Hacking .Net Games With DnSpy


Unlike native games that is made with c++/c, games made with c# are easier since c# is not compiled and the metadata are not completely lost. In this writeup, i will show you how to hack Unity Games compiled with mono, or any other games that is made with .net framework.

For this writeup, i will be hacking the game ultrakill again. The tool we will be mainly using is Dnspy. https://github.com/dnSpy/dnSpy


So to start of, we need to open up the dlls of ultrakill to dnspy, these dll’s can be found in ULTRAKILL_Data\Managed

Now, we have full access to the code of the game. After some reversing, i found out that the player class is called NewMovement

On Unity, every class has a function called Start() which is called when a new object of the class is made. In the start of NewMovement, we can see various variables being initialized

Now what we can do is add a new line at the end with this.hp = 2000 to give ourself 2000 hp at startup. To do that, right click, and select edit method.

Now hit compile and save the module. Now when we open up ultrakill. We can see that we will get a 2000 hp on startup.

After, looking through the code more, i found an interesting function called GetHurt which i assume is the function responsible for reducing our health.

It accepts a damage argument and reduce our hp with the given damage. Now at the start of the function, we can overwrite this first parameter to never reduce our hp. Again, right click the function, and select edit method.

I added damage = 0 at the end of the function. Now we should never take damage anymore.

So thats how you can use dnSpy for game hacking. You can be more creative and achieve more things but this is how its generally done. Thanks for reading.




Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

ProtoPixel Create 2.9.0 is out!

Helpful tips for building with Block Kit

10 Project-Based Tutorials for Learning JavaScript

starry night sky above a row of evergreen trees

Into Developer Ergonomics

Build simple proxy server in Python

Using Objective-C Code in Swift

READ/DOWNLOAD=* The Unix Programming Environment (Prentice-Hall Software Series) FULL BOOK PDF &…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Brandon Roldan

Brandon Roldan

More from Medium

Privilege Escalation in Linux Systems

Interesting Stored XSS

Log4j Malware — Charming Kitten

What is the Netcat and how to use it?