I'm currently one of two "pen testers" for the anticheat system of a game.

It all started a few days ago when the developer handed me the obfuscated package and told me to go at it. No big deal, I've bypassed it before the obfuscation, so I just changed some imports and sent in the screenshot.

Fast forward 100+ hours, it's turned into a cat-and-mouse game. He sends us (the testers) an update, we break it within hours. We show him what we exploited and he attempts to fix it. Rinse and repeat.

Finally, today he patched the one hole that I've been using all this time: a field in a predictable location that contains the object used for networking. Did that stop me? No!

After hours of searching, I found the field in an inner class of an inner class. Here we go again.

  • 0
    That's kind of fun but really gets tiring after awhile.
    I find it much more fun to break my own code than fight with someone else and try to teach them.
  • 3
    Your job by nature is definitely asshole with good intention
  • 3
    My brain is fried, but I finally found a way to relocate the field even when it's moved.

    I'm in reflection hell.

    @Root I thrive when someone gives me a challenge with constraints
Add Comment