What are the Basic Concepts of Game Hacking/Cheating?

[kirock]

I have never hacked and never will but I'm just curious about the technology and the programmer's skill. What I'm asking about the general concepts like:
Someone cracks/decomplies the original C+ code (or whatever language), then determines how the program detects damage, blah blah blah.

I remember installing mods for Quake games, but this was sooo long ago I forget the details. It had to do with DLing a new PAK file and renaming it to the original and renaming the orginal (as bk) and putting this in the root folder of Quake. If I remember correctly. But these weren't hacs, just fun mods. like a jetpack or new weapons and all players had these.

How does an AIM bot work?
Are hacs a recompiled PAK file(or equivalent) of the original game.
Are hacs a small application you can set your config file to open and run in parallel with the application?

See I'm clueless.

EDIT: I am NOT looking for details of any particular game and I don't want anyone to reply with such. This is purely a theoritical discussion of concept only. Thank you.

Thanks.

 

[sllewe]

Well I do know that alot of BF2 hacks have to do with explioting the surfaces.

In other words, trying to get places your not supposed to be. This can actually put you in a certian places on the map that are out of sight of normal players.

Yea thats a horrible explantion I know.

 

[kirock]

Is this an alteration to the original game file or is there some subfile the game calls that can be modified?

 

[sllewe]

Well there really is no modifcation at all.

I will just go ahead and explain them, as it is no secret they exsist, and many videos and guides that depict them.

BF2

On a certian level, If you take a car (which the commander drops) and drive it off a certian buildings roof, you land on a pavillon, and then poof go right through the floor into the ground. But, you can still see and shoot everything around you, while the other people (blocked by the wall your behind) can not.

Or another

CS Xbox

On a certian level if you throw a flashbang into a Power Conduit the whole map gets flashed. (SINCE BEEN FIXED)

BF2

If you are commander and the Server admin ends the map and skips 10 maps in the rotation, you get your score for each of the skipped maps.
(SINCE BEEN FIXED)

See, just explioting the textures and maps themselves.

 

[darkcool]

Well there really is no modifcation at all.

I will just go ahead and explain them, as it is no secret they exsist, and many videos and guides that depict them.

BF2

On a certian level, If you take a car (which the commander drops) and drive it off a certian buildings roof, you land on a pavillon, and then poof go right through the floor into the ground. But, you can still see and shoot everything around you, while the other people (blocked by the wall your behind) can not.

Or another

CS Xbox

On a certian level if you throw a flashbang into a Power Conduit the whole map gets flashed. (SINCE BEEN FIXED)

BF2

If you are commander and the Server admin ends the map and skips 10 maps in the rotation, you get your score for each of the skipped maps.
(SINCE BEEN FIXED)

See, just explioting the textures and maps themselves.

This is exploiting, Not Hacking. However I have no clue how they go about hacking Online Games, It is very complicated I suppose, they have to trick both their systems and the Servers on the other side...

 

[Sharkfood]

I used to host a couple of leading game servers in years past and was always deeply involved with how cheats/cheaters work.

The most common things I'd see were:
1) As you described- replacing game content with customized/cheater content. This can be as simple as having modified maps so your local version is missing walls/invisible walls, model/skin replacements that make enemies bright yellow or otherwise easier to see, etc.etc. Just about anything can be accomplished this way.

2) Proxy processes. These allow players to run an application as a "go between" between your client game program and the server on the internet you're playing on. The proxy process connects to the server, and your game client connects to the proxy process. These proxy processes basically read all the network traffic sent between the game client and game server and can interrupt, filter or modify this stream of data as they see fit. For example, when an enemy player jumps out behind a box, the proxy process gets this server packet and instead of forwarding on to the game on your PC, it instead sends a packet back to the server orchestrated a turn, aim and fire set of packets- nailing a perfect headshot. These can also try to find ways to confuse the server concerning your player's position as they can skew these packets so you're harder to hit.

The way games combat this is through several methods. Content checksumming and comparison has become popular- which is basically the server requires the client to compare maps, models and executable files with the versions expected before even allowing the player to join a game. Of course, a proxy process can "fake" this so it's not fool proof (i.e. just simply intercept the wrong comparison result and send the one the server is expecting).

Other ways have to do with looking at what port the player is connecting from as the game clients are usually hardcoded to a particular out-going network port. This has problems though as people playing through firewalls can get a random, unexpected port. TTL counts, authorizations strings, encrypted authentication and the like are also other ways more modern game server engines try to determine if they're communicating with a real game client program or some proxy process. Unfortunately, none of these are fool-proof and as you build a better mousetrap, nature always builds a better mouse.

The most effective thing I've found as a game server admin to discourage cheating is to simply be an active administrator. Using the highest level of automated auto-cheat detection, combined with playing often on the servers and having trusted/knowledgeable secondary admins is the best way to discourage cheaters. When cheaters are suspected, a human at a second computer (preferrably shell/unix server) can perform a number of manual things to see if a player is cheating or not. If it's determined with good probability you have a cheater, you simply ban the player- by handle, by ip address, by traceable network mask. If they are part of a account authentication system (such as VAC or EA online systems), you report the players handle, ip address and other things to the game provider as well as they can levy account bans as well or limit their server selections.

Hope this helps!