Internal cheat development part 1
Introduction
As you may know by now I have done many articles on game cheat development, but one thing I have not done is talk about internal cheat development. Well here is an article starting information about internal game cheat development. This article will go over the differences, the complexity and general terms that are used during internal game cheat development and when exactly to use internal game cheats.
Terms
Before you can learn about internal game cheat it is good to know the basics like what is an internal cheat, what is the difference between external and internal, what is a hook, how are internal cheats made etc. So here is a bullet list of terms that are used within the game cheating world of internal cheats.
- Internal / External cheat: Internal cheats are exactly what they sound. It is sad for me to say but it seems as if 50% of the community or game cheat community does not actually understand what an internal cheat is. An internal cheat is a cheat that is injected directly into the games process. As an example, CSGO is a game that is typically played on windows. CSGO uses Dynamic Link Libraries, and due to the game being vulnerable people can make Dynamic Link Libraries themselves using what is known as a hook to hook onto the games source code and be injected directly into the game. Internal cheats are direct interactions within the games source code or the game itself. External cheats despite interacting with the games process itself are not internal. External game cheats are still game cheats but instead of being injected into the games process and or use load library injection they sit outside of the process and read values from the process then write values back. Cheats such as ESP or Aimbot are most likely to be less accurate if they are true external game cheats because they do not use the games source code to directly hook functions. External cheats can still be super accurate and powerful with the right skill but 9 chances out of 10 a cheat developer will be using internal cheats if they can bypass the IPS in the game to prevent that or AC ( Anti Cheat ). Some people say their cheats are external but are really internal cheats. Do not get these confused they are two totally different things
- Hook: In a simple sense a hook is exactly what it sounds like. Typically when game source code is leaked, hackers or really skilled programmers can take to the skies! They can look at the code functions or source code files, and use the functions in the game as an advantage to the cheat. An example of this is looking at valorant or CSGO. When the game code was released people were able to understand the code and use it inside of internal cheats. They write a separate code file for the cheat that includes part of the games source code, and calls the functions or modifies the functions within the games source code that was leaked. Once this is compiled to something such as a DLL it is then injected into the game.
- Intrusion Prevention/Detection systems: Most modern day online games even ones in the early to mid 2000’s used forms of anti cheat to detect if a user is cheating. These are known as anti cheat systems, AC and can even be classified as intrusion prevention and detection systems. As I have discussed in previous articles these systems are really duct tape over a hole in a wall, because it never really fixes the problem. Since these anti cheat systems all run locally on your system they have access to your file system, files, processes etc to start checks for cheats. I say tape over a hole in the wall because these anti cheat systems are still by-passable and vulnerable themselves. When someone injects a DLL raw 10 out of 10 chances they will get banned, but not if they bypass it which is as sad as it may seem still easy to do despite their code measurements. Hackers for years have been bypassing these systems and because the developers keep using the same exact code styles or ideas without making anything new hackers still manage to bypass it with the same exact methods
- Manual mapping: Manual mapping is just another way to say that a the DLL file is not injected rather it is mapped/loaded into the processes memory. For example say you have a function named
dllmain, you would be manually mapping that function onto a target process to load that module. Typically in modern day games without bypassing the anti cheat systems this is a very unsafe method however in some cases it still works. - Pattern scanning: Pattern scanning is the process of a sequence of bytes and scanning for that same sequence within the memory. Typically patterns look like this
A1 ? ? ? ? 33 D2 6A 00 6A 00 33 C9 89 B0. These patterns you may see also represented in hex values like so\x00\x00\x00\x00and so on from there. These patterns of bytes come in many forms, but what is with the?? ?? ?? ? ?pattern? Well this called a wildcard. - Pattern wildcards: Pattern wildcards are wildcards which are seen as ? and ?? most of the time you will see
?but double question marks are still widely used. Wildcards are put into “makeshift” patterns to represent or in other words replace the offsets that are inside of the assembler sets. - Paster: A person or group of people who take leaked source code of other game cheats and paste them into their own systems and sell them. Essentially copy writing without changing any of the information or data or the style even the way data is organized. Say you have a brick of code such as a driver function in a github open sourced cheat, someone comes along and pastes that then this means the function will not be changed in any way, separated, moved or reformed around performance.
- Rage Cheat: Something to note about the cheat realm is that there is a category of game cheating called rage cheating. Rage cheats are typically cheats that are bought to destroy lobbies in seconds or kill as many players as possible. Unlike normal everyday cheats these cheats typically are priced higher and are way more nicer, accurate and powerful.
You should now be familiar with the basic terms now. Finally we can move onto the next section which will talk about how exactly internal cheats work and why does the price differ?
The game cheat market with internal and external game cheats
The game cheat world is filled of many people, people who are smart than people who paste. Lets go over the market first before we dig into how the game cheat development process differs with the type of game cheat. The game cheat market is massive, competitive, toxic and very very much filled of scams. Some game cheat licenses will go up to thousands of dollars for a month of simple cheat usage, even the most upcoming AI based game cheats are even more expensive to rent for a simple day. The market prices depend on the following variables
- The game: The game matters because of how complex the code is, if the game is something such as CSGO which uses a trashy anti cheat system which is by-passable such as VAC with the game loader of CSGO also being written out of simple code then game cheats are less and less complex. However if you are writing game cheats for a paid game such as R6 which holds more complex code and more secure AntiCheat systems then the game cheats will be more complex to make. The more complex cheats become and take to make as well as the more backend that goes into them means they are going to be higher in price.
- Type of game cheat: As we have discussed throughout this game cheat road-path that there are multiple types of game cheats, Internal and External. Well if you want you can go check out my article on an introduction to game cheats seen below.
In short an external game cheat is a cheat that is not injected into the game, unlike internal game cheats which are directly injected into the game. External game cheats are not always going to be as accurate as a internal game cheat for multiple reasons. Internal game cheats use direct source code hooks from the games engine or the games code, external cheats just read and write to the process of the game and can not use source code hooks. The type of game cheat matters because as said if a cheat has more direct access to the code of the game it is going to be more accurate which means people will be willing to chase a price down for it. If the cheat is an external cheat then the cheat price is more likely to go down because external cheats are typically slower and again less accurate than internal game cheats are
- The game cheats back-end: Back-end of any application will always matter but the market of a game cheat and the price as well as its customers will depend on the back-end of the game cheat. Most game cheats external or internal use a lot of mathematical implementation, whether that is the Pythagorean theorem implementation or if it is a linear transformation algorithm being set into place for the world to screen view function. The mathematical implementation and back-end development of a game cheat typically depends on how accurate it is. If the game cheat has to update its external offsets or internal information every week or so then 9 chances out of 10 the game cheats price will go down and people will not buy it.
- The game cheats form: There are two main types of game cheat forms which are private and public. A public game cheat especially in the modern day market is known to get a lot more attention vs private cheats which are cheats that are invite only which means they do not get much competition. These variables depend on how much the cheat also gets sold for, some private cheats skyrocket in price while others do not because they are kept more “underground” .
As you can see here the game cheat market depends on many variables and in order to really understand the deep world of the game hacking realm. Something that often goes around is scammers which is our next topic about the game cheating realm.
Scammers and pasters what are they and why do they exist?
The truth is anymore game hacking is not an art, it is all about making money and slaughtering competition whether that is a industry giant swatting homes or even doxing people to get them “ off the list “. Due to the amount of money that is involved in the market most people get dragged into it for the money. With this territory comes pasters and scammers, and as described above a paster is someone who takes cracked or leaked source code and programs then pastes them into their own without changing a thing and selling it off. Most of these pasters are here to make money and often come with a narcissistic personality making themselves seem like the best when they are quite close to the very bottom of the food chain. These types of people you often see exaggerating the game cheat type for example some pasters say “LOOK AT THIS AMAZING EXTERNAL CHEAT WITH OVER 200 FEATURES ONLY FOR $500 A MONTH!”. Typically these cheats become over priced and because they are pasted they end up scamming people hundreds and hundreds of dollars. The only reason these people exist is to just mine money off of them which in a technical sense is a very smart way to go around it, that is until their source code gets leaked. The issue with most pasters is that they may run 4 months of pure buisness and making thousands and thousands of dollars a day until someone finds a vulnerability in their code or gains access to their systems and leaks or exposes the source code then deeming them as a paster by comparing them to cheats online. Most game cheats pasters take code from is online on sites like GitHub or UnknownCheats and other forums alike to just run code and get it to work. As we have discussed or I have discussed in previous articles copy and pasting code just is not a way to go about it, copy and pasting code is the very reason applications are vulnerable and why scammers exist. These people are easy to become exposed, so if you want to make a living in the game cheat market it is a good idea to not get involved with those people.
How exactly does a internal game cheat work?
Internal game cheats are well just directly injected into the game. This can mean something such as a malicious DLL is injected into the game directly. However this is not 100% directly how internal game cheats work, in fact there is a whole deeper more complicated process between exploiting games like that. Internal game cheat’s are typically the more customizable game cheats around, simply because they use the games source code to render certain data and even use internal pattern scanners to grab memory addresses of certain functions. For example a external glow cheat which basically lets the cheater see people through walls in a simple fashion such as below
The glow on the players is easy to make in a external sense because all you are doing is scanning values in some file such as a DLL file and then multiplying values that already exist in the game. The thing with external cheats and the reason they are more complex is they can do things such as overload rendering functions in the game, directly hook the source code of the game, directly working with the games objects and types as well as memory addresses. Internal game cheats due to the fact that they directly hook source code do not actually ever need to update the memory offsets using tools such as cheat engine, external pattern scanners, or even repos on GitHub such as haze-dumper. The reason being is because they have direct access to the memory address of the function and can just make their own say class that can constantly update for that kind of data. Most of your internal game cheats are also more expensive and more accurate because they use custom drivers, loaders and mappers. Because they can hook directly into the source code and over ride rendering functions they are able to make cheats such as ESP cheats like chams, glow, boxes, snap lines etc way more accurate and nicer.
Different types of injections
There are many ways to make a internal cheat, however this all makes a cheat more complex. If you are building a cross platform cheat for games such as CSGO, Apex etc on operating systems like Windows and Linux you are more than likely going to have to build unique kernel drivers and injectors for each operating system. On windows most of your typical cheats are either using the Windows.h and THelp32.h C++/C header files and API’s to read and write to the memory or even use some functions to grab data from a process. On Linux most game cheats do not use those files because well Windows.h and the THelp32.h header files and API’s alike are only for windows operating systems and will only work with their own cheat. Most cheats also does not just lie on those files it also leans on the programming language they are using and how complex/uncomplex the base of the source code is. Basically if you wanted to make a cross platform INTERNAL game cheat for CSGO and Valorant you would need to create separate injectors to inject the equivalent of DLL files on Linux which are known as Shared Object Files or .so files. Not only would you have to create separate injectors but separate bypasser’s and drivers to load that kind of data. This is also why for games such as valorant or fortnite which are cross platform across something such as PlayStation, XBOX and Windows or Linux are more expensive. There are hundreds of names for certain internal cheats which all depend on the platform.
- DLL Injection: DLL injection is a pretty easy attack, simply just write an injector to load a DLL onto a process. However this comes hard with anti cheat systems. In most modern game cheats that are powerful or more higher priced such as Rage cheats for COD they use custom injectors to bypass the AntiCheat system before injecting the DLL into the game since bypassing is one of the most important part. Most games such as CSGO block external loading of DLL files, that ofc is bypassable once you “destroy” the anti cheat’s checks.
- .SO Injection: SOFI or Shared Object File Injection is a type of injection that is used to inject Shared Object files, similar to DLL injection or Dynamic Link Library Injection. This is a bit more difficult given you have to do a bit more exploring and some system API’s are not fully to use. First you have to fork the process you want to inject, then you have to attach your codes process to the process you are trying to attack. Once done you can start getting really really busy with injecting the code and manipulating the process.
Why are internal cheats more used
The truth is that internal cheats will always be more performant, not because they use the internal source code of the game or create awesome overlays because in the end that depends on the exploit developer. However internal game cheats do not glitch, they do not lag or take a second to reload and do not take up or hog system resources such as some if not most external game cheats. Internal game cheats have a direct hook and once they are injected can start directly working with the source code and process while external cheats have to constantly under loops read and write to the memory, even if the external game cheat is developed well it can still cause major issues in terms of being lagged or looking weird.
Conclusion
Internal game cheats are very much more complex than most external game cheats especially if you are building cheats from scratch and are using raw mathematics such as linear algebra or geometry to render objects or to overload rendering functions in a game. Internal game cheats also take alot of knowledge of the given anti cheat system to be able to bypass it, knowledge of Linux and Windows API’s. These types of game cheats are also going to be more powerful, accurate and visually satisfying. The reason being is because they directly hook and use the games source code. Most of this source code however can not just be done for every game because not every game has had its source code leaked. Games such as CSGO, Valorant, GTA etc have had their source code leaked and released on forums or sites like Github which give hackers an easier ride when developing exploits for a game. Do keep in mind that despite this easy ride to source code that there are many bumps along the way. Anyway this was part one of this internal game cheat series and I certainly hope you enjoy this series as after we leave the hardware section of game cheats that is about it for this topic. Stay tuned for more articles and do not forget to follow me on social media and maybe even consider donating!
If you want to keep up with my content do not forget to help support me!
Development organization
Development page
Instagram page
https://www.instagram.com/Totally_Not_A_Haxxer
