Hacking Online Games using C# Scripting

Gamers do it Theoretically. But, Hackers always Win.

Is it Illegal? Yeah, you don’t own the game, you own the right to play the game. So, yes, it’s still unconstitutional. … It can be okay and a learning opportunity if the game is on your own device or game machine and you are not cheating to bypass copy protection or pirate the program, so if it is online, it is certainly a no no.

As trainers, video game hacks are best understood. Some trainers allow the player to make improvements to the character of the video game they control, making it stronger or invincible. Others make improvements to the world of video games itself. To trigger the trainer, you may have to run a secondary program along with the game.

Uh, hacks. Hacks in sports, as in life, are just easier ways of doing stuff. Without actually cheating or using exploits, they can help you collect resources or advance more quickly in a game. Hacks are not necessarily hacking, but they take shortcuts or know how to allow extremely effective use of the game interface.

Aimbots are one of most common hacking techniques, since they allow players to fire opponents without having to aim carefully. Under Online Multiplayer Games rules, the use of targetbot software is banned and cheaters face locking and losing their account if they are caught using it.

There are various tools that can be used to automate the hacking process of any game from android to PC. But using tools is one thing, Doing some hands on coding and scripting and using them for cheating is another thing. That is real Hacking. You cannot be a Real Hacker when you use Game Guarding. It may hurt your feelings. Right? I don’t care. Grow Up.

Prerequisites:

First of all we need a game. The game I select is AssaultCube. AssaultCube is a FREE, multiplayer, first-person shooter game, based on the CUBE engine. Taking place in realistic environments, with fast, arcade gameplay, it’s addictive and fun! With efficient bandwidth usage, it’s low-latency and can even run over a 56 Kbps connection. It’s tiny too, weighing in at a lightweight about 50 MB package available for Windows, Mac and Linux. On the correct settings, it can even run on old hardware (Pentium III and above).

Download : https://assault.cubers.net/

This game is simple and we can test our scrips without any consequences. [Like getting Banned]

Then we need VAMemory — C# Memory Class .NET 3.5. This can be used to Read/Write Process Memory in other threads in order to create trainers, bots etc. This can also being used for bypass anti-cheat mechanisms. Lets talk about them later.

Download : https://vivid-abstractions.net/logical/programming/vamemory-c-memory-class-net-3-5/

Finally we need our beautiful IDE Visual Studio.

Here we are using something called base address & offset. It is a topic for another article. Here I’m just using the hardcoded values as base address and offset values. From below link you can have a good idea about what are those terms.

First of all lets see the game and what we can do.

This is the game interface. It is simple. First change the display settings and disable full screen function. We need the game on a window only. If you want disable the music. Its kind of annoying. 😐

We are going to attack on our health. It’s now on 100 and when we play online we get shot and health is decreasing. Lets make us invincible. We will never die and we can kill them all easily.

Lets start a new project in VS. It must be a Console App (.NET Framework)

If it is not available, Download it from Visual Studio Installer. C# is under .NET Desktop Development category.

Then we have to add our previous downloaded VA Memory DLL file into the references. To do that, Go to the solution Explore and right click on references and browse for the file location. It is that simple.

Then click OK.

After that simply add system.Threading library to the library list on the top of our script.

Then we need to have the offset values. To have it we can use various methods. Such as Using Cheat Engine. Its for another tutorial. This time those are the offset values for base and health.

base: 0x00509B74

health: 0xF8

Then we need to create two public static variables for base value and health value.

Then we have to find the AssultCube client using our VA memory resource.

Here the process name is ac_client. We can have it by running the game and observing the running processes. Remember to not add .exe extension at the end of the process.

Then we have to access the Health. To do that we need to call base address and the offset same time. Lets do it.

Then we can modify the pointer value of the health offset by simply running this while loop inside the main function.

Thats All. :) Just start the game and run the script from the background. You can see the magic happens.

Look at our Health. It changed from 100 to 9999. Amazing. Isn’t it? Go on. Be a hero online.

No. A big No. Lot of online multiplayer games are currently using anti-cheat engines to detect who is cheating and who is not. Using this method you cannot bypass a bigger preventive mechanisms. But you can try it on your favorite single player games. You can try this on missions that you were unable to complete for a long time. You just need the knowledge about offset values that you can have by Internet Digging.

Here is the github repository:

Stay Home. Stay Responsible. Stay Drunk. :)

Happy Hacking !

Written by/Chamod Wijetunga - Information Security Analyst [Intern] at CryptoGen- 3rd Year 2nd Semester -Cyber Security Student-SLIIT

First they begin with Us..