|
You last visited: Today at 19:41
Advertisement
Intercept not working on int server ?
Discussion on Intercept not working on int server ? within the Kal Online forum part of the MMORPGs category.
07/08/2016, 22:05
|
#1
|
elite*gold: 0
Join Date: Nov 2007
Posts: 170
Received Thanks: 4
|
Intercept not working on int server ?
Hello guys.
when i try to hook send or recv functions xtrap is detect the intercept
can anyone tell me where is the problem ?
|
|
|
07/08/2016, 23:23
|
#2
|
elite*gold: 0
Join Date: Oct 2009
Posts: 71
Received Thanks: 70
|
If u read at last few posts u will know that:
a) don't hook recv / send function in kal (or you must patch xtrap to work it)
b) hook recv / send in ws2_32 and place hook 5 bytes after func start to work ( xtrap check this functions prolog).
c) use other magic metods xD
d) 0xfffffffffffff topics about it here and on other forums.....
|
|
|
07/09/2016, 16:23
|
#3
|
elite*gold: 0
Join Date: Nov 2007
Posts: 170
Received Thanks: 4
|
Quote:
If u read at last few posts u will know that:
a) don't hook recv / send function in kal (or you must patch xtrap to work it)
b) hook recv / send in ws2_32 and place hook 5 bytes after func start to work ( xtrap check this functions prolog).
c) use other magic metods xD
d) 0xfffffffffffff topics about it here and on other forums.....
|
thanks now hooked is success ,but packet is encrypted right ?
|
|
|
07/10/2016, 03:25
|
#4
|
elite*gold: 220
Join Date: Jun 2007
Posts: 3,768
Received Thanks: 1,126
|
on Recv not, on Send yes
|
|
|
07/10/2016, 03:32
|
#5
|
elite*gold: 0
Join Date: Nov 2007
Posts: 170
Received Thanks: 4
|
Quote:
Ok thanks meak1, but how to decrypt it ?
|
|
|
07/10/2016, 03:33
|
#6
|
elite*gold: 220
Join Date: Jun 2007
Posts: 3,768
Received Thanks: 1,126
|
Quote:
Originally Posted by MenPirate
Ok thanks meak1, but how to decrypt it ?
|
you dont need to decrypt, just 'use' the send
|
|
|
07/10/2016, 07:28
|
#7
|
elite*gold: 0
Join Date: Sep 2008
Posts: 108
Received Thanks: 23
|
If he wants to sniff send packets then yes he need to decrypt.
Or there exist another send function which can be hooked by viable and undetected
|
|
|
07/10/2016, 19:39
|
#8
|
elite*gold: 220
Join Date: Jun 2007
Posts: 3,768
Received Thanks: 1,126
|
Quote:
Originally Posted by luki180pl
If he wants to sniff send packets then yes he need to decrypt.
Or there exist another send function which can be hooked by viable and undetected
|
you can hook for some minutes or Secounds, its enough to get the Needed Send packets
otherwise, yes u need to decrypt the Packets, have fun
|
|
|
07/12/2016, 08:18
|
#9
|
elite*gold: 0
Join Date: Nov 2007
Posts: 170
Received Thanks: 4
|
Quote:
you dont need to decrypt, just 'use' the send
|
really i dont understand.
we hooked winsock send function and this is end point of packet senden.
as i know
step 1: Generate send packet
step 2: Push generated packet to the engine send function
step 3: encrypt the packet
step 4: send the packet to server with winsock send function
and now if i want to send packet to the server i must start from step 3 until step 4
this what i understood, is that correct?
|
|
|
07/12/2016, 22:16
|
#10
|
elite*gold: 0
Join Date: Oct 2009
Posts: 71
Received Thanks: 70
|
READ THIS..... its easy like 1+1 ffs
|
|
|
07/13/2016, 15:37
|
#11
|
elite*gold: 0
Join Date: Nov 2007
Posts: 170
Received Thanks: 4
|
Note " im working with int server not private "
thx nokia999
really i understand this tutorial,
as u said if i want sniff the send packet i must decrypt it to be readable,
after that i will going to send my packet to the server already this will be decrypt packet
and we also send the packet with the end point ws2_32.dll send function .
and meak1 said send packet is encrypted this mean the data of packet must go to server encrypted ,
now if i send my decrypted packet the server will understand it?
|
|
|
07/13/2016, 16:43
|
#12
|
elite*gold: 0
Join Date: Oct 2009
Posts: 71
Received Thanks: 70
|
I want that you read from tut i posted link:
DWORD PBACK = 0x000000;// <- U need to get the Back Adress with IDA etc. Or do it with SearchPattern. PBACK = KALONLINE INTERNAL SEND FUNCTION ADRESS + PROLOG !!
#define SendASM __asm{ push ebp };__asm{ mov ebp, esp };__asm{ sub esp, 18h};__asm{ JMP PBACK}; // CHECK WITH IDA PROLOG OF KAL SEND FUNCTION ITS NOW A LITTLE CHANGED, THIS ONE HER IS FROM OLD KALONLINE!!
__declspec(naked) int __cdecl SendPacket (BYTE Header , LPCSTR Format , ... ){SendASM;} // AND THIS IS DEFINITION OF SEND FUNCTION THAT YOU USE IN YOUR DLL. USE LIKE: SendPacket(146, "bbb", 0, 10, 0) - it send move stop by 10 on y axis packet.....
|
|
|
07/13/2016, 17:16
|
#13
|
elite*gold: 0
Join Date: Nov 2007
Posts: 170
Received Thanks: 4
|
dude in int kal we cant detour send function in engine cuz xtrap is detect it....
we hook winsocket function to avoid it ...
|
|
|
07/13/2016, 18:29
|
#14
|
elite*gold: 0
Join Date: Oct 2009
Posts: 71
Received Thanks: 70
|
Where you see detour... Just call oryginal kalonline send function like i show you.
You call kalonline send function with parameters thats all not DETOURS / HOOK it^^.
Adress of send function finde with IDA or use pattern search in your dll.
|
|
|
07/14/2016, 22:25
|
#15
|
elite*gold: 0
Join Date: Sep 2008
Posts: 108
Received Thanks: 23
|
Xtra detects changes in engine code section. But it will allow you to use send function as your own
|
|
|
|
|
Similar Threads
|
Intercept all HTTP Traffic
04/13/2015 - CO2 Programming - 0 Replies
I need help..
I am trying to write a windows service using .NET that monitors the http traffic and block loading few JS scripts and show a warning message to the user saying few scripts are blocked due to company policy. And this windows service runs on all users computers. I tried writing a local proxy and started alter every response and inject a html warning message. But the response is delaying and users started reporting slow browsing speed because of local proxy. Is there any other...
|
Rage-Scape 723 Server - Working Grand Exchange - All skills working - Minigames - ETC
01/12/2015 - Runescape Private Server - 5 Replies
Welcome to my brand new 723 server :) I have been working on this project for a few months now, hope you enjoy!
I have just started this server a few days ago, currently there are no staff :)
Website: Rage-Scape - Let the legend begin!
Minigames:
Fight Caves
Fight Kiln
Dominion Tower (All 5 Modes)
Crucible
|
Intercept problem
09/27/2011 - General Coding - 4 Replies
Hi i have some trouble with a new project.
i want to binary intercept a WSprintf function.
as i dont want to intercept all WSprintf functions i dont directly detour it, i call my own function where WSprintf() gets called.
to make things clearer i will show you some screens:
original function:
http://img3.imageshack.us/img3/8640/orig.png
original function detoured:
|
Piss people off, intercept when they drink/eat!
10/04/2008 - WoW Exploits, Hacks, Tools & Macros - 3 Replies
Ok, today I finally got enough Brewfest Tokens to buy the "Brew of the Month" Club Membership Form"
When I delivered it, i gain access to a vendor, a special Brewfest Member only vendor, that sold some Beer/vine.
When you drank it, you get an item "Empty Brew Bottle"
This is where the fun part begins:
When you got a Empty Brew Bottle, you can right click it and choose a target where to throw it, you can also throw it at people.
That doesn't seem like an exploit, well, if you throw it...
|
All times are GMT +2. The time now is 19:41.
|
|