Ferib's Blog
LOCKED UNTIL: 27/01/2021
After I found out that the software is used as an official exam I had to look at how it works and how secure it is. But after a quick look, I noticed there wasn't much protection at all. Did the developers forgot to put it in, or did they think students at high school/college aren't capable of reversing such software?
Reversing and automating the McDonalds mobile game "FriesHit" by sniffing the network protocol and emulating the game packets to get free rewards.
World of Warcraft has a neat anti-cheating system that prevents hackers from rewriting its codebase. The game remaps itself when it gets started and then puts protections in action. Inside the game's code are CRC32 integrity checks that scan memory regions (including the .text section of the game) to check whether the code has been modified.
Today I will be showing you how I have bypassed the integrity checks.
It's 7:30 am and you just got out of bed, rushing your way out of the house to catch the bus. You made it, you are now sitting on the bus and waiting for almost an hour to arrive at your destination. You keep staring at your phone, looking at the traffic app to see how long until your bus reaches its destination, but then something comes to mind, "could it be possible to manipulate the traffic application so I can get faster to work? or at least get a free ride?"
Just like any other student in a dorm, I often go out to eat because I'm too lazy to cook something and do the dishes after. The only thing that sucks about this is the price. So.. what if I could use my skills once more to take advantage of the McDonalds Mobile Application to reduce the costs of my food?
Just like any other student, I don't have much money. (Pretty ironic since my last post, but its true). Not so long ago, Apple released the new Apple Watch 5, a smart watch that is too expensive for me. So I was wondering if I could get this cheaper using my Reverse Engineering skills on a online webshop. And hell yeah was I right!
Just like any student, I'm too lazy to do anything school-related. Not that I'm dumb or unskilled, but just because I don't feel like doing anything for school. Now imagine you have been doing nothing all year long, and you just figured out you have an exam coming up next week, what do you do? cheating! "Work smart, not hard", right?
On a Saturday morning, as I am scrolling through my notifications I notice something, a message from my Bitcoin exchange bot. Five thousand dollars was added to my bitcoin wallet. This cannot be right, I think, as I re-read the notification. Five thousand dollars had indefinitely been added to my wallet. How could this be possible?