How Do Wall Hacks Actually Work?
What does it take to actually cheat in a game? Let’s add wall hacks to Unreal Tournament
Become a member to get early access to videos - / @nathanbaggs
Want to build cool stuff from scratch? app.codecrafters.io/join?via=...
💭 All views are my own 💭
Have you ever wondered about cheating in video games, purely for academic reasons? Join us as we explore wall hacks in the original Unreal Tournament, from reverse engineering the game to injecting custom code - all in the name of research! Subscribe for more gaming adventures.
Пікірлер: 181
Want early access to new videos and some behind the scenes content? Consider becoming a channel member kzread.info/dron/QvW_89l7f-hCMP1pzGm4xw.htmljoin
I genuinely love how you have taken your channel in the last few months. Massive fan. It’s spot on. Clear, educational.
@nathanbaggs
20 күн бұрын
Thanks! Just trying to make each video better than the last
"he's turned himself into chunklets!"
@nathanbaggs
21 күн бұрын
A surprise to us all
@StoneTheCr0w
20 күн бұрын
They're called gibs, noob
@GoldenAdhesive
19 күн бұрын
I thought they call it giblets in unreal?
@Daniel15au
16 күн бұрын
Amazing, you also watched the same video as me!
@Aesthetically_Saru
13 күн бұрын
@@nathanbaggspretty sure he was trying to get the snipper rifle but missed.
Are you still me? I created a wallhack for Medal of Honor: Allied Assault for educational purposes. Then I created an anticheat for the community based on my experience. I learned a lot about cheat techniques and detecting injections into an executable this way. Highly recommend experimenting with this!
@nathanbaggs
20 күн бұрын
I still think you might be me
@GameBacardi
20 күн бұрын
KD ratio 2 or over, ban
@brixt0n
20 күн бұрын
@@GameBacardi close 🤣
Would love to see a video on "external" wallhacks where instead of injecting code you read process memory to determine the locations of players and draw an overlay over the game window.
@nathanbaggs
20 күн бұрын
Yeah I think that would be fun to do, I also thought doing this alternate way would be interesting
Every time you end a line you give the camera this absolutely incredulous look before the cut, I love it. I mean this entirely positively, it's got a charm to it.
@nathanbaggs
20 күн бұрын
I just thought I was bad as editing, glad it comes across as charming (:
@ZynSays
20 күн бұрын
@@nathanbaggs IMO it makes it look like you're more of a "Tech Guy that makes videos" than a "Video Guy who covers tech", and I think people generally trust that more!
@Azeria
19 күн бұрын
the slow pace also helps given it’s pretty technical, it gives us an extra beat to process what you just said which is great honestly
@nathanbaggs
19 күн бұрын
That’s the style I’ve been going for, glad it comes across
Let's make this game a popular sport again! I have been playing all the Unreal games recently. The original Unreal game simply called Unreal has features that the other games don't have, such as a completely different weapon set (terran weapons) that you can alternate between by double tapping the number keys, a weapon that can grow, plants that can grow, and of course an entire single-player/co-op campaign. Please mod all the features of Unreal into Unreal Tournament
@DrRadio155
19 күн бұрын
The last is done by OldSkool mutator.
@MelroyvandenBerg
19 күн бұрын
it was always popular
@Aesthetically_Saru
13 күн бұрын
For real. It so much fun. We can even mod it to have more items and add our own skins.
I love the format/style of your videos. Really easy to follow and see where you're thinking. Not to mention the topics themselves are super interesting
Your channel has become one of my favorites. This content is incredibly entertaining and educational. Watching you navigate all of this with such ease is extremely fascinating
I'm sure there have to be ways to verify the gog installer! Someone might have fingerprinted the installer with a checksum. You can check cryptographic signature on the installer executable. It won't check the appended archive data but it will check that the executable is known and not malicious. In turn the game installation, the unpacked archive data, can be by all reason checked by gog galaxy. There is no rule against owning multiple gog accounts, downloading your offline installers and using the games with galaxy after installing them.
Thanks for the great video Nathan. BTW at 11:36 what tool did you use to get the disassembly?
@BinaryCounter
21 күн бұрын
He used Ghidra and then copied all the disassembled (and then decompiled) code into VSCode to be able to search through it better. Keep in mind that Ghidra does not output C code, just pseudo code that is similar to C. It's also very far from perfect.
@nathanbaggs
20 күн бұрын
^ yup this
Using the texture is pretty neat. This works similarly to the popular cs1.6 wallhacks. The main difference is that that game used different glBegin mode for different models. Triangle strip and fans for players and something else for everythig else. One trick I used was to split the depth buffer. Near (0-0.1) for the players and the rest for everything else. This way, players would render on top, but their vertices would still be sorted and displayed corectly.
@king_james_official
17 күн бұрын
nice clever trick :)
Really good video, great job Nathan!
0:50 No need. Windows sandbox is an isolated environment with GPU acceleration
Amazing. Your content is always interesting.
I dont understand a thing but still watching every video of yours. This game patching and mod loaders making sure needs a lot of skills. It always interested me but seems like it takes years to be that good
I'd love to see a video on cheating devices like the XIM and MSI Meg, and more importantly, if there's anything anti-cheats could do to stop such devices.
Never seen it done this way before. It's always finding the player entity then using reclass to find everything from there.
@0Reality
21 күн бұрын
This screams so much “GuidedHacking”
@Death2u_
21 күн бұрын
@@0Reality KZread, forums, discord. All go through the same type of tutorials. It's all I've seen.
@nathanbaggs
20 күн бұрын
I just wanted to try something different
This was really informative!!! I really love all your videos explaining every thought process and step. It's really educational!! Thank you!
@nathanbaggs
20 күн бұрын
Glad you enjoyed it!
For anyone interested, the goty edition of unreal tournament is actually available to be bought thru steam, at least last i checked it was :)
I never thought of dumping all of Ghidra's output into a file and searching for the offsets/sizes! I've had a hell of a time trying to reverse engineer some file formats in an old game that recently got a PC release (Baulder's Gate Dark Alliance) and this actually helps! The issue I've run into is that the app doesn't process the files, like, at all. It blindly loads the data into memory and then immediately starts using it. How would you go about reversing something like that?
@nathanbaggs
20 күн бұрын
It’s hard to say without seeing the specifics. Off the top of my head I’d either dump the process memory when it’s running (presumably once all code has loaded) or I’d find the code doing the loading and set some breakpoints
Wow, very cool! Thanks for the great videos! 🙌
sometimes i run UT just to have fun on ctf-face by myself. Jesper Kyd is awesome
Love your channel. Keep the fun stuff up
@nathanbaggs
20 күн бұрын
Thanks, will do!
iirc, unreal engine games from that time got wallhacks made using the same game engine by making a module specifically for it. You didn't need to hack the binary executable or inject code into it because it would be loaded as a game module or mod for the game, so it was much easier. There were anti-cheats that actually verified your game modules and checked if you were using something sketchy tough. All in all, it's more fun to learn to play the game and actually play it, but of course it's always interesting to learn how to inject yourself into other processes because what you can learn from this, you can apply to other kind of attacks. Like this is totally not usefull for reverse engineering and bypassing any kind of intelectual property protection ;) (and also modding other games)
I don't know enough to know how much I do not understand, but I understand enough to like these videos and learn something.
Awesome Video!
Very cool. Thanks!
I really need your help with one game, sir 😂 but thanks about this vid 🙏
I'm really enjoying all of your reverse engineering videos. I hope you keep them up! :)
@nathanbaggs
20 күн бұрын
I really enjoy doing them so I’ve got no plans to stop
What about replacing all textures with semi translucent ones?
Unreal Tournament forever! UT2004 is my favorite but 99 is great too.
hmm in a vm u can use gpu passthrough? level1techs showcased it. 1 host alot of different vm's and even modern 3d load. vdi/virtual desktop infrastructure. maybe for next future projects :P
@nathanbaggs
19 күн бұрын
I’m sure there are ways, I just wanted to get into the reverse engineering (and play a few games)
@lyth1um
18 күн бұрын
@@nathanbaggs maybe for next old backup out of the interwebz. :-)
Excellent video! Gives a great glimpse into the world of cheating in multiplayer games. I guess most of us never knew how these were made!
@nathanbaggs
21 күн бұрын
It’s a fun puzzle to solve, it’s a shame some people use it to ruin others fun
@jnonymous
21 күн бұрын
@@nathanbaggs I think we should just have cheater servers in every game where cheaters can cheat against each other to see whose cheat is better. I think when people have a place to do what they think is fun, they'll tend to go do that instead of bothering others.
@Scotty-vs4lf
21 күн бұрын
@@jnonymous like hvh in csgo
"And Windows does nothing from pulling the rug out from under yourself". No Operating system does.
"Best FPS map of all time" Amen!
Why not use Interlocked intrinsics to swap pointers? No need to suspend the threads
@nathanbaggs
20 күн бұрын
Doesn’t that require all existing reads to be atomic? My concern is the game calling one of the functions whilst I’m writing it. To be honest they’re only patched once so there’s little chance of something bad happening, so could probably do it without suspending
@Ch40zz
20 күн бұрын
@@nathanbaggs pointer sized reads on x86 will always be atomic anyways, you dont even need the Interlocked intrinsics. a single mov dword/qword ptr is always atomic
That is not my area of programming, but, can games make the information of other players be withheld in the server and only if a player finds another player the server says "yes, you are indeed seeing the enemy in accord with my withheld information", and then, only then, give the client the information of the enemy's position? In that case, the client wouldn't ever know the information needed to find other players, only the server. I may be talking something impossible, or something that may be computationally intensive for the server or whatever, like i said, it is not my area, but i got curious about that.
@ChineseRatfaceCHANG
15 күн бұрын
It's too expensive server-wise, and things like directional sound need enemies to be on the client side even if the player can't directly see the enemy. generally if you're far away enough it will de-spawn entities and respawn as you get within a certain range
@sophiacristina
15 күн бұрын
@@ChineseRatfaceCHANG Ty for answering! :)
Fantastic vid, loved that game.
Would have been educational to see the reverse engineering part of code also. Btw can you take a game that doesn't support windowed mode and make video where you show how to make a windowed mod. I mean yea there are generic programs out there that can run any DirectX game windowed but what's the absolute minimum required reverse engineering and coding to make let's say Warcraft 2 run windowed mode?
@nathanbaggs
19 күн бұрын
The problem with reverse engineering content is it’s quite boring, no one wants an hour long video of me looking confused (:
@test-rj2vl
19 күн бұрын
@@nathanbaggs Depends. If it's game that I have played in childhood then I can watch you reverse engineering it. If it's game I've never played then yea. I would still watch it to learn reverse engineering in general because there are not too much video out there but probably skip around here and there to find parts that are educational to me. And to be honest hour long video would be very good result. If I were to figure out how to spawn more units to Warcraft 2 without crashing the game for example then the unedited video would be like 2 to 3 weeks.
Love the video as always. In your code listings, it has the symbol ≠. Is that just a simplification for the video or is it valid code?
@thomaslindell5448
21 күн бұрын
It’s a font.
@isduck6226
20 күн бұрын
In most IDEs you can enable ligatures for fonts that support them, and it will render != or >= etc as one connected character, although they're actually still seperate.
@nathanbaggs
20 күн бұрын
It’s a ligature. I use a font called Fira Code that combines characters to their mathematical equivalent. I forgot it’s on when recording
Cool idea to find the player via the OpenGL calls, wouldn't have thought of that. Probably would be more difficult with a more modern game, because there would be way more textures to go through, but it's way more fun than doing everything the same way every time :D Keep up the good work!
@nathanbaggs
20 күн бұрын
I don’t think this would work with modern apis, especially if they’re using bindless textures. You’d pretty much have to hunt for the world positions in memory
You got this in the bag(gs) Sorry, couldn't resist. Fun video though, always neats to see you dive in and fiddle with internals. 👍
@nathanbaggs
21 күн бұрын
I’ve heard worse (: glad you enjoyed
The later unreal tournament games are the ones that spawned the "cheating industry". It's pretty interesting how it all started
@StoneTheCr0w
20 күн бұрын
You weren't there lmao. The games didn't spawn anything, Zellius, Helios, and " .:..: " did
@locastable
20 күн бұрын
@@StoneTheCr0w weren't they the first p2c's on the market? Didn't they started selling for that game?
Just a hopeful request, how about using Linux to hack instead of windows?
@nathanbaggs
20 күн бұрын
I’ve done a video on that: kzread.info/dash/bejne/g6CXvMuLdsSxls4.html
@flamendless
20 күн бұрын
@@nathanbaggs thank you!
1:00 Windows sandbox 😉
Man that video was super cool! Now I want to try to do the same x)
@nathanbaggs
20 күн бұрын
Do it!
@Fewnity
20 күн бұрын
@@nathanbaggs I'm already creating a big game engine for game consoles I need more time for this haha 😓
At some point, this problem will get so bad, that casual players who actually just want to have fun and an actual challenge, will simply stop playing these games altogether. Then that will just leave the hackers to go ahead and hack the game out of its existence! Sounds like a "wonderful" outcome! 😂😅😊
This game was the main use of our university network
HEADSHOT HEADSHOT HEADSHOT KILLING SPREEE God I didn't hear that In a while!!!
A HACKER is an individual with technical computer skills but often refers to individuals who use their skills to breach cybersecurity defenses A CHEATER is a person who acts dishonestly in order to gain an advantage, in this case, in video games Please know the difference and correct the video title
Really interesting!
@nathanbaggs
20 күн бұрын
Thanks!
still impressive and fun to do this reverse engineering
CS2 HVH when?
This was on my start page when I just scrolled by. I did a double take back because I was like "Is this Facing Worlds" from just a split second. Played that game to death
@nathanbaggs
20 күн бұрын
I’m hoping it brings back some good nostalgia feelings for a lot of people
Sometimes cheating is the only way to fix a save file.
this is amazing thank you
you are a genius
Thumbnail facing worlds UT
Something I've never understood is why popular online competitive games never manage to prevent people from cheating. I feel like it has to be a lot easier for the game developer to prevent cheats from working than it is for a hacker to make the cheat. Every time the developer releases a minor patch that mixes things up then the hacker has to do tons of reverse engineering so the hacker should be at a great disadvantage. Either game developers aren't trying to prevent cheats or there has to be more layers to this that I don't understand.
@ParabolicLabs
21 күн бұрын
Cheating prevention is always an after thought. I've been in the games industry since 1998 and I've never seen a game worry about cheating during development, like at all, ever. IMO it probably stems from the seriously insane deadlines.
@user85937
21 күн бұрын
Because we have better things to do than annoying some hackers.
@invisghosty
21 күн бұрын
It's an arms race and there are usually more cheaters than there are developers. Yeah they could come up with some complex system to rearrange some data but it's not like they can completely re-write their game each update so there are still going to be things that cheaters can use to determine where the correct data is.
@ParabolicLabs
21 күн бұрын
@@invisghosty There's a few game engines which were designed to relocate / obfuscate DLL calls at every compilation. The engines weren't designed for cheating in mind but rather a weird form of DRM protection. I wish I was able to tell you which ones, but alas NDA's are annoying.
@dukemagus
21 күн бұрын
Making the game fun is a priority over making the game hack proof. Also, the vast majority of players want a fun game rather than a bulletproof bios level cheat prevention engine
I'm amazed as always
@nathanbaggs
20 күн бұрын
Thanks!
Thanks!
@nathanbaggs
20 күн бұрын
No, thank you!
Ruining the enjoyment of others IS the game for 18% to 22% of all multiplayer gamers. And that's being generous. It's estimated that as much as 80% of multiplayer gamers are cheating in some way online at least part of the time. Just like your siblings couldn't be trusted to run the bank in monopoly because they would steal money when no one is looking.
@nathanbaggs
20 күн бұрын
Yeah it’s pretty sad when you think about it
@ZennExile
20 күн бұрын
@@nathanbaggs oh I don't know... Sometimes there's great opportunity hidden between the layers of sad peculiarity. What is game development if not the exploitation of motivation? Seems to me there's a powerful motivation underlying these behaviors worth billions. But I ain't one to gossip so you ain't heard that from me...
Facing Worlds! 😍 (Great job, btw)
@nathanbaggs
20 күн бұрын
A classic! (And thanks)
you're the coolest big bro with all the cool tricks
@nathanbaggs
20 күн бұрын
Haha thanks!
I was so pleasantly surprised when you said you were going to try it on Unreal Tournament, such fond memories of this game. Awesome vid as always Nathan :)
Please keep in mind hackers and cheaters are different things
Time to hack The Crew.
@mrtomwolf5746
21 күн бұрын
No one cares bruh, stop crying about it
@Name_cannot_be_blank
21 күн бұрын
sorry, but you cant hack it, you dont have the files to do it, they're in ubisoft, and were on thier servers, noone besides them have them, but you can search the youtuber accursed farms, he has a plan to stop companies from doing this forever
I still play this online lol
Purely for academic reasons.
@nathanbaggs
20 күн бұрын
Of course, absolutely no other reason
You're doing such an amazing job with your videos - really enjoying your content.
That pipe operator at 6:05 caught me off guard. The C++20 ranges lib sure is interesting. The committee never fails to find new ways to use operator overloading!
@nathanbaggs
20 күн бұрын
I think ranges might be one of my favourite new features (and coroutines)
Try make fake kernel
Amazing peak into GL and the dark arts. Love the content!
@nathanbaggs
20 күн бұрын
I’d like to do some more graphics based content, I started off this channel to talk about my custom game engine. Things have changed a bit since then
Oh dear :)
Good god seeing UT99 sent me back to my childhood, the good ol days
You should make a cheat for a another old and $hitty game that nobody plays like fortnight. Will be waiting for new video. Thanks
Disgusting how that guy makes tongue clicks all the time when speaking…. 🤮
new video!!
@nathanbaggs
21 күн бұрын
Indeed
UT never dies!!!!!
I think that it's morally justified to cheat in games where the players like to say slurs over voice chat. As punishment.
man I just won the UT99 EU 4v4 TDM Cup... I am more or less a noob and got carried by 3 veteran players but why do you teach people how to cheat... better do some helpful content -.-
@A1rPun
20 күн бұрын
There are a multitude of cheats available already for UT99 because the game is already 25 years old. Not all people will use this information to cheat because it's interesting to see how cheats like this can work so we can make prevention tools.
@nathanbaggs
20 күн бұрын
I just like solving puzzles and talking to people about it
and then there's games like cs that have build in wallhacks that you can activate with one wpm call
UT99 is such a good game, great video
@nathanbaggs
3 күн бұрын
Thanks!
first a virus, now wallhacks? come on now
@nathanbaggs
20 күн бұрын
What’s next?