I experienced the trust factor (banning, w/o banning officially) issues on my Linux CS:GO account in 2021, dropping to yellow and then red. This made it difficult to find teammates, as I was constantly matched with cheaters.
I discovered I wasn't alone, as many other Linux users with Radeon GPUs and 16GB+ VRAM were experiencing similar problems. We created a GitHub issue to track the problem and try to find a solution: https://github.com/ValveSoftware/csgo-osx-linux/issues/2630
After some investigation, we found that Valve was punishing Linux users with certain hardware configurations (radeon cards with >=16GB of VRAM, which were quite new at this time).
I suspect this was because Valve was preparing to launch the Steam Deck, and gaben wanted to ensure that Linux users had better experience with the device (just a guess).
It's possible, but it's also important to be aware of the business side of things.
Valve makes a significant amount of money from in-game transactions, and some of their practices around this are shady. Issues like kids using their parents' CCs, gambling industry built around in-game items, and the potentially addictive nature of colorful virtual items marketed towards kids are valid concerns.
So, while gaben might be nice, it's unlikely that this gets in the way of Valve's drive to maximize profits in every way they can legally get away with.
>I suspect this was because Valve was preparing to launch the Steam Deck, and gaben wanted to ensure that Linux users had better experience with the device (just a guess).
Wait, how is punishing Linux users ensure Linux users have better experience?
How do you know what your trustfactor is? Or were you just speculating because the quality of games was lower? As far as I understand TF is hidden specifically so it can't be gamed.
In CS, the difference between high and low Trust is very noticeable; it's a big change when your games with silent / mostly-nice teammates and enemies start to become slur-fests. The value itself is not visible to the end-user, but its effects are certainly felt.
Cheating is ultimately a human problem. You can have some safeguards and heuristics like the ones the article describe, to weed out 90% the most blatant cheaters, so I think anticheats like these are fundamentally a good thing. But the anti-cheat can and should err on the safe side because ultimately it should be the players and admins themselves that sort this out.
Online multiplayer games must (yes must) take place on servers with human admins. Admins should be present for a majority of the time any players are playing.
Ideally with admins the players recognize. Bonus points if players themselves can perform some moderation when no admin is present (votekick, voteban etc). There is no difference between kicking cheaters and kicking people who are abusing chat etc. Obviously this means that "private" or "community" servers are the only viable types of server for online multiplayer games.
This process of policing cheaters and other abuse can not be something that is done via a reporting system and handled asynchronously. Kicking/banning must be done by the admins of the game, and it must be handled quickly.
If you are considering buying/playing an online multiplayer game and it doesn't have this functionality (e.g. the only way to play online is via matchmaking on servers set up by the publisher, and the only way cheaters and chat abusers are policed is via some web form) then please, avoid that game. Vote with your wallet.
This was the norm. It just changed in the last few years (say, 10). And it could be the norm again. I still play games with zero cheaters because I return to the same server every night, playing against 63 other players where I usually have seen most of them before. And there is usually an admin there, or someone who can ping one if needed.
I have no idea why this changed in more recent games. While every other online thing moved to have users create content abd self-moderate, games for some reason moved the other direction.
When you go back this was the norm. You go to irc, search in #5on5: high server on (counter-strike 1.6)
You either have a server and they come to you or you don't and message people. If they/you feel like are hacking go next. There were tons of servers where you had admins all the time.
Human admins still can only see the obvious spin/aimbots.
Companies took this from us as hosting your own servers is rarely an option these days and you rely on the company never shutting them down.
> Online multiplayer games must (yes must) take place on servers with human admins. Admins should be present for a majority of the time any players are playing.
> Ideally with admins the players recognize.
Let's just make each game have a visible referee that is visible to everyone, and then after each infraction, the play can be reviewed under a video assistant. They can even have a group that does nothing but moderates the referees.
Why do you think human admins are the only viable solution? Plenty of games thrive without them—e.g., Apex Legends uses robust reporting and anti-cheat systems, and Rocket League's moderation is largely automated yet effective.
Depends on how the game works a suppose. Mostly it depends on whether a cheater would ruin one short game, or many hours of games. I usually find async reporting useless because it already ruined my evening (this is under the assumption I’m playing a server and have no interest playing anywhere else, but a single cheater can ruin the game for everyone for a whole day). Whether that cheater gets disciplined later doesn’t help anyone in that scenario unless they were kicked from the game right away.
Apex had plenty of cheaters when I played it, if there's a cheater and they're not detecting it there's not much I can do, just 20-30 minutes wasted.
If its a server with admins I can contact them on discord and get them banned pretty quickly. As a system it worked pretty well, had some badmins but there was plenty of servers so could just join another. Though its not really compatible with the matchmaking style games we have today.
I agree for the most part, there are other ways, like a phone number, manual verification with a photo, require players to play 10hr before they can play competitive, have a recommendation from other players, etc, or even a pay-once 5 dollars game pass on top of all those things.
Although I recommend you to watch the valve presentation of AI anti cheat if you did not already. Their work is quite interesting, and they claim they catch 99% of cheaters.
Although obviously there are also very subtle ways to cheat, too.
The exact same thing happened to me with League of Legends. I was inexplicably banned for cheating, despite never having done any such thing (and despite regularly playing on three accounts (this is fully permitted), the other two of which were not banned!) Their support people repeatedly said "we reviewed your case and the ban is correct", etc. all the while giving zero information about what I did so I could correct it. I have a couple of the rarest skins in the game, and have played thousands of hours since 2009. I only play ARAM, so the suggestion I was risking my account of great sentimental value by cheating at the most casual mode in the game is beyond ridiculous. Anyway, nothing in gaming has ever stressed me out more. I got unbanned solely because of a contact in the industry who had it looked into, and the ban was inexplicably lifted. I still play, but I think about the false ban almost every time, and League will probably be the last competitive multiplayer game I ever put any time towards. Part of me doesn't want to play it anymore because I dread that happening again. :(
I feel that. I'm not against playing video games, but I'm uneasy about getting too attached to virtual property, considering it's controlled by a gaming company who has no obligation to you and no inclination to keep games alive beyond their shelf life.
To be fair though, real life property is only slightly less ephemeral.
Maybe take it as a signal from universe that intense gaming is waste of life and a net loss for you? I know its harsh and double that in gaming thread, but I don't see any other way. We don't talk 3-5h a week, and it seems neither are you.
You will almost certainly badly regret when on that proverbial death bed and most probably well before that, life goes darn fast and the feeling of losing out in the most important aspect of our existence - how well we live our lives is soul crushing. Its not that gaming hard is bad per se (apart from addictions and abysmal effect on health), but you are losing on much better aspects of life which are just out there for the grab.
Or don't take my word, just check what old people regret in their lives. Sure gaming is not there yet, but it will find its place firmly among too much work and not spending enough time on family and relationships, which are consistently on top.
I got a false permanent ban as well. Despite the fact that cheating is damn near impossible on consoles, and the fact that I worked way too long to get to an absolutely mediocre rank (gold 1) on ranked play, and the fact that I had never even had a warning or complaint for any behavior whatsoever, they permanently banned me with no explanation.
Unlike the blogpost, I just decided I would just never spend any money on an Activision product ever again. It's what everybody should do.
>>Despite the fact that cheating is damn near impossible on consoles
Unfortunately, aim assist devices for consoles are very widespread now and a big problem for competitive gaming.
.
>>I had never even had a warning or complaint for any behavior whatsoever
That's the gold standard in the industry though, you don't warn(suspected) cheaters to not give them opportunity to adjust their tactics. Sorry you got caught by this unfairly.
> This ban also ruined other games for me. If I ever did well in a game, someone would look at my profile to see how many hours I have and instantly see the red marker that shows “I am a cheater”.
I wonder if that label can be considered to be libel. Probably harder in the US, but from what I understand in UK (or just England?) the defendant must prove that it's true.
Holy ….. what a fight you had to do. So glad i hardly play any mulitiplayer shooter games. I’d hate to have my insane Steam library stripped away from me.
Maybe he was banned because as a developer, he had development tools installed on his machine, which increased the odds of him being labeled as a potential cheater.
Sometimes I even wonder if other hackers could not hack the machine or other players, to install a software that triggers anti-cheat system: it becomes then difficult to lift the ban.
>Sometimes I even wonder if other hackers could not hack the machine or other players, to install a software that triggers anti-cheat system: it becomes then difficult to lift the ban.
Also I wish more "good" hackers were in games, like the guy in GTA Online I ran into once who was shooting me with a money machine gun because Rockstar are greedy assholes.
Interesting stuff! Though I don’t get why b00lin would have to prove that they weren’t cheating. This is not a criminal case, but still. Activision was denying access to a service that was paid for.
Honestly I'd prefer it if games could permaban based on just heuristics and the EULA simply stated "tough luck, buy the game again". I'd happily pay for that, knowing my money is at least not going to some 2 year legal fight.
I get that I might be the one accused of cheating next time. But if that risk is tiny and the cost when it happens is $50 or $100 it sounds a lot more attractive than the alternative.
Also (obviously) I don't care about the account itself. I wouldn't play a game where I aggregate long term stats/items/status/whatever.
In a perfect world you just have private servers where you can have 90% effective anticheat and have humans sort out the rest.
I think stat based bans are the ultimate solution for all the client side bullshit.
If you use statistics, you will sometimes get it wrong, but in the other cases the cheaters are completely out of luck. You could offer the source code to your game willingly and it wouldn't help them very much.
If the cost of a false positive is $50 for the gamer and the chance of it happening is rare, I think many would quickly understand the value proposition from a game experience perspective.
Assuming your false negative rate is low (I.e., you have high classification margins), you can make it extremely undesirable for players to engage in unfair play. Even soft cheating like aiding teammates with streaming and discord side channels could get picked up by these techniques.
I'm very curious about the jump obfuscation. Maybe somebody who's done more reverse-engineering can answer this for me:
a) Are unconditional jumps common enough that they couldn't be filtered out with some set of pre-conditions?
b) It seems like finding the end of a function would be easy, because there's a return. Is there some way to analyze the stack so that you know where a function is returning to, then look for a call immediately preceding the return address?
Apologies if I'm wrong about how this works, I haven't done much x86 assembly programming.
There's some other cool tricks you can do, where you symbolically execute using angr or another emulator such as https://github.com/cea-sec/miasm to be able to use control flow graph unflattening. You can also use Intel's PIN framework to do some interesting analysis. Some helpful articles here:
This video[1] on reverse-engineering parts of Guitar Hero 3 covers a few similar techniques that were used to heavily obfuscate the game code that you might find interesting.
1. Some jumps will be fake.
2. Some jumps will be inside an instruction. Decompilers can't handle two instructions are same location. (Like jmp 0x1234), you skip the jmp op, and assume 0x1234 is a valid instruction.
3. Stack will be fucked up in a branch, but is intentional to cause an exception. So you can either nop an instruction like lea RAX, [rsp + 0x99999999999] to fix decompilation, but then you may miss an intentional exception.
IDA doesn't handle stuff like this well, so I have a Binary Ninja license, and you can easily make a script that inlines functions for their decompiler. IDA can't really handle it since a thunnk (chunk of code between jmps), can only belong to one function. And the jmps will reuse chunks of code between eachother. I think most people don't use it since there was a bug with Binary Ninja in blizzard games, but they fixed it in a bug report a year or so ago.
Yeah, should be easy enough to filter these particular jumps out. It's an obfuscation designed to annoy people using common off-the-shelf tools (especially IDA pro)
Most obfuscations are only trying to annoy people just enough that they move on to other projects.
Needs to be a law against the taking away of product functionality after the sale, even if it's contractual/EULA. A ban should never take the game away from the owner, and in cases where it does then they need to be refunded (treble damages on top of license, lawyer, and court fees if it takes a judgment to induce the refund). Getting banned on Steam, say, in the sense that all of one's purchases are invalidated should be impossible legally. In cases where an account is prevented from login, items and inventory must still be accessible for trade as those represent real time effort put in by a paying customer. Want to enforce your code of ethics in a multiplayer game? Can't charge for the game or users legally have rights against bans, and bans must follow a proportionality continuum and you must have a human-attended cost capped (at license cost, and only on loss) appeals tribunal system with record.
Cheating will not get you banned on steam though, at worst your account is publicly shamed if its a VAC game.
People play multiplayer games to have fun and interact with others. If you behave badly, be it cheating or otherwise, you should be banned from using the multiplayer service because your behavior impacts other people.
> If you behave badly, be it cheating or otherwise, you should be banned from using the multiplayer service because your behavior impacts other people.
What if you behaved great but some guy fresh out of code boot camp's algorithm bans you?
The entire Steam account is tainted: that's the issue.
Some random commercial third party can make an accusation and damage the value of thousands of games on a lark.
Meanwhile, any determined cheater just bought another copy of the game on an account dedicated solely to that task. This person suffers no extended consequence.
Not sure it applies with CoD in particular but my impression is a lot of these games with super invasive anti-cheat went F2P which reduces the punishment of getting caught to wasting time. Combined with the no dedicated servers resulting in little manual admin being possible with new games you've basically created the perfect environment to cheat entirely for business reasons. So then they started adding things like requiring phone verification (not even just requiring mobile numbers but requiring POST PAID mobile numbers) and kernel level modules, making a super invasive PITA solution to a problem.
Personally, I opted out of these games, F2P already perverts most game design away from fun IMO. And despite all this crap it seems like people are complaining about cheaters more than ever, but maybe I'm just old now!
You don't even need to cheat at COD. They are so buggy they'll do it for you. They'll load a gun in place of your knife in ranked. They clearly have a faulty case/if-else statement in the ranked gun loadout checker to allow that and also to default to XM4 if the gun shown in the load out picker isn't allowed.
It's probably the only game I know of where the ranked version is more broken than the casual version...
I learned a lot of this stuff ~15 years ago from reading a book called Reversing: Secrets of Reverse Engineering by Eldad Eilam. The book is old but amazing. It takes you through a whole bunch of techniques and practical exercises. State of the art tooling has changed a bit since then, but the x86 ISA & assembly more generally hasn't changed much at all.
One of my biggest takeaways was learning about "crackmes" - which are small challenge binaries designed to be reverse engineered in order to learn the craft. They're kinda like practice locks in the lockpicking community. The book comes with a bunch on a CD-ROM from memory - but there's plenty more online if you go looking. Actually doing exercises like this is the way to learn.
You don't start trying to reverse engineer COD. You build up to it.
I used to frequent cs.rin.ru for all things non-steam back when I operated non-steam CSS servers.
UnknownCheats is also absolutely amazing for cheat development. Back when I was writing undetected kernel cheats for my own experimentation purposes, I learned so much there.
UnknownCheats. I'm active there and it has one of the best resources on this kind of stuff. I'm more interested in how Linux userspace Anti-cheats works notably VAC.
Its a hard first step, but I highly suggest you take the time to analyze a small binary, starting with understanding the registers for the architecture, understanding the different function calls, and then looking at the elf file and analyzing every section and how static linked libraries work, and how dynamic linking works with PLT/GOT. GPT models are REALLY good at helping you understand this, and you can also use Ghidra for decompilation. Do everything on Linux btw, as the tools are very easy to use and much less Cumbersome than windows.
Once you understand all of that, tracing assembly is pretty easy - its either register move operations, math operations, compare operations, jumps, and function call and returns (which basically are just shortcuts for handling the stack frames), with a few special instructions here and there which are usually just some optimizations that you can look it up ad hoc. Once you get handy at ghidra, you can look at decompiled C code and start replacing variable names to make the code readable, and then you generally get a good idea of project flow.
My recipe: "Windows 95 System Programming Secrets" by Matt Pietrek and "Unauthorized Windows 95" by Andrew Schulman, years of fooling around with NuMega SoftICE, lots of IRC, lost youth, yet lots of fun.
I have been doing a bit of reverse engineering on a popular Horde/Alliance based MMO game and it follows almost the exact same steps (including the FNV32 export hashes). It almost seems very similar as I have seen it employ very similar tricks. I wonder if it's packed using the same protection?
Readit News
I discovered I wasn't alone, as many other Linux users with Radeon GPUs and 16GB+ VRAM were experiencing similar problems. We created a GitHub issue to track the problem and try to find a solution: https://github.com/ValveSoftware/csgo-osx-linux/issues/2630
After some investigation, we found that Valve was punishing Linux users with certain hardware configurations (radeon cards with >=16GB of VRAM, which were quite new at this time).
Eventually, after a user reached out to gaben directly, the issue was fixed: https://github.com/ValveSoftware/csgo-osx-linux/issues/2630#...
I suspect this was because Valve was preparing to launch the Steam Deck, and gaben wanted to ensure that Linux users had better experience with the device (just a guess).
Valve makes a significant amount of money from in-game transactions, and some of their practices around this are shady. Issues like kids using their parents' CCs, gambling industry built around in-game items, and the potentially addictive nature of colorful virtual items marketed towards kids are valid concerns.
So, while gaben might be nice, it's unlikely that this gets in the way of Valve's drive to maximize profits in every way they can legally get away with.
Wait, how is punishing Linux users ensure Linux users have better experience?
Interesting though.
How do you know what your trustfactor is? Or were you just speculating because the quality of games was lower? As far as I understand TF is hidden specifically so it can't be gamed.
EDIT: formatting x 2
Online multiplayer games must (yes must) take place on servers with human admins. Admins should be present for a majority of the time any players are playing.
Ideally with admins the players recognize. Bonus points if players themselves can perform some moderation when no admin is present (votekick, voteban etc). There is no difference between kicking cheaters and kicking people who are abusing chat etc. Obviously this means that "private" or "community" servers are the only viable types of server for online multiplayer games.
This process of policing cheaters and other abuse can not be something that is done via a reporting system and handled asynchronously. Kicking/banning must be done by the admins of the game, and it must be handled quickly.
If you are considering buying/playing an online multiplayer game and it doesn't have this functionality (e.g. the only way to play online is via matchmaking on servers set up by the publisher, and the only way cheaters and chat abusers are policed is via some web form) then please, avoid that game. Vote with your wallet.
The sheer scale of this arbitrary requirement is hilarious.
I have no idea why this changed in more recent games. While every other online thing moved to have users create content abd self-moderate, games for some reason moved the other direction.
You either have a server and they come to you or you don't and message people. If they/you feel like are hacking go next. There were tons of servers where you had admins all the time.
Human admins still can only see the obvious spin/aimbots.
Companies took this from us as hosting your own servers is rarely an option these days and you rely on the company never shutting them down.
> Ideally with admins the players recognize.
Let's just make each game have a visible referee that is visible to everyone, and then after each infraction, the play can be reviewed under a video assistant. They can even have a group that does nothing but moderates the referees.
Or, we could just have games
If its a server with admins I can contact them on discord and get them banned pretty quickly. As a system it worked pretty well, had some badmins but there was plenty of servers so could just join another. Though its not really compatible with the matchmaking style games we have today.
Although I recommend you to watch the valve presentation of AI anti cheat if you did not already. Their work is quite interesting, and they claim they catch 99% of cheaters.
Although obviously there are also very subtle ways to cheat, too.
But that's easy. The tricky part is catching the cheaters _without_ also catching non-cheaters.
To be fair though, real life property is only slightly less ephemeral.
You will almost certainly badly regret when on that proverbial death bed and most probably well before that, life goes darn fast and the feeling of losing out in the most important aspect of our existence - how well we live our lives is soul crushing. Its not that gaming hard is bad per se (apart from addictions and abysmal effect on health), but you are losing on much better aspects of life which are just out there for the grab.
Or don't take my word, just check what old people regret in their lives. Sure gaming is not there yet, but it will find its place firmly among too much work and not spending enough time on family and relationships, which are consistently on top.
Unlike the blogpost, I just decided I would just never spend any money on an Activision product ever again. It's what everybody should do.
Unfortunately, aim assist devices for consoles are very widespread now and a big problem for competitive gaming. .
>>I had never even had a warning or complaint for any behavior whatsoever
That's the gold standard in the industry though, you don't warn(suspected) cheaters to not give them opportunity to adjust their tactics. Sorry you got caught by this unfairly.
I wonder if that label can be considered to be libel. Probably harder in the US, but from what I understand in UK (or just England?) the defendant must prove that it's true.
This is about to change though, since the national postal services got a whole bunch of people convicted of fraud based on a system they knew buggy.
Maybe he was banned because as a developer, he had development tools installed on his machine, which increased the odds of him being labeled as a potential cheater.
Sometimes I even wonder if other hackers could not hack the machine or other players, to install a software that triggers anti-cheat system: it becomes then difficult to lift the ban.
This appears to be the case in Apex Legends: https://old.reddit.com/r/CompetitiveApex/comments/1bhicc6/cl...
Also I wish more "good" hackers were in games, like the guy in GTA Online I ran into once who was shooting me with a money machine gun because Rockstar are greedy assholes.
I get that I might be the one accused of cheating next time. But if that risk is tiny and the cost when it happens is $50 or $100 it sounds a lot more attractive than the alternative.
Also (obviously) I don't care about the account itself. I wouldn't play a game where I aggregate long term stats/items/status/whatever.
In a perfect world you just have private servers where you can have 90% effective anticheat and have humans sort out the rest.
If you use statistics, you will sometimes get it wrong, but in the other cases the cheaters are completely out of luck. You could offer the source code to your game willingly and it wouldn't help them very much.
If the cost of a false positive is $50 for the gamer and the chance of it happening is rare, I think many would quickly understand the value proposition from a game experience perspective.
Assuming your false negative rate is low (I.e., you have high classification margins), you can make it extremely undesirable for players to engage in unfair play. Even soft cheating like aiding teammates with streaming and discord side channels could get picked up by these techniques.
Deleted Comment
- https://calwa.re/reversing/obfuscation/binary-deobfuscation-...
- https://www.nccgroup.com/us/research-blog/a-look-at-some-rea...
[1] https://www.youtube.com/watch?v=A9U5wK_boYM
1. Some jumps will be fake. 2. Some jumps will be inside an instruction. Decompilers can't handle two instructions are same location. (Like jmp 0x1234), you skip the jmp op, and assume 0x1234 is a valid instruction. 3. Stack will be fucked up in a branch, but is intentional to cause an exception. So you can either nop an instruction like lea RAX, [rsp + 0x99999999999] to fix decompilation, but then you may miss an intentional exception.
IDA doesn't handle stuff like this well, so I have a Binary Ninja license, and you can easily make a script that inlines functions for their decompiler. IDA can't really handle it since a thunnk (chunk of code between jmps), can only belong to one function. And the jmps will reuse chunks of code between eachother. I think most people don't use it since there was a bug with Binary Ninja in blizzard games, but they fixed it in a bug report a year or so ago.
Most obfuscations are only trying to annoy people just enough that they move on to other projects.
People play multiplayer games to have fun and interact with others. If you behave badly, be it cheating or otherwise, you should be banned from using the multiplayer service because your behavior impacts other people.
What if you behaved great but some guy fresh out of code boot camp's algorithm bans you?
Be a nuisance to society -> get fucked. That's a pretty universal principle
For "get fucked" measures you need pretty low rate of false convictions
And it's just a game that's not playable anymore, not the whole Steam account, isn't it?
Some random commercial third party can make an accusation and damage the value of thousands of games on a lark.
Meanwhile, any determined cheater just bought another copy of the game on an account dedicated solely to that task. This person suffers no extended consequence.
Other players paid too.
Personally, I opted out of these games, F2P already perverts most game design away from fun IMO. And despite all this crap it seems like people are complaining about cheaters more than ever, but maybe I'm just old now!
It's probably the only game I know of where the ranked version is more broken than the casual version...
One of my biggest takeaways was learning about "crackmes" - which are small challenge binaries designed to be reverse engineered in order to learn the craft. They're kinda like practice locks in the lockpicking community. The book comes with a bunch on a CD-ROM from memory - but there's plenty more online if you go looking. Actually doing exercises like this is the way to learn.
You don't start trying to reverse engineer COD. You build up to it.
greetz to readers of Unknowncheats, cs.rin.ru, etc.
Milworm (milw0rm?) also got me started back in the day.
UnknownCheats is also absolutely amazing for cheat development. Back when I was writing undetected kernel cheats for my own experimentation purposes, I learned so much there.
UnknownCheats was (still is?) good for getting information on undocumented APIs when game modding (for a good while the Half-Life SDK was incomplete).
Its a hard first step, but I highly suggest you take the time to analyze a small binary, starting with understanding the registers for the architecture, understanding the different function calls, and then looking at the elf file and analyzing every section and how static linked libraries work, and how dynamic linking works with PLT/GOT. GPT models are REALLY good at helping you understand this, and you can also use Ghidra for decompilation. Do everything on Linux btw, as the tools are very easy to use and much less Cumbersome than windows.
Once you understand all of that, tracing assembly is pretty easy - its either register move operations, math operations, compare operations, jumps, and function call and returns (which basically are just shortcuts for handling the stack frames), with a few special instructions here and there which are usually just some optimizations that you can look it up ad hoc. Once you get handy at ghidra, you can look at decompiled C code and start replacing variable names to make the code readable, and then you generally get a good idea of project flow.