memory based bots and proxies requirement questioning

09/03/2012 02:19 go for it#1
first of all ill try my best not to ask a stupid question so i don't get a sarcastic answer just try to be kind im working to get information too and not staying on my bum waiting for spoon feed

im studying reverse engineering (lena151 tuts and more tuts from all over the internet) , didn't give it a try at conquer.exe yet but i guess soon enough ill crack yet , i can manually unpack , i know about self modifying codes , also about protectors and packers but im not yet so good at reverse engineering but im working on getting better

i know much about c++ and c# , but i know nothing about networking and how to send and receive packets (only simple info like chatting msg and simple stuff like that) , also about encryptions , was trying simple stuff like ceaser enc. also umm simple enxor but didn't gone so far with others like dh (which tq use) , also never did try to write/read from memory to get in the memory based bots but i read alot about proxies and how they work with client and server

that's what i know , and what i don't know
and the question now , what do i need to start at any of them (memory based bots or proxies (maybe packets in general))
i need it like that
Quote:
proxies need good knowledge about
programming
  1. packets how to send and reserve
  2. encryptions dh
asm
  1. to get dh
  2. to stop tq client side protection
note : right now im searching and reading (some real helpful guides and posts by pro4never about proxies and more about memory based proxy from imhawtness and his link about Inject Your Code into Another Process ) thanks for u guys
so what i mean out of that is im not staying here only on my bum waiting for your help im working and searching , if u got helpful links and words please post them , if u got some sarcastic posts please keep them for yourself im already subscribed to just 4 laugh gages >.<
09/03/2012 10:03 I don't have a username#2
#Duplicated my post...
09/03/2012 10:03 I don't have a username#3
I'm no help at reverse engineering, but network programming I'm sure I can help.

Try Google around and you could take a look at my Packet Analyzer (or wait for v3, because it'll be better.)

Also a few good links:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

A proxy requires 3 (or more) sockets at all.
1 socket for connection between the server and your proxy.
1 socket for your proxy which is accepting connection.
1 socket for your client connection to your proxy.

Connection:
ProxySocket binds to en endpoint.
ProxySocket connects to the server.
--You login from your client
-- You'll get a connection to the ProxySocket.
ClientSocket should be equal to the socket connecting.

Packet Handling:
Client -> Packet -> Proxy
Proxy -> Packet -> Server

Server -> Packet -> Proxy
Proxy -> Packet -> Client

Basically a proxy is a middle man.
09/03/2012 13:50 go for it#4
im really thankful for you for not replying with sarcastic answer , your answer was more than awesome and im thankful for it , here is my conclusion

i need to work more on my reverse engineering to get the enc. key
meanwhile i also try to read about sockets and create a simple chat application using dhkey and then try to put a simple proxy in the middle as training
does that puts me on the right way :) ? thank you once more time

p.s thanks for the links ill bookmark them and read them one by one ^^
09/03/2012 14:41 I don't have a username#5
It will indeed put you in the right direction. Keep it up :)
09/04/2012 17:55 pro4never#6
Quote:
Originally Posted by go for it View Post
im really thankful for you for not replying with sarcastic answer , your answer was more than awesome and im thankful for it , here is my conclusion

i need to work more on my reverse engineering to get the enc. key
meanwhile i also try to read about sockets and create a simple chat application using dhkey and then try to put a simple proxy in the middle as training
does that puts me on the right way :) ? thank you once more time

p.s thanks for the links ill bookmark them and read them one by one ^^
Just a suggestion... You'll get a bit more answers if you correct your terminology some.

DH is not an encryption. It refers to a key exchange algorithm which lets you 'securely' transmit a key across an unsecured connection in order to initialize whatever key based encryption system you wish to use for the rest of the session.

Conquer (last I checked, correct me if I'm wrong here guys) is using the CAST encryption algorithm. Before that it was using the Blowfish algorithm.

In your case this just means implementing an existing encryption library and then intercepting/modifying the DH exchange process using a man in the middle attack in order to set up the encryption as you wish it to work.

If you look again at my old proxy threads you'll find some more information on man in the middle attacks as well as the old DHExchange.


Your best bet for writing a proxy would be to look at CSV3 private server as it works on newer clients and therefor has fully working DHExchange and game encryption as part of it. The only thing you wont be able to do in this example is the password encryption which is not an issue unless you want to make a standalone bot.


Best of luck. Sounds like you have plenty of knowledge to complete this but it will be a fun learning project for you.