Hi everyone,
I want to read/modify packets, however they are encrypted, and sadly there is no info on packets so I have to use wow and hope they work the same way. From what I've figured packets are encrypted using SSL or a modified implementation of SSL, and therefore are impossible to decrypt unless you get the key (which is stored in memory).
To get the key I thought of 3 solutions :
- brute force it by reading all the memory taken from overwatch, and testing each set of bytes on a packet to see if it decrypts it; however you need to know exactly how to decrypt a packet, and how long the key is
- do a MITM attack with blizz's server to decrypt packets (however this also assumes I know exactly how to encrypt/decrypt packets)
- use a debugger to trace the process and figure out what function writes the key to memory, then just grab the key in memory (but overwatch detects debuggers and imma get banned in 20 seconds)
Any idea ? How did they get the key for WoW ?
Thanks in advance.