Register for your free account! | Forgot your password?

Go Back   elitepvpers > New Arrivals > Blade & Soul > Blade & Soul Hacks, Bots, Cheats & Exploits
You last visited: Today at 23:49

  • Please register to post and access all features, it's quick, easy and FREE!

 

[Guide] Basics of Packet Editing in BnS

Reply
 
Old   #1
 
elite*gold: 0
Join Date: Jan 2006
Posts: 29
Received Thanks: 34
[Guide] Basics of Packet Editing in BnS

I will be discussing and teaching you how to packet edit in hopes people will later contribute their discoveries. I've placed a short explanation below about what it's about. Skip straight to the instructions if you can't be bothered.

This is a very old method and has been around for years now, but it will ALWAYS work. In EVERY MMO you ever play, and every online game for that matter, and is one of the most powerful ways to hack a game. With enough creativity, you can achieve anything from invincibility to duping. The extent to which you can manipulate the game is limited by your own creativity and the security of the game. Blade and Soul has been out for nearly half a decade now so nearly everything has been tried. Nothing is ever 100% secure however, and some things are just plain unpreventable.

Essentially what's happening is, every time you perform an action, activate a skill, interact with an NPC, use any item in your inventory, your game client sends a packet to the server, saying exactly what you did, and as long as the server agrees everything's okay, your character performs that action.

For example, if you use the skill Swift Strike, since it is a skill that TARGETS, unlike Tiger Strike, which is an AREA attack. If you attack a target A with Swift Strike, you will notice that when you resend the packet to the server, you will ALWAYS attack target A no matter which direction you're facing, or even if there's a target B between you and A, which would otherwise be impossible to do. As long as you are within the distance of target A of course.

Another example is when you capture and resend the packet of talking to a specific warehouse npc, no matter where you stand, as long as you're in the same zone, if you send the packet, you can open your warehouse from anywhere. As soon as you try to deposit or withdraw an item however, your client sends a packet to the server saying, hey, deposit this item into this slot. The server receives the packet and says, okay, hold on, let me double check everything is okay first. It goes through a series of checks, one of which is your distance to the npc. It realizes that you are actually not close enough to the target to even interact with it. It will then give you an error and tell you to screw off.

The thing is, NCSoft can't place checks in place for every single action. Do you realize how many times the warehouse npc is open and closed every second. If they checked your player distance every time you tried to open the warehouse, it would be an insane waste of server resources and bandwidth. They definitely know about this already but frankly don't care if you can open your warehouse from 1,000m away or not. As long as it doesn't give you an advantage. I forget what I have in my storage a lot though, so it might be convenient for me. Being able to deposit and withdraw remotely is definitely an advantage though however, so they were forced to place a check in for that.

So without further ado, let's begin.

We need a few programs.

1. (Virus scan will detect as a Trojan. Don't use if you don't trust it, or find your own copy of it)
2. (7.2, not 8.0.)
3. (Any version. I'm using 3.29)

First, go to your Windows start menu, type in:
Code:
cmd
. This will open up your command prompt. Type in:
Code:
ipconfig
Grab your IP address and copy it down.



If you have multiple ones, Ethernet adapter is if you're connected to the internet through the wall. Wireless adapter is for WiFi.

Set up your CCProxy and Proxifier settings as follows:




Make up your own username and password.

Double check your connection in Proxifier. It needs to look like this:



FINALLY. Onto the fun part. Open up WPE Pro, and target CCProxy. Now WPE Pro will be able to capture every single packet coming in and out of your computer. Fire up Blade & Soul!

You'll notice a bunch of shit pops up in proxifier when you fire up the game:


One is not like the rest however! One of the Client.exe has a considerable amount more traffic than the others. That's the IP address you want. The port number is really all you need to remember, no need to write down all of it. For me, I just remembered "10100".

Go into the game, find something to do. I recommend trying to open up a warehouse NPC first. Find a relatively empty area, more people = more traffic. More traffic = more packets to dig through. This part is a lot easier if you have two monitors. "Start Logging" in the top left of WPE Pro. Quickly go back to your game, talk to the NPC, go back to WPE Pro, hit "Stop logging".

A window with a bunch of mumbo jumbo will pop up:



Hit the icon that looks like two plus signs to collapse it into a more readable format. Find the first packet you see where the DESTINATION contains the port number you remembered. MAKE SURE THE FUNCTION IS SEND. You are resending packets here. You don't want to send a received packet. That's how you get yourself banned.

Go ahead and walk far away from the NPC. Right click the packet and hit send. Then hit the play button. VOILA! You should be able to talk to him from anywhere. (In the zone I believe).

Now comes your part. Try capturing every packet you can and resending it. Capture the packet when you roll a Daily Dash and resend that, see what happens. Try sending a packet of yourself eating food or using a revive scroll when you don't have any in your inventory. Try sending a packet of using Mushin 5F scroll when you don't have any. Try offering your weapon a reinforcement gem and then sending a packet to deposit the gem into the warehouse while in the middle of offering, to preserve it.

The most common ways to dupe in MMOs are to force packet sends to open up windows when you aren't supposed to, and make trades or sell things in multiple windows with the same item. Ways of duping gold would be trying to turn in the same quest multiple times, or receive some kind of reward multiple times.

Ways of invincibility are a lot more complicated. They involve something called packet replacement, and requires packet EDITING, not just copy and resend.

For example in some games, the server sends a packet to the player telling them how much damage to receive, as the packet comes to your computer, it is intercepted, you have a program that scans every packet and when it sees one that is describing damage, it edits the packet and replaces the damage with 1 every time. At this point I haven't decrypted the HEX offsets of the packets, so I don't plan on packet editing any time soon. And frankly, I probably don't have time to do so.

But yea, have fun! Don't get upset if I don't respond to your questions instantly. I'm busy and BnS isn't my life If you ask, I'm sure others will gladly help though.



atsay714 is offline  
Thanks
11 Users
Old   #2
 
elite*gold: 0
Join Date: Dec 2007
Posts: 72
Received Thanks: 2
Well I have to say thank you for the Guide, it has opened me up an I gave it a shot. Though I could get quite much to work other then getting the Warehouse NPC to open up anywhere within the Zone (just as you instructed lol). But I also did the same just for ***** an giggles for the General Items merchant. I'm new to this so I was quite impressed about just being able to do those. I did try completing quest to see what would happen, nothing, so not sure if i'm doing something wrong or it just plan can't be done in that fashion. But thank you again for the guide.


DJSketch is offline  
Old   #3
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 273
your post is quite misleading.
i dont need all that **** installed for WPE to see packets, mine reads packets just fine on WSASend/WSARecv

The last bit of your post talks about duping and godmode etc, don't give false hope - there are a lot of morons here and you're going to get spammed to death. godmode is very very rarely possible in any AAA title. duping is just the same. in the last 4 major MMORPGs i hacked, only 1 had something resembling godmode - which was a way to heal yourself to max pretty easily =p
no dupes or true godmodes.

Quote:
"Now comes your part. Try capturing every packet you can and resending it. Capture the packet when you roll a Daily Dash and resend that, see what happens.
this is not great advice. the packet is encrypted and if you dont understand what you are sending you can cause all kinds of red flags and get your *** banned FAST.

Quote:
you have a program that scans every packet and when it sees one that is describing damage, it edits the packet and replaces the damage with 1 every time
this only works if the server trusts the client, which BNS does not. if you die on the server, you die on the client regardless of what your client believes.
Izeliae is offline  
Old   #4
 
elite*gold: 0
Join Date: Jul 2009
Posts: 1,116
Received Thanks: 329
Why are you... edit that thread immediately! :P
Few of us hacked lots of shop currency in diverse games, like Dragonica, RoboCraft and more.
WPE is a packet (opcode) sender. If anyone knows how it works, you are just a step closer getting deeper into the "which opcodes are save and which not" aspect of the game :b


blapanda is offline  
Old   #5
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 273
Quote:
Originally Posted by blapanda View Post
Why are you... edit that thread immediately! :P
Few of us hacked lots of shop currency in diverse games, like Dragonica, RoboCraft and more.
WPE is a packet (opcode) sender. If anyone knows how it works, you are just a step closer getting deeper into the "which opcodes are save and which not" aspect of the game :b
why would he need to edit it? all he said was attach wpe. literally anyone could figure this out by googling "how to packet edit" lol.
btw, i dont think you'll be seeing shop currency hacks on this game. the shop is completely external
it is sad they dont use a rotating encryption though. no big deal though.
Izeliae is offline  
Old   #6
 
elite*gold: 0
Join Date: Jan 2006
Posts: 29
Received Thanks: 34
Quote:
Originally Posted by Izeliae View Post
your post is quite misleading.
i dont need all that **** installed for WPE to see packets, mine reads packets just fine on WSASend/WSARecv

The last bit of your post talks about duping and godmode etc, don't give false hope - there are a lot of morons here and you're going to get spammed to death. godmode is very very rarely possible in any AAA title. duping is just the same. in the last 4 major MMORPGs i hacked, only 1 had something resembling godmode - which was a way to heal yourself to max pretty easily =p
no dupes or true godmodes.


this is not great advice. the packet is encrypted and if you dont understand what you are sending you can cause all kinds of red flags and get your *** banned FAST.

this only works if the server trusts the client, which BNS does not. if you die on the server, you die on the client regardless of what your client believes.
You're able to capture packets by directly targetting the game client through WPE? How? And even if you are, once GameGuard comes back on, you won't be able to anymore. This method is fool proof, especially if you direct you traffic through a virtual machine, or another spare computer, instead of just your localhost.

Also, it should go without saying this will get you banned if you aren't careful.
atsay714 is offline  
Old   #7
 
elite*gold: 0
Join Date: Mar 2014
Posts: 111
Received Thanks: 6
thanks atsay714
**** Izeliae
cabal3 is offline  
Old   #8
 
elite*gold: 0
Join Date: Mar 2006
Posts: 1,193
Received Thanks: 220
So, BnS Packets are not Time Stamped?
killzone is offline  
Old   #9
 
elite*gold: 0
Join Date: Sep 2014
Posts: 541
Received Thanks: 574
Quote:
Originally Posted by atsay714 View Post
You're able to capture packets by directly targetting the game client through WPE? How?
He just said it atsay...He directly hooks WSASEND/WSARECV from ws2_32.dll and either

a) Reverse engineer the results
b) Make the results appear on his own program, or a third party program.


Quote:
and even if you are able to do that. Once gameguard comes back you won't be able to do it again
I'm pretty sure we was still able to see packets with the russian GG bypass, unless there was something I missed out. The only reason why he said the packets are encrpyted is well...because litterly almost all MMO games have encrpytion packets it would beidiotic for any developer to not encrypt the packets. Yes, we do probably have the ability to resend/rerecv packets at this time but if we want to edit the packets for full functionality. We need to learn how the packet structure works.

That being said. I vote Izel to be president of bns modding.
[P2933]Step29 is offline  
Old   #10
 
elite*gold: 0
Join Date: Jan 2006
Posts: 29
Received Thanks: 34
Quote:
Originally Posted by [P2933]Step29 View Post
He just said it atsay...He directly hooks WSASEND/WSARECV from ws2_32.dll and either

a) Reverse engineer the results
b) Make the results appear on his own program, or a third party program.




I'm pretty sure we was still able to see packets with the russian GG bypass, unless there was something I missed out. The only reason why he said the packets are encrpyted is well...because litterly almost all MMO games have encrpytion packets it would beidiotic for any developer to not encrypt the packets. Yes, we do probably have the ability to resend/rerecv packets at this time but if we want to edit the packets for full functionality. We need to learn how the packet structure works.

That being said. I vote Izel to be president of bns modding.
So what's the purpose of your post again?
atsay714 is offline  
Old   #11
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 273
Quote:
Originally Posted by atsay714 View Post
You're able to capture packets by directly targetting the game client through WPE? How? And even if you are, once GameGuard comes back on, you won't be able to anymore. This method is fool proof, especially if you direct you traffic through a virtual machine, or another spare computer, instead of just your localhost.

Also, it should go without saying this will get you banned if you aren't careful.
GG isn't a concern, as step said it's easy to remove. Man in the middle is always a good method. Alternatively any loopback adapter will also work if you can't attach to the game. You can use wireshark too.

Want to come down the rabbit hole with me?

Btw, I already have packets decrypted and can send my own. The inventory, bank, trading, vendoring, and combat all seem to be quite solid and 100% server controlled, I wasn't able to introduce any bugs with them. Might save you some time.

Ps, I wasn't trying to be pedantic, just your post didn't list any warnings and was quite optimistic.

@step lol president of modding? Uh I'm not even being really helpful. Just pointing people in the right direction (or trying to). But thanks?
Izeliae is offline  
Old   #12
 
elite*gold: 0
Join Date: Jan 2006
Posts: 29
Received Thanks: 34
Quote:
Originally Posted by Izeliae View Post
GG isn't a concern, as step said it's easy to remove. Man in the middle is always a good method. Alternatively any loopback adapter will also work if you can't attach to the game. You can use wireshark too.

Want to come down the rabbit hole with me?

Btw, I already have packets decrypted and can send my own. The inventory, bank, trading, vendoring, and combat all seem to be quite solid and 100% server controlled, I wasn't able to introduce any bugs with them. Might save you some time.

Ps, I wasn't trying to be pedantic, just your post didn't list any warnings and was quite optimistic.

@step lol president of modding? Uh I'm not even being really helpful. Just pointing people in the right direction (or trying to). But thanks?
No problem! Yea, I wasn't promising any crazy hacks or anything, I was simply giving people the tools to help contribute to this community. I think we can both agree that with a game this old, nearly every exploit has been tried and patched. But at this point, the only hopes of finding anything are through unforseen bugs. For example, reinforcing an item with a gem, and then selling the gem to an NPC during the evolution. Then buy the gem back from the npc after.

That in itself would already be game breaking, and it only takes 1 discovery

But hey, if nothing is discovered, no skin off my teeth. I'm pretty busy with rl stuff, so just here to watch the world burnn
atsay714 is offline  
Old   #13
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 273
You're absolutely right. Unfortunately enchanting a weapon is just an animation. You send the "enchant" packet at the very end. You can spam it to enchant instantly, assuming you can create the packet properly (resending won't do it unless you gave a big stack). You can see why that breaks your above method instantly

I work a lot myself so I dont have time to do much either. I mostly play weeknights and hack weekends lol.
Luckily I can troll around on my phone when I'm bored at work
Izeliae is offline  
Old   #14
 
elite*gold: 0
Join Date: Mar 2014
Posts: 111
Received Thanks: 6
success

i have 99999 gold, tks atsay714

Quote:
Originally Posted by Izeliae View Post
I'm botting on my actual ip because I'm dumb
ban all bot
cabal3 is offline  
Old   #15
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 273
Quote:
Originally Posted by cabal3 View Post
success

i have 99999 gold, tks atsay714


ban all bot
Butthurt much?
Lmao you even copied it from a completely different thread. I'm impressed with your stupidity. Go to school


Izeliae is offline  
Reply



« Previous Thread | Next Thread »

Similar Threads
Understanding the Packet System - Basics of a Packet explained
Read the advice first... *****************UPDATED 12/11/2011********************************* **** ADDED VB6 PROXY BOT SOURCE-CODE, WORKING...
30 Replies - Cabal Main - Discussions / Questions
[Question] Packet data , packet editing ??
I would like to know : What is packet data? How do i get the address for hacking a item in game? How to use it ??
2 Replies - 9Dragons
What happened CO packet editing guide?
i cant find it so what happened to it :o
1 Replies - CO2 Main - Discussions / Questions



All times are GMT +1. The time now is 23:49.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy
Copyright ©2017 elitepvpers All Rights Reserved.