Concept Ip sniffing now I have progress

[tttommeke]

good sniffing arround

[Tyler Durden]

One way to prove this.
Block a friends ip, both log on. Duel. use sepernt sting on him.
See what happens?
tkxjbai

[Drythils]

crewing around on the net when someone sent me a link to this thread... after reading it, i simply had to register just to point and laugh at you... my go, you really have no clue in hell what you are doing... the client really doesnt do anything...it doesnt even send the value of spells etc, it just tells the server what to cast, and then get an aura applied by the server... blizz has been very up on making everything serverside...

Says the leecher >.>

Good work and good luck to you.

[Xarg0]

While Playing world of warcraft, just enter netstat -a in your cmd promt and you'll see if there are any p2p connections with other players...

[Flying Piggy]

Ok, so I have seen a lot of geeky replies trying to discourage the OP from succeeding in his research.
I don't disagree with them because I have never had the skill to read 1s and 0s, but I do know that infinite bubble and teleportation are still possible (means Blizz isn't that perfect).
I also know that a lot of people are trying very hard to keep those methods underground (possibly some people who replied in this thread).
There is no doubt in my mind that networking analysis is the way to go, and it would be far wiser to start an alliance and work together, than compare just how much you can prove each other wrong.

Again, this is something I KNOW... Its possible.

[Demonshade]

infinite bubble?? :O hook me up!

[wowpanda]

octech,

After read your post I changed my mind. If you actually saw packets from other client computers then you might actually onto something! Maybe Blizzard got cheap and did some shortcuts, and everyone just assumed and didn't look.

My computer is behind 2 firewalls (router and a linux box) with no Upnp, I will try the hunter when I got time.

[freakyflow]

Where the proof that he saw any ip's?

The lame ass screenshot is like the default one and shows nothing but garbage.

The stupidity in this post is astounding. First off you will never get the ip, this is a fact because it does not exist. Secondly Bliz encrypts packets obviously for many reasons.

One of the reasons is that this is proprietary software and worth a shit ton of money, if someone had the money and resources to break the encryption and inject/spoof packets it would not be for some lame ass teleport or bubble. There is only one reason to do this and its striaght of theft of proprietary software in order to copy/emulate it. This would be done by a rival or new company ( china)that would want to compete with wow. This is serious stuff. Finding ip's through wow is retarded.

[tnigs]

not to be lame, but ip sniffing doesnt make you pro :P Do better research before you think you can conquer the world

[tekstorm]

I agree with Piggy. There are some possibilities out there. You have to remember that people, who are not perfect, wrote blizz's software. There is always a way to crack in.

Heck I remember back in '00 that a network security company claimed to have software that could lock down any server so that no hacker could get in. They were so certain that it couldn't be done they had a contest and invited anyone around the world to try to break into one of their systems for 100k prize. Needless to say within 14 hours a guy hacked their system.

The company was shocked and tried get away with not paying the hacker. Of course it went to court and the guy got his money. Moral of the story is IT CAN be done.

To all of those who have flamed the OP you need to stand back and think "What have I done to find an exploit or hack to help support this community?"

We all start out somewhere and sniffing/enumeration usually just happens to be the first step. If you don't gather the info then your not going to get very far.

[BonutDot]

Ok, so I have seen a lot of geeky replies trying to discourage the OP from succeeding in his research.
I don't disagree with them because I have never had the skill to read 1s and 0s, but I do know that infinite bubble and teleportation are still possible (means Blizz isn't that perfect).
I also know that a lot of people are trying very hard to keep those methods underground (possibly some people who replied in this thread).
There is no doubt in my mind that networking analysis is the way to go, and it would be far wiser to start an alliance and work together, than compare just how much you can prove each other wrong.

Again, this is something I KNOW... Its possible.

Possible, but not likely at all.

Teleportation is possible because your character's position is determind by your client. To calculate something like complex collision detection for every player online would take more processing power than blizzard has, so they offload it to each individual client's machine, and trust them to send back good data. When you "fiddle" with the data, either on a packet level or by modifying the client (model editing), the server accepts that you have done what you say you've done, and "teleports" you.

There is no connection made between your computer and another player's. What happens is something like this:

Code:

A  <->  B  <-> C

Where A and C are different clients, and B is blizzard. All communication is made by going through B. If you want to see the packets going in and out of C's machine, you'd need to do some sort of Man-in-the-Middle type of setup like so:

Code:

A  <->  B  <-> Hacker <-> C

to intercept the communications. It is possible, but it's really more work than it's worth, and definitely outside of the scope of a gaming exploit site.


Of course if there is some sort of flaw in the WoW client that sends you more information than is intended, that's another thing entirely. If you can find that, more power to you.

[freakyflow]

There is always a way to crack in

Yes this is true, but if it does not exist theres nothing to crack, this is why this post is retarded. It like breaking into a safe but there nothing inside.

Heres a simple challenge.......... try and capture the same packets for doing your serpent sting 100 times. Open all the packets up in a row and compare them all, and try and find a pattern. proceed to pull your hair out because its all encrypted and there is no bloody pattern.

For the sake of argument lets say your insane and want to continue trying this, the next step would be to try and break the encryption that is sent between the server and you. This is entirely possible but please do it on a private server, changing the packets through injection is an insta ban and against the law, and they will know immediatly. There are many steps to this so ill just jot down the learning progression. Since there are private servers some of this work has been done already for you

1. Capture data that has been narrowed down to as few bits as possible
2. Analyze the data for any patters or results, lots of geuss work and backtracking not to mention an enourmous amount of time.
3. Learn how to inject packets into your client
4. Inject packets that you have decrypted (good luck)
5. Learn how wow protects and secures its packets from injection (or any manipulation) so you can try and circumvent it ( extremely unlikey though any thing is possible)
6. You just hacked wow and hopefuly your not 25 years older than when you began.

Heres someone who wrote breifly about trying to do just this World of Warcraft.NET its looks like he got no where.

There are games out there that use unencrypted packets which would be a good testbed for anyone trying to do this and in all seriousness it much easier to just find a patch exploit then mess around with such core code.

[tekstorm]

Yes this is true, but if it does not exist theres nothing to crack, this is why this post is retarded. It like breaking into a safe but there nothing inside.

Heres a simple challenge.......... try and capture the same packets for doing your serpent sting 100 times. Open all the packets up in a row and compare them all, and try and find a pattern. proceed to pull your hair out because its all encrypted and there is no bloody pattern.

For the sake of argument lets say your insane and want to continue trying this, the next step would be to try and break the encryption that is sent between the server and you. This is entirely possible but please do it on a private server, changing the packets through injection is an insta ban and against the law, and they will know immediatly. There are many steps to this so ill just jot down the learning progression. Since there are private servers some of this work has been done already for you

1. Capture data that has been narrowed down to as few bits as possible
2. Analyze the data for any patters or results, lots of geuss work and backtracking not to mention an enourmous amount of time.
3. Learn how to inject packets into your client
4. Inject packets that you have decrypted (good luck)
5. Learn how wow protects and secures its packets from injection (or any manipulation) so you can try and circumvent it ( extremely unlikey though any thing is possible)
6. You just hacked wow and hopefuly your not 25 years older than when you began.

Heres someone who wrote breifly about trying to do just this World of Warcraft.NET its looks like he got no where.

There are games out there that use unencrypted packets which would be a good testbed for anyone trying to do this and in all seriousness it much easier to just find a patch exploit then mess around with such core code.

What you just said, is what I said in a previous comment. Except it only took me one sentence. Someone with TIME and knowledge would have to attempt this. Also there are tunneling processes that can be done to prevent being traced...any good hacker would know and do this.

[SuperUser]

it's possible that the damage values he's seeing are part of the combat log.

[wowpanda]

That is one nice blog. Thanks tekstorm

Also all great things come from small. Many big projects (google for example) starts as just an idea. No one is smart enough to plan everything ahead exactly, so what come as some simple idea might just grow into something grand.

decrypt ip packets is hard, but if they had a break, they might be able to make the best bot ever (just a thing tcp/ip client). You will be able to bot many instances on the same machine without even feel their presence. That bot will be able to beat actual humans because it no longer interacts with a UI.