Two years ago I’ve tried my hand at cracking something, it’s quite an unknown game, Arena Wars was the name. I always found it fun to take it for a spin, try out a match or two, then forget about it for a couple months.
Until inevitably, the reason for this project came up. See the game originally came in a disk, and it worked fine at the time, as time moved on however, disk drives ceased to be a thing, now only emulating drives, or plugging drives via USB was possible. Guess what, the game’s builtin DRM did not recognize either of them and now I had a game that I owned but could not play. Only way to get it back is by cracking it, it’s abandonware too, so its not like anyone gives a damn.
My first try wasn’t very successful, x64dbg is a very complicated tool and to anyone who isn’t used to reverse-engineering, it’s a brutal way to start. Hence giving up, a few months ago I tried with a new technique.
The game, albeit very old, was one of the first to be built in .NET, the same framework which powers Unity games. This meant that there were decompilers (like dnSpy) which could decompile the code and make it easily editable.
Unfortunately there were two problems with this approach:
- Arena Wars is so old that modern decompilers only support decompiling the code, but not recompiling changes directly, those changes needed to be done manually in the IL code. If you don’t know what that is, it’s basically working in Assembly, one step above writing in bits and bytes.
- The code was obfuscated, meaning I had no idea what any of it did, only how it’s structured. Making matters worse was that the game had multiple languages, meaning that I couldn’t even directly search for text to find what i needed.
So despite being able to see the code, I had my work cut out for me. What followed was a whole trial and error. If the game thought it wasn’t legit, it launched in Demo mode, I had to figure out where it got the check for the CD from and flip it so it thought it was legit. Because that I was writing tweaks in IL code, given my skill level, the most I could do is change a + to a - for example, or a < to a >. If I wrote new code or added complex functions, it would change the size of a class and crash the game.
Eventually though I got to where the changes were affecting how the game responded. I discovered the game had an alternate Multiplayer Demo mode, (basically the same thing), as well as a fake real mode. Where it says its legit, but nothing works. While I did this, I took various notes, learning what each function most likely did, steadily building my knowledge of how the game worked, until I discovered where it checked the CDs.
Soon enough, I got lucky and the Demo was no more. I intercepted the response code from the CD check and mangled it quite a bit, now it thinks its legit. Dunno how or why, but now it does. Anyways, soon after cracking it, I ended up cleaning the crack, figuring out exactly which change did it the trick in the executable and boiled down the entire crack to a single changed byte.
Overall, it was quite like a brainteaser, fun to solve, and my reward was getting my game back!
Not saying that anything like SECUROM or DENUVO are next, but for those that like this kind of thing, I imagine they’d start small and slowly get to that level. At the end of the day, it’s only a puzzle.
Extras:
Thank you for reading about my journey. Have a day full of wonder!
Edit: If you can’t see the images clearly, that’s probably because you’re seeing them in Imgur’s mobile site. When in a phone it automatically redirects you there with a garbage version. To see them clearly, switch on desktop view. >:(
where do you recommend someone starting from? do you have any resources that can help?
I may make it sound easy, but when I did this, I already had 8 years worth of C# experience. I definitely recommend that you learn how to program first, then once you know what you’re doing. Read up on some tutorials on reverse-engineering. General practices, that sort of thing.
When you’re ready, pick the right tool for the job. If you can decompile to get the code out (like dnspy for example in .NET programs), that’s much easier, other languages may require other tools, C++ will likely require hardcore programs such as x64dbg, and you don’t wanna touch that until you can understand Assembly to at least a passable degree.
TL DR: It’s hard, but there is a path there, don’t eat more than you can chew.
Kinda depends on how much you’re familiar with low level programming.
For a quick check to see if it’s for you start by learning a little about how a processor works here (the first episode can get a bit condescending at times, but it’s good info).
Then try diving into a disassembly CTF like MicroCorruption.
If you (somehow) enjoy both those things, consider learning C and specifically how to use it to break things through shellcode.
C Programming: A Modern Approach, and The Shellcoder’s Handbook are great resources for that (look here for instructions on obtaining them 😉).
There are lots of books like beginners.re. Programming and knowledge on how a computer works is required. Then crackmes.one if you want to solve challanges.