Tutorial DLL Hacking and knowledge for any C# Game

Discussion in 'Tutorials & Tools' started by Baron, Mar 30, 2018.

View Users: View Users
  1. Baron

    Baron Friends AS Team GOB - L2

    Hello everyone,

    since many people dont know where to start with hacking games, I decided to share a small tutorial. We will be using Dead Trigger 2 in this tutorial.

    - A little bit of knowledge about C#
    - One working brain
    - dnSpy or .NET Reflector (for net Reflector you will need a plug-in called Reflexil, I will be using dnSpy for this tutorial)
    - WinRAR
    - signer (attached for download)

    So lets get started;

    Alright, first of all you need to download Dead Trigger 2 apk (I used apkpure for that) and you will need to drag / copy / cut it to a clean folder. Then you need to right click to the apk and rename the extension from .apk to .zip

    Now you will need to extract the zip file, right click on it and press Extract here;

    After you extracted the zip file you will get a bunch of files & folders, then you will need to go to this path "\assets\bin\Data\Managed"
    and drag the Assembly-CSharp.dll to dnSpy;

    Now we are good to go, we need to be creative after this point and think about what we want to search,
    I want to search stuff with enemy now.. what could it be? The name of my enemy? Male or female Zombies? Nope, not interesting..
    I will search for my enemies health. So there are key-words in programing.. if you want to search it, you must think like you are runing the game, like you are the computer. You must ASK for enemies health, how? like get_enemyHealth, get_enemyHp, get_enemyHealthpoints etc. you will face with get_xxx and set_xxx methods alot. But you should not touch set_xxx ones because set_xxx gets the value from get_xxx so we have no business with it. {get; set} is auto property, and is essentially a shorthand for the following program.

    So when I search for enemyhealth or anything, I need to see which function is the most attractive one for me;

    I found this "EnemyHealth" function in class "GameplayData", other ones are not attractive for me.
    So now if I look to this function closer (with double clicking it);


    I see that there is some calculations.. What exactly does this function say to me?
    It says to me, that the health of our enemies are getting multiplied with 0.7f if game is in easy mode, and with 1.2f if the game is in hard mode. but that is STILL not that what Im looking for. (you still can change these values to avoid the multiplications, for example changing the float values to 0)

    So I search now for get_health;

    and I found the get_Health method inside class "GameplayData.EnemyParams" that sounds good. Lets go to this function;

    this looks really good to me. A float method which probably gives to enemies their health. In next step we will right click to the first line inside the get method which is line: 373 and right click on this line and press "Edit IL Instructions.." ;

    You will face this page;
    here we see from index numbers from top to bottom what this method get_Health() does.

    So whats next?

    Since we want to give this method a single value what we decide, we need to chose the first 3 lines, in this case its index 0,1 and 2 then we will delete them;

    and then we will click on the "ldfld" OpCode and change it to "ldc.r4" since ldc.r4 is used for 32bit float values.
    A few more OpCodes:
    ldc.r8 = 64bit float value
    ldc.i4 = 32bit int value
    ldc.i8 = 64bit int value
    ldc.i4.0 = used as false in boolean methods or as 0 value in int methods
    ldc.i4.1 = used as true in boolean methods or as 1 value in int methods

    for more OpCodes you can use google.

    After we changed our Opcode and the value to 1 (since we want to give our enemies 1 healthpoints) it will look like this;

    Under private class EnemyParams I saw many useful methods also but I wont touch them for now. You can change those and test them yourself.

    Sooo now lets search for ammo;

    And I found an interesting method which gives me the number of ammo inside my weapon clip. class WeaponBaseFirearm :D

    Like I said.. we will always change whats inside get{ } but if you change this method, you also need to change this one;
    because this is the Max limit method of clip. Same with ammo;

    So under same class I found another interesting method;

    the method tells us everything we should know. But why float? What should I do with it?
    In games numbers of time, health, position etc. any kind of point numbers are declared in float, so in this method the float value is getting used as seconds. So if we change the get_ method to 60f , we will keep fire 1min even if our target is lost from crosshair.

    Another interesting method is;

    So what does this method tells me? it tells me if my ammo is not equal to 0 then it the game system should substract everytime 1 bullet when I shoot. But I dont want it.. huh ?!

    So we look closer to this function;

    As you see here.. we just found the substraction OpCodes of this function.. so these snacks take us our bullets !
    and 1 line up of sub opcodes you will see ldc.i4.1 which is equal to value 1, remember? this means everytime I shoot they sub 1 bullet from my weapon. We have 3 ways to hack this function now.

    1. we change the ldc.i4.1 to ldc.i4.0 so they will charge us 0 bullets everytime we shoot
    2. we change the substraction (sub) to addition (add) so instead of charging us 1 bullet, they will give us 1 bullet.
    3. we NOP the sub opcode which is No OPeration . Basically sub will do nothing then. (to do that just right click on sub line and press "NOP Instruction" or press the shortkey N)

    I have changed the sub's to add's;

    And thats what we got !

    after you done all the changes you did, go to File and press save all;

    then choose all files inside your mod folder and zip it;
    1. Change it to ZIP from RAR
    2. Change the extension of the file to .apk
    3. after you done, you will need to sign it;

    Download the 1 click signer I will give you here and copy the apk inside the folder you extract the 1 click signer, I recommend you to rename the apk to anything short;
    Open one_click_signer and type just the apk name with the .apk extension .. in this case its 1.apk and press enter, after a while you will get the signed apk ready to install to any unrooted device.

    For any help or errors just reply here.. I will help you as far as I can.

    if you need help with another c# game or any function/method, also reply here we will help you.

    Good luck and thanks for reading !

    Your AutoSkillz Team

    My very old hack for Deat Trigger 2 :

    - 1hit Kill
    - Godmode
    - Very high mission rewards (Money, Score, Exp, etc)
    - Unlimited Ammo / No Reload
    - NPC Friends Godmode
    - No Recoil
    - Infinte Shoot Range
    - Infinite Auto Shoot

    1, 2, 36, 4, ...:D:D:D:cool:

    Attached Files:

    • Mod.zip
      File size:
      401.6 KB
    Last edited: Mar 30, 2018
    PixelYT, thiefs, Jbro129 and 15 others like this.
  2. Kaoti

    Kaoti New Member

    Bro, we can add lines in this code? Like for exemple create an update and there put ammo = Mathf.infinity;
    We can?
  3. Esco M

    Esco M New Member

    Excuse me, how can I mod games like pixel gun 3d, I wont break the game, and if so can it be a private tutorial, I dont want anyone making overpowered mods on pixel gun, but my release will be public on a random youtube account, so that its kinda hard to find
    PixelYT and Josuedeluna47 like this.
  4. Asyhole

    Asyhole Adminstrator Adminstrator

    What coding languages do you currently know?
    Kaoti likes this.
  5. Kaoti

    Kaoti New Member

    You need C# programming knowledge.
    Before, you need to know if pixel gun 3d has DLL encrypted or not.
    In my case i dont know what to do if DLL is encryptes...
    If not, follow all the steps of video!
    Thanks for reading!
    And if someone can help me to mod bullet force (help me decrypt DLLs) pls halp mee!!
  6. Kaoti

    Kaoti New Member

    I like ur name Asyhole ts amazing xd!
  7. CyberDeath

    CyberDeath New Member

    Is it possible to hack critical ops ? With like aimbot and shit
  8. Kaoti

    Kaoti New Member

    If u arent a critical ops developer, or professional decompiler and cracker... u will need to wait for someone post a hack... its like bullet force, its made with unity but has the DLL encrypted... i try it to decrypt but for me its impossible...
  9. Lenga

    Lenga New Member

    Can you post a video tutorial for a simple game such as Coalition
  10. Josuedeluna47

    Josuedeluna47 New Member

    Can I know the channel
    pixelmodder likes this.
  11. Aksu_J

    Aksu_J New Member

    I did everything that you the tutorial but when I try installing the apk file on my phone it gives me error but my phone has finnish languake so idk what is it in english but I think the apk file is invalid and my phone cannot read it
  12. COLEX

    COLEX New Member

    Me too i want to know how to hack
  13. COLEX

    COLEX New Member

    It’s complicated
  14. スペア

    スペア New Member

  15. Suppy

    Suppy VIP CO - L2

    Funny to see how you guys are struggling.... Read the first tutorial part, you need a brain... Is simple if you follow everything
  16. Rookeriskerd

    Rookeriskerd New Member

    How about on Android?
  17. Suppy

    Suppy VIP CO - L2

    We're talking about android here dummy
  18. Rookeriskerd

    Rookeriskerd New Member

    I know but we need a computer software somewhere and somehow
  19. EarthAgar

    EarthAgar New Member

    What do i do lol when i unzip a game and there are literally no dll's ? (Im trying to hack soul knight you can see for yourself if you download it and unzip)
    _-ToPcHeG-_ likes this.
  20. lucky09042000

    lucky09042000 New Member