorn and lets have from fun.

So lets fire up decker, choose to start a new game then pick your character's name and image. Then as soon as we enter the game, save it. I named mine "first-save.dsg". This is your baseline file to compare against.
decker-character-initial.pngdecker-spend-some-cash.PNG
Next enter the shop and spend some of your $100 starting money. Then save the game again. This time I named mine "spent-money.dsg". Now comes the fun part, open both dsg files in HxD and use the Analyse->Compare->File compare operation (ctrl+k).

Here is where some basic hex knowledge comes in handy, we know we started with $100 (xx in hex) and you should know how much money you had left in your second save game. If the changes matches both values then you should have the right offset.
decker-compare-files-money-offset.png

Now we change this value to FF FF to give ourselves a decent amount of cash. Open decker again and load your modified save game to confirm that you have $65535 (FF FF = 65535). Now you have the option of spending this money, if you do then remember to save a new base line file for comparing against before you do the next step.

decker-compare-files-changed-money-offset.png
decker-character-richguy.png

Next it's time to do a mission, I picked a simple IO mission and found the controlling node right away. I disabled the alarms and disconnected from the matrix. This gained me a skill point. This is a great time to save a baseline file (which I didn't) and then you can load it and reuse it to find the offset for each skill. However I spent it right away on stealth. I then saved the file and opened spent-money.dsg and sneaky-guy.dsg in HxD to do a file compare. This time there was more than one change.
decker-mission-success.pngdecker-sneaky-guy.PNG

decker-compare-files-sneaky-first-change.png
The first change is in an offset we know is money.

decker-compare-files-sneaky-second-change.png
The second change is unknown to us, and although it has changed in value by 1, it does not match the before and after values we expect.

decker-compare-files-sneaky-third-change.png
The third change has the right values in the before and after files. I changed the offset to FF ,saved the file and opened it up in decker. With a stealth skill of 255 you don't have to upgrade your gear or software to complete missions with ease.
 
decker-hacked-stealth.png

However, it would be nice with some symmetry between the skills, hardware and software levels. I'll leave that as exercise for you.

Here are some other offsets you might want to change:
[ Character stats ]
00000010 06-08 = Money
00000010 0A = Lifestyle (00-04)
00000020 02 = Mission success/failure tracking value (for next attribute point?)
00000020 06 = Attack attribute/skill
00000020 0A = Defense attribute/skill
00000020 0E = Stealth attribute/skill
00000030 02 = Analysis attribute/skill
00000030 06 = Programming attribute/skill
00000030 0A = Chip design attribute/skill
[ Cyber deck stats ]
00000100 0D = CPU Rating
00000110 02 = Attack firmware
00000110 06 = Defense Firmware
00000110 0A = Stealth Firmware
00000110 0E = Analysis Firmware
00000120 02 = Coprocessor

Challenge:
Can you find the offset for your softwarelevels, loaded and autoload settings?


















Security roulette

|
I had some spare time, so I created a little game. I've called it security roulette. The object is to find as many web application security flaws as you can in a given number of websites in a limited timeframe.The number of websites is determined by google and the time limit is self imposed or agreed to if you are challenging someone.

I wrote a quick mashup to help you play. The scorecard could probably use some tweaking. My suggested house rule is "no browser plugins or third party applications allowed".

Security roulette

|
Security roulette is a simple game I have made up, the instructions are provided once you start. Use the form below to get started.

Game hacking - Number theory

|
For my second wintereenmas article I look at game hacking through number theory. This is a huge subject, even without hacking, but I focused on two of the most common techniques that I have been able put to extensive use. You can read the full article here.


Game hacking - Number theory

|
In most games there is a fair amount of mathematics involved. It may not always seem that way, but the numbers are there, you just have to find them. Now you don't have to be a mathematics expert to take advantage of numbers theory to cheat or win at games. Quite often you only need a single advantage to take you to the winning side. Although some of this will be applicable to board games, or MMORPS I am basing this article around browser based games. To illustrate I will use a fictional rpg game where I play an angry axe wielding barbarian. Lets call it browsercraft...

Negative numbers


Using negative numbers is the easiest way to gain an advantage in a game. It is based on the idea that subtracting a negative number from the product will add the subtraction to the product. Case in point: 2 - -2 = 4. The easiest way to abuse this in a game is to use a buy/sell screen. Most games have a buy/sell feature, although not all are susceptible to negative numbers.

In my fictional game I started out as you do in most games with little money or equipment. My 100 starting coins could only buy me a single healing potion. How boring is that? Luckily the game developers aren't familiar with negative numbers so the first thing I did was buy -1000 potions at 100 coins each. BAM! now I have 100100 coins (100 -(-1000*100)). Enough to buy all the top gear right off the bat.

Decimal points


The abuse of decimals is based around the fact that most games deal in complete numbers (integers) and most calculations performed result in decimal numbers (floating point). Sometimes you will be able to combine multiple decimals to tip the total over, other times you can use decimals to reap the rewards from the magic space between integers. I will give you a simple example:

Cash exchange
In "browsercraft" you can exchange gems for coins. However as you can only possess whole gems the calculation turns your number of gems sold into an integer (discarding decimal points) whilst the gems to coins conversion does not. So after an adventure my barbarian has 5 gems in his possession, each gem can be exchanged for 100 coins each. However, my barbarian will be using decimal points to extract more than the 500 coins it would normally exchange for. When asked how many gems to exchange I enter 0.9 as the amount of gems to exchange. This converts to 0.9 * 100 = 90 coins while subtracting 0 gems from my inventory (the .9 is discarded). Free cash!

There are also several other number techniques that are valuable when playing games. With or without being cheats. If there is enough interest I will write a follow up post where I cover techniques such as:
  • Overflows
  • Underruns
  • Reverse engineering formulas
  • Optimal paths

For my first wintereenmas based post I have decided to share a farmville cheat. It takes advantage of a timing overlap when visiting a neighbours farm. After you click to visit a neighbours farm, but before the help a friend window appears click to visit the same neighbour again. Again, before the help a friend window appears click to visit the neighbours farm. Keep visiting the neighbour before the window appears. It will load overlapping help a friend windows which you can then repeatedly click for endless, instant amounts of 5xp and 20 gold. Granted the gold isn't that much, but the xp quickly adds up.

How the cheat works should be made quite clear in this video I recorded on a new account (you have to complete the tutorial for this to work);

The cheat no longer works as displayed in the video. If you log back into the account you will be level 0. Publishing the links for leveling may let the neighbours of the cheating farmer get the leveling bonus. Gifting may also work. I haven't bothered testing. You can keep going indefinitely, I just stopped because I hit a lag spike.
No Clean Feed - Stop Internet Censorship in Australia
Creative Commons License
This weblog is licensed under a Creative Commons License.