Reverse Engineering

Associated Website: Click here



Published on: October 2016

I've been reversing seriously in C++ for about a year, all of which has been external process memory reading (and a little bit of writing). My current external skill set is in transparent overlays, Direct2D, and array of byte pattern scanning. Through general software updates which will change where specific parts of a program are located in memory, along with various software protections such as ASLR, pattern scanning targets specific x86 instructions where I expect certain things to exist. This could be a pointer to an entity list or a viewmatrix table near a unique series of jumps or comparisons.



Although the video game Counter-Strike continually receives updates, the patterns in the last version of my hack lasted for 9 months. During this time I was able to consistently find and grab data without needing to change as the game changed. Another first-person shooter which I reversed is a game called Paladins. As one of the first reversers, I was able to have some brief commercial success by writing an Aimbot and Wallhack before the game developers gave up and opted to use a third-party anticheat. As the game uses Unreal Engine which is open source, I made pretty good use of the world to screen translation code. I did have to write some of my own field-of-view calculations and although my math is relatively poor, the end result looked pretty good.

Over the next year I plan on learning and working more with injection, swap chains, and vmt table hooking. Additionally I'd like to look into writing anticheat bypasses. This interest was sparked while testing Blizzard's Overwatch game which appears to be using ntdll's dbguiremotebreakin to prevent debuggers. I was able to rewrite some instructions to prevent the game from closing, however it was stuck in an infinite loop of trying to close. Perhaps in a year I'll be a pro, I'll check back in if I reach that status.

One of my hacks in action:



List of hacked games:
  • Counter-Strike Global Offensive
  • Paladins
  • Day of Infamy
  • Fistful of Frags
  • Crimsonland
  • Empire Earth