How do people hack iPhone games so easily?

ios-appstore games iphone ipad

I have seen high scores of 999,999 on Flappy Bird as well as many other impossible high scores on games such as Temple Run, etc., on iPhone and iPad.

How do people hack these games so easily when they cannot see the source code? It seems like they know the source code of the game, which makes them able to manipulate the game file so easily. I don't understand how this happens given that the Apple iPhone is sandboxed, unlike Android.


Solution 1:

iOS applications store their data in files that are available from a computer in two easily-accessible ways:

  • Inside an iTunes backup

  • Via a MobileDevice-framework-based tool such as iExplorer

In my experience, game save data is stored in a fairly ordinary property list file that is manipulable via the plutil tool. The data can be restored and replaced without any code knowledge. From there it's a simple matter of how much the app trusts its save data.

For an example of how this can be used not just for high scores, but to cheat at a game, see the Nimble Quest iOS Trainer, which is itself MobileDevice-framework-based.

(The MobileDevice framework is an Apple private framework created for iOS device access, which has been reverse-engineered to enable the creation of iOS device tools not available from Apple.)

Solution 2:

Some games communicate with their backend server un-encrypted, in plain text. If you route the traffic through a proxy like OWASP ZAP or Burp Suite you can see and manipulate the traffic.

I have seen games that send the answers with the question to the iPhone. In this scenario I could highlight the correct answers. As a result you can always score 100%. Other games send the scores to the server. In that case you can just add a few zero's to your score when submitting it.

Then there are games that store your scores on the phone as zigg describes. These scores are stored in a user readable and writable area and can therefore be manipulated. This is of course only stored on the phone, but you can show off to your friends by flashing your phone.

Related

Using `say` to read terminal output from a command line tool?
Speed up booting time without losing choosing capability in grub
Macbook Pro really slow since Mavericks
How to Open .dist extension as folder on Mac OS X?
How I can install GDB in NetBeans in Mavericks for debugging?
Compose key in LXDE?
Teamviewer scrolling speed
Unable to create a symlink to a file
high performance with xen, vmware or virtualbox
Can't compile with GCC on Ubuntu 12.04
Testing my system, I need a script that will use as much ram and swap as possible
Only get the H+W geometry of my screen without the later +x+y