A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


+1,000,000 -0: Cloning a Game Using Game Hacking and Terabytes of Data - Nick Cano Derbycon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

+1,000,000 -0: Cloning a Game Using Game Hacking and Terabytes of Data
Nick Cano
Derbycon 2016

In this talk, I'll provide a window into the warchest my team used to generate over a million lines of code. In particular, we created and used game hacks to process data from tens of millions of hours of in-game data and use the results to generate copies of a game's map, monsters, quests, items, spells, non-playable characters, and more. We also used a wiki crawler to obtain a large amount of data, generate additional code, and guide our cheat scripts in what to look for, clarify, and ignore. After explaining our end-game vision, I'll dive deep into the architecture of the game client, server and protocol. Once that's out of the way, I'll talk about the different types of hacks we used, how they work, and what data they were able to obtain. Once that's out of the way, I'll round out the story by explaining exactly what type of data we gathered and what parts of our toolkit we used to gather it. This project isn't exactly applicable a typical day-in-the-life of a security professional, but it is a cool and informative look into the fun side of security. It shows how the same deeply technical techniques that are used to pentest, man-in-the-middle, and create malware can be used for more whimsical projects. My hope is that this talk not only provides some unbelievable anecdotes, but also arms the audience with an improved ability to creatively apply their hacking skills to similar tasks.

Nick Cano is a senior security engineer at Bromium, where he develops software to detect and defend against advanced malware. He's been programming for most of his life, and wrote his first code when he was 12 years old. Nick also has a history developing and selling bots for online games, advising game developers on how to protect against bots, and is the author of "Game Hacking: Developing Autonomous Bots for Online Games" published by The No Starch Press.


Back to Derbycon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast