"Beating Heart" is a "beat-em-up" style game with health bars and you take damage when hit by enemies: The game we're going to hack is called " 198X" (part 1), an 80s-arcade themed game with several mini-games.ġ98X has several mini games built in, we're going to be hacking "Beating Heart" and "Shadowplay": exe where we can find a static memory offset to patch. Unlike more traditionally compiled games, these "scripts" are not simply compiled into the. Within the Unity engine, developers can add " scripts" (written in C#) which make up some of the game logic - these will often be our target. Under the hood Unity makes use of " Mono" which is a cross-compiler for DotNet. This makes playing really weird because we can still play as if nothing happened.In this post I'm going to explore a few ways to hack games written using Unity. But on the server-side we die and other people will see a dead body on the floor. In the local game, we don’t die in case an Imposter attacks the player. For some reason, if we set these to true for the local player and spoof the role to be a Guardian Angel, our player becomes sort of invincible. Since this role type is able to protect players, I’ve looked into what happens under the hood: There are some boolean values in players objects that control whether a player is protected or not. If you’re not familiar with the Guardian Angel role in Among Us, i suggest reading this article first. This works, but upon changing the player appearance, this happens: Like before, I’ve tried to become a Shapeshifter by altering the role parameter in SetRole(). Unfortunately the server doesn’t accept kill operations form this spoofed role. This produces an interesting side effect: Since we’re an impostor in our local game, we can directly identify other imposters from the game UI. We can now enter vents and hide and move in there.But our local client thinks we’re an Imposter. Now, the server thinks we’re a regular player.We Become an Impostor by changing the role value in passed in SetRole() for our local player object.However, we can make our local client think that we’re actually an Imposter: Normally, only two player roles are permitted to enter vents on the game map: Engineers and Impostors. Now we can vote to kick out Bridecosy, GTFO ◉‿◉ Additional Client Side Memory ManipulationĪt this point I thought: What about manipulating client side memory instead of just reading some values? Here are some things I’ve tested. Upon running the game and injecting the script, the following output is printed: Got PID 28485 We need to add an offset of 0x14 to the beginning of the string object to grab the player name.The name is stored as an UTF-16 wide string.Public class PlayerControl : InnerNetObject // TypeDefIndex: 12310. There already exists a tool called il2cpp-dumper for this exact purpose: ![]() Well that sounds interesting, especially the intermediate language aspect, since that often means that it’s possible to decompile the code back the its original form. The IL2CPP backend converts MSIL (Microsoft Intermediate Language) code (for example, C# code in scripts) into C++ code, then uses the C++ code to create a native binary file (for example. IL2CPP provides better support for applications across a wider range of platforms. The IL2CPP (Intermediate Language To C++) scripting backend ![]() ![]() Instead, and since it’s Unity-based game, the interesting stuff is present in a native library called libil2cpp.so. apk file of the game and extracting it, I’ve found that the actual game logic is not implemented in the Java code. Let’s see how that can be done with Frida. I’ve looked into the game and I thought it would be a great idea to identify the impostors right away and without having to guess. ![]() The game is based on the Unity engine and, along with other platforms, it is available for Android devices. The remaining players can use votes to kick out a specific player, while hopefully identifying the impostor correctly. The impostor’s goal is to kill every other player without being identified throughout the game. Do you know the game Among Us ? It’s a multiplayer game where you have to identify impostors in a group of players.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |