In this article we will attempt to 'hack' applications / data that runs locally on our PCs. To understand this better here's a quick summary of how Apps / RAM works:
Cheat Engine Download. Cheat Engine is one of the first and the best memory editor for PC games and the most advanced game cheating, trainer, and game hacking tool for PC games there is. Featuring a huge active community dedicated to improving the software and sharing trainers and cheats. Download Memory's apps for iPhone, Android, macOS, Windows, and iPad. Automate time tracking with Timely; reclaim your week with Dewo. This is using the MHS program by L. Spiro with the Cheat Engine Tutorialto get this program use download herehttp://ultimatehacker.freeforums.org/mhs5-005-up.
Say you've started a Game application on your PC. OS has allocated a chunk of memory addresses for it. We can have another program (with sufficient system accesses + codes to communicate with OS) that access and modify data stored under these memory addresses.
Lets find a simple Browser-based game to try this out.
Browser-based game - Alien Complex
Most Web Browser games actually runs locally the PC. Here's a link to the game. We will try and hack this simple Top-down shooting game.
The hacking software we use here is Cheat Engine, a popular free software with functions to access/modify memory addresses for running Apps. It is commonly used for cheating in PC games =)
After installation, the first step is to select the application you want to manipulate. Firefox runs Flash games in a 'plugin-container process', so we 'select' this process from Cheat Engine.
Memory scanning - Locate correct memory address.
Now lets try to manipulate the Ammo for the Gun in the game. On the bottom-right-hand corner of screen, it says there are 28 ammos left. So how does Cheat Engine 'CE' locate the Memory address holding the value '28' ?
One of the crucial function is Memory Scanning, which does this: 'Given all the memory addresses for the App, please help to locate address holding value of 28'
73,630 addresses were found holding value 28, we wouldn't know which is the real address for the Ammo variable.
CE allows you to make immediate changes to the value on the address. We can guess and make some changes, but randomly changing addresses may Crash the application!.
CE has a cool function to keep track of address values over time. So in theory, when Ammo value changes, addresses that does not follow the delta can be ignored. End result is leaving the only 1 correct address representing the Ammo value.
With the memory address located for the Ammo value, we can manipulate the value and cheat on the game! Check out the following video. We gave it a value of 100 and locking it.. In game, shooting will make it drop the 99 but not any further.
Interesting Fact to NoteWhy does it show 99 on screen, but not 100
In summary we have seen how local memory data can be easily hacked. It is important to that in all software solutions, we must safeguard sensitive information stored locally. There are obfuscation coding and encryption methodologies to mask variables and prevent memory scans. These techniques comes with computation / performance cost, but for critical applications security is way more important.