WARNING: In this article, I will not cover anti-cheat bypass or anything related to that. Education purpose only

Table of Contents

What is Mono ?

Mono is an open source implementation of .NET framework which allows developpers to create cross-platform applications targeting Linux, Android, Windows, MacOS…

Explore using CE

In this part, I’ll show you how to exploit Mono game using Cheat Engine. I assume you already know how CE works. So, when you load the game process you just have to click on the Mono tab and select Activate mono features. Then, click on Dissect mono in order to go through Assembly-CSharp dll.

ce

As an example, let’s take a look at “PlayerMovement” class. In fields tab, you can see many instances of class.

ce1

By finding the address of the structure, you will be able to gain access to the part of the memory concerned and modify it as you wish.

So, you can go from this (health address) :

basic

To this :

to

Write a basic internal in CSharp

In this part, we are going to take a closer look to the game files. If you know a little bit about Unity game structure you might notice that game datas are stored in GameName_Data folder. Now you can go through the folders and you will find the Managed folder where there is Assembly-CSharp.dll. You can now disassemble it using dnSpy or dotPeek or whatever you want.

Thanks to these tools you will be able to see game classes or even understand how the game works !

chest

Now in order to make a basic game exploitation script, you will need to use an IDE (I used Visual Studio and I personnaly recommend it). Let’s import all UnityEngine dlls of the game in our project. Once you did this, you can create a Loader.cs file which is useful to initialize our exploit.

using UnityEngine;

namespace Whatever
{
    public class Loader
    {
        public static void Init()
        {
            Loader.Load = new GameObject();
            Loader.Load.AddComponent<Main>();
            GameObject.DontDestroyOnLoad(Loader.Load);
        }
        public static void Unload()
        {
            _Unload();
        }
        private static void _Unload()
        {
            GameObject.Destroy(Load);
        }
        private static GameObject Load;
    }
}

This small program is pretty simple to understand, it defines a class named “Loader” then 3 static methods.

  • Init() contains a new GameObject that we assign a “Main” component.
  • Unload() calls _Unload() function that will destroy the GameObject created in Init() function.

Now this is the fun part, create a new .cs file where we’ll write our main script.

using UnityEngine;

namespace Whatever
{
    class Main : MonoBehaviour
    {
        public void OnGUI()
        {
            
            GUI.Box(new Rect(0f, 0f, 100f, 40f), "");
            GUI.Label(new Rect(0f, 0f, 100f, 30f), "Injected");
        }

        private void Start()
        {

        }

        public void Update()
        {
            if (Input.GetKeyDown(KeyCode.Delete))
            {
                Loader.Unload();
            }
        }
    }
}

Here is again the basic script you can easily find on the web which contains 3 methods.

  • The Start() method is called once when the program is injected.
  • The OnGUI() method is in charge of GUI.
  • The Update() method is called every frame.

Now, you have to build the dll and inject it using SharpMonoInjector with this command :

.\smi.exe inject -p "NameOfTheProcess" -a "whatever.dll" -n Whatever -c Loader -m Init

game

As you can see, our cheat has been injected into the game !

Conclusion :

I hope useful and you enjoyed this little article about game hacking and, if you want i make a second part / having issues with anything, let me know !

Discord : onii#0121