Hello we are gonna start by this tutorial, today it's my birthday Wooho !.

Step1: Run "Murnatan-alpha.exe".

Step2: attach an undetected ollydbg.

Step3: connect to an empty game server. (yes we want to be alone).

Step4: in ollydbg place a Breakpoint on the function send() of winsock.

Step5: the address should hit around "Murnatan-alpha.exe .#murnatan.net.dll<12345678> !.

Step6: Breakpoint murnatan.net.dll+12345678.

Step7: wait the time in game to award you let's say "300" credits.

Step8: Lol this break when i got the credits !< we can see on ollydbg that "EAX" hold the packets, and EDX hold the packet lenght.

Step9: Find a "code cave" and the function "bind key" that way when we press "e" (since we have made a "JMP" to our custom Packet_Send address" we can place our custom packet in EAX and then send it by pressing "E" (don't forgot EDX register for the packet lenght man).

Final Step: Join a public server, send your packet by pressing "e" let's say <header><size word><effect> -> 6B 5 "AwardPlayerCredits" 6B FF FF 00 00.

Extra Step: lol i got 65535 credits and bought chaingun at the first 0:30s and pawned all aliens.

Extra Step: damn i've been recorded and i'm banned because i was too dumb to abuse of this mass credit hack.

Ps: it's my birthday and i'm 19 gonna eat now, have fun reading this tutorial it's not intended to be used for cheating so take care your in my watchlist.

Regards Valentin.

Nice tut dude Reminds me times when i myslef wanted to be a hacker (did not work as planned tho :-D).

Congrats to your 19th birthday .

PS: This method will not work on Murnatan. U guys will need to try better >:-)

Nice tut dude Reminds me times when i myslef wanted to be a hacker (did not work as planned tho :-D).

Congrats to your 19th birthday .

PS: This method will not work on Murnatan. U guys will need to try better >:-)

Thanks you, mind to give me the SDK on skype =D ?.
Ypsylon::LoveYou

Member of class haha.

PS: why this method will not work ?, could you explain how your gonna design the "Client -> Server" system ?, i mean a game even with a Stone security can be still "exploited" or does the "packet" can be protected as well ? even if it's the case there's a way to get the packet before they are encrypted (require week/month of analysis depending of the security those).

We are using authoritative server design.

Its pretty simple why this will not work (but something else just might work well. Especialy actions where client wants to be authority are pretty easy to mess with) there are no such packet that will tell server to send client some credits. Only similar packet is packet from server to client which tells client 'Hey dude here are some credits from me lets display them on hud' Majority of actions cannot be passed from clients to server.

Awesome.

In my mind, *all* calculations and variables pertaining to gameplay should always be server-side, except those related to client graphics, HUD, animations, other obvious things, etc.

Don't give our favorite little hackers any more leverage than necessary, lol.   

Besides, with UE4, server-side calculations shouldn't be very intensive anyways.  If the serverside for this game is anything like that of a particular game we may have played in the past, then a toaster should probably be able to run it with no issues.