Reverse Engineering: cheating on your favorite J2ME game

Reverse Engineering: cheating on your favorite J2ME game

Nowadays it's normal to own a cellphone that has a java virtual machine that can run J2ME applications.
Most of the time, your cellphone already comes with some games, but you can buy or download hundred of others all over the internet.

But have you ever thought on how they are programmed? Or how you can cheat on them? Well I have, and since it they were written in java my first thought was on to reverse engineer the games, just for fun and being able to mess with their code. I know that cheating is bad, but I'm a computer science guy.. I love to watch "inside the box" to see how things are working.

I'm not really into java reverse engineering, but I know two java decompilers, one written in java called Mocha and other written in C++ called HomeBrew. It's true they have been around for many years but, most of the time they do the job, specially if we're talking about simple j2me applications. Even if these decompilers are nice applications you have to keep in mind two things:

1. Sometimes they are not able to decompile the entire bytecode resulting in a incomplete and probably non functional source code file.
2. They do not work with class files compiled with javac from java 5 SDK.

Anyway I grabbed the jar file from one of my favorite games, called Bounce, unziped it and fired Mocha against the bytecode files. There were 9 classes, mocha was able to decompile 8 of them. Using HomeBrew I managed to partially decompile the last class, although for my main purpose such class wasn't needed, so I just discarded it.

My main objectives were:

1. Understand what kind of interface a J2ME application uses, I know that there are tutorials, but I preferred to this in this way.
2. Change the number of initial lives, I already have ended the game but is always fun to do this kind of cheats!

The main interface was easy to find, just had to check the MANIFEST.MF file. The interface is pretty simple, the class has to extend MIDlet which is an abstract class and makes you implement three methods, destroyApp(), pauseApp() and startApp().

The 2nd objective also didn't took much to finish, I just grepped the source files for live and found a couple of statements referring to a variable called numLives.
There was a funny thing while doing procedure, even if I'm fond of this game and play it for ages, I never had realized that if we have 5 lives and pick up an extra one, it doesn't add to your life counter. I just found that looking at grep's output, when I read:

Anyway instead of giving an higher value as inicial value I commented the line where it decreases the number of lives and voila immortality for this game! I then recompiled the code - keep in mind that to realize this last steps you need to have the j2me sdk installed - generated a new jar file, uploaded to my cellphone and gave it a try.
I killed myself (obivously in the game) and the number of lives wasn't affected.
I think I can call a success!

This was only a simple and fun trick to show you the power of reverse engineering. But do your own experiences, you'll see that you'll find it interesting.

What you do need:

• Moche, HomeBrew or any other java decompiler
• J2ME SDK
• Patience
• Knowledge about java

Hope this post made you want to try to reverse engineer one of the java games you have.
Have fun!