Bonus video with the analysis of the collected data will come within the next 24h. TL;DR summary: If you are a Guild Wars 2 player, don't worry about bots like that. It's child's play. Don't request ArenaNet to waste any resources on it.

I just wanna say that I have watched several tutorials on reverse engineering binaries and I REALLY enjoyed your video because you not only showed what you did to find certain bits of information, but you explained your entire thought process AND you told us the things you did that didn't actually work. 99% of tutorials -- even the good ones -- often leave out explanations of the dead end roads they went down. And the reason that's so important is it helps people who are trying to learn reverse engineering the mindset/thought process they should have when approaching the subject. It's easy to mirror something you watch in a video and think you understand it only to try it on something else and quickly realize you don't really know where to begin or how to approach it. This is the first video I've come across of yours and I'm definitely checking out more after I write this, but I'm really hoping that you take this approach in all of your videos. If not, you should. This is super helpful and you're definitely onto something with this style of talking about a subject. Sorry for the long comment, but I just had to say this. Cheers!

Your strings are wide which is why IDA didn't notice them. You just need to tell IDA to include wide strings in the strings window (right click and configure)

I don't even play GW2, yet this was utterly fascinating. You're a goddamn wizard.

great documentation of your workflow. thanks

The way that you talk through your way of thinking is so good. Makes it so easy to follow your thought process and your reasons for doing things.

Your videos are very informative. It's almost like you have to play detective to discover what you did. Of course, having the right tools under your tool belt also helps ;) Keep up the great videos!

I love these videos. As large a python application developer, getting to explore more about this very unknown world (at least, to me) is super interesting. Keep the videos coming!

Great video. i really enjoy you reverse engineering these types of MMO bots, i would love you try doing it for more bots as its also very educational :D

This guy could get employed by Microsoft Apple Google and Amazon all by himself and save these companies trillions ... He is mind-blowing smart. I use computers since i'm a kid and have strong knowledge about pretty much every computer related stuff but in this video I quickly realised how much of a noob I was. This video made me humble so bad. I'm shocked. Wow.

Really cool video, I like how you went the extra step and tracked thos bot users for data

You showed me nothing I didn't already know, except how to put what I know to use! I appreciate the candor of narration as you work through the problem. That is one of the most important things for people to see, it's OK if you don't know precisely what they next thing you click on is going to do, that's how you learn. Great video, thank you.

Super interessting! And crazy how it was possible to extract such valueable and private information. I bet there's thousands of other companies doing something similar.

I would like to see more game related reverse engineering videos. Keep it up.

do more bot videos on popular mmos, this is interesting stuff

You deserve so many more subscribers. Please keep this content going :D

One of the best channels about reversing on youtube. Thanks for the video

Very cool my friend, subscribed - wish there was more content like this!

How didn't I know about fiddler earlier? I love it and constantly mess around with it now! Danke dir

I don't think there is a single video of yours that hasn't had a #MindBlown moment for me. I know you think this is a bit mundane, but like all your work, yet again opening a whole world to my view. Thanks, keep up the great work!

Just found your channel. Seems to be educative and I believe I will learn a lot. Keep up the good work.

Awesome video as always. Guild Wars 2 is a great game, as well.

3:31 Sending login credentials over HTTP? Oh boy...

You're so awesome. I love your videos so much! So much to learn, and I really like the way you present the information.

Couple tips for Windows executable reverse engineering. 1) There are many programs you can use to check how an executable is compiled and packed, couple of my favorites are Detect it easy and peId. 2) You can use Process Hacker 2 to find strings in memory of an executable. Great video btw!

Very good video about deep programming knowledge, without getting complex. It helped me!

Really interresting video.... I'm subscribing to see what's next :) And i will come back on your videos to see what else you have to teach. Thanks for the share, keep on the good work, keep giving us your taught process (mostly why i subscribed!) Good luck on KZbin

Super cool video, and absolutely hilarious that such a simple request gave you the bot user's account APIs. Talk about a botch job from the bot developer!

This is just... WOW. Dude you're awesome. Keep it up!

Thanks for this amazing video, you never fail to deliver :D

You've inspired me to get back in GW2 after almost a year of not playing it, thanks

Dein Video ist Gold wert, konnte dadurch echt viel lernen, danke^^

By the way, you can just load the memory dump into ida see the disassembly of whatever they tried to obfuscate/encrypt. Ida can also find strings in there, no need to do it manually.

0_0 I don't know how I ended up here but I couldn't stop watching. This reminds me of how many different programs I find myself using from start to end with making game assets.

I learned a lot today, thank you for this video :)

Super interesting. Thank you for this.

I enjoyed this video! I will watch more of your videos :)

WoW, That is really amazing. It's inspiring.

Just awesomely crazy... Good job.

Subbed! Awesome videos ;) GW2 reddit brought me here!

I would have never thought to reverse engineer the bot program to get all the api calls to their server. that's awesome.

Your a boss man! This made me happy to watch.

Ich habe keine Ahnung von GW2 und auch nicht vom Programmieren, aber es ist interessant und einigermaßen verständlich für mich. Dankeschön. =)

This is some impressive work man!

Very interesting. Good job

Thanks for the video, very interesting!

Nice, I'm always learning something ;) And I'm always a bit suprised to read german Text. Well, I already know you live in Germany, but your englisch is perfect. BTW: I'm German too

I love your channel so, so much

I legit spit my coffee out watching this at 7:30 in the morning when I saw you replay and edit the request to get the online users.

WoW nice Love this video, thanks for showing me something new :D

I love your videos, i just got into the security market and i'm learning from 0 your videos will surely help a lot i've always wanted to make bots for games for the sake of it but never did it. I would love if you could make a video about android apps pen testing

Thanks for the video! you big helped

Man!!I wanna be able to do all this. You're a genius

As the bot requires validation to work, you can remove it by checking for strings related to the login page on IDA, the newr adresses will be the validation ones, then you just need to make it return true

I love this video. Please make more videos like this xD

Excellent video! Best reverse engineering channel!

Fun fact: You just gave pirates a head start in pirating the bot.

You could open the memdump (Yes it's a full memory dump) in IDA and let it automatically find/analyze the binary.

For string searching I like ProcessHacker 2 - double click on the process>Memory>[Strings...]>Set the settings>Optionally filter output.

You should do more of these documentary's where you reverse engineer a program in the wild.

I have no idea what is going on or where I am but I like this video, even though I understood none of it. I found it enjoying and your voice soothing. Keep making videos, 4am me is out & won't remember this comment :)

That was so interesting and fun to watch! The thing is, if I had attempted to do this kind of research, I would have given up after the first 5 minutes, because I know nothing about the workflow and how to interpret findings and outputs of these various programs (even most of the shown programs I did not know). So can you give a short explanation of how you collected this mass of knowledge over time? Ps: Schland :D

Okay.. I didn't like the video until you got the entire list of users.. and then geeked out graphing some data.. You earned my like.. Thumbs up clicked :P

Very interesting. I used to make wallhacks for Soldier Front and aimbots for Gunbound when I was younger... much profits. These videos make me want to get back into it.

wow what a great content, subscribed

Far, far above my level of knowledge and interest, however well explained and interesting to see what you discovered, even if I could not emulate this myself.

I'm glad you waited for the service to shut down before doing this, a buddy of mine found this issue and showed me how to perform it ages ago. We always used to mess with those filthy cheaters. >:)

craaazy stuff ...i have no clue about programming but this is crazyy :)

I'd love it if someone posted this video on the site where the bot was sold. I don't think they'd be all to happy with it if they found out it just spits your API keys out on request.

BEST CHANNEL EVER IN THE HISTORY OF KZbin AND HUMAN CIVILIZATION

I have 0 dev experience and I dont play gw2. I watched the entire thing. Time to get control of my life.

DUDE YOU ARE A FUCKING BOSS. I'm super inspired to try some of these tools. Thank you so much. Love your channel.

Super awesome Sir.

This video is strangely motivational.

This is amezing thank you so much for beautifull video

The mouse key hook actually uses Windows API to intercept and maybe send raw input, no injection required.

You earned a subscriber, don’t let me down

Very awesome and inspiring

This is amazing !! Great!! Get more on mmorpg ;]

yeah good job explaining your approach, and what tools you used.

I can recommend ILSpy Smartscreen primarily checks code signing certificate of the program (see the Publisher) - not much of hashes and how many are using it. To avoid the smartscreen you must supply your app (with certificate) to Microsoft. Visual Studio should be able to open the memory dump, and also let you step thru it if you want. (I really hope this is available in the community version)

Hello LiveOverflow, Like you I have analyse two bots from an other game, but in fidler the first bot use https and the second encrypted packet (TCP or UDP). My question is, how to decrypt these packets ? Thank you :)

I have no idea whats going on and yet i am going to watch part 2

Alter, wie geil du einfach bist :D Verdienst auf JEDEN Fall mehr Abonnenten!

you are defo in the top 5 Comp Sci/Software Eng/Hacking channels.

Awesome topic

Im in college and watching every single video of yours so that i able to solve any ctf challenges thanks men: ∆

If the memory contains non-obfuscated data you could have easily debugged using some tools like OllyDbg or even Cheat Engine (even if OllyDbg provides a list of strings really similar to the IDA one)

I actually understood what is happening. May god I learned some stuff last few years :D

I just realized that I had watched this video before, not knowing about GW2 and I'm quite intrigued by how games' economy works, but not the games itself (since I'm not MMORPG kind of player) Then two years later I've already addicted to it and then stumbled this video again browsing GW2 economy subreddit How the table have turned... I'm gonna watch it again

your intro is awesome

dayum son, your hacking skills are over the top!

Nice video! Awesome reverse engineering...

Great video

Very nice, I am now maybe a bit too old, in my youth somebody used a hex editor to modify some values within a fairly old mmo client-side and he got through, ofc he was banned and that thing patched in next maintenance and obviously storing important data client-side is a no-no and it was their fault that they got burned... But yea little by little I am getting the picture now. Thanks.

you are awsome , fan from Egypt :)

I love reversing online games. I even have 0day for an old Turkish made MMO :D. Cool video btw.

amazing, thx

send the graph to data is beautiful.

you are my favorite channel ☺