Want early access to new videos and some behind the scenes content? Consider becoming a channel member kzbin.info/door/QvW_89l7f-hCMP1pzGm4xwjoin
@seti_o3 ай бұрын
have you looked into this : Threadless Process Injection
@teh_hippo8 ай бұрын
I genuinely love how you have taken your channel in the last few months. Massive fan. It’s spot on. Clear, educational.
@nathanbaggs8 ай бұрын
Thanks! Just trying to make each video better than the last
@brixt0n8 ай бұрын
Are you still me? I created a wallhack for Medal of Honor: Allied Assault for educational purposes. Then I created an anticheat for the community based on my experience. I learned a lot about cheat techniques and detecting injections into an executable this way. Highly recommend experimenting with this!
@nathanbaggs8 ай бұрын
I still think you might be me
@GameBacardi8 ай бұрын
KD ratio 2 or over, ban
@brixt0n8 ай бұрын
@@GameBacardi close 🤣
@DouglasFish8 ай бұрын
"he's turned himself into chunklets!"
@nathanbaggs8 ай бұрын
A surprise to us all
@StoneTheCr0w8 ай бұрын
They're called gibs, noob
@GoldenAdhesive8 ай бұрын
I thought they call it giblets in unreal?
@Daniel15au8 ай бұрын
Amazing, you also watched the same video as me!
@Aes_Saru8 ай бұрын
@@nathanbaggspretty sure he was trying to get the snipper rifle but missed.
@ZynSays8 ай бұрын
Every time you end a line you give the camera this absolutely incredulous look before the cut, I love it. I mean this entirely positively, it's got a charm to it.
@nathanbaggs8 ай бұрын
I just thought I was bad as editing, glad it comes across as charming (:
@ZynSays8 ай бұрын
@@nathanbaggs IMO it makes it look like you're more of a "Tech Guy that makes videos" than a "Video Guy who covers tech", and I think people generally trust that more!
@Azeria8 ай бұрын
the slow pace also helps given it’s pretty technical, it gives us an extra beat to process what you just said which is great honestly
@nathanbaggs8 ай бұрын
That’s the style I’ve been going for, glad it comes across
@metalspoon698 ай бұрын
Would love to see a video on "external" wallhacks where instead of injecting code you read process memory to determine the locations of players and draw an overlay over the game window.
@nathanbaggs8 ай бұрын
Yeah I think that would be fun to do, I also thought doing this alternate way would be interesting
@asanwers4 ай бұрын
Make a video how kernel anti cheats are bypassed using kernel drivers
@RandomByte898 ай бұрын
Thanks for the great video Nathan. BTW at 11:36 what tool did you use to get the disassembly?
@BinaryCounter8 ай бұрын
He used Ghidra and then copied all the disassembled (and then decompiled) code into VSCode to be able to search through it better. Keep in mind that Ghidra does not output C code, just pseudo code that is similar to C. It's also very far from perfect.
@nathanbaggs8 ай бұрын
^ yup this
@AsilarWindsailor28 күн бұрын
@@nathanbaggs Alternatively, you could open up UnrealEd in the System directory and open all the game files in the script editor. Pretty sure everything is there There's also a way to dump all the classes out to .uc text files as well for easy access outside of the editor
@dminik91968 ай бұрын
Using the texture is pretty neat. This works similarly to the popular cs1.6 wallhacks. The main difference is that that game used different glBegin mode for different models. Triangle strip and fans for players and something else for everythig else. One trick I used was to split the depth buffer. Near (0-0.1) for the players and the rest for everything else. This way, players would render on top, but their vertices would still be sorted and displayed corectly.
@king_james_official8 ай бұрын
nice clever trick :)
@IOSALive8 ай бұрын
Nathan Baggs, Your videos always brighten my day, so I subscribed!
@nathanbaggs8 ай бұрын
Thanks!
@st0rmw1ndz8 ай бұрын
I love the format/style of your videos. Really easy to follow and see where you're thinking. Not to mention the topics themselves are super interesting
@scottkappel30118 ай бұрын
Your channel has become one of my favorites. This content is incredibly entertaining and educational. Watching you navigate all of this with such ease is extremely fascinating
@SianaGearz8 ай бұрын
I'm sure there have to be ways to verify the gog installer! Someone might have fingerprinted the installer with a checksum. You can check cryptographic signature on the installer executable. It won't check the appended archive data but it will check that the executable is known and not malicious. In turn the game installation, the unpacked archive data, can be by all reason checked by gog galaxy. There is no rule against owning multiple gog accounts, downloading your offline installers and using the games with galaxy after installing them.
@tardistrailersАй бұрын
Isn't there an option in the GoG installation process to verify the integrity of the archive data? So if the installer is signed by GoG and the archive check is passed, the files should be untampered with.
@ButcherTTV6 ай бұрын
This channel is amazing, you should be proud of the videos you're making! Theyre something special.
@nathanbaggs6 ай бұрын
Thanks!
@jnonymous8 ай бұрын
This was really informative!!! I really love all your videos explaining every thought process and step. It's really educational!! Thank you!
@nathanbaggs8 ай бұрын
Glad you enjoyed it!
@thomastorr19838 ай бұрын
Let's make this game a popular sport again! I have been playing all the Unreal games recently. The original Unreal game simply called Unreal has features that the other games don't have, such as a completely different weapon set (terran weapons) that you can alternate between by double tapping the number keys, a weapon that can grow, plants that can grow, and of course an entire single-player/co-op campaign. Please mod all the features of Unreal into Unreal Tournament
@DrRadio1558 ай бұрын
The last is done by OldSkool mutator.
@MelroyvandenBerg8 ай бұрын
it was always popular
@Aes_Saru8 ай бұрын
For real. It so much fun. We can even mod it to have more items and add our own skins.
@Timic83tc4 ай бұрын
Well you can't even buy the games anymore Screw epic
@AsilarWindsailor28 күн бұрын
@@Timic83tc Don't they offer UT for free on their website? I got it from them once when I couldn't find my install discs
@dvdvideo12348 ай бұрын
0:50 No need. Windows sandbox is an isolated environment with GPU acceleration
@Nesh1088 ай бұрын
Really good video, great job Nathan!
@invisghosty8 ай бұрын
I never thought of dumping all of Ghidra's output into a file and searching for the offsets/sizes! I've had a hell of a time trying to reverse engineer some file formats in an old game that recently got a PC release (Baulder's Gate Dark Alliance) and this actually helps! The issue I've run into is that the app doesn't process the files, like, at all. It blindly loads the data into memory and then immediately starts using it. How would you go about reversing something like that?
@nathanbaggs8 ай бұрын
It’s hard to say without seeing the specifics. Off the top of my head I’d either dump the process memory when it’s running (presumably once all code has loaded) or I’d find the code doing the loading and set some breakpoints
@bilaalh996 ай бұрын
part of the reason the vm performance was so poor was that you may not have loaded the virtual box graphics drivers. The little turtle icon on the bottom bar means there is some issue with how it is emulating on the host. Usually installing the guest edition CD fixes the performance for me. You may also need to disable some virtualization based security settings or TPM. Not sure if those impact the sandboxing capabilities of the VM
@nathanbaggs6 ай бұрын
Quite possibly, I’ll admit to not spending too much time trying to get it to work in a VM
@enigmatico62098 ай бұрын
iirc, unreal engine games from that time got wallhacks made using the same game engine by making a module specifically for it. You didn't need to hack the binary executable or inject code into it because it would be loaded as a game module or mod for the game, so it was much easier. There were anti-cheats that actually verified your game modules and checked if you were using something sketchy tough. All in all, it's more fun to learn to play the game and actually play it, but of course it's always interesting to learn how to inject yourself into other processes because what you can learn from this, you can apply to other kind of attacks. Like this is totally not usefull for reverse engineering and bypassing any kind of intelectual property protection ;) (and also modding other games)
@kaki99278 ай бұрын
Cool idea to find the player via the OpenGL calls, wouldn't have thought of that. Probably would be more difficult with a more modern game, because there would be way more textures to go through, but it's way more fun than doing everything the same way every time :D Keep up the good work!
@nathanbaggs8 ай бұрын
I don’t think this would work with modern apis, especially if they’re using bindless textures. You’d pretty much have to hunt for the world positions in memory
@kbkmn8 ай бұрын
sometimes i run UT just to have fun on ctf-face by myself. Jesper Kyd is awesome
@deanrumsby7 ай бұрын
Wow, very cool! Thanks for the great videos! 🙌
@ReaperCH908 ай бұрын
I don't know enough to know how much I do not understand, but I understand enough to like these videos and learn something.
@_Pawelski8 ай бұрын
I dont understand a thing but still watching every video of yours. This game patching and mod loaders making sure needs a lot of skills. It always interested me but seems like it takes years to be that good
@sophiacristina8 ай бұрын
That is not my area of programming, but, can games make the information of other players be withheld in the server and only if a player finds another player the server says "yes, you are indeed seeing the enemy in accord with my withheld information", and then, only then, give the client the information of the enemy's position? In that case, the client wouldn't ever know the information needed to find other players, only the server. I may be talking something impossible, or something that may be computationally intensive for the server or whatever, like i said, it is not my area, but i got curious about that.
@sophiacristina8 ай бұрын
@ChineseRatfaceCHANG Ty for answering! :)
@RealDaveTheFreak8 ай бұрын
Thanks!
@nathanbaggs8 ай бұрын
No, thank you!
@oo0speed0oo8 ай бұрын
Amazing. Your content is always interesting.
@Ch40zz8 ай бұрын
Why not use Interlocked intrinsics to swap pointers? No need to suspend the threads
@nathanbaggs8 ай бұрын
Doesn’t that require all existing reads to be atomic? My concern is the game calling one of the functions whilst I’m writing it. To be honest they’re only patched once so there’s little chance of something bad happening, so could probably do it without suspending
@Ch40zz8 ай бұрын
@@nathanbaggs pointer sized reads on x86 will always be atomic anyways, you dont even need the Interlocked intrinsics. a single mov dword/qword ptr is always atomic
@Timic83tc4 ай бұрын
What's the name of the gog mirror site asking for a friend
@MrTalisauros8 ай бұрын
Excellent video! Gives a great glimpse into the world of cheating in multiplayer games. I guess most of us never knew how these were made!
@nathanbaggs8 ай бұрын
It’s a fun puzzle to solve, it’s a shame some people use it to ruin others fun
@jnonymous8 ай бұрын
@@nathanbaggs I think we should just have cheater servers in every game where cheaters can cheat against each other to see whose cheat is better. I think when people have a place to do what they think is fun, they'll tend to go do that instead of bothering others.
@Scotty-vs4lf8 ай бұрын
@@jnonymous like hvh in csgo
@theLilaQ8 ай бұрын
Love your channel. Keep the fun stuff up
@nathanbaggs8 ай бұрын
Thanks, will do!
@flophelia7 ай бұрын
For anyone interested, the goty edition of unreal tournament is actually available to be bought thru steam, at least last i checked it was :)
@Timic83tc4 ай бұрын
Don't think so :(
@flophelia4 ай бұрын
@@Timic83tc awe, i just went and checked, and yeah it got removed :/ sorry about that
@SealFormulaMaster8 ай бұрын
I'd love to see a video on cheating devices like the XIM and MSI Meg, and more importantly, if there's anything anti-cheats could do to stop such devices.
@Alex-px9lk8 ай бұрын
Awesome Video!
@themissinfowar66298 ай бұрын
What about replacing all textures with semi translucent ones?
@Death2u_8 ай бұрын
Never seen it done this way before. It's always finding the player entity then using reclass to find everything from there.
@Miiiasm8 ай бұрын
This screams so much “GuidedHacking”
@Death2u_8 ай бұрын
@@Miiiasm KZbin, forums, discord. All go through the same type of tutorials. It's all I've seen.
@nathanbaggs8 ай бұрын
I just wanted to try something different
@Isaacfess8 ай бұрын
Unreal Tournament forever! UT2004 is my favorite but 99 is great too.
@batman95928 күн бұрын
I swear i had to do this on Counterstrike to find lost/stuck bots/ afk players so everyone wasn't waiting 20 minutes for a round to end. Nowadays Cyberpunk does it for free AND you can shoot through the wall too!
@Big.Joe.Grizzly4 ай бұрын
I'll never forget putting like 200 hours into gta5 on ps3 many years ago only to have some hacker one day join the server and take away all my xp and money like he gave me -1000000000 xp so I could never even level up again. From that day I learned how much I hate people who hack and ruin online video games. If you're too bad at a game so you have to hack to be good atleast just keep it offline
@ZennExile8 ай бұрын
Ruining the enjoyment of others IS the game for 18% to 22% of all multiplayer gamers. And that's being generous. It's estimated that as much as 80% of multiplayer gamers are cheating in some way online at least part of the time. Just like your siblings couldn't be trusted to run the bank in monopoly because they would steal money when no one is looking.
@nathanbaggs8 ай бұрын
Yeah it’s pretty sad when you think about it
@ZennExile8 ай бұрын
@@nathanbaggs oh I don't know... Sometimes there's great opportunity hidden between the layers of sad peculiarity. What is game development if not the exploitation of motivation? Seems to me there's a powerful motivation underlying these behaviors worth billions. But I ain't one to gossip so you ain't heard that from me...
@hodayfa000h5 ай бұрын
Bro you're evil 💀 i never thought about stealing from the bank
@Caiu995 ай бұрын
Casual LTJ Bukem tune in the UT scenes lol
@lyth1um8 ай бұрын
hmm in a vm u can use gpu passthrough? level1techs showcased it. 1 host alot of different vm's and even modern 3d load. vdi/virtual desktop infrastructure. maybe for next future projects :P
@nathanbaggs8 ай бұрын
I’m sure there are ways, I just wanted to get into the reverse engineering (and play a few games)
@lyth1um8 ай бұрын
@@nathanbaggs maybe for next old backup out of the interwebz. :-)
@JohnAlanWoods8 ай бұрын
Fantastic vid, loved that game.
@locastable8 ай бұрын
The later unreal tournament games are the ones that spawned the "cheating industry". It's pretty interesting how it all started
@StoneTheCr0w8 ай бұрын
You weren't there lmao. The games didn't spawn anything, Zellius, Helios, and " .:..: " did
@locastable8 ай бұрын
@@StoneTheCr0w weren't they the first p2c's on the market? Didn't they started selling for that game?
@test-rj2vl8 ай бұрын
Would have been educational to see the reverse engineering part of code also. Btw can you take a game that doesn't support windowed mode and make video where you show how to make a windowed mod. I mean yea there are generic programs out there that can run any DirectX game windowed but what's the absolute minimum required reverse engineering and coding to make let's say Warcraft 2 run windowed mode?
@nathanbaggs8 ай бұрын
The problem with reverse engineering content is it’s quite boring, no one wants an hour long video of me looking confused (:
@test-rj2vl8 ай бұрын
@@nathanbaggs Depends. If it's game that I have played in childhood then I can watch you reverse engineering it. If it's game I've never played then yea. I would still watch it to learn reverse engineering in general because there are not too much video out there but probably skip around here and there to find parts that are educational to me. And to be honest hour long video would be very good result. If I were to figure out how to spawn more units to Warcraft 2 without crashing the game for example then the unedited video would be like 2 to 3 weeks.
@qwert_au8 ай бұрын
I'm really enjoying all of your reverse engineering videos. I hope you keep them up! :)
@nathanbaggs8 ай бұрын
I really enjoy doing them so I’ve got no plans to stop
@beaverbuoy30117 ай бұрын
Loving this!
@jamesa30508 ай бұрын
Love the video as always. In your code listings, it has the symbol ≠. Is that just a simplification for the video or is it valid code?
@thomaslindell54488 ай бұрын
It’s a font.
@isduck62268 ай бұрын
In most IDEs you can enable ligatures for fonts that support them, and it will render != or >= etc as one connected character, although they're actually still seperate.
@nathanbaggs8 ай бұрын
It’s a ligature. I use a font called Fira Code that combines characters to their mathematical equivalent. I forgot it’s on when recording
@chrisdickens48628 ай бұрын
Very cool. Thanks!
@mme7258 ай бұрын
You got this in the bag(gs) Sorry, couldn't resist. Fun video though, always neats to see you dive in and fiddle with internals. 👍
@nathanbaggs8 ай бұрын
I’ve heard worse (: glad you enjoyed
@haxguy0Ай бұрын
Your videos are amazing. I'm an AppSec Engineer specializing in web apps so I find reverse engineering low level stuff to be pure magic. I'm completely baffled by your level of knowledge
@hacking4good8 ай бұрын
I really need your help with one game, sir 😂 but thanks about this vid 🙏
@flamendless8 ай бұрын
Just a hopeful request, how about using Linux to hack instead of windows?
@nathanbaggs8 ай бұрын
I’ve done a video on that: kzbin.info/www/bejne/h53Gi5yIe8Z-nM0
@flamendless8 ай бұрын
@@nathanbaggs thank you!
@dvdvideo12348 ай бұрын
1:00 Windows sandbox 😉
@Sypaka7 күн бұрын
Wouldn't it have been easier to just decompile the game with ucc - which should be included anyway? This is the Unreal Engine after all and extremely moddable.
@Jutastre7 ай бұрын
"Best FPS map of all time" Amen!
@spam17128 ай бұрын
HEADSHOT HEADSHOT HEADSHOT KILLING SPREEE God I didn't hear that In a while!!!
@Fewnity8 ай бұрын
Man that video was super cool! Now I want to try to do the same x)
@nathanbaggs8 ай бұрын
Do it!
@Fewnity8 ай бұрын
@@nathanbaggs I'm already creating a big game engine for game consoles I need more time for this haha 😓
@catfan56188 ай бұрын
Really interesting!
@nathanbaggs8 ай бұрын
Thanks!
@beakersa8 ай бұрын
You're doing such an amazing job with your videos - really enjoying your content.
@sassywoocooo8 ай бұрын
you're the coolest big bro with all the cool tricks
@nathanbaggs8 ай бұрын
Haha thanks!
@EyesOfByes8 ай бұрын
Time to hack The Crew.
@Name_cannot_be_blank8 ай бұрын
sorry, but you cant hack it, you dont have the files to do it, they're in ubisoft, and were on thier servers, noone besides them have them, but you can search the youtuber accursed farms, he has a plan to stop companies from doing this forever
@Timic83tc4 ай бұрын
I care
@JoakimKanon8 ай бұрын
Facing Worlds! 😍 (Great job, btw)
@nathanbaggs8 ай бұрын
A classic! (And thanks)
@seventfour92472 ай бұрын
So much knowledge for free.
@qsquared88338 ай бұрын
"And Windows does nothing from pulling the rug out from under yourself". No Operating system does.
@f.d.93268 ай бұрын
I'm amazed as always
@nathanbaggs8 ай бұрын
Thanks!
@Controllerhead8 ай бұрын
Amazing peak into GL and the dark arts. Love the content!
@nathanbaggs8 ай бұрын
I’d like to do some more graphics based content, I started off this channel to talk about my custom game engine. Things have changed a bit since then
@yan-amar3 ай бұрын
Lol we can allocate memory inside any process and put what we want in it? I never wondered about that, but this is absolutely crazy. No wonder Windows is full of CIA backdoors and stuff.
@rjmunt8 ай бұрын
This game was the main use of our university network
@Elezshar26 күн бұрын
Sick headshots
@MelroyvandenBerg8 ай бұрын
still impressive and fun to do this reverse engineering
@SpitfyaUK7 ай бұрын
I was so pleasantly surprised when you said you were going to try it on Unreal Tournament, such fond memories of this game. Awesome vid as always Nathan :)
@tribes2archivist8 ай бұрын
CS2 HVH when?
@-Kerstin8 ай бұрын
Something I've never understood is why popular online competitive games never manage to prevent people from cheating. I feel like it has to be a lot easier for the game developer to prevent cheats from working than it is for a hacker to make the cheat. Every time the developer releases a minor patch that mixes things up then the hacker has to do tons of reverse engineering so the hacker should be at a great disadvantage. Either game developers aren't trying to prevent cheats or there has to be more layers to this that I don't understand.
@steve819378 ай бұрын
Because we have better things to do than annoying some hackers.
@invisghosty8 ай бұрын
It's an arms race and there are usually more cheaters than there are developers. Yeah they could come up with some complex system to rearrange some data but it's not like they can completely re-write their game each update so there are still going to be things that cheaters can use to determine where the correct data is.
@dukemagus8 ай бұрын
Making the game fun is a priority over making the game hack proof. Also, the vast majority of players want a fun game rather than a bulletproof bios level cheat prevention engine
@jhax8 ай бұрын
The developer has to patch 1000's of security holes. We just have to find one. Reflection systems like in Unreal Engine make it incredibly easy to write position independent code.
@nathanbaggs8 ай бұрын
I think if it were easy to prevent cheating then developers would do it. It’s a massive game of cat and mouse between developers and cheaters, but develops have to balance their time amongst other priorities (and ultimately making money) something cheaters probably aren’t that worried about
@-Katastrophe8 ай бұрын
Sometimes cheating is the only way to fix a save file.
@kubuzeer65108 ай бұрын
A HACKER is an individual with technical computer skills but often refers to individuals who use their skills to breach cybersecurity defenses A CHEATER is a person who acts dishonestly in order to gain an advantage, in this case, in video games Please know the difference and correct the video title
@cho4d10 күн бұрын
if you're going to be an omega pedant you should at least be correct. look up the difference between hacking and cracking.
@Felixkeeg8 ай бұрын
This was on my start page when I just scrolled by. I did a double take back because I was like "Is this Facing Worlds" from just a split second. Played that game to death
@nathanbaggs8 ай бұрын
I’m hoping it brings back some good nostalgia feelings for a lot of people
@LightTheMars8 ай бұрын
That pipe operator at 6:05 caught me off guard. The C++20 ranges lib sure is interesting. The committee never fails to find new ways to use operator overloading!
@nathanbaggs8 ай бұрын
I think ranges might be one of my favourite new features (and coroutines)
@sdwone8 ай бұрын
At some point, this problem will get so bad, that casual players who actually just want to have fun and an actual challenge, will simply stop playing these games altogether. Then that will just leave the hackers to go ahead and hack the game out of its existence! Sounds like a "wonderful" outcome! 😂😅😊
@KrusherMikeАй бұрын
Hitscan ❤
@waldmensch20108 ай бұрын
you are a genius
@ndowroccus41688 ай бұрын
Thumbnail facing worlds UT
@2ndToLast5018 ай бұрын
Good god seeing UT99 sent me back to my childhood, the good ol days
@gamesthatmatter93745 ай бұрын
how can u in a real game draw enemy players through the walls if the server dont send you their position . i mean why would they send it to you since you are not supposed to see it ... this technique shown here is flawed.
@nathanbaggs5 ай бұрын
How can the server know what the player can and cannot see?
@gamesthatmatter93745 ай бұрын
@@nathanbaggs the local pc shows to the player a room . when an enemy should be visible to the player (via computation) the server then transmits its position to the client so that is rendered. Lets make it simpler for you : each player position is known by the server but when only one player should see another (depends where it looks) the server transmit the other player location to the client so that it can be updated. I hope you can understand the issue.
@RetroCVBS8 ай бұрын
Purely for academic reasons.
@nathanbaggs8 ай бұрын
Of course, absolutely no other reason
@YouTubeName-hw1uk8 ай бұрын
Please keep in mind hackers and cheaters are different things
@ProximoNovio8 ай бұрын
You should make a cheat for a another old and $hitty game that nobody plays like fortnight. Will be waiting for new video. Thanks
@queenlip61525 ай бұрын
Online games!
@maz52328 ай бұрын
Try make fake kernel
@Aes_Saru8 ай бұрын
I still play this online lol
@St0RM337 ай бұрын
Well hackers need skill..cheaters are just trash people
@bustacell8 ай бұрын
Oh dear :)
@6Diego1Diego94 ай бұрын
Ayct not make these videos longer
@keeganwut8 ай бұрын
new video!!
@nathanbaggs8 ай бұрын
Indeed
@justinianbyzantium37658 ай бұрын
Disgusting how that guy makes tongue clicks all the time when speaking…. 🤮
@Joshua-l3f4g7 ай бұрын
I think that it's morally justified to cheat in games where the players like to say slurs over voice chat. As punishment.
@fed402_18 ай бұрын
UT never dies!!!!!
@HaraldQuake8 ай бұрын
man I just won the UT99 EU 4v4 TDM Cup... I am more or less a noob and got carried by 3 veteran players but why do you teach people how to cheat... better do some helpful content -.-
@A1rPun8 ай бұрын
There are a multitude of cheats available already for UT99 because the game is already 25 years old. Not all people will use this information to cheat because it's interesting to see how cheats like this can work so we can make prevention tools.
@nathanbaggs8 ай бұрын
I just like solving puzzles and talking to people about it