Reverse engineering is an integral part of PC game cheat development. Since game hacks frequently rely on the ability to read from and write to specific data structures within a game’s memory, a game hack developer must understand how these structures can be accessed. In object-oriented applications, such as those written in C++, the relevant data structures are often dynamically-allocated objects located on the heap. In these cases it is necessary to determine sequences of pointers and offsets that traverse the binary’s data structures that reliably lead from predictable memory locations to the data structures of interest. This talk discusses a general approach for finding these kinds of pointer sequences and introduces a new tool which implements this approach.
Nick Collisson is a Security Consultant with NCC Group, a global information assurance specialist providing organizations with expert security consulting services. Nick has been with NCC Group for about two years, working primarily from New York City. Nick has performed security research in the following areas: web application security and C++ reverse engineering.