22 December 2017

GameGuardian Lesson - Searching encrypted “known” value.

Note: This article is re-shared because original author deleted it

Now you should be able to hack or modify any game, right?

Let’s try to hack score value in “300: Seize Your Glory” game. This is promo-game, based on “300:Rise of an Empire” movie.

Download GameGuardian APK: https://gameguardian.net/download and install it on your Android device

Okay, our score is 200 right now.




Go find it in GameGuardian (known search -> type: auto, value: 200).




We have found – 198,659 address. Well, too much.




Go back to game and increase our score a little, up to 1,550.




Go back to GameGuarding and try new search with value “1,550”.




Wait, what? Nothing have found? How this can be?

Yes, this can be.

Modern game developers trying to do everything to make their games harder to hack or modify. For example, you may see number 3,006 in your game, but this number may be actually stored as:

· Sum of two different number (700 + 2306 or 1402 + 1604)

· Multiply of three differnt number (501 * 3* 2)

· Floated number (300.6 or 0.003006)

· as number 62,530 (65,536 – 3,006)

· as any other number at all (33,584), e.t.c.

In this cases we can say that value in our game is encrypted and we should use special switch, see this:




Now try to do search with encrypted switch on.




wow. 174,228,480 addresses! This is much more then 198,659 address we had in first “not-encrypted” try!

Now, you need to make few iteration with new values. 1,750 points





5,000 points






24050 points






After few iterations we stuck with eight addresses, four of them share same address – 94B06338, but with different letters (F-letter, X-letter, D-letter, W-letter) and same story with 9E621920.

One of this address should store our score, but which of two. Let’s play a game, called Russian Roulette and try to change 94B06338 with D-letter.






And go back to the game



Holy moly! We found it!

As you can see, you should try use regular “non-encrypted” search first in order to get value you are looking for. And only if this failed – try “encrypted” search.

Awesome. You are almost pro, you only need to check one last lesson – unknown search.

Credit:
greatestmeow

0 comments:

Post a Comment