The /r/southparkphone subreddit is arguably the largest and most popular community forum currently dedicated to fans of South Park Phone Destroyer.
What's highly unusual about this subreddit, however, is that Ubisoft employees are actually moderators of this unofficial fan forum. Meaning that they have direct control of all narratives and reviews involving their own game. That's like Ubisoft being owners of Metacritic where they can delete posts critical of the company, ban dissent, and change public opinion.
I suppose the Community Manager job description has evolved from "engaging the online community in an open and honest way" to "controlling what people are permitted to say about their game."
New-hire Steve is the current overseer of the Phone Destroyer community. When he's not shamefully trolling redditors, you can find him on the Phone Destroyer subreddit angrily stating and re-stating.. ad nauseam.. the same arguments that cheating and exploits within the game are impossible. And, that all of the problems users experience are their own fault. It's never a server or software issue, it's because they "stepped in an elevator", "it requires a good connection", they have a bad phone service plan, they're lying, or they are a terrible human being.
There are also claims of a 100% effective anti-cheat system, but which was interestingly implemented after Steve said that cheating was already not possible. If cheating was impossible, uh... why would to need to implement a client side anti-cheat update then? You need to protect against cheating on an already hack-proof game?
I feel that many of the hacking complaints came to a boiling point in July 2017. Customers were complaining non-stop about unfair cheating within the game, and rightly so, but Ubisoft's Community Managers were screaming back at the customers, telling them they were clearly wrong. It's just a bug, there are no exploits, there are no cheats, it's network related, it's your cell phone, your internet sucks, you suck..
Finally, in late July the fucking hammer came down and Ubisoft laid down the law in the Phone Destroyer fan subreddit. Redditors were no longer allowed to complain about the rampant cheating. You used the word "rampant"? Banned. If anyone complained about unfairness, their post would be deleted and/or they would be banned. Even posts about "emulation" were classified as bannable, even though they were perfectly acceptable under the ToS. But, Steve apparently had enough.
I think what makes this mildly interesting is that the other, non-Ubisoft moderators, are known cheaters. Cheaters telling other people not to cheat, claiming that the game is cheat-proof, and deleting posts related to the rampant cheating. That's not irony, but it is fucking sad.
So while Ubisoft and their moderators are adamant that there are no cheats or exploits possible in the game, and excuses such as "we're still only in open beta" and "this is just a soft launch" are constantly being thrown in people's faces, here's what's happening in the real world for those who haven't drunk the Kool-Aid.
Even after their most recent patch, cheating is still very common. Hacks and mods have always been fully functional within the game since day one. They have just required some minor tweaks after certain patches. Most recently, a new iOS mod was even released publicly right after their most recent "huge" patch.
However, don't put any trust in these public hacks. They are very simple, and easily detectable.
Here's why: the Phone Destroyer team doesn't exactly have highly proficient security developers, so their anti-cheat methods are very rudimentary. The problem with these public hacks is that they use basic level patches like freezing the energy bar at max levels, but Ubisoft is specifically monitoring and logging energy levels for numbers that don't fluctuate or make sense. Luckily, that's pretty much the limit to their anti-cheat system.
I have been cheating since day one and have never been caught, on dozens of accounts. There are a hundred other ways to cheat the system. If you slowly increment the energy flow to regenerate faster, rather than simply fixed at 10, you'll be undetected. If you alter your card attack speed, it will be undetected and barely noticeable by your opponent. If you change card energy costs to be less than actual, you'll be undetected. If you manipulate damage or health regen numbers, you'll be undetected. You can also keep your primary health bar regenerating, or reduce damage to your main character, without detection. And so on.
Basically, as long as you're not freezing memory addresses and you don't get reported, you'll never get caught.
I feel that a lot of this subreddit drama can be used to your advantage. Moderators (some of whom are cheating themselves) are screaming that cheating and exploits are not happening, and that it's all coincidental network latency issues. They are also deleting posts and banning users who complain. Not only that, but Ubisoft has a very convoluted and frustrating way to report users, and there is no instant-reporting feature available, so most victims are completely discouraged from reporting abuse. Maybe the Catholic Church gave them some pointers. Even if you do manage to take a picture demonstrating proof and report it, they still need to manually investigate (like I said, it's a very poor anti-cheat system) and review reports, with most being written off as network latency bugs or some such nonsense. It's a great system that protects hackers!
While the game runs rampant with cheaters and hacks, there's a kindly gentleman telling everyone "Move Along. Nothing to see here." Just like Officer Barbrady.
Seeing everything they've written, it reminds me a lot of Trump. If he repeats something often enough, he'll actually believe it himself.
The problems with their anti-cheat system actually open up some other security holes. Because they depend so much on player snitching, they can be easily manipulated by butthurt opponents.
It's very much possible to create a Photoshopped image of a "cheating" player and report them. They'll take the image at face value and ban the innocent victim. And because of this same broken reporting process, their innocent cries for assistance will be completed ignored... twisting the knife even further. Without an adequate cheat detection system, framing innocent players is currently quite easy. This used to commonly happen in popular online games, like World of Warcraft, for several years before it was even noticed.
If you suspect that some of your opponents are generating energy just too fast, they are instantly regenerating health, or hitting too hard, you're right to suspect they are cheating. Of all the cheating complaints I've seen, that have been written off as latency bugs, I haven't found any that I wasn't capable of reproducing using simple mods. If your suspect is constantly winning, it's definitely not a coincidence.
We've all read the new articles and factual accounts of the massively widespread and rampant corruption of power by redditor mods. Whether it's a corporation who has bought the loyalty of a moderator to promote certain products, or a political party deleting posts and peddling propaganda, it's something that permeates all levels of popular subreddits.
But, it happens in very small subreddits as well. It amazes me at just how quickly people can be bribed or corrupted with small amounts of power. I see it in every day life, and power is abused in the most petty of circumstances. But the king of a shit pile, is still a king in their eyes.
It's similar to how cheating works. You're abusing power over another individual. World of Warcraft has a very high number of cheaters (e.g. botters, exploits, hacks), but Blizzard worked on having safeguards in place to prevent cheating as much as possible. South Park Phone Destroyer, however, did not seem to anticipate cheating at all.
The RedLynx/Ubisoft team did a fantastic job on their micro-transactions and payment systems, ensuring that they would securely receive their money quickly. And, they did an adequate job integrating South Park Studio's art into their game. But the rest of the game, especially security and PVP netcode, is a bug-ridden mess. Much like the Achievement system, it seems like PVP was just thrown into the mix as an afterthought. Seriously, who creates client-side authoritative PVP matches these days?
The cheating is so bad in the game right now, that there's practically a 90% chance you'll be faced with a cheater. There are so many cheaters trying to cheat other cheaters, that most cheaters have just given up, and now they're trying to desync the other player so that they win with match instantly when the game starts. And, legitimate players falsely believe that the issues are related to their phone or internet service.
I wouldn't even call it the Wild West, at least there was some order there.. this... is just absolute madness. Some of the early cheaters were pretty sneaky about it for the first month, but most aren't even hiding it any more, and they know that RedLynx/Ubisoft have no tools to monitor, address, or catch cheaters.
It feels like everyone is cheating since the last "hotfix". It was supposed to stop cheating.
What bothers me the most though, isn't the cheaters and complainers on various forums, but rather the long list of hypocrites who are the most vocal advocates against cheating. The ones that doth protest too much. There have even been obvious cheaters that have (hilariously) made PVP Guides, made YouTube videos exposing other cheaters, the ones who "reason" why certain glitches happen in-game, and even /r/SouthParkPhone mods who have been cheating. I don't care if you cheat, but stop trying to fool other people with your lies. That's the aspect I find most annoying. Big deal, you cheat.. now stop being so petty about it, and just accept your role.
I do enjoy, though, when cheaters try to explain why glitches happen. They're quite funny.
So, what kind of cheats/hacks are available today? Since the "hotfix" came out (ie, it's not really a hotfix, it's an update patch), hacking has intensified. The new patch they promised to fix woes really just moves memory addresses around, but the game is still quite exploitable. You can pretty much tweak anything in PVP or PVE.
Many of the hacks and trainers are being passed around within small circles or various hacking groups. I haven't seen too many trainers in the wild, but I see that many cheaters are still using hex/memory editors on their iPhones, Androids, or emulators (like a certain reddit moderator). When you've tested out the hacks on different platforms, you get a pretty good idea of how players are exploiting the game.
Here are some examples of what is currently possible today (using glitches, memory hacking, or pre-made trainers):
- one very common exploit is a quit-lock glitch. If you pause your game for several seconds during certain periods of PVP gameplay (by changing apps) and loading, you can cause your players' client to crash, giving you an instant win. And typically, you will be rematched with the same player so that you can exploit them again.
- when you see a player suddenly "explode", two things can happen: you'll receive a window that the game has been interrupted, or you'll see them with 0 HP then suddenly they will jump back up with HP again. In either case, you'll receive a "DEFEATED" window and lose a star.
- there are also hotkey trainers and scripts that allow you to crash the other player, or speed up your own movement (which is different than the speed-hacking I detailed before.)
- energy bars can still be altered, giving you unlimited energy or mana (whatever you want to call it)
- you can set the enemies energy bar to zero, which is helpful in PVE.
- you can receive locker rewards without requiring to watch an ad, or open an unlimited number of lockers (I haven't tested this myself, I've just seen other users talking about it.)
- duplicate charge script, when you activate your charge you can trigger it multiple times such as triple AOE damage (that the player never notices, assumes it's a graphics glitch), trigger multiple healing arrows, bombs, or Timmy can summon large quantities of rats. It's not an accidental bug or network lag related, it's an exploit/hack if you see it happen.
- prevent your units from dying, even if they hit 0 HP. Only way to kill them is with Unholy Combustion or Cock Magic.
- scripting method to insta-gib your opponent at any point during the game, a simple network injection will do the trick.
- injection methods allow you to duplicate player drops, so that you can summon 2 sets of a card at a time or my personal favorite: summoning 12 rats instantly. Players are often being told this is a glitch, but it's quite intentional.
- you can alter your charge time to make it charge faster or allow you to use your ability even if locked out by a spell.
- you can change the stats on any card, such as giving the character or spell higher damage (+900 hits), AOE or poison damage, more HP, faster attack speed, or faster walking speed.
- one common card to hack is the Lightning Bolt or Arrowstorm because opponents won't see what level it is, so you can give it a huge amount of damage that gets unnoticed.
- HP and regeneration are usually tweaked because they don't attract much attention.
For example, using injection tricks, you could summon double cards, or cards from other decks. Then, just blame it as a "bug". Or you could make your characters have unlimited HP or regeneration.
But the really sneaky players would tweak their cards just enough so as not to raise suspicion. Like, increasing all card HP by 30%, or all damage by 50%, and give them +15% movement speed. Spells work best, like direct damage or mind-controlling other players for longer periods of time typically allowed. And all of these cheats are completely undetectable at present. I suspect they'll even launch the game like this too, which is a shame.
In some groups I'm involved in, several people already have bots setup in the game too, running on multiple simultaneous Google Play accounts. That's just in case one of the accounts gets reported and banned. They use simple injection to summon "modified" cards, and then just steamroll the opponent. Very little AI is required, since the game AI does all of the work for you! They have been farming PVP locker rewards all day long. They'll likely never be caught either, just wait until a major security patch comes out, and continue using all of their overpowered cards and play legitimately moving forwards. =]
So for now, go crazy. South Park Phone Destroyer has no tools to combat cheating or catch cheaters. Just don't make PVP Guides or be a vocal dick about being against cheating. We all know you're a dick already.
A new update is scheduled for tomorrow, so many of the cautious cheaters will be playing it cool for a week or so, just to ensure that no new security measures have been put in place. But, cheating will eventually resume again since the patch is merely to balance the game and they won't be able to improve cheat protection or detection for some time.
Time to Cheat
After playing for a while, I got tired of the game and decided to test out some theories. I broke out some classic hacking tools available to the public, and discovered some interesting things.
For one, there are a ton of hackers currently in-game. During certain times of the day, I found that 50-75% of my opponents were cheating. Usually, it's fairly obvious: too many characters drop at once in the beginning of the game. Or, if it looks like they could lose early on, they suddenly drop too many cards that they don't have energy for. They might also heal quickly too.
I tested out the usual stuff, like tweaking money and point values, but they are all stored server side. LuckyPatcher obviously doesn't work either, it's mostly for old titles these days. So no surprises there.
However, during PVP battles it appears that they don't use server time to syncronize the events, but rather both of the clients are syncronized together (via the server) with time updates generated from both competing clients. This allows speed hacking, which can have some very interesting effects.
Now keep in mind that this desync bug can occur naturally or unnaturally. The game is very demanding on your device, and if you have a slow mobile, slow internet, unreliable internet, or on a cellular network - this bug can still happen. With a speed hack, you can typically force it to happen, but it's not always reliable.
If it works though, you can ensure victory on every PVP battle with a rooted phone and GameGuardian. If you already have a rooted phone, jump ahead. Otherwise here are instructions on how you can start cheating right away in 'Phone Destroyer' on your own PC.
Install & Play 'Phone Destroyer' on your PC
Nox is probably the best Android emulator out there right now, and it comes pre-rooted. It's such an awesome tool and you can get it up-and-running very quickly.
1. Download it here: https://www.bignox.com/
2. Install. Go into Settings, and turn on Root. Reboot.
3. Download the GameGuardian tool: https://gameguardian.net/download
4. Drag and drop the .APK file to your Nox screen, and you can select to install it.
5. Then just go to the Play Store, search for "South Park Phone Destroyer" and install it.
What's helpful about 'Phone Destroyer' is that your progress is saved on the cloud. So, if you link your Google Play account within Nox, you can continue playing the game from where you left off on your phone/tablet. OR, you can create a new Google Play account, cheat away, and link it onto your phone later after you've maxed out your rewards and ranking.
What's also cool about Nox is that you can customize keys and automated tons of scripts to make in-game activities and PVP very easy.
How to cheat in PVP
Speed hacking affects the energy bar, allowing you to generate energy very quickly. When you use speed hacking in PVE, the computer will also accelerate, so it's not very effective in single-player missions. You can slow the game down however, to make more calculated decisions.
The GameGuardian tool is typically used for memory editing, which is (*mostly) useless in-game. However, it comes with a great Speed Hack tool that you can find under its options. Run South Park, run GG, link SP to GG, and then launch the Speed Hack tool. You'll see an onscreen speed controller that you can move anywhere on the 'Phone Destroyer' screen.
Okay,
- When the PVP match starts, you can ramp-up your speed by 1.5x, 3x, 6x, 9x, etc. However, really weird shit happens (including some Mutually Assured Destruction stuff when playing against another cheater) when you do this, so be prepared.
- Cheating, normal experience: After you ramp up speed to 2x, your opponents players will freeze in place but you can still attack them. They will remain on screen and appear to be immortal, but your players will eventually ignore them and attack the player. At this point, you might as well go back to normal speed. Just focus all attention on the main player. You can't do ANY damage, unless it's poison or direct spell damage. So get your spell cards, and characters who poison the main player. All you need to do is get them down 1 of their 3 bars, and you'll receive a Victory when the countdown ends.
- Not cheating, normal experience: You're doing well early on and don't need to cheat. If you suddenly freeze and the game hangs, it means that the other player is cheating and you've been disconnected. They will receive an "Opponent has left the game" message and they get the victory.
- Cheating against another cheater: If it appears that they are cheating (dropping too many cards at once), ramp up your speed to 3x or 4x. There's a good chance you'll disconnect them, and you'll get the message "Opponent has left the game". Then change back to 1x, and finish up the PVP battle against the player with any characters or spells (they will all work this time.)
- Cheating against another cheater: Occasionally if you ramp up the speed right away when starting the game to like 3x or 6x, the Opponent will leave the game or they will automatically die for an instant Victory. This is also an indication that they had a speed hack running in memory too.
- If the normal player or cheater does not disconnect: Typically, you'll get to a Sudden Death stage if the player does not disconnect. Focus everything you have on knocking down each bar of the players. You only need to eliminate one bar to get the win.
I mentioned that memory editing *mostly useless in-game. However it does work on the locker selection menu, in a weird way. Apparently, when you open the first three lockers, the reward is generated from the server. But you can still open the others to receive rewards, but it's a weird client side glitch.
Simply use GameGuardian to search for the lockers remaining number (ie, 3, 2, 1), use BYTE field, and keep changing the value back to 3. Do NOT freeze the number, or the game will hang. And leave a couple lockers still closed so that your number expires and you can move onto the next screen. You don't want to be stuck on the locker menu. The rewards you receive after the first 3 will be weird, and you will NOT get the "Top Rewards" since they are only server generated.
I think this menu can be further exploited in the future with a mod pack (simulating Ad rewards) so that players can select all lockers and actually get good rewards from them though.
This is a weird hack, but if you try it out, you'll see what I mean: the lockers don't initially have the "best rewards" behind them - so you can't peak using a hack. When you open a locker, the reward is randomly generated from the server. However, they all contain client-side one item simple rewards that you can receive, after getting all of the server rewards. But this might not be worth the effort as the items likely won't stick with server authority.
Exploiting PVP without hacking
This is a very simple and old-fashioned method that works in 'Phone Destroyer'. Create more characters by running multiple instances of Nox. Keep them all around the same rank. Create a different VPN for each instance, so that your client has a different IP address. Click "Join" at the same time on two instances, and you'll keep getting paired up by their Match Making engine. Occasionally you'll get another opponent, but you can win-trade with your own characters.
If you're not familiar with VPNs, an alternative is to use Nox normally on one PC but connect your phone (with 2nd Google Play account) to your cellular data service.
PVE Mission Energy Hack
Apparently, the energy bar is all client-side during PVE missions. So, you can easily blast through all of the zones with a full energy bar!
Here are the steps:
1. Start one of the missions.
2. * If you are extremely paranoid, turn on Airplane mode during the battle. You can still fight, but WiFi and Data is turned off.
3. Pause the battle.
4. Launch GG. You are going to search for the Energy Bar value which is a decimal. For example: 3.23332554454000
5. If the bar is between 8 and 9, search for "8~9" as a FLOAT value. You can use the tilde ~ character for a range of decimals.
6. Go back to the game, unpause, change the energy bar.
7. Pause the game. Search for the new value like 3~4.
8. Continue until you find one value that seems to match the energy bar, like 2.23933720589 (which is 2 plus a little bit on the bar.)
9. You'll get the hang of it pretty quickly, and it usually only takes 2-3 searches to get the right number.
10. Change the first number to 9, leave the rest alone. For example, 3.23332554454000 becomes 9.23332554454000.
11. FREEZE the value in place. (A main feature of GG.)
12. Unpause the game, and your Energy Bar will be locked at 9 and a bit.
13. Go crazy.
14. Watch the bosses health. Before you're about to kill them (25-40% HP), pause the game, disable the FREEZE and continue.
15. * For the extra paranoid: Turn Airplane mode off, and wait for WiFi to reconnect.
16. If you leave the FREEZE enabled, you risk the chance of the game locking up during the following loading screen.
17. Boss dies, collect your reward.
Whether WiFi is turned on or not, the Energy Bar trick still works fine. Rinse & Repeat for the next stages.
If you know what you're doing, you can grab the offset of the Energy Bar and import it each stage to speed things up. I suspect this will also work in PVP, if you don't want to use the Speed Hack, but you'll need to understand offsets and pointers and lose some matches at first. Then you can cheat the energy bar with little detection.
Alternatives: Using an Emulator and Cheat Engine
If you're not comfortable using GameGuardian active while SPPD is running, you can also use a program like "Cheat Engine" _outside_ of the Nox emulator. It does make a lot of activities much faster, especially in PVE. You can have two windows open, and just jump back and forth to exploit the energy bar.
All you need to do in Cheat Engine is go into Settings, turn on MEM_MAPPED option.
Select the process 'VoxVMHandle.exe'. Select 'FLOAT' value, leave the 'Truncated' button turned on, and search for the exact number (like, 2, 6, or 9). No more ranges are needed, CE will do the work for you.
Finding offsets within the emulator is much more difficult, but if you happen to find any online instructions that the average user can follow, let me know and I will post it here.
Seeing how easy it is to manipulate the energy bar (not server controlled), it won't be long before dedicated hacks or modded .apks come out for SPPD that allow players to generate energy quickly and without crashes. Likely something for the single player missions too, that will allow you to progress through all of the missions and zones very quickly for huge returns.
These bugs/exploits should be a quick fix for the developer, Redlynx. There are even many super simple bandaid patches that can be applied to prevent cheating, and very quickly. It will be interesting to see if the developer/publisher respond, and how long it takes them to address these issues.
If you found this information helpful, please credit the blog link. A lot of content gets stolen from this blog, and it would be nice for someone to actually credit the origin every once in a while. =]