How to hack Flash games

Okay, I Dont know if this is allowed here if it would be frowned upon since it is quite easy and flash is going out of the game scene.. I Thought id put up a tutorial or two on Flash hacking for anyone who may want to play around and have some fun with it.. I have been doing this for about 3 years now , And i still do it just for the fun of it seeing what i can make out of different games. Although i am learning about DLL Injection on Steam games and Soon Unity Decompilation. I Wanted to go on and spread a bit of what ive learned in the flash hacking scene... So i will get started..


Step 1.
So first things first, We need to find a game.. Now i am going to write this tutorial as i hack a flash game to give it sort of a hands on experience by allowing the reader to know exactly what im doing.

So i chose a game.. Boxhead 2 Play Rooms.. Simple game Probably some simple hacks as well.. So starting off by downloading the game from Crazy Monkey Games.. Boxhead 2Play Rooms Once the game is downloaded You will need a to open JPEX Free Flash Decompiler and go down to the Scripts folder .. Continue to Step 2..


Step 2.
Now that we have our Scripts folder open we will go through some random folders and Actionscript files..

So far in [__Packages/Thing/Weapon/CThing_Weapon] I have found the code for Adding messages to the screen when you run out of ammo.. this.mWorld.mHud.AddMessage_Critical(this.mName + " is out of ammo!"); Now this seems kind of interesting but not sure what we may need it for YET Of course it puts text to the screen but you will need to be able to access it and worry about corrupting your file..

So lets keep looking just for some simple hacks for now.. In the same File we find a function called DecrementAmmo()
Sounds Interesting.. These are just for built in hacks by the way.. External Hacks are possible using External Flash Loaders or saving the bites for a Cheat engine AoB Swap..

So what we will do is Either Press the Edit Actionscript Button and Clear out the Decrement Ammo function.. Or We can use the P-Code Editor on the right side of the program to remove the code.. May need some practice with that editor.. Or we can do a third method which would require a Flash Decompressor.. Which i can supply soon enough.. And a fourth method which would be using Cheat engine.. I Will explain what each way does and how to do it.. First things first lets take a look at the code...

this.DecrementAmmo()
This calls a function.. But lets see whats inside the function..

So as you can see its checking if our weapon has infinite ammo , And its subtracting ammo from the weapon.. So what we need to do it remove every bit of code starting from the subtraction sign so the ammo just equals the ammo with no changes.. Lets talk about the different ways we can handle this..


Method 1.
So method 1 would just be to press the 'Edit Actionscript' Button and remove the code.. This may work for some games.. But alot of the time it will corrupt the flash file So its not recommended to use ... But it makes things real easy..

Method 2.
Method 2 would be to edit the ABC Code (Actionscript Byte Code) in the right side P-Code Editor..
This can be quite difficult as the code looks like this

Code:
SetMember
Push register2 "DecrementAmmo"
DefineFunction2 "" 0 2 false false true false true false false true false  {
Push register1 "mAmmo" register1 "mAmmo"
GetMember
Push register1 "mTotalAmmo"
GetMember
Push "Thing"
GetVariable
Push "Weapon"
GetMember
Push "CThing_Weapon"
GetMember
Push "mInfinateAmmo"
GetMember
I Didnt grab the whole code as that would be too much but if you have any experience with this type of code it will be quite easy and would lower the risk of File corruption..

What you would do there is remove the subtracting code from the ABC Code


Method 3.
The Third method is a little like the second method except this time its with cheat engine.. we will still be using both programs .. So where the P-Code editor is press the button on top that says Show Hex with Instructions you will have to scroll over the button to view its tooltip..

After you do that your code will go from normal ABC Code to having added comments with the hex for that area of code for Example

Code:
GetVariable
; 96 02 00 08 01
Push "Thing"
; 4e
GetMember
; 12
Not
; 12
Not
; 9d 02 00 1e 00
If loc0316
; 96 02 00 08 00
Push "_global"
; 1c
GetVariable
; 96 02 00 08 01
Push "Thing"
You will need to clean that code up and remove all the ABC Code but keep the Hex .. Then you can use cheat engine to search for that hex code and replace it with NOP's using the '02' Hex code This is the third method you can use for many things..

Method 4.
Now method 4 is almost like method 2 and 3 Infact its almost exactly like 3 but instead of using Cheat engine you will be using a Hex Editor .. So after you get the Hex codes from the P-Code Editor , you will need to get a Flash Decompressor, Which i can supply on here.. Or you can use the built in one onn JPEX.. Ju

No comments:

Powered by Blogger.