Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Game Over, Man! Reversing Video Games to Create an Unbeatable AI Player

Game Over, Man! Reversing Video Games to Create an Unbeatable AI Player


The story of how one Bishop Fox researcher’s obsession spawned a ruthless and unbeatable AI player. SmashBot was presented at DEF CON 24 on Aug. 7, 2016.

Everyone is aware that robots will eventually take over the world, but no one probably imagined that artificial intelligence would seek out destruction in the form of a beloved video game.

Yet, it did. And so, the robot revolution began not with a whimper, but with a Falcon punch.

Meet SmashBot: An AI player coming not only for your lunch money, but world domination as well.

What – Err, Who – is SmashBot?

SmashBot is the AI I wrote that plays the 15-year-old video game, “Super Smash Brothers: Melee.” It’s been something of a hobby of mine for the past year and has its origins from a dare. After a particularly long night of video games, I asked a friend of mine how adept he imagined a computer player could be at Melee if the AI were really strong.

“The game requires too much high-level thinking for a computer,” he replied. “I doubt it can be done.”

Naturally, I took this as a challenge and set off in secret almost immediately to create SmashBot. The road to manifestation was long and perilous, however, since I was charting new territory in the Smash world. Other games like “StarCraft” have community-made AIs, but since Melee’s internal data structures remained largely a black box, there were no mechanisms for moving data out of a running game. Plus, there was no means of programmatically pressing buttons into the Dolphin Emulator.

In short, there was plenty of trailblazing to be done.

Eventually, I made SmashBot not only work, but work well enough to beat high-level competitive players. I then quietly demonstrated SmashBot at several local tournaments, and slowly, it began to shine. One Forbes staff writer captured his unsuccessful struggle against SmashBot in both words and video.

Becoming SmashBot: How I Did It

As a professional penetration tester, I’m pretty comfortable with a disassembler, but I found a small — but nonetheless awesome — group of hackers also interested in tearing Melee apart to figure out how it exactly ticks who were interested in acting as a sounding board for my plans and trading greater ideas. Meanwhile, the reverse engineering effort was a manual process of inspecting the game’s internal memory to find where certain pieces of information were stored, such as a character’s position, their damage, and so on – you know, all the data that SmashBot needs to build an accurate mental picture of what’s happening on the screen without ever looking at it.

SmashBot reads this data and quickly (in a 16-millisecond period) decides what buttons to press on its virtual controller until the cycle begins again. For this process, it uses a four-tiered hierarchy of objectives that serve as a useful abstraction into AI problem-solving:

  • Goals
  • Strategies
  • Tactics
  • Chains

At the Goals level, SmashBot identifies what it should be attempting to accomplish given the game’s current state. Typically, this is something like “Kill Opponent,” but could also be “Select Character” if it’s in the menu screen. At the Strategy level, SmashBot defines its style and chooses how it will accomplish its primary goal. Often the strategy chosen is “Bait” where SmashBot weaves in and out of its opponent’s range, goading him or her into making a mistake.

At each level, SmashBot don’t concern itself with how the lower objectives work, it only assumes that those steps are figured out and passes the buck along the right path. This pattern trickles further down until we finally reach the button presses. The design lends itself well to extensibility and it maximizes code reuse.

It’s important to note that SmashBot does not cheat. Instead, SmashBot simply works at a much faster speed than people and is more reliable in its actions. And because of this capability, SmashBot can do things that humans can’t. SmashBot uses a virtual controller, and that’s the way it interacts with the game. No smoke and mirrors here.

Next: You

SmashBot is an active open-source project, and there are certainly a few kinks to work out and more than a few features in need of adding. But SmashBot works and, unless your name is Hungrybox, it will probably wipe the floor with your hopes and dreams.

Keep posted to the official GitHub for updates as they are pushed out.

Video of the accompanying DEF CON 24 presentation:

Have you matched wits against SmashBot? Let us know on Twitter or write to us at [email protected]. You can find Dan (otherwise known as AltF4) on Twitter and YouTube. And you can follow SmashBot on Twitter, too.

Subscribe to Bishop Fox's Security Blog

Be first to learn about latest tools, advisories, and findings.

Dan Petro Headshot

About the author, Dan Petro

Senior Security Engineer

As a senior security engineer for the Bishop Fox Capability Development team, Dan builds hacker tools, focusing on attack surface discovery. Dan has extensive experience with application penetration testing (static and dynamic), product security reviews, network penetration testing (external and internal), and cryptographic analysis. He has presented at several Black Hats and DEF CONs on topics such as hacking smart safes, hijacking Google Chromecasts, and weaponizing AI. Dan holds both a Bachelor of Science and a Master of Science in Computer Science from Arizona State University.

More by Dan

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.