 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
Yuri_Treychenko
How do I cheat?
![]() Reputation: 0
Joined: 18 Jun 2013
Posts: 4
Location: Kuala Lumpur, Malaysia
|
 Posted: Thu Sep 04, 2014 5:30 am Post subject: Answer me this....It's been bugging me forever. |
 |
|
I have always wanted to know what you need to do to modify values and push them to the server for MMO type games. I've racked my brain, and I can't seem to figure it out. If someone could clearly explain this to me, it would be really helpful. Since I was a little kid playing Runescape, I've always wanted to try it at least once, regardless of the risk of being banned.
So yeah. If anyone could explain it to me, it would be great. Been bugging me for years...
|
|
| Back to top |
|
 |
zm0d
Master Cheater
 Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Thu Sep 04, 2014 7:15 am Post subject: |
|
|
Actually, the theory is simple. You take a packet sniffer and editor (like WPE) and get into the game. There you loot something and pick up gold (or any other ingame currency). Now you do this a couple of times to filter out your interesting packets within the sniffer. Once, you found the packets, which are responsible for your "add gold to my character" action, you can send this packets over and over again to the server to get unlimit gold. Simple so far hm? If there wouldn't be checksums, encryption and so on... it's hard to do and even if you succeed in it, you have to fear more than a simple "bann". Hacking a server is illegal and you most likely have to spend a huge amount of $$$ or even waste your life in a small prison with cute, horny guys. ())=====D~
Also the CE forum doesn't support multiplayer game hacking.
|
|
| Back to top |
|
|
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8585
Location: 127.0.0.1
|
| Posted: Thu Sep 04, 2014 12:48 pm Post subject: |
|
|
Altering data on server sided games entirely relies on either one of two things:
1. The game is extremely poorly coded and the client is given control of a sensitive data value that in more cases than most, should be handled by the server. This is often done with things like your movement speed, your character position, and some other minor things like a chat filter, uncovering parts of a map visually, and so on. You can ultimately change these values on the client and see immediate results because the server has no control or validation on them.
2. The game handles these variables on the server, however, you are able to exploit them either by packet injection, or finding an exploit to replicate an action that has no checks on it.
In the case of two, there is the both methods of memory editing as well as packet editing. You may be able to freeze a value and reuse it, such as forcing the client to think you have a certain item in your inventory when you don't, and keep reselling it to a vendor. As well as with packet editing, you can keep resending the sell packet for an item after you have sold it and in some cases it will still work and keep giving you money since the game does not validate that you had said item etc.
For other things, you just need to start thinking outside of the box. Don't just think of the specific hacks that everyone does for every single player game. Think of some things that are unique to the game you are playing. Such as certain types of abilities that may be handled by the client and being able to use them on any class/job in the game. Or allowing yourself to see any map at any time regardless if you own it in the game.
I will use Final Fantasy XI as an example, (I am not going to give detail on any of these hacks or explain anything about them, just giving you some ideas):
- You can hack your position.
- You can hack your speed.
- You can hack your animation state. (Healing, sitting, on chocobo, etc.)
- You can hack the ability to see any map on the client without owning them.
- You can hack the ability to use certain job abilities on any class because the client handles it. (Such as Wide Scan)
- You can filter the widescan results via packet injection and only have the client display the exact result you want.
- You can hack/modify the draw distance of monsters and players.
- You can change your characters race / gear / size etc. all in the client.
- You can spawn a certain set of monsters without losing an item that is required to pop them using an exploit.
- You can force show every entity in the game even if they are invisible or not spawned yet.
- You can allow any job in the game to have an advanced mini-map like certain jobs do (SMN, RNG, PUP, etc)
- You can force open any door in the game without needing the key to open it.
And so on. It's just a matter of thinking outside of the box to find other fun things that are able to be done on the client for any game.
_________________
- Retired. |
|
| Back to top |
|
|
HitIer
How do I cheat?
![]() Reputation: 22
Joined: 09 Feb 2013
Posts: 0
Location: Location Location Location
|
| Posted: Thu Sep 04, 2014 2:15 pm Post subject: |
|
|
| atom0s wrote: |
- You can hack your position.
- You can hack your speed.
- You can hack your animation state. (Healing, sitting, on chocobo, etc.)
- You can hack the ability to see any map on the client without owning them.
- You can hack the ability to use certain job abilities on any class because the client handles it. (Such as Wide Scan)
- You can filter the widescan results via packet injection and only have the client display the exact result you want.
- You can hack/modify the draw distance of monsters and players.
- You can change your characters race / gear / size etc. all in the client.
- You can spawn a certain set of monsters without losing an item that is required to pop them using an exploit.
- You can force show every entity in the game even if they are invisible or not spawned yet.
- You can allow any job in the game to have an advanced mini-map like certain jobs do (SMN, RNG, PUP, etc)
- You can force open any door in the game without needing the key to open it.
And so on. It's just a matter of thinking outside of the box to find other fun things that are able to be done on the client for any game. |
Thank you atom, I was gonna say this.
You don't always have to modify, sometimes reading in itself can be pretty powerful! You can read other player's coordinates in games where they can give you a competitive edge (ie First person shooters like CoD), you can also paint their coordinates so you can see them through walls, have a mini-map like atom suggested, etc.
It also allows you to calculate that which normal humans cannot, at least not 100% efficiently, for example, redirecting your cursor to the center of an enemy player's head through plenty of thick walls, which can be lethal in shitty games like CoD where you can shoot through the walls and get accurate kills in milliseconds.
As for Runescape, you can do the following:
Change the appearance of your money/items to any value at least greater than or equal to 1 but not exceeding 2147483647
Paint item IDs on the ground so they are easier to spot
Basically, anything that is used by bots.
_________________
With self driving cars, CE can work in real life
| t328163 wrote: | | Your username derives from the fact that this site cannot format special characters lol. |
| t328163 wrote: |
lmfao, on reddit i'd get banned |
|
|
| Back to top |
|
|
Yuri_Treychenko
How do I cheat?
![]() Reputation: 0
Joined: 18 Jun 2013
Posts: 4
Location: Kuala Lumpur, Malaysia
|
| Posted: Thu Sep 04, 2014 9:38 pm Post subject: |
|
|
| zm0d wrote: | Actually, the theory is simple. You take a packet sniffer and editor (like WPE) and get into the game. There you loot something and pick up gold (or any other ingame currency). Now you do this a couple of times to filter out your interesting packets within the sniffer. Once, you found the packets, which are responsible for your "add gold to my character" action, you can send this packets over and over again to the server to get unlimit gold. Simple so far hm? If there wouldn't be checksums, encryption and so on... it's hard to do and even if you succeed in it, you have to fear more than a simple "bann". Hacking a server is illegal and you most likely have to spend a huge amount of $$$ or even waste your life in a small prison with cute, horny guys. ())=====D~
Also the CE forum doesn't support multiplayer game hacking. |
That last bit, I figured. However, this is one of the only bundles of hackies and cheatsies that seem to have all the answers.
So effectively, you mimic the update process that sends data to the server and piggyback on that to grant yourself infinite what-the-fuck-ever. Sounds cool I guess 
But from what I've heard, tons of servers aren't retarded neither. How would you send the data in question and not have the server throw up some red flags? I know multiplayer hackers who never get caught. They stealthy as all hell....
|
|
| Back to top |
|
|
atom0s
Moderator
Reputation: 205
Joined: 25 Jan 2006
Posts: 8585
Location: 127.0.0.1
|
| Posted: Fri Sep 05, 2014 2:31 am Post subject: |
|
|
| Yuri_Treychenko wrote: | | But from what I've heard, tons of servers aren't retarded neither. How would you send the data in question and not have the server throw up some red flags? I know multiplayer hackers who never get caught. They stealthy as all hell.... |
It's a matter of trial and error. You have to take the risk of getting caught / banned by attempting to do something to see if it is possible. Not all games are that well coded or maintained, you'd be surprised what you can do on a lot of multiplayer games with some brain storming, trial and error, and out of the box thinking.
_________________
- Retired. |
|
| Back to top |
|
|
zm0d
Master Cheater
Reputation: 7
Joined: 06 Nov 2013
Posts: 423
|
| Posted: Fri Sep 05, 2014 3:41 am Post subject: |
|
|
| Yuri_Treychenko wrote: | | send the data in question |
I'm not sure what you mean with that. :$
Here to go a bit deeper - a conversation:
Server: Generate NPC with an ID and a gold amount.
Server-Client: Transmit the ID to the client.
Client: Visually create the NPC so it's targetable by a player..
Client-Server: Trainsmits the kill event with the NPC ID.
Server: Map the gold amount paired to the NPC ID to the player entry in the database.
Server-Client: Transmit your new gold value so you can visually see it.
The vulnerability here is the bold line. You could search your memory for every available NPC ID and sent this kill event to the server with one of your found IDs. So the NPC dies and you receive the amount of gold stored for the NPC on server-side without doing a single ingame-action. This would be badly designed server architecture, but you still have to find out how this works.
Lets check out another example, close to the upper one:
Server: Generate NPC with an ID and a gold amount.
Server-Client: Transmit the ID to the client.
Client: Visually create the NPC so it's targetable by a player.
Client-Server: Trainsmits the kill event with the NPC ID.
Server: Check if the NPC with the sent ID from the kill event is in state "FIGHT".
Server: Map the gold amount paired to the NPC ID to the player entry in the database.
Server-Client: Transmit your new gold value so you can visually see it.
With this little check, if the NPC is in a "fighting" state, you wont be able to just send kill events for every NPC ID located in your RAM. At least you'll have to move close to the NPC and fight them once, so their status changes to "fighting". Then your fake kill event message will work. Also, you could scan all NPC structures within your memory and look up for the address, that indicates the NPCs status. Just modifiy it locally to "fighting" and hopefully the state of the NPC will change on server side.
All this has to do a lot with gathering information about how the game architecture works and maybe a bit of luck.
So, if you're really interested in this kind of "hacking/cheating", I highly recommend using a VPN service. A good VPN service.
=> In my second conversation, with the status check, you'd have been detected for faking server-message, cause you tried to kill NPC without being in the state "FIGHTING". That might lead to a ban and also some greedy lawyer, are going to chase you, because your tried to modifiy the servers database in a disallowed way. By using exploits.
|
|
| Back to top |
|
|
sikulima55
Newbie cheater
![]() Reputation: 0
Joined: 07 Feb 2025
Posts: 11
|
| Posted: Fri Feb 07, 2025 9:02 am Post subject: |
|
|
| zm0d wrote: | | Yuri_Treychenko wrote: | | send the data in question |
I'm not sure what you mean with that. :$
Here to go a bit deeper - a conversation:
Server: Generate NPC with an ID and a gold amount.
Server-Client: Transmit the ID to the client.
Client: Visually create the NPC so it's targetable by a player..
Client-Server: Trainsmits the kill event with the NPC ID.
Server: Map the gold amount paired to the NPC ID to the player entry in the database.
Server-Client: Transmit your new gold value so you can visually see it.
The vulnerability here is the bold line. You could search your memory for every available NPC ID and sent this kill event to the server with one of your found IDs. So the NPC dies and you receive the amount of gold stored for the NPC on server-side without doing a single ingame-action. This would be badly designed server architecture, but you still have to find out how this works.
Lets check out another example, close to the upper one:
Server: Generate NPC with an ID and a gold amount.
Server-Client: Transmit the ID to the client.
Client: Visually create the NPC so it's targetable by a player.
Client-Server: Trainsmits the kill event with the NPC ID.
Server: Check if the NPC with the sent ID from the kill event is in state "FIGHT".
Server: Map the gold amount paired to the NPC ID to the player entry in the database.
Server-Client: Transmit your new gold value so you can visually see it.
With this little check, if the NPC is in a "fighting" state, you wont be able to just send kill events for every NPC ID located in your RAM. At least you'll have to move close to the NPC and fight them once, so their status changes to "fighting". Then your fake kill event message will work. Also, you could scan all NPC structures within your memory and look up for the address, that indicates the NPCs status. Just modifiy it locally to "fighting" and hopefully the state of the NPC will change on server side.
All this has to do a lot with gathering information about how the game architecture works and maybe a bit of luck.
So, if you're really interested in this kind of "hacking/cheating", I highly recommend using a VPN service. A good VPN service.
=> In my second conversation, with the status check, you'd have been detected for faking server-message, cause you tried to kill NPC without being in the state "FIGHTING". That might lead to a ban and also some greedy lawyer, are going to chase you, because your tried to modifiy the servers database in a disallowed way. By using exploits. |
Hi Mr. zm0d
Can i ask something about this
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
