Home

Awesome

<div align="center"> <a href="https://guidedhacking.com/?utm_source=dsasmblr"> <img src="https://raw.githubusercontent.com/dsasmblr/hacking-online-games/master/resources/guidedhacking-hero.png" /> </a> <br> <span align="center"><a href="https://guidedhacking.com/?utm_source=dsasmblr">This repo is sponsored by GuidedHacking.com!</a></span> </div>

The Ultimate Online Game Hacking Resource

A curated list of tutorials/resources for hacking online games!

From dissecting game clients to cracking network packet encryption, this is a go-to reference for those interested in the topic of hacking online games. I'll be updating this list whenever I run across excellent resources, so be sure to Watch/Star it! If you know of an excellent resource that isn't yet on the list, feel free to submit it for consideration via creating an issue or pull request for this repository, or email it to me.

General Information

Title/LinkDescription
EFF FAQ on Reverse Engineering LegalitiesThis FAQ details information that may help reverse engineers reduce their legal risk. Use this information as a guide, not actual legal advice.
Cheating in Online Games: Overview of Approaches and ConsequencesThis Wikipedia page offers a good 10,000-foot view of the landscape of hacking online games.

Blog Posts, Articles, and Presentations

Title/LinkDescription
Hack.lu 2017: (Workshop) Reverse Engineering a MMORPGThis workshop covers the basics of reverse engineering a (M)MORPG. The target is Pwn Adventure 3, an intentionally-vulnerable MMORPG developed by Vector35.
Hack the Vote 2016 CTF "The Wall" SolutionA write-up for a 2016 CTF challenge involving the multiplayer, open source Minecraft clone, Minetest.
Reverse Engineering Online Games - Dragomon HunterAn in-depth tutorial showing how to reverse engineer online games via the game Dragomon Hunter.
Hacking/Exploiting/Cheating in Online Games (PDF)A presentation from 2013 that delves deeply into hacking online games, from defining terminology to providing code examples of specific hacks.
Hacking Online GamesA presentation from 2012 discussing various aspects of hacking online games.
For 20 Years, This Man Has Survived Entirely by Hacking Online GamesA hacker says he turned finding and exploiting flaws in popular MMO video games into a lucrative, full-time, job.
Hackers in Multiplayer GamesA Reddit post discussing hacking in multiplayer games.
Reverse Engineering Network ProtocolsA very helpful comment from a Reddit post inquiring about reversing network protocols.
Deciphering MMORPG Protocol EncodingAn informative discussion from a question on Stack Overflow.
Reverse Engineering of a Packet Encryption Function of a GameAn informative discussion from a question on StackExchange.
Fuzzing Online GamesThis is the slide deck used for the DEFCON 20 talk linked in the videos section below. Click here for the main presentation page.
Kartograph (Game Hacking Tool)This is the slide deck used for the DEFCON 18 talk linked in the videos section below. Click here for the main presentation page, and click here for an extended version of this slide deck [Back-up Link].
Adding Multiplayer Functionality to Torchlight (A Single-Player, Closed-Source Game)Torchlight is chosen as a real-world target application for adding multiplayer functionality to the otherwise single-player, closed-source game.
Exploiting Game Engines for Fun and ProfitThis slide deck shows you methods to exploit game engines, effictively discovering attack vectors that will work across multiple games using the same engine.
How to Hack an MMOThis is an old article, but a good cursory overview of some of what's involved in attacking an MMO game client.
Introduction to Server Side EmulationAn old but still relevant document for those interested in building their own emulated server (useful for things like reintroducing multiplayer functionality into a dead game).
Reversing Path of Exile's ProtocolA three-part series of blog posts detailing one individual's approach to reverse engineering Path of Exile's network protocol).

Videos

Title/LinkDescription
How to Hack Local Values in Browser-Based Games with Cheat EngineThis video teaches you how to find and change local values (which might appear as server-based values) in browser-based games.
Reverse-Engineering a Proprietary Game Server with ErlangThis talk details advantages Erlang has over other languages for reverse engineering protocols and analyzing client files. A live demo showcasing some of these tools and techniques is also given.
DEF CON 16: Gaming - The Next Overlooked Security HoleThis talk discusses the growing number of attack vectors presenting themselves in the form of games, from engines to mods to middleware and more.
DEF CON 17: Fragging Game ServersFrom hardware interaction to network protocols, this talk presents the inner workings of the Source Dedicated Server (used for games like Left 4 Dead and Team Fortress 2). Also discussed are some of the weaknesses in these game engines, as well as ways they're exploited in the wild.
DEF CON 17: Subverting the World Of Warcraft APIThis talk discusses MMO hacks related to the World of Warcraft API.
DEF CON 18: Securing MMOs - A Security Professional's View from the InsideGold farmers. Cheaters. Beleaguered programmers. All ingredients in a recipe for an unstable, fun-sapping game. This talk takes a look at the security problems plaguing the MMO industry and how modern engineers are taking the fight to cheaters and hackers in MMOs.
DEF CON 18: Kartograph - Applying Reverse Engineering Techniques to Map HackingUsing games like Civilization IV, Age of Empires III, and Anno as targets, this talk teaches memory forensic techniques you can use to hack online games. Be sure to watch the accompanying Kartograph demo video.
DEF CON 19: Hacking MMORPGs for Fun and Mostly ProfitThis talk presents a pragmatic view of both threats and defenses in relation to hacking online games.
DEF CON 20: Fuzzing Online GamesThis talk discusses interesting techniques you can consider using to fuzz online games.
DEF CON 23: Shall We Play A GameThis talk shows how playing on custom game servers and community-created maps could easily lead to exploitive code execution on our machines that bypass mitigation techniques. Targets include CryEngine 3, Dota 2, Garry's Mod, ARMA3 and Digital Combat Simulator.
DEF CON 25 - Twenty Years of MMORPG Hacking: Better Graphics, Same ExploitsThis presentation, presented by Manfred, technically analyzes some of the virtual economy-devastating, low-hanging-fruit exploits that are common in nearly every MMORPG released to date.
Motherboard Livestream Archive: Researcher Cracks Elder Scrolls Online, Dark Age of Camelot, and WildstarAdrian Bednarek, better known as "Manfred", demonstrates the MMORPG hacks he wanted to show but couldn't during his DEF CON 25 presentation. This is a rare glimpse into the tools, thoughts, and approaches of a professional online game hacker!
Black Hat Europe 2014 - Next Level Cheating and Leveling Up MitigationsThis presentation outlines two practical attacks against one of the most popular anti-cheat engines and demonstrates the implications of a successful attack against anti-cheat software.
Cyber Necromancy - Reverse Engineering Dead ProtocolsThis presentation talks about bringing a multiplayer game whose servers have shut down, back to life. The game is Metal Gear Online on the PS2 and PS3.
32C3 - How Hackers Grind an MMORPG: By Taking it Apart!In this presentation, Runes of Magic, a long-dead MMORPG, is used to demonstrate how to reverse engineer network protocols.
ARMA 3 - Reverse Engineering on IDA Pro & Reclass 2015A 45-minute tutorial demonstrating how to hack ARMA 3 using IDA Pro and ReClass.
Let's Play/Hack - Pwn Adventure 3: Pwnie IslandA video series of 21 parts on hacking the intentionally vulnerable MMORPG Pwn Adventure 3.

Podcasts/Audio

Title/LinkDescription
Darknet Diaries Ep. 7: Manfred Part 1: Hacking Online Video Games for Fun"Manfred" has privately been hacking online games for the past 20 years. In this episode, he tells stories of some of the unbelievable ways he's hacked games--all in the name of fun.
Darknet Diaries Ep. 8: Manfred Part 2: Hacking Online Video Games for Profit"Manfred" found a way to turn his passion for video games and reverse engineering into a full time business. He exploited video games and sold virtual goods and currency for real money. This was his full time job. In this episode, he explains exactly how he did this.

Books

Title/LinkDescription
Game HackingGame Hacking shows programmers how to dissect computer games and create bots.
Attacking Network ProtocolsAttacking Network Protocols is a deep-dive into network vulnerability discovery.
Practical Packet Analysis, 3rd EditionPractical Packet Analysis, 3rd Ed. teaches you how to use Wireshark for packet capture and analysis.
Exploiting Online Games: Cheating Massively Distributed SystemsThis book takes a close look at security problems associated with advanced, massively distributed software in relation to video games.

Online Game Hacking Forums

Title/LinkDescription
Guided HackingDiscussion of multiplayer and single-player game hacks and cheats.
UnKnoWnCheaTs ForumDiscussion of multiplayer game hacks and cheats.
MPGH (Multi-Player Game Hacking) ForumDiscussion of multiplayer game hacks and cheats.
ElitePVPersDiscussion of MMO hacks, bots, cheats, guides and more.
OwnedCoreAn MMO gaming community for guides, exploits, trading, hacks, model editing, emulation servers, programs, bots and more.

Open Source and Safe-to-Hack Multiplayer Games

Title/LinkDescription
Pwn Adventure 2A custom 3D MMOFPS based on the Unity game engine. The game includes several quests that are only solvable by modifying the game client.
Pwn Adventure 3: Pwnie IslandA first-person, open-world MMORPG developed specifically to be hacked! You might also be interested in Pwn Adventure 2, which is Unity-based.
MinetestAn open source, multiplayer voxel-based game and game engine. (A Minecraft clone, basically.)
XonoticAn open source, arena-style multiplayer FPS.
NexuizThe open source, multiplayer FPS game Xonotic is based on.
AssaultCubeAn open source, multiplayer, FPS.
List of Open Source GamesA large list on Wikipedia of open source games, both single-player and multiplayer.