Hacking Hearthstone to make everything golden

Hacking hearthstone was looked into from the beginning of the game. Many have looked into the netcode, assembly, and logs to see if anything gives them an edge over the opponent. Many have been successful, with projects such as Hearthstone Deck Tracker enabling logging for the user and reading the logs to determine cards that are played and put up a handy overlay for the user.


However, not many have gone beyond that. Some have attempted to make bots and climb the ladder for them. However, these do take away from the user experience and is not generally seen as acceptable by the community, especially with the infestation of pirate warrior bots in wild.

The only thing left to experiment with is the assembly. Most games have a strict security policy that their files pass through before the game starts up, however, Hearthstone is different. There's not really much you can do by editing the files, the client is just made to display pretty effects and send actions to the server. Everything is evaluated by the server, and no illegal moves are allowed through.

Due to Hearthstone's engine being Unity, it's primarily programmed in C#. C# is a great target for easy "hacking" and experimentation because the .NET framework has been around for a while, with v1.0 coming out a year after Windows XP. After so much time with the framework, people have been determined to reverse engineer it.

In comes DNSpy. This is the most amazing program to use, past attempts like DotPeek and ILSpy only aim to view and export source code while this aims to allow easy C# static assembly editing in native C#.

Time to get Hacking!

Hearthstone stores its main operations and code in two files: Assembly-CSharp.dll and Assembly-CSharp-firstpass.dll. Both are stores in Hearthstone_Data\Managed. Thankfully, Blizzard doesn't obfuscate these files making them all the easier to edit and play around with.

My first order of business was to see if I could make every card golden in the game. It was pretty easy to get started out as DNspy has a handy search feature which searches for all classes and method names for certain keywords. In this case, I already know the keyword HS uses to determine golden cards: premium.

Doing a quick search for premium in dnspy comes up with a whole bunch of stuff, which we don't need.


We only need to look for two methods in two classes: Actor.GetPremium() and Entity.GetPremiumType().

Both of these return one of the enums of TAG_PREMIUM: either .golden or .normal. DNSpy is super powerful and easy, so the only thing we need to do to change these methods is right-clicking on the method mane and clicking edit method or CTRL+SHIFT+E.

Both of these are simple return statements, so all we need to do is change the return line to



After doing this to both methods, all that's left is to save it with File -> Save module.

That's it! Every card whilst in a game will be golden, every hero portrait and token will be as well.


However, this does not come without its downsides. For one, the collection manager is a bit broken as when searching for cards it'll only show golden versions available. Also, you can't craft regular cards as right-clicking will bring up the craft dialogue for the golden version of the card only. It's easily fixed though, just in the blizzard app you can click details -> scan and repair to go back to the regular Hearthstone experience.

I've meant to turn the procedure of this editing into its own fully-featured C# program that will do it with a single button press and not require manual editing each time. I looked into if DNSpy's scripting feature exposed a public interface for editing the C# code however after further investigation that has not been baked into dnspy yet.