Target
For our first hack, we will be targeting a game called “The Battle for Wesnoth”, shortened to Wesnoth. This is a free, open-source game that has no anti-cheating mechanisms in place. Most of the lessons on this site will specifically target version 1.14.9. To install it on our VM, open up Powershell as an administrator and run the following command:
choco install wesnoth --version=1.14.9 -y
This will use Chocolatey to install The Battle for Wesnoth. Once the installation finishes, open the game and verify that it works. Then, go into the Preferences menu and change the game’s video mode to Windowed. Finally, play the tutorial mission to learn about how the game works.
Identify
Our goal for this hack is to change our gold. Players use gold to buy troops in the game, so the more gold we have, the more troops we can buy. We will accomplish this by using a tool called Cheat Engine, which allows us to scan and modify game memory. To do that, we will use the steps we learned in the Hacking Fundamentals lesson.
Players only receive gold while playing a scenario. To create a scenario, select Multiplayer and then Local Game.
Keep the defaults for the rest of the settings and start the game.
Understand
In this game, a player’s gold is stored in a variable. This variable is referenced by the code of the game.
To successfully complete our hack, we will need to find where this variable is stored in memory and change its value. Since we are dealing with a variable, we will use a memory scanner to find it.
Locate
Our next step is to locate the memory holding our gold value. We will start by opening Cheat Engine and attaching it to Wesnoth. In this tool, click on the icon in the top-left that looks like a computer with a magnifying glass.
In the window that appears, choose the Wesnoth process.
Memory scanners allow you to scan for a value in the game’s memory. In the example game, the player has 75 gold, so that is what we will search for. Place your gold value in the Value box and select New Scan. Several thousand results will come back.
Initial scans in any memory scanner will return thousands of results. This is because games are complex and thousands of section of memory have the same value as our gold. These other sections could be variables like timers, the opponent’s gold, or character health. Our goal when using a memory scanner is to filter these results down to one or two values that we can then manually test. To do this, we will modify our gold value in the game and then perform another scan using the Next Scan button. The next scan operation will only bring back results that were previously our initial value, in this case, 75.
Recruit a unit of troops in the game and look at your new gold value. Place this new value in the Value box and select Next Scan. In the example below, we recruited a unit for 17 gold, leaving us with 58 gold.
The result of this second scan is only one value. This is most likely our gold, but we will confirm that in the next step.
Change
In Cheat Engine, you double-click on a memory location to move it to the bottom box on the screen. This bottom block allows you to edit the value stored in the memory location. Double-click on your result to bring it to the bottom box. Next, double-click on the value to bring up a box that will ask you for the new value. Type something large in there, like 200.
With the value changed, go back to the game. You should see your gold refresh to 200. Recruit a ton of units to confirm that your change was successful.