Table Of ContentGet Inside the Game
G
a
Game Hacking
m
e
H
You don’t need to be a wizard to transform a You’ll even discover the secrets behind common
a
game you like into a game you love. Imagine game bots, including:
if you could give your favorite PC game a more c
informative heads-up display or i nstantly col- 💎 Extrasensory perception hacks, such as k
wallhacks and heads-up displays Developing Autonomous Bots
lect all that loot from your latest epic battle. i
n
Bring your knowledge of Windows-based 💎 Responsive hacks, such as autohealers and
g
combo bots
development and memory management,
and Game Hacking will teach you what you for Online Games
💎 Bots with artificial intelligence, such as
need to become a true game hacker. Learn
cave walkers and automatic looters
the basics, like reverse engineering, assembly
D
code analysis, programmatic memory manip- Game hacking might seem like black magic,
e
ulation, and code injection, and hone your but it doesn’t have to be. Once you understand v
e
new skills with hands-on example code and how bots are made, you’ll be better positioned l
o
practice binaries. to defend against them in your own games.
p
Journey through the inner workings of PC i
n
Level up as you learn how to:
games with Game Hacking, and leave with a g
deeper understanding of both game design A
💎 Scan and modify memory with Cheat u
and computer security.
Engine t
o
n
💎 Explore program structure and execution About the Author o
flow with OllyDbg m
o
Nick Cano wrote his first scripts for open source
💎 Log processes and pinpoint useful data files u
game servers when he was 12 and has been s
with Process Monitor
a part of the game-hacking community ever B
💎 Manipulate control flow through NOPing, since. He has years of experience in detecting ot
hooking, and more and defending against malware, and advises s
developers and designers on best practices f
o
💎 Locate and dissect common game memory to protect their games against bots. Nick has r
structures spoken about his research and tools at many O
n
conferences. l
i
n
e
G
WARNING! This book does not condone piracy, violating the DMCA, infringing copyright, or breaking in-game Terms of
a
Service. Game hackers have been banned from games for life, sued for millions of dollars, and even jailed for their work. m
e
s
THE FINEST IN GEEK ENTERTAINMENT™
www.nostarch.com
Cano
$44.95 ($51.95 CDN) Shelve In: ComputerS/SeCurIty Nick Cano
Foreword by Dr. Jared DeMott
Game HackinG
G A M E
H A C K I N G
Developing Autonomous
Bots for Online Games
by Nick Cano
San Francisco
Game HackinG. Copyright © 2016 by Nick Cano.
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means,
electronic or mechanical, including photocopying, recording, or by any information storage or retrieval
system, without the prior written permission of the copyright owner and the publisher.
Printed in USA
First printing
20 19 18 17 16 1 2 3 4 5 6 7 8 9
ISBN-10: 1-59327-669-9
ISBN-13: 978-1-59327-669-0
Publisher: William Pollock
Production Editor: Laurel Chun
Cover Illustration: Ryan Milner
Interior Design: Octopod Studios
Developmental Editor: Jennifer Griffith-Delgado
Technical Reviewer: Stephen Lawler
Copyeditor: Rachel Monaghan
Compositor: Laurel Chun
Proofreader: Paula L. Fleming
Indexer: BIM Creatives, LLC
For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly:
No Starch Press, Inc.
245 8th Street, San Francisco, CA 94103
phone: 415.863.9900; info@nostarch.com
www.nostarch.com
Library of Congress Cataloging-in-Publication Data
Cano, Nick, author.
Game hacking : developing autonomous bots for online games / by Nick Cano.
pages cm
Includes index.
Summary: "A hands-on guide to hacking computer games. Shows programmers how to dissect computer
games and create bots to alter their gaming environment. Covers the basics of game hacking,
including reverse engineering, assembly code analysis, programmatic memory manipulation, persistent
hacks, responsive hacks, and code injection."-- Provided by publisher.
ISBN 978-1-59327-669-0 -- ISBN 1-59327-669-9
1. Intelligent agents (Computer software) 2. Internet programming. 3. Internet games--
Programming. 4. Hacking. I. Title.
QA76.76.I58C36 2016
005.8--dc23
2015036294
No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other
product and company names mentioned herein may be the trademarks of their respective owners. Rather
than use a trademark symbol with every occurrence of a trademarked name, we are using the names only
in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the
trademark.
The information in this book is distributed on an “As Is” basis, without warranty. While every precaution
has been taken in the preparation of this work, neither the author nor No Starch Press, Inc. shall have any
liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or
indirectly by the information contained in it.
about the author
Nick Cano wrote his first scripts for open source game servers when he
was 12 and started a business selling his bots when he was 16. He has
been a part of the game-hacking community ever since and advises game
developers and designers on best practices to protect their games against
bots. Nick also has years of experience in detecting and defending against
malware, and he has spoken at many conferences about his research and
tools.
about the Technical Reviewer
Stephen Lawler is the founder and president of a small computer software
and security consulting firm. He has been actively working in information
security for over 10 years, primarily in reverse engineering, malware analy-
sis, and vulnerability research. He was a member of the Mandiant malware
analysis team and assisted with high-profile computer intrusions affecting
several Fortune 100 companies. Stephen also developed and teaches the
Practical ARM Exploitation class, which has been offered at BlackHat and
several other security conferences for the past five years.
BrIEf CONtENts
Foreword by Dr. Jared DeMott............................................ xv
Acknowledgments ....................................................xvii
Introduction.........................................................xix
PART 1: TOOLS OF THE TRADE
Chapter 1: Scanning Memory Using Cheat Engine...............................3
Chapter 2: Debugging Games with OllyDbg..................................23
Chapter 3: Reconnaissance with Process Monitor and Process Explorer ...............49
PART 2: GAME DISSECTION
Chapter 4: From Code to Memory: A General Primer............................65
Chapter 5: Advanced Memory Forensics ....................................97
Chapter 6: Reading from and Writing to Game Memory ........................119
PART 3: PROCESS PUPPETEERING
Chapter 7: Code Injection..............................................133
Chapter 8: Manipulating Control Flow in a Game.............................149
PART 4: CREATING BOTS
Chapter 9: Using Extrasensory Perception to Ward Off Fog of War ................189
Chapter 10: Responsive Hacks ..........................................203
Chapter 11: Putting It All Together: Writing Autonomous Bots .....................221
Chapter 12: Staying Hidden............................................245
Index ............................................................265
CONtENts IN D E tAIl
FORewORd by dr. Jared demott xv
acknOwLedGmenTS xvii
inTROducTiOn xix
Prerequisites for the Reader............................................xx
A Brief Game Hacking History..........................................xx
Why Hack Games? ................................................ xxi
How This Book Is Organized..........................................xxii
About the Online Resources...........................................xxiv
How to Use This Book...............................................xxiv
PaRT 1
TOOLS OF THe TRade
1
ScanninG memORy uSinG cHeaT enGine 3
Why Memory Scanners Are Important .................................... 4
Basic Memory Scanning.............................................. 4
Cheat Engine’s Memory Scanner........................................ 5
Scan Types................................................. 6
Running Your First Scan........................................ 6
Next Scans................................................. 7
When You Can’t Get a Single Result............................... 7
Cheat Tables ............................................... 7
Memory Modification in Games......................................... 8
Manual Modification with Cheat Engine ............................ 8
Trainer Generator............................................ 9
Pointer Scanning .................................................. 11
Pointer Chains ............................................. 11
Pointer Scanning Basics....................................... 12
Pointer Scanning with Cheat Engine .............................. 14
Pointer Rescanning .......................................... 17
Lua Scripting Environment............................................ 18
Searching for Assembly Patterns................................. 19
Searching for Strings......................................... 21
Closing Thoughts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Description:been a part of the game-hacking community ever since and advises game developers All of the example code in this book is written in C++ and.
