Crushing Candies in Memory

Candy Crush Saga has become all the craze lately – especially after its recent port to iOS and Androd. It is additive, engaging and fun. And, it has over 15 million daily active users. Due to the lucrative nature of its in-app purchases, its developer, King, has even decided to abandon its advertising revenue streams altogether. King has perfected the art of monetizing all its games. Candy Crush is free for the most part. However, just when you are hooked and fully vested in the game, it makes you cough up 99 cents for 5 additional moves that you absolutely need to complete the level and proceed to the next one. These cents quickly add up and before you know it, you are out a few hundred dollars. It's absolutely brilliant!

Flash games have been around forever and many popular mobile games have had humble beginnings with Adobe Flash. Candy Crush is no different and has a flash offering too. Since Flash runs on your computer (as opposed to the cloud), it is relatively easy to cheat on these games by modifying their state in memory.

ArtMoneyand Cheat Engine are popular memory hacking tools used to modify the state of running applications. They work by searching for values set by the user with a wide variety of options that allow the user to find and sort through the computer's memory. Using these tools, users can view the disassembled memory of a process and make alterations to give themselves advantages such as infinite time, points, etc.

In this article, I'll walk you through the process of using a memory hacking tool on a Flash game like Candy Crush. I do not endorse robbing game developers of their well-earned revenue and this tutorial is written purely for educational purpose.

First and foremost, download and install Cheat Engine. Then, launch it. Once Cheat Engine is running, we need to attach it to the process which hosts the game. Click on the icon highlighted to do just that.

Since Flash games run within a browser, we need to attach it to the web browser (in our case Chrome). Notice how there are multiple processed of Chrome listed below? This is expected of Chrome. Just select any one of them and click "Open".

We now return to our Candy Crush game running on Chrome and notice that we have 15 moves available to us. Say we want to increase our moves to 50. Let's switch back to Cheat Engine. We need to identify the memory block that stores the value 15. Let's begin by finding all values in the game's memory that are set to 15. Creating a "New Scan" resulted in 10,727 memory addresses being found. It's a good start. But, we can't change all ten thousand plus values in memory and expect the Candy Crush to continue working properly. It may work, but, more likely than not, the game will crash. Now, it's about finding the needle in the haystack. We need to filter these results further.

Returning to Candy Crush, let's play a move and decrement the "moves left" from 15 to 14.

Switching back to Cheat Engine, we perform a "Next Scan" with the value 14. This scan does not search the entire memory of the process. It just looks for memory locations with the value 14 amongst the memory locations previously identified. And, viola! We hit a home run. We have found two memory addresses that have changed from 15 to 14. It was all too easy. If you are curious, you could play another move on Candy Crush and verify that these values get decremented by one.

Now, let's add these two memory location to our watch list so that we can keep an eye on them during the course of the game. We can do so by clicking the highlighted red arrow.

It's now time to modify these values and make them 50. Values can be modified by hitting "Enter" on the keyboard, double clicking on the value, or bringing up the context menu with a right click as shown below.

A dialog box should pop up. Input 50 and hit OK. Easy Peasy.

Switching back to Candy Crush, we see that "moves left" has been incremented to 50 to reflect our changes in memory. Mission accomplished!

This technique works on most games and can be used to change all game parameters that are stored in memory. This technique will not work in instances where game developers store the state of the game on their server (like the player's level) and compare this game state with the one on the player's computer. Memory hacking is just one of the many ways to cheat your way through games. There are multiple other way to achieve the same objective. Other popular ways of hacking web based flash games include – modifying the game logic with a Flash decompiler or intercepting the communication between the game and the server and transmitting incorrect information to the game's server. If this is something that interests you, leave a comment below and I'll discuss them in future posts.

Happy candy crushing!