Hacking Unity Games with Malicious GameObjects

The Unity game engine provides various means for getting external assets into a game, such as AssetBundles, for adding assets at runtime and the Asset Store, for purchasing third-party assets.

It’s possible for a GameObject to execute arbitrary code using no custom scripts, only components that are available by default in Unity. If the game uses Bolt or another visual scripting system, there are even more paths to code execution. In this blog I will cover how a malicious GameObject might get into a game, two specific methods I’m aware of for the GameObject to execute code, and possible ways to mitigate the risk.

Strengths and Weaknesses of LLVM’s SafeStack Buffer Overflow Protection

Introduction In June 2015, a new memory corruption exploit mitigation named SafeStack was merged into the llvm development branch by Peter Collingbourne from Google and will be available with the upcoming 3.8 release. SafeStack was developed as part of the Code Pointer Integrity (CPI) project but is also available as stand-alone mitigation. We like to … Read more