Getting started with game hacking [Journal]

[Munk0x0]

Pre-read:

Hi, by the time I'm writing this, I'm new to hacking games.
I'm writing journal to help myself and others by composing a guide on how to get started with game hacking, and
the reason why I am doing this, is simply to write a comprehensive guide to show the progressions I do to learn.
So I am here to write my progression of learning, for newb's like me in an area that I would like to learn and grasp; the world of game hacking.
This will by no means make you an expert in Reverse Engineering, but will cover game hacking to the extensive length, so that you can call yourself a game hacker.
Note: There may be places where text or guide is copied from other places, but I do my best to make minor edits, so it translates well into this guide.

If anything is wrong here, please correct me, I am learning at the same time of sharing my learning experiences.

• I have prior experience with C++, though I am not expert.
• I have zero experience with Reverse Engineering.
• I have zero experience on Memory Manipulation, but I do know as a programmer how the memory works in general.
• I have zero experience on DLL Injection.
• I have zero experience on Packets.
• I have zero experience on Hooks.
• I have zero experience with ASM.

What you can expect to learn from reading this, includes:

• What is Reverse Engineering?
• What is ASM, also known as Assembly?
• What is the Stack buffer.
• What are the different approaches to game hacking?
• What is Memory Manipulation?
• What is DLL Injection?
• What is a DLL Hook?
• What are packets?

So this will be a guide on how to learn yourself to hack games, not just to learn how to make a single hack or a few,
but to learn how to learn different aspects of game hacking.

Only requirements are:

• That you know the nature of programming and the nature of how games work in general.
• That you know the basics on how to program in C/C++. (I will be using C++)
• A brain & patience, don't expect that you can write hacks in a day, by copying and pasting, READ AND LEARN, TRIAL AND ERROR.

Okay with that sorted out, and if you understand the requirements, then this guide is for you.
Like I said, all of the above ^ is the only theory I know of to get started with hacking games.
I have absolutely no experience or idea, at the current time of writing, what is going to happen next or what I am about to even write next.
Which is why I am keeping track on what I am doing, to make it easier to understand for myself an you as a reader, on every single step that I take.

Everything I write, are research I gather on the web and create a compilation of different areas.

Summary

Here are summaries of topics that we will cover, and that you have to learn, to become great at hacking games. Learn with me!

Quick google searches let me know that:

1. What is Reverse Engineering?
   Reverse Engineering, is the process of something (objects, ie. mechanics, electronics, software, chemicals, biology) being deconstructed to reveal its designs, architecture, or to extract knowledge from the object/software.
   Taking apart software, which is called disassembling, which is what we will be covering here, can be useful to get an understanding of underlying code.
   We can use this understanding write/create hacks for disassembled code that we now have an understanding of.
   
2. What is ASM, also known as Assembly?
   Assembly language also known as ASM, is a low-level proramming language for computers, in which there is a very strong similarity between the language and the architecture's machine code instructions.
   Each assembly language is specific to to a particular computer architecture, i.e. AMD or Intel's 32 bit and 64 bit architectures.
   Most often, high level proramming languages are portable to each other architecture's platform, but require compiling, but the compiler should do this for you, I believe. But this is not the topic we will be covering, so if you want to learn more about portability, search for other guides to get you started with the underlying understandings of portability.
   
3. What are the different approaches to game hacking?
   
4. What is Memory Manipulation?
   
5. What is DLL Injection?
   
6. What is a DLL Hook?
   
7. What are packets?
   

Getting familiar with the topics:

Reverse Engineering
So getting familiar with Reverse Engineering in general terms of software, it can be a tedious, complicated and frustrating task, from what I understand; it includes disassembling PE (Portable Executable) files, and being able to read and understand the disassembled assembly code, and in worst case scenarios, being able to look up specific instruction codes from the architecture's manual to understand what you are looking at. It also involves being able to recreate whole or parts of example programs, from interpreting and understanding the disassembled program file, to truly call one-self a Reverse Engineer, as it is a vast topic, not only for hacking/recreating/redocumenting/learning from games, but also general software, malware & anti-malware analasys and etc..

Assembly Code
From what we have learned from the preface, there are two major architectures out there, 32 bit and 64 bit. I chose 32 bit, because from what I understand it, it's easier to jump into, than 64 bit, as it's well documented. Not only that, but 32 bit programs can run on 64 bit operating systems, but not the other way around. So I figure, it's better to learn first.

So I looked up learning 32 bit assembly language on google and I found this guide
Reverse Engineering: A Beginner's Guide to x86 Assembly and Debugging Windows Apps credits to st1t1c

Assembly uses hexadecimal numbers, so it should be understood the number system is organized as follows:

Code:

0 = 0, 1 = 1, 2 = 2, 3 = 3, 4 = 4, 5 = 5, 6 = 6, 7 = 7, 8 = 8, 9 = 9
A = 10
B = 11
C = 12
D = 13
E = 14
F = 15

(The above shows numbers from base 16, the hexadecimal system, to base 10, the standard decimal system 0 to 10)
Firstly, assembly is entirely about data manipulation (In general, that's all programming is - manipulating data, effecting hardware to do what you want). To be put simply, usually three things are being modified:
[*]The stack
The stack is a large stack or pile of numbers, manipulated for handing off parameters to functions, storing the registers, and storing other miscellaneous data.
[*]Registers/Flags
Registers are typically used for completing varying operations (Comparing data, arithmetic functions, logical operations, etc; these type of registers are dubbed "general purpose registers"). Usually, they'll store certain types of numbers/addresses, from as low as 4-bits, all the way up to 32-bits (It's possible to go higher than 32-bits, but, most users won't encounter situations where that will be necessary to know).
Flags are used for marking registers for different purposes (e.g.: The overflow flag, or OF, will set itself to the number 1, from 0, if an operation (also known as instruction) using that register is larger than the space that the register can handle; so if you're using a 4-bit register to handle 32-bit data, the OF flag would be set to 1).

Assembly references to spaces in an application by addresses, which are catalogued by how many bytes are used per an instruction, or per a piece of data; for example:

One byte is can hold 4 bits, one 32 bit memory address can hold 4 bytes. One memory address can hold multiple instructions, as to my understanding.
The following instruction takes up 2 bytes:

Code:

MOV EAX, EAX

If that piece of data is stored at 010070D8, then the next instruction would be stored at 010070DA (Remember, we're not counting in the base 16, hex number system [010070D8, 010070D9, 010070DA. A for 10], these are the for bits or two bytes the instruction will consume in memory). It should also be noted, addresses are usually 32-bits (If you're in such a rare situation where you're working with a 64-bit program, then addresses will go up to 64-bits).

Addresses are also referred to as "offsets".
[*]The memory of a program
Varying data in the program is constantly being modified, as the stack and registers can handle only so much data at once, in many cases, it's more efficient to leave some data modification in the program itself (Though it should be noted, this is only done in memory; meaning, if you were to modify the program to display a random popup every 15 minutes while it was running, the moment the program were exited, when you re-open it later, the popup would no longer appear).

Modifying the stack is done through a number of ways, the most common being using PUSH and POP instructions.

In assembly, each line is an instruction, limited to at most three parameters, and as little as none.

The PUSH instruction accepts one parameter, which is added to the top of the stack. For example:

Code:

PUSH 5

The above would push the value 5 onto the stack, so that it would look like this:
00000005

To be updated, I am actively programming and learning, and will frequently come here to update the post, to eventually create a fully comprehensivie beginners guide to getting started with game hacking!