Swords and shields:
A study of mobile game hacks and
existing defences
Presented by Morton Sykes
Summery

The Paper Explains the current Landscape of Mobile Gaming and
Mobile gaming hacks

Compares Software based Defences for games and their trade
offs.

Case Study involving 100 Android Games in the Google Play store
Top 120 rankings.

Authors attempted to hack Games using simple and
sophisticated techniques

The Paper then makes some suggestions based on its findings to
Mobile Game software developers.
The current landscape

2015 : Revenue from Mobile gaming was 41% of entire gaming market
Mobile games increasingly allow you to :

Purchase in game items /content .

Post Scores to leader boards and friends
Compared to PC games

Smaller developer teams result in less security and relaxed programming
practices

Often only communicate to server in Specific circumstances

Mobile games are often priced lower and have a smaller budget.

Mobile games may have a shorter life cycle than desktop counterparts
Hacking techniques (Amateur)
An amateur is anyone who is familiar and competent with computers but does not necessarily need to know anything about
programming or the inner workings of the underlying code.
Hacking tools
Two loose types

General Hacking tools (Can be used on any game)

Specific Hacking tools
(Only useable on 1 or related games)
General Hacking tools

- Memory editing
Example Game Killer (next Slide)
Search for variables in memory ( Health , Money , Score)
Find variables by using current values
Modify Those variables

- File (Data written to local storage) editing
Example Cheat Droid
Helps to locate and edit save files
Game Killer
http://www.effecthacking.com/2016/06/best-ways-to-hack-android-games-apk.html
Hacking techniques (Amateur)
Specific Hacking tools ( Only useable on 1 or related games)

Specialised tool to hack a particular game.

Could be a hacked version of a particular game

Example XMODGAMES

Provides hacked versions of games
with modifications and tools for hacking
the game included.
Hacking techniques (Pro)
Some one with programming , networking and reverse engineering experience who can analyse , obfuscate and circumnavigate
security measures or a application or game.
Analysis Techniques - Two variants

Traffic Analysis
Games send Sensitive data over network to Server
Attacks based on Identification and Successful Modification of these
sensitive parameters
- Attacks normally require a network proxy
- Some Android apps bypass Android's global proxy
- Traffic may be Cluttered or Encoded / Encrypted
Hacking techniques (Pro)
Some one with programming , networking and reverse engineering experience who can analyse , obfuscate and circumnavigate
security measures or a application or game.

Program analysis
- Often Needed in conjunction with Network analysis


Decompilers

Allows for static analysis

Enables modifications to be done to source code if recoverable
Debuggers

Allows for Dynamic Analysis

Useful for discovery and circumnavigation of protections.
Hacking Defences

Local resource Protection
This is any protection from edits to sensitive game related variables
whether in memory or on local storage
Defences include detection of memory edits and security of Data
- Checksums
- Encryption / Encoding of values
34 % of Games in the study had Local resource Protection

Code obfuscation and hiding
- Techniques such as Dynamic Downloading of libraries
- Obfuscation of Logic , Class names , variables
24 % of Games in the study had Code obfuscation and hiding
Hacking Defences (2)

Network Protections
Protection of the traffic To and From
the Server
The most basic Network Protection would be using HTTPS when communicating sensitive
information to the Server.
However this can still be hacked. (Web Proxy , Fake Certificate )
More advanced protections include

Non public Encoding/Encryption Algorithms

Hiding Traffic to not be captured

Sending of Signed packets and only communicating to Hosts With whitelisted Certificates
Hacking Defences (3)

Compilation into Native code
Relatively speaking the decompilation of java byte code produces high
quality decompilation code.
Decompiling of native code ( c , c++ ) provides decompilation code with
hard to read logic.
Use NDK ( Android Native Development Kit)
48 % of Games in the study had Code obfuscation and hiding

Client – Server Sync
Keeps client side variables in sync with the “True” variables on the server
Reverts client side variables and is very secure
Requires carful design of game , very hard to implement post design
All important calculations done on server
Game can still be vulnerable if implemented poorly.
25 % of Games in the study had Code obfuscation and hiding
Strength / Levels Of Protection
The Study Created a scale for Level Of Protection based on their experiences
of how easy the games were to hack.
Level 1 : Games With No or Partial Local Resource Protection.
Amateur hacker can defeat using Hacking tools
Level 2 : Games with resourse protection but Vulnerable to Network Analysis.
Doesn’t require looking at code, just network traffic
Level 3 : Games with added Network Protection that require Decompilation to
circumnavigate.
Requires some code anaylsis
Level 4 : Games with Advanced Network Protection and Obfuscation
techniques.
Obfuscation or Native code requires the use of debuggers to analyse
Level 5 : Application uses Sever-Side Sync to maintain sensitive parameters
All games in this level were unhackable by the study
Suggestions to developers
Local Resource protection (Essential)
-
Easy to implement and First line of defence against hackers
Code Obfuscation - depends on IDE/Language
-
SDK : Atleast use ProGaurd
-
Use NDK if possible
Network Protection And Server side Sync
-
At least use HTTPS
-
Use Server side sync if possible
-
Very expensive to communicate every important variable
-
High design and maintenance costs involved
-
The ultimate defence
Critisizm – The Good

Meet all expectations : The listed tools and methods would still work today.

Many real world examples and Proof
Authors hacked 77/100 apps that they tested in their study.

Good sample quality and range of apps
All games in Top 120 rankings of the Google Play Store Gaming Category

Author highly Knowledgeable in Decompiles and Network Security
-
Even thou 2015 , still relevant
-
I would try again with ios too
-
Criticism - The Bad

No tests or analysis of any other platforms

No mention of iOS
Due to IOS improved security vs Android?
Or Lack of authors familiarity?
Thank You
Presenter Morton Sykes
Swords and shields:
A study of mobile game hacks and existing defences
Yuan Tian Carnegie Mellon University [email protected]
Eric Chen Gridspace [email protected]
Xiaojun Ma Carnegie Mellon University [email protected]
Shuo Chen Microsoft Research [email protected]
Xiao Wang Carnegie Mellon University [email protected]
Patrick Tague Carnegie Mellon University [email protected]
Other References
http://www.effecthacking.com/2016/06/best-ways-to-hack-android-games-apk.html