Hackfest 2024 - 16-bit Edition

Game Hacking 101
10-11, 19:00–21:00 (America/New_York), Track 3 (205c)
Language: English

This session’s header image

Take part in a one day course where you learn the fundamental skills used to hack PC video games! Whether you’re looking to hone your advanced security skills, pursue a career in the video game industry, or finally beat Elden Ring, you’ll walk away with practical experience hacking a real video game. And while you’re having fun “playing around”, you’ll also gain knowledge of reverse engineering, binary exploitation, and the dark arts of assembly language. So join us, and you can finally find a way to use video games to advance your career!

Requirement

Planning

  • Introduction
    What is game hacking: the art of modifying video games to gain an advantage or alter gameplay.
  • Core skills
    Reverse engineering,Binary exploitation,Assembly language

  • Why hack video games?
    Advanced security skills - good for practice, good for your career, It’s fun and the best way to learn about security

  • Stage 1: Beginner (spend the most time here)
    Find and modify game values in memory
    Different value types - floating point, integer, array of bytes

  • Lab 1: find the following values and play with them in Assault Cube
    • Health,Shield,Ammo (trainer)
    • Height, Location (teleporting,flying)
    • Enemy location (work with a partner)
    • Mouse value (aim hack)
    • Player Class
    • Enemy Array[]
  • Stage 2: Intermediate
    Finding pointers for long-term value identification
    Code/function modification
    Identify code/functions through Cheat Engine, then debugging
    Introduce common anti-debug bypass mechanisms
  • Lab 2: In depth memory fun, live patch in memory
    • Ammo decrement
    • Health/Armor increasing/decreasing, Jumping, shooting
    • Bonus: Create a Cheat Engine entry to toggle the change on and off (auto assemble > AOB injection).
  • Stage 3: Advanced - what’s next (discuss, no labs)
    Visual overlays
    Network interception and modification
    Engine (e.g. Unity, Unreal) Patterns / Reverse Engineering
    Closing summary and resources (appendix)
Mickael Nadeau

Mickael Nadeau is the co-founder of CYBERDEFENSE.AI. His passion for security and technology has led him to go through multiple technical training sessions. He previously led some research on game hacking which gave birth to multiple talks and multiple workshops in the past few years. He's part of the Corelan's survivors and achieved the “CertifiedBrute” status by Brutelogic. Joke aside, he's also known as the “Docker/Kubernetes Wizard” regarding cloud security architecture.