Turning the frustration of a mobile game into a reverse engineering training

I consider myself a grey hat. I’m far from being the best hacker or cracker in this world, and I tend to notify most of the people I “hack” about their systems weaknesses. Almost all the “hacks” I am doing involve using some software other people built: Slowloris test tools, SQLmap, and just randomness/luck (like finding out where my ex-university stores everyone’s cookies, or just trying random stuff on APIs).

Yes, I am closer to a script-kiddie than a hacker. However, for the first time ever, today, I felt like I leveled-up my skills.

A little bit of back story. I am a huge fan of a mobile tower defense game. It is the typical “play 10 minutes a day” game that you enjoy playing while eating your breakfast, and I’ve been playing this game for 622 days now. That’s almost two years of dedication, every day, playing the daily quests, tournaments, and everything this game has to offer.

But since August 2018, the developers of this game have pulled an awful lot of errors, bugs and mistakes. Every event had an issue where early birds could get like 10x the normal reward, every new hero had a huge amount of bugs, and every update brought as many fixes as new game mechanics bugs and flaws. Fast-foward 6 months, every event, every gift, every single thing the developers of this game did, allowed a few lucky ones to grab more than the other could have, and the developers did nothing to smooth things out. The community is upset, but they…