Launching HTB CWEE: Certified Web Exploitation Expert Learn More

Game Reversing & Modding

This module serves as a follow-up to the Game Hacking Fundamentals module. You will learn how to persist Cheat Engine Scripts by scanning for byte arrays, editing game assemblies, utilising runtime hooking to modify games, and tampering with game network traffic using Burp.

4.80

Created by PandaSt0rm

Medium Offensive

Summary

Game Reversing & Modding is an evolution of the first module, Game Hacking Fundamentals, where we start to explore more practical and complex techniques to hack games:

  • An overview of Arrays of Bytes (AoBs) and their significance in game hacking. Scripting AoBs in Cheat Engine and a look at commercial game engines, focusing on Unity, Unreal Engine, and Godot—a look into Unity's IL2CPP, its functionality, and how it affects game security.
  • The art of obfuscation encompassing techniques like name obfuscation, string encryption, and control flow obfuscation to fortify software security.
  • Examine external and internal game hacks, understanding their unique features, applications, and methodologies.
  • Insights into software libraries specifically focusing on understanding binaries and dynamic link libraries (DLLs).
  • C# events and attributes
  • Exploring the realm of game modifications, diving into their history, types, and multiple strategies for crafting mods.
  • A look at DnSpy, a potent tool designed for analysing and altering dotnet binaries. Utilising DnSpy, we will reverse-engineer a game, modifying it to transform the game environment.
  • An introduction to runtime hook libraries like BepInEx and their importance in game hacking, coupled with implementing a library to inject into a game and modify its environment.
  • Game networking fundamentals, highlighting peer-to-peer vs. client-server models, understanding latency, prediction, interpolation, handling packet loss, matchmaking, scalability, and network security intricacies.
  • A thorough examination of man-in-the-middle (MITM) attacks, their methodology, and preventive techniques, both generally and specific to gaming. We'll finalise with a practical approach to MITM game hacking, focusing on setup, analysis, and manipulation of a game’s HTTP calls.

Important Requirements:

  • This module is paired with several video games; you will require a laptop or a desktop computer with a GPU (Graphics Card). The Intel HD 4600, AMD HD 6570 or GeForce 9600GT should be considered the bare minimum to get playable performance out of the game. You can try resizing the game to smaller dimensions if you are experiencing crippling performance.
  • If you want to run it in a Virtual Machine, VMWare Player is preferred over VirtualBox for Virtualization on Windows and Linux and Parallels on ARM Macs. Be sure to enable GPU Acceleration in the VM settings where applicable.
  • It’s recommended to go through the Introduction to C# module, understand the C# language, and set up the dotNet SDK on the machine.
  • For some of the games, your machine will require OpenVPN installed to connect to the academy lab VPN to interact with the labs.

Introduction

The Game Hacking fundamentals module introduced fundamental game-hacking concepts, such as understanding and manipulating memory. It ended with introducing some basic code injection concepts and techniques.

In this module, you will delve deeper into the world of game hacking and explore more advanced tools and techniques to manipulate games. Building on the fundamental concepts covered in the previous module, you will gain a deeper understanding of game internals and learn how to leverage that knowledge for more complex objectives.

We will examine Arrays of Bytes (AoBs) and their role in game hacking. We will also explore scripting AoBs in Cheat Engine and look at different commercial game engines such as Unity, Unreal Engine, and Godot. Next, we will delve into Unity's IL2CPP and understand how it works and impacts game security.

Obfuscation is a crucial aspect of software security and is used extensively so we will explore different obfuscation techniques, such as name obfuscation, string encryption, and control flow obfuscation.

Next, we will introduce you to DnSpy, a powerful tool for analysing and modifying dotnet binaries. We will reverse a game to modify it to change the game environment.

We will briefly examine external and internal game hacks, exploring their differences, various applications and approaches. We will explore software libraries, understanding binaries, and dynamic link libraries (DLLs).

C# Events and attributes play an important role in understanding unity game hacking so we will explore delegates, events, and attributes.

Next, we will explore game modifications, their history, types, and the various approaches to creating mods. We will also introduce you to runtime hook libraries like BepInEx and their application in game hacking and then implement a library to inject into a game to alter the game.

Game networking is another aspect we will explore, including the fundamentals of game networking, peer-to-peer vs client-server models, latency, prediction and interpolation, handling packet loss, matchmaking, scalability, and network security.

We will also discuss man-in-the-middle (MITM) attacks, their execution, and mitigation techniques in general and within the gaming context. Finally, we will explore man-in-the-middle game hacking, including setting up, analysing, and tampering with a game’s HTTP calls.

Sign Up / Log In to Unlock the Module

Please Sign Up or Log In to unlock the module and access the rest of the sections.

Sections