Grandmaster Cheater Supreme
Joined: 17 Sep 2012
|Posted: Sun Mar 23, 2014 4:13 pm Post subject: Rydian's Guide To Attaching To Browser Games
Browser games are popular, newbies want to target them first, but there's crap you need to know first.
So this tells you the crap you need to know to get started doing the newbie-crap newbies want to do.
Basically there's three types of games that a browser game could be. It could be a flash game, a Java
game, or a fancy new games made in HTML5/JS. The way you do basic memory editing with all three
is the same, the issue people run into is figuring out what type of game they're dealing with and thus
knowing which process to attach to.
- Flash games: Attaching
http://www.addictinggames.com/ (Almost anything here.)
http://armorgames.com/ (Again almost anything here.)
By far the most common. These almost always run in their own little rectangle on the page, and if you
right-click you should get some sort of menu like this with settings and a mention of the flash version
at the bottom.
If you're using Firefox or a derivative (or something else using the same plugin standard) then when you
play a flash game you should have an easily-identifiable flash process. If there's two use the second.
If you're using Chrome, then go into a different tab than the game (because Flash will hijack shortcuts)
or simply click outside of the window and then press Shift+Escape to get to Chrome's in-program task
manager. Right-click one of the upper bars and make sure that Process ID is selected, then look for
the Flash plugin's process ID. Note that the ID there is in decimal while CE uses hex, so convert.
- Flash games: Hacking
For modern Flash stuff, in my experience you'll be searching for float or double a lot, but also unknown
scans since Flash game makers have started using easily-available libraries to obfuscate their values in
RAM, making it impossible to search for the numbers you see. Some older games will be easy, but most
of the modern stuff is a little annoying to get it. If you're finding a certain game difficult to work with,
consider learning Actionscript and installing an SWF "decompiler" so you can edit the game's code itself.
- Java games: Attaching
Java makes sure you know when it's running. Attach to java.exe or javaw.exe.
- Java games: Hacking
I don't have too much experience with hacking Java games, but from what I've seen there's rarely any
in-RAM obfuscation done. Also .JAR files can be saved and opened with something like 7-Zip and you
can edit the class files with a text editor, so that tends to make it easy too.
- HTML5/JS: Attaching
These are much less in number, but are gaining popularity lately. Unlike Flash and Java games which
tend to run inside their own rectangle, HTML5/JS games tend to take up a full browser tab. If you're
using Chrome use the same basic idea as for Flash. Press Shift+Escape to open Chrome's in-browser
task manager, right-click the header to check the Process ID option, then look at the labels and
convert the ID from Decimal to Hex to see which process of Chrome's to attach to. If you're using
something like Firefox, unfortunately I don't know of a way to see which processes are running which
tabs, so your best bet would be to close all your other tabs and then guess from what's left.
- HTML5/JS: Hacking
In my experience everything will be of the double type, though there might be a little obfuscation so if
you're not finding stuff do unknown->increased/decreased searches. Also you can just view the source
and edit it to pull in edited versions of the game scripts and junk anyways.