Exploring Online Games: Cheating Massively Distributed Sy... and over one million other books are available for Amazon Kindle. Learn more
CDN$ 36.53
  • List Price: CDN$ 57.99
  • You Save: CDN$ 21.46 (37%)
Only 1 left in stock (more on the way).
Ships from and sold by Amazon.ca.
Gift-wrap available.
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Exploiting Online Games: Cheating Massively Distributed Systems Paperback – Jul 9 2007

See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 36.53
CDN$ 36.53 CDN$ 2.20

2014 Books Gift Guide
Thug Kitchen, adapted from the wildly popular web site beloved by Gwyneth Paltrow ("This might be my favorite thing ever"), is featured in our 2014 Books Gift Guide. More gift ideas

Customers Who Bought This Item Also Bought

Hero Quick Promo
Boxing Day Kindle Deals
Load your library with over 30 popular fiction books and more, today only. Learn more

Product Details

Product Description

About the Author

Greg Hoglund has been involved with software security for many years, specializing in Windows rootkits and vulnerability exploitation. He founded the website www.rootkit.com, and has coauthored several books on software security (Exploiting Software: How to Break Code and Rootkits: Subverting the Windows Kernel, both from Addison-Wesley). Greg is a long-time game hacker and spends much of his free time reverse engineering and tooling exploits for new games. Professionally, Greg offers in-depth training on rootkit development and software exploits. He is currently CEO of HBGary, Inc. (www.hbgary.com), building a world-class product for software reverse engineering and digital forensics.

Gary McGraw is the CTO of Cigital, Inc., a software security and quality consulting firm with headquarters in the Washington, D.C., area. He is a globally recognized authority on software security and the author of six best-selling books on this topic. The latest, Software Security: Building Security In, was released in 2006. His other titles include Java Security (Wiley), Building Secure Software (Addison-Wesley), and Exploiting Software (Addison-Wesley). He is the editor of the Addison-Wesley Software Security Series. Dr. McGraw has also written more than 90 peer-reviewed scientific publications, writes a monthly security column for darkreading.com, and is frequently quoted in the press. Besides serving as a strategic counselor for top business and IT executives, Gary is on the advisory boards of Fortify Software and Raven White. His dual Ph.D. is in cognitive science and computer science from Indiana University where he serves on the Dean's Advisory Council for the School of Informatics. Gary is an IEEE Computer Society Board of Governors member and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy magazine.

Excerpt. © Reprinted by permission. All rights reserved.

Online games, including World of Warcraft, EverQuest, Second Life, and online poker, have taken the computer world by storm. Gaming has always been (and remains) among the prime drivers of PC technology, with deep penetration into the consumer market. In the last ten years, computer games have grown just as quickly as the Internet and can now be found in tens of millions of homes.

The Internet is experiencing plenty of adolescent growing pains along with its phenomenal growth. These pains are experienced mostly in terms of problematic and pervasive computer security issues. Online games, especially massively multiplayer online role-playing games (or MMORPGs for short), suffer from these security problems directly.

MMORPGs are made of very sophisticated software built around a massively distributed client-server architecture. Because these games push the limits of software technology, especially when it comes to state and time (not to mention the real-time interaction of hundreds of thousands of users), they are particularly interesting as a case study in software security. In fact, MMORPGs are a harbinger of technical software security issues to come. Modern software of all kinds (not just game software) is evolving to be massively distributed, with servers interacting with and providing services for thousands of users at once. The move to Web Services and Service Oriented Architectures built using technologies like AJAX and Ruby follows hard on the heels of online games. What we learn here today is bound to be widely applicable tomorrow in every kind of software.

Adding to the urgency of the security problem is the fact that online games are big business. The most popular MMORPG in the world, World of Warcraft by Blizzard Entertainment, has over 8 million users, each of whom pay $14 per month for the privilege of playing. Analysts estimate the gaming market will reach $12 billion by 2009.

Inside the virtual worlds created by MMORPGs, simple data structures come to have value, mostly a reflection of the time gamers spend playing the game. Players accumulate and trade virtual wealth (or play money). Many of these virtual economies have per capita GDPs greater than most small nations. Not surprisingly, direct connections between the virtual economies of games and the real economy exist all over the place. Until recently, it was possible to buy in-game play money with real dollars on eBay; now many other well-developed middle markets exist. And the reverse is possible, too. This has led to the emergence of a class of players more interested in wringing virtual wealth out of the game than playing the game itself.

Wherever money is at stake, criminals gather and linger. Cheating happens. In the case of MMORPGs, cheaters have real economic incentive to break the security of the game in order to accumulate virtual items and experience points for their characters. Many of these items and even the characters themselves are then sold off to the highest bidder.

Sophisticated hackers have been working the fertile fields of MMORPGs for years, some of them making a living directly from gaming (or cheating at gaming). This book describes explicitly and in a technical way the kinds of attacks and techniques used by hackers who target games.

Why Are We Doing This?

As you can imagine, game companies take a dim view of cheating in their games. If cheating becomes rampant in a game, unsatisfied noncheating players will simply move on to another. Game developers have taken a number of steps to improve security in their games, some of them controversial (monitoring game players' PCs behind the scenes), others legalistic (imposing strict software license agreements and terms of use), and some of them trivial to break (using symmetric cryptography but including the secret key in the game client code). Our hope is that by understanding the kinds of attacks and hacking techniques described in this book, game developers will do a better job with online game security.

We think our topic is important for several reasons: First, real money is at stake; second, many players are completely unaware of what is going on; and third, online game software security has many critical lessons that we can directly apply to other, more important software. Plus, it's fun and controversial.

For example, some game companies have been known to use stealthytechniques most often seen in rootkits to monitor gamers' PCs. They havealso been known to resort to strong-arm tactics to suppress hackers, eventhose not attempting in any way to be malicious or to make money. Willmanufacturers of other software or digital content adopt these techniquesfor themselves?

Not only are the technical issues captivating, the legal issues surrounding online games and their creative software license terms are also a harbinger of things to come. The legal battles between game companies, academics, and users are by no means over--in fact, they have just begun.

In the end, the topic of online game security poses a number of interesting questions, the most pressing one being this: How do you balance gamers' privacy rights against game developers' desires to prevent their games from being hacked?

Where Do We Draw the Line?

For the record, we do not condone cheating, malicious hacking, or any other game-related shenanigans. We are most interested in deeply understanding and discussing what's going on in online game security. As practical security experts, we believe that only by gaining direct technical understanding of what happens when games are exploited can we begin to build systems that can withstand real attacks. Because in this situation money is at stake, you can be sure that attacks and exploits today are both concerted and organized.

We think it is acceptable and necessary to understand both how games really work and how they fail. The only way to do this is to study them carefully. We pull no punches technically in this book, showing you how online game clients fail from a security perspective in living detail. We also explicitly describe techniques that can be used to exploit online games. We don't do this to create an army of online game hackers--that army is already brimming in numbers, and those already enlisted in it are unlikely to learn much from this book. We do this so that the good guys will know what they are really up against. Our main objective is to describe the kinds of weapons the existing active army of game attackers has.

In our research for this book, we have broken no laws. We expect our readers likewise not to break the law using the techniques we describe.

What's in the Book?

Like most books, this book starts out at a high level and becomes progressively more technical as it goes on.

Chapter 1, Why Games?, poses and answers some simple questions. How big are online games? How many people play? Why would anyone want to exploit them? What motivation is there to cheat in an online game? The answers to these questions will likely surprise you. Believe it or not, 10 million people play online games, billions of dollars are at stake, and some people even cheat for a living. We also provide a gentle introduction to game architecture in Chapter 1, describing the classic client-server model that most games use.

Things get more technical beginning in Chapter 2, Game Hacking 101, where we describe the very basics of game hacking. The chapter is organized around describing six basic techniques: (1) building a bot, (2) using the user interface, (3) operating a proxy, (4) manipulating memory, (5) drawing on a debugger, and (6) finding the future. We pay special attention to the topic of bots since most game exploits exist to create and operate them. Late in the chapter, we even show a very simple bot that we built so you can see exactly what bot software looks like. We then describe controversial moves taken by one game maker to thwart cheating--installing rootkit-like spyware on a gamer's PC to keep track of what's going on. We hold this approach in low opinion and have written a program to help you know what's going on with these monitoring programs on your own machine. We believe game makers would be better off spending their resources to build games that were less broken than to build monitoring technology.

The next two chapters take a break from technical material to cover money and the law. In particular, Chapter 3, Money, helps us understand why some players might want to cheat. The recent book Play Money by Julian Dibbell (Basic Books, 2006) describes one (pathetic) man's foray into professional game farming, something that a number of people actively pursue. There is enough money in play here that entire enterprises have grown up around providing middleman services for gamers, buying and selling virtual items in a marketplace. The biggest and most interesting company, Internet Gaming Entertainment, known as IGE to most people, deserves and gets a treatment of its own in this chapter.

Chapter 4, Enter the Lawyers, is about the law. Game companies (and indeed a whole host of other software makers) have created a licensing jungle in the form of end user license agreements (EULAs) and terms of use (TOU) documents. Though we are not lawyers, and by no means should you rely on our advice, we provide a brief description of U.S. copyright law and the Digital Millennium Copyright Act (DMCA). Then we go through an entertaining (and somewhat scary) parade of EULAs gone bad--from Sony's rootkit debacle to viruses protected by EULAs. We end up with a discussion of your rights as a software user and gamer.

Technical aspects of online game security begin to pick back up in Chapter 5, Infested with Bugs. We spend this chapter talking about the kinds of vulnerabilities found in many games, explaining how attackers use them to build working exploits. We pay particular attention to bugs involving time and state, which, as we alluded to earlier, are the kinds of bugs we can expect to see much more of as other software evolves to become more like game software.

Chapter 6, Hacking Game Clients, really digs in and gets technical. As we move more deeply into games, we are forced to use a game or two as a particular target. We don't do this to single out any one game; instead, we do this to make our examples salient and technical. We have chosen to concentrate on World of Warcraft (WoW), a game produced by Blizzard Entertainment, mostly because it is the number one online game in the world. The kinds of techniques we demonstrate using WoW as an example can be applied by analogy to almost any online game (and to modern Web 2.0 software, for that matter). Chapter 6 begins with a discussion of the attacker's toolkit (many of the tools we describe are standard software testing tools). We then organize our discussion of game hacking techniques into four equally important areas: (1) getting over the game by using its user interface directly, (2) getting inside the game by manipulating memory, (3) getting under the game by interposing on services like video drivers, and (4) getting way outside the game by intercepting and manipulating network traffic.

Chapter 6 is in some sense the heart of the book, introducing a large number of techniques commonly used by game attackers. Chapter 6 has lots of data in it, probably too much. Sometimes it is easier to understand these kinds of techniques by seeing how they are put into practice. Toward that end, in Chapter 7, Building a Bot, we put together all of the lessons of Chapter 6. Chapter 7 is technical, with plenty of example code showing how the ideas in Chapter 6 work in concert to exploit a game.

Chapter 8, Reversing, is even more technical, focusing its attention on reverse engineering techniques that many attackers use to exploit software. Though the techniques we describe in this chapter are intense, they are by no means new. As we describe in our book Exploiting Software (Addison-Wesley, 2004), disassemblers and decompilers are used in computer security every day, both by good guys and by bad guys.

The final technical topic in our book is presented in Chapter 9, Advanced Game Hacking Fu. This chapter discusses what is known in the trade as total conversions and game mods. We describe the process by which some people take apart game data files in order to build their own games or combine different aspects of games in interesting ways. Though some game companies try hard to quash all discussion of total conversion, it happens anyway. We describe how.

Of course, our purpose in this book is to help those who build games understand how to do a better job with security. Chapter 10, Software Security Über Alles, provides a flyover of the new field of software security. Game developers would do well to adopt some of the best practices in common use in the financial vertical today. We also describe a set of questions that everyday gamers can ask their game companies about security. Our fervent hope is that this book will lead to more secure software--both in the game community and beyond.

The Software Security Series

This book is part of the Addison-Wesley Software Security Series of software security books for professional software developers. The series includes the following titles:

  • Exploiting Online Games: Cheating Massively Distributed Systems
  • Secure Programming with Static Analysis
  • Software Security: Building Security In
  • Rootkits: Subverting the Windows Kernel
  • Exploiting Software: How to Break Code
  • Building Secure Software: How to Avoid Security Problems the Right Way

Customer Reviews

There are no customer reviews yet on Amazon.ca
5 star
4 star
3 star
2 star
1 star

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 18 reviews
29 of 36 people found the following review helpful
Self Promoting Cut and Paste Mess Jan. 12 2008
By LarryBrazos - Published on Amazon.com
Format: Paperback
By the way, you can read more in my book . . .
If you want to know more, buy . . .
Discuss further in my book and every other book printed by my publishing company . . .

This book is a mess of poorly explained code snippets and self promotion. Also, it focues 90% of its hacking on WoW. If you don't know anything about World of Warcraft, then you will be completly lost. I have /timeplayed 1000 hours, so I could follow all of the WoW references, but unfamiliar readers will not understand large parts of the book.

Half of the work in this book is just cut and pasted from code scattered on the internet. If you don't know C++, how to exploit the Windows OS, or modifying memory, these walls of code don't make much sense.

This is the first book I have ever returned. The constant self promoting and lazy cut and paste code just frustrated the hell out of me.
14 of 17 people found the following review helpful
A script kiddie could have written this book May 18 2010
By Computer Science Student - Published on Amazon.com
Format: Paperback Verified Purchase
This is by far the worst book I have ever bought. I just finished a systems programming class which I received an A in and at times this book left me guessing at what was going on. In my honest opinion I could have found a script kiddie on a random set of forums on the internet that would explain the code in the book better then the authors did. Most of the code seems to be stolen from random World of Warcraft hacks that other people have produced. Most of the book leaves open ended paragraphs that say "this is possible, but to understand it you must buy my other book ...". For a book that was supposed to help developers prevent such vulnerabilities it only seems to aid in letting the reader know that certain types of vulnerabilities exist. I couldn't stop laughing when I came to the section titled "Standing Way Outside the Game: Manipulating Network Packets". This section starts out promising with a nice introduction but as soon as you turn the page all that's there is a "screenshot" of code from another World of Warcraft script to decrypt packets. End section. I HIGHLY RECOMMEND YOU DO NOT BUY THIS BOOK.
23 of 29 people found the following review helpful
Too General, not for a programmer March 29 2009
By Anh Nguyen - Published on Amazon.com
Format: Paperback
As a programmer point of view, this book is useless. Before buying the book, I want to know how to debug a game, how to find NPC offset, and how to find functions used inside the game. This book is mostly about what is legal and what is not. I have learned nothing from this book.
9 of 11 people found the following review helpful
It's a fun read Aug. 11 2007
By Chris Marlowe - Published on Amazon.com
Format: Paperback Verified Purchase
This is the product of the Hoglund's forays into cheating at Warcraft. He did an excellent Black Hat presentation on the same subject in 2006, as well.

Even if you're a security expert, this will teach you things. For example, the requirements of games (responsiveness, good use of network bandwidth, etc.) force them to design their systems with risk, and that risk can be exploited. The only alternative is to run the entire game on their servers and have the client programs be merely display stations, and that just won't work. It makes for a very good read.

Even Hoglund's political rants are fun to read, even as they ring hollow. It's okay for him to hack the system by any means necessary, because he's a hacker and that's what hackers do. But it's not okay for the people who run these games to hack him back because that's an invasion of privacy. How dare they! It strikes me that the real offense is that he was out-hacked, and yeah, it's annoying to lose.

I rate it only three stars because I expect it will not age well. If you're reading this review in 2007, buy the book, it's great. Buy it, you'll love it. If you're reading it in 2008, 2009, or beyond, recognize that the principles he shows are liable to be true for a long time, but the details have a shelf-life.
24 of 32 people found the following review helpful
It's not just for game players July 27 2007
By Jeremy Epstein - Published on Amazon.com
Format: Paperback
As someone who doesn't play online games, I approached this book with more curiosity than a practical need. It's an worthwhile read, although having a background with game terminology would certainly have made it easier to understand. Technical readers will want to skip straight to chapter 5 and read the second half of the book, which includes many detailed explanations of how to manipulate games to your advantage.

The focus of the book is on manipulating the client side of the game, with relatively little on server vulnerabilities. There's also not very much guidance to game designers on how to avoid the problems covered in the book.

I was pleased that the book covers not only the security issues, but also related topics such as privacy, and the ethical issues for both providers of online games and the hackers who play and subvert the games.

Many of the lessons are applicable to any distributed system with thick clients, including not only game software but also business systems. As such, it's worthwhile reading for developers of nearly any distributed system, as it will give a reasonably accurate picture of the lengths that attackers are willing to go to in compromising a distributed system, and the abilities they have to manipulate software without designs or source code.