Jump to content

  • Log In with Google      Sign In   
  • Create Account

Decrypting a game's packets


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
2 replies to this topic

#1 neal8929   Members   -  Reputation: 122

Like
0Likes
Like

Posted 12 February 2011 - 02:55 AM

I am into hacking for the learning experience. By hacking I mean writing program code that interferes with other processes and can manipulate their data. I have written a memory scanner in C/C++ that repeatedly scans a windows process for an integer value until the address is singled out. I can then write to the memory address and change that data to whatever I want.

After finishing that project I have learned so much about programming and how memory works. It was a great learning experience. Anyone can download a program that hacks things, but making your own is much more rewarding. This is why I would like to learn more about interfering with packets, in particular online game's packets.

I have read a little bit about packet scanning/sniffing and it seems that pretty much everything is encrypted am I right? And each game can encrypt packets with its own method. So my question is what are some things you can do to find out where in the program is the data you (the client) is sending to the server? Or is that even possible?

Sponsor:

#2 hplus0603   Moderators   -  Reputation: 5738

Like
1Likes
Like

Posted 12 February 2011 - 12:16 PM

I have read a little bit about packet scanning/sniffing and it seems that pretty much everything is encrypted am I right?


No, that's not true. Data is *encoded*, typically in binary, using bit packing mechanisms, to use fewer bytes. However, downright encryption isn't all that common, because it's not all that useful.
If you want to hack a client connection where you control the client, you can already attach to the game client's memory and change the data before it even goes on the network. Thus, encryption doesn't really help against that kind of attack.
enum Bool { True, False, FileNotFound };

#3 frob   Moderators   -  Reputation: 22796

Like
1Likes
Like

Posted 14 February 2011 - 03:48 PM

I have read a little bit about packet scanning/sniffing and it seems that pretty much everything is encrypted am I right? And each game can encrypt packets with its own method. So my question is what are some things you can do to find out where in the program is the data you (the client) is sending to the server? Or is that even possible?

Packet sniffing can get you a lot of interesting information.


Many games are unencrypted. Most game programmers are practical and will use variations on simple serialization: Pass a size and an identifier to know what data is expected, then pass the data. With a little bit of experience and luck, you can reverse engineer most communication systems very quickly. That kind of simple encoding is pretty easy to figure out, especially if you can run a local server and watch all the traffic between all the machines.

Sadly, there are many cheaters out there who invest in getting that information and modify it on its way to the server. They will analyze the packets and their traffic patterns to find exploits in the game, or find ways to crash the server or crash their opponents.

That's why many major companies require game data to be encrypted. It is often specified as a legal requirement by publishers. As an example, on the X360 all game data is encrypted before it crosses the network so packet sniffing alone won't expose game exploits. But other data, such as VoIP, might be unencrypted due to local wiretap laws.

The same is true for non-game data sent across the wire. Laws for financial and medical records mean that certain data must be protected against simple packet sniffing, so you will see similar measures in place across various industries.

Check out my book, Game Development with Unity, aimed at beginners who want to build fun games fast.

Also check out my personal website at bryanwagstaff.com, where I write about assorted stuff.





Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS