[Discussions]Conquer Packets Flooder

Page 1 of 2 1 2
09/29/2012 20:36 MeGaMaX#1
hello!

long time

i wanna ask a small question i'm not very well with conquer anymore but i got idea and i wanna ask about it

is there any way that we can code a tool that send packets to the server , and its will be acceptable ?

like packets flooder that make the nodes or w/e overload/overflow then crash or make it give connection time out.

if i coded the handshake i was able to send the server a unknown packets ?
or its have own packets check and the server will not be effected

if its have own check , maybe with 5000 threads with unknown packets maybe the server will be under overflow , cuz the packets will be not understand able to the server so may it crash

........................

like what i did with silkroad real files with a friend , packets flooder that flood the exes with unknown packet opcode 0x7777 its will give players dc , then crash the files , its working on real global server and the exploit tool is public but its risky to use it , so the fix is just change the security packets into the client, server files or make your own protocol , but the point is conquer can have something like that or no , C++ will be better

in the end the point is the ddos protection is self will not block the connection, and the idea is not a ddos tool

thanks greetings andrew
09/29/2012 21:11 JohnHeatz#2
Quote:
Originally Posted by androw3349 View Post
is there any way that we can code a tool that send packets to the server , and its will be acceptable ?

like packets flooder that make the nodes or w/e overload/overflow then crash or make it give connection time out.

in the end the point is the ddos protection is self will not block the connection, and the idea is not a ddos tool
So, basically, you are asking if it is possible to DDoS, but then you say not a DDoS tool?

Well basically if you overflow a server with packets, with the appropriate "strength" the DDoS protection won't be able to block it, and you will be able to cause a massive DC for players; but as you seem to be familiar with this, you will know that it would need to be a really powerful attack to do such thing.
09/29/2012 21:58 MeGaMaX#3
Quote:
Originally Posted by JohnHeatz View Post
So, basically, you are asking if it is possible to DDoS, but then you say not a DDoS tool?

Well basically if you overflow a server with packets, with the appropriate "strength" the DDoS protection won't be able to block it, and you will be able to cause a massive DC for players; but as you seem to be familiar with this, you will know that it would need to be a really powerful attack to do such thing.
its not a ddos tool

what i meant here if i coded the handshake etc i will be able to effect the server w/e binary leaked files or custom coded source by unknown packets or no

its will be seems like this

Code:
foreach (Packet packet in list)
                        {
                            packet.GetBytes();
                            int num = new Random().Next(500);
                            Packet packet2 = new Packet(0x7777, true);
                            packet2.WriteAscii(num.ToString());
                            packet2.WriteUInt8((byte) 0);
                            for (int i = 0; i < 750; i++)
                            {
                                security.Send(packet2);
                            }
                            break;
                        }
with 5000 thread , then boom

thanks for your answer
09/29/2012 22:08 I don't have a username#4
Quote:
Originally Posted by JohnHeatz View Post
So, basically, you are asking if it is possible to DDoS, but then you say not a DDoS tool?

Well basically if you overflow a server with packets, with the appropriate "strength" the DDoS protection won't be able to block it, and you will be able to cause a massive DC for players; but as you seem to be familiar with this, you will know that it would need to be a really powerful attack to do such thing.
Ddos = multiple clients flooding
Dos = single flood
09/30/2012 11:07 go for it#5
well when it comes to ddosing/dosing i duno a shit but
why would you send wrong/unknown packets ? prolly the server will ignore them and this won't really effect it
but what about sending a right/knowen packets ? server will make threads for them and it will have more effect , right ?
aka when people was ddosing tq the server wasn't effected like when people was using proxies for mining
so basically if there is 100 person using 50 miners each sending 1 packet per second server will need to handle 50000 packet per second which cause lag
but what about server refusing 5000 unknown packet per second ? it won't even cause lag

that's what i thought of , im not sure if that was right or wrong
so all in all what i mean is server should refuse unknown packets and accept known ones , so i think flooding server with known ones (which everyone will take a thread) is better than flooding it with unknown packets
09/30/2012 20:11 Silent-Death#6
sending a valid packet would require the server to process it longer so would be better for your flooding purpose, but even invalid packets would require the server to run a checking process on it that would eat up some resources. Of course this would require a massive flood to have any impact, and it would also require the initial packet check to be done on the server machine not checked off platform.

If i were to bother with such a thing (when talking specifically about conquer) i would attack the login server instead of the games servers (all initial login requests go into the same server: 208.96.34.46:9959).
I would find this to better suit the purpose for two reasons:
1. all login requests, even legit ones, go into the same machine. More data for the server to deal with while you attack.
2. fucking the login server fucks with all the servers, not just one.

edit:
also if i were to attack tq i would attack their purchase page.
09/30/2012 23:51 MeGaMaX#7
Quote:
Originally Posted by go for it View Post
well when it comes to ddosing/dosing i duno a shit but
why would you send wrong/unknown packets ? prolly the server will ignore them and this won't really effect it
but what about sending a right/knowen packets ? server will make threads for them and it will have more effect , right ?
aka when people was ddosing tq the server wasn't effected like when people was using proxies for mining
so basically if there is 100 person using 50 miners each sending 1 packet per second server will need to handle 50000 packet per second which cause lag
but what about server refusing 5000 unknown packet per second ? it won't even cause lag

that's what i thought of , im not sure if that was right or wrong
so all in all what i mean is server should refuse unknown packets and accept known ones , so i think flooding server with known ones (which everyone will take a thread) is better than flooding it with unknown packets
sorry but you are wrong, if you code the handshake and the protocol between the server and client you will be able to send the server unknown packets in the same protocol that the server knew so its will make the server crash or lag or freeze

and about send any packets type its will effect server hard , cuz its will ask for check.

and about the 5000 , its 5000 threads + read the code i written above

1: the unknown packets attack will effect the server, how !! ? cuz if you send the unknown packets like any packets in the conquer protocol same encryption it will effect it w/e the type of effect.

2: the ddos / dos not effect the server cuz the dd/d tool have not the protocol between the client and server , but if you code it , you will be able even get things free in the servers or the real one even if it have a check maybe you can make dupe bug

3: i'm not talking about ddos /dos tool , i'm talking about a tool have the handshake send unknown packets , it will eat the machine p/r , it will lag / maybe even crash

@Silent-Death

that's what i'm talking about ^_^ valid or invalid packets will kill the server.

.................................................. ........

what about the future that maybe the tool will have
09/30/2012 23:53 Silent-Death#8
true, but invalid ones would require a fucking massive flood.

edit: indeed you are not talking about ddos/dos, you are talking about common flood.
10/01/2012 04:50 MeGaMaX#9
w/e i will give it a shot soon thanks for all who answered :)
10/01/2012 15:55 pro4never#10
Keep in mind that regardless of how many threads you use, you're limited to your connections upload speed.

What you are describing is flooding the server with packets (valid or invalid makes little difference) and so unless you can find a specific method which is easy to exploit in how the server handles particular (valid) packets then your attack will have little effect.

Binary nukers work by spamming whisper packets. the way the server is coded means that each whisper packet requires itterating through all connected clients and running a string comparison between names. as such there's a ton of strain server side between receiving, decrypting, processing the packet and then running the name check to pull the client you are trying to whisper.

Aka CPU strain vs network strain.
10/01/2012 18:17 InfamousNoone#11
^ the real problem occurs because of the synchronization lock required to itterate
10/01/2012 18:28 CptSky#12
If you only think of flooding packets, there is only one way to down a server and it is if you can send more packets than the server can receive and handle. So, you need a better connection and a better computer to hope doing anything to the server.

Else, as stated pro4never, the other solution is to spam a packet which is badly handled. It's using the bad design of the emulator. Mostly anything which requires an iteration with a lock (as stated Infamous) will do the thing. In fact, there was a similar way do down my server at some point. It was to go in the Training Ground and attack with thunder extremely fast. As each thunder had a Thread.Sleep for the intonation time, at some point, all clients were disconnected.

A packet flooder won't work unless you find a fail in the packet handling.
10/01/2012 19:25 MeGaMaX#13
Quote:
Originally Posted by pro4never View Post
Keep in mind that regardless of how many threads you use, you're limited to your connections upload speed.

What you are describing is flooding the server with packets (valid or invalid makes little difference) and so unless you can find a specific method which is easy to exploit in how the server handles particular (valid) packets then your attack will have little effect.

Binary nukers work by spamming whisper packets. the way the server is coded means that each whisper packet requires itterating through all connected clients and running a string comparison between names. as such there's a ton of strain server side between receiving, decrypting, processing the packet and then running the name check to pull the client you are trying to whisper.

Aka CPU strain vs network strain.
Quote:
Originally Posted by CptSky View Post
If you only think of flooding packets, there is only one way to down a server and it is if you can send more packets than the server can receive and handle. So, you need a better connection and a better computer to hope doing anything to the server.

Else, as stated pro4never, the other solution is to spam a packet which is badly handled. It's using the bad design of the emulator. Mostly anything which requires an iteration with a lock (as stated Infamous) will do the thing. In fact, there was a similar way do down my server at some point. It was to go in the Training Ground and attack with thunder extremely fast. As each thunder had a Thread.Sleep for the intonation time, at some point, all clients were disconnected.

A packet flooder won't work unless you find a fail in the packet handling.
thanks for the answers , about the cpu + network i thing its perfect for testing

pc : 32 GB ram DDR3 , Xenon 3.x , 1 GB Connection , 3 690 GTX SLI

this pc sure not for conquer xD , i'm a graphic designer , game & simulation programming

i'm busy right now with cracking the ea medal of honor warfighter protocol with edxlabs team after i haxed the files ^_^ ( feel sorry for them game start open beta 23-10)
[Only registered and activated users can see links. Click Here To Register...]

.....................................

i just asked about if the packet flooder will work with conquer same i did with sro or no

and i think nothing is impossible i will give it a shot soon after i understand mohw

thanks for all who answered in the thread

greetings for all
10/01/2012 22:24 JohnHeatz#14
On any case if you actually want to produce any sort of "damage" you will need a real good upload speed on your pc, ignoring other specs of it
10/01/2012 22:52 Silent-Death#15
lol you're paving your path to jail
Page 1 of 2 1 2