BasicsThere are quite a lot of games out there that are powered by the Unity engine, most of them being singleplayer games. Luckily this is irrelevant in terms of hacking so this tutorial can be applied to hacking both multiplayer and single-player Unity games.
The engineUnlike other popular engines like Unreal or Source, Unity engine organizes code in "Scripts" that are attached to "GameObjects" which in turn are organized in "Scenes", it is a so called "component based" engine. Let me break those down in a simple way:
- Scenes are essentially levels/maps. They contain landscape (geometry), lightning and GameObjects.
- GameObjects are pretty much "entities" like props, players or doors: they often have some sort of body and have a "Transform".
- Transforms hold information about Position, Rotation and Scale. Each GameObject has a transform attached to it and vice-versa.
- Scripts are pieces of Code that are attached to GameObjects; they are components. They can have configurable variables and they can execute their code each frame to manipulate their GameObject (or others in the scene). They can also interact with other Scripts.
This is a really rough description and nowhere complete or precise. However, it will give you an idea about how these terms are associated to each other.
"Reversing"Now that you know the basics we will go on to the next part, reversing Unity games.
FilesMost of them come with a "native" launcher-application that is not running on .NET, however there's a simple pattern to their folder-structure:
You need winRAR or winZIP to open the apk and find "Managed" folder and copy it in a folder outside of apk file
In the Managed-folder you will find: "Assembly-CSharp.dll"
DecompilationContrary to e.g. C or C++, C# is compiled into bytecode (IL - "intermediate language") that is just-in-time compiled on execution. While this enables the game to run on every platform that implements such a compiler, it also enables us to get a good understanding of the code.
A great decompiler to use is dnSpy. Simply open "Assembly-CSharp.dll" in dnSpy from the folder where you copied and it will show you all namespaces and their classes:
It uses this coloring:
Yellow - Namespaces
Classes - Green
Orange - Methods
Fields - Magenta
Static members - Same color as non-static members but lighter
By navigating through the assembly you can select a class and inspect their code by simply selecting a method. But you can easily look for promising classnames such as "Player", "Game", "Weapon", "Rifle", "Grenade", "Coins, "Wallet", etc.
RecompilationNow you have modified the source. you have to save the the module.
After saving the module or ".dll" file you have to move it again in apk file's Managed-folder.
You have to sign the apk or it won't install in your device. Use SignApk tool to sign the modified apk.
Main source of this post: https://www.unknowncheats.me/forum/unity/285864-beginners-guide-hacking-unity-games.htmlDOWNLOADS:dnSpy:
https://github.com/0xd4d/dnSpySignApk:
http://www.londatiga.net/it/how-to-sign-apk-zip-files/Notepad++:
https://notepad-plus-plus.org/For Video Tutorial:
https://www.youtube.com/watch?v=v7hYmNujfXM 
Home 
