4

(I asked this question on Gaming, but was closed and ppl suggest I ask on Stackoverflow. If this doesn't fit here, please suggest a better place before you close it. Thanks.)

One general way to cheat in game is to use a memory scan tool to track down the value you want to change. However another common way to cheat is to modify the binary file.

For example, in a game you get +5 exp when you kill an enemy, and by changing 5 to 50 stored in binary you can get +50 exp. As far as I know, many iPhone game cheats work that way, which requires you to patch a binary file or use HEX editor.

I'm interested in how those hackers locate the settings. What is the general method/tool to find out which binary file a specific value is in and the corresponding offset? If it's a very unique number or a ascii string, like 3219 or google.com, you can just search the HEX value, but what if it's a common value, like 1?

Improve this question
0

2 Answers 2

Reset to default
4

You could disassemble the game executable, that way you could in principle know what every memory location does. This is probably not practical for most games.

Two other approaches that more directly target specific values:

  • Pause the game with a debugger right before gaining experience and step through the code to see what memory locations are affected.
  • Though there is bound to be many locations containing the same number as your experience you can quickly narrow them down: Say you have 50 EXP, dump a list of all memory locations* containing 50, then gain some more EXP (say 20) now you can exclude all locations that haven't changed to 70.

* You will probably be searching for a 32/64-bit integer not a single byte location.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

That would be a memory scan tool I mentioned at first. I know how to track down an address in memory. But what I really want is to modify the binary file instead of a value loaded in memory.
Oh sorry, misread. But you can use exactly the same techniques: Save a game, gain EXP, save again, compare (diff) with the old savegame and see what's changed.
When you find that memory location, and what code is executing at that time you can work backward into the binary to find that instruction sequence or offset. The binary might be compressed or encrypted, but you have to take it one step at a time and find the location and or code. Also note that value may stay in a register and might not be evicted to memory until a while later, esp if it is printed somewhere, say they compute a +20 then go into some code to print the new score on the screen holding that value in a register then evicting it to ram after the display.
I get action replay flashbacks :)
0

Try to figure out the file format through trial and error. Programmers usually don't make things intentionally difficult unless the game is an MMO or huge blockbuster prone to cheating. If you're playing a game that gives you Exp for killing slugs, here are some basic steps to take:

  1. Locate the "Monster" file or database table. This contains the information on all monsters.
  2. Search for some known information. In this case, the name of the monster is "Slug".
  3. Use a hex editor to examine the bytes near the name of the monster. Look for a DWORD, WORD, or BYTE that contains the value '50'.
  4. Change 50 to 51 and save the change. Kill a "Slug" and see if the exp changed.
  5. If you still get 50 exp, try some other value near "Slug" and repeat.

With enough time and patience you will eventually figure out the entire file format and be able to change anything at will.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.