Simple JavaScript Aimbot - HTML5 Game Hacking

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

over the holidays Sans put on their annual holiday hack challenge CTF one of the challenges was an HTML 5 game with a pretty straightforward solution but I thought it would make an interesting platform to demonstrate some hacking techniques and write a cool cheat now this game had you find a teammate and defeat Santa and the elves in a snowball fight in order to complete the objective the easiest way to do this was just create a private match from the main menu send a invite code to one of your friends and play together until you won the game won't actually start until you have have a second player join you however the hints for the game indicate that there might be a way to play a single player and by hacking on the URL variables you're able to change the mode to single player and then have a AI teammate join it would be much more fun to beat the game using cheats and I decided to see how far we can push this the first thing I did was use this little snippet of code to dump all the variables in scope there are lots of interesting ones here like player throw player all elves Etc we can take a look at all of the keys in our player object by typing player into the console scrolling through we can see all the local variables associated with our player one that really stands out is this take hit function which appears to be a callback triggered when a snowball hits us we can override this function with something that has an empty function body that way when the Callback is triggered nothing actually takes place and our player Health won't be decremented essentially giving us God mode next up let's revisit that all elves variable that we saw earlier taking a look at it we can see that this is actually an object that holds a refence ref to each of the elves in the game again looking through all the elves variables one that really seems to stand out immediately is this is defeated Boolean what happens if we could just toggle is defeated for every elf that spawns on screen to do this we can first create a new function which we assign to the variable f after that we need to get the key for each of the elves we can do this by using the object. keys on the all elves object then for each of the keys we need to grab the corresponding elf and set is defeated to True copying the this function into the console we can wait until an elf shows up on screen and then run it to see what happens we can see this elf no longer throw snowballs or moves towards us however it doesn't actually play the dying animation that's because the animations are handled in a different function you can also see here some websocket Communications which we could use to improve our cheat and send our defeated elves back to the server we can get the elves to not throw snowballs at all by tampering with the elf throw delay variable we can see here in the client side code that in order for an elf to throw a snowball a certain amount of elapse time must pass this is defined by the elf throw delay variable by setting this to an arbitrarily High number the elves are no longer able to throw snowballs and we can pick them off easily and while that's all fun what I really wanted to do was write an Aimbot and so that's what we set out to do next remember that player throw function that we saw earlier let's go ahead and Trigger that and see what happen we can see this must be what gets called when we aim and click looking at the source code for the player throw function we can see it takes an optional pointer argument it then does a few checks to see if the player is already defeated or if there's audio before it jumps into the meat of the function the first thing it's going to do is check that optional parameter if a pointer is not defined it grabs the mouse pointer object from within the game scene object after that it uses a built-in phaser function to calculate the angle from the player to the position of the pointer before it emits a websocket communication to initiate the throw with this new information we can go ahead and revise our old script instead of setting each elves is defeated variable to true we need to actually take our Mouse location and set its X and Y coordinates to the elves X and Y coordinates we also need to go ahead and update our throw delay to zero so that we can throw multiple snowballs at once we can see now that our player throws multiple snowballs to each of the enemy locations now the same bot isn't perfect because it doesn't account for movement such as in this instance we're still missing players that are moving but for the most part it gets the job done this was just a quick video to demonstrate some of the things we can do when we're hacking HTML 5 games while this was a CTF challenge a lot of the same techniques will still apply learning how to use the developer console and read client code is a really good strategy to get started writing these cheats the holiday hack challenge will stay up year round and I highly recommend it to anyone interested in security for more HTML 5 hacking resources as well as general infos resources check out guided hackings website and I'll see you guys next [Music] time [Music] a

Info

Channel: Guided Hacking

Views: 7,004

Rating: undefined out of 5

Keywords: HTML5 Game Hacking, JavaScript Game Hacking, HTML5 Aimbot, web browser game hacking, hacking browser games, browser game hacking, HTML5 hacks, HTML5 cheats, web browser game cheats, Web Browser Game Exploits, HTML5 Game Manipulation, Javascript hacks, javascript cheats, web browser game hacks, java script aimbot, SANS Holiday Hack Challenge, HTML aimbot, HTML5 aimbot, javascript aimbot, java script game hacking, javascript game hacking, javascript hacking, html5 aimbot

Id: Kbmvy7FpIL8

Channel Id: undefined

Length: 4min 48sec (288 seconds)

Published: Thu Feb 15 2024