Packet Bot Developing

Hey guys so i have been looking into tcp clients and how packets are posted and requested anyway. I recorded all traffic coming through pc with live httpheaders and logged into darkorbit. I found the post request for it however i realized that the url is SAS authenticated meaning the client has to present authentication information to the server to allow the client to be authenticated. It supposedly requires server authentication, by sending a 401 (“Unauthorized”) response to the client's initial request. This response will contain a WWW-Authenticate header providing the client with details on how to authenticate with the server. However i didn't find that when logging into DO i don't know if i just wasn't looking hard enough or wrong program was used maybe i need to use wireshark or something. Anyways i want to post this packet but don't know the ulr :(

request.setOpt(new curlpp::options::UserAgent("Mozilla/5.0"));
request.setOpt(new curlpp::options::AutoReferer(true));
request.setOpt(new curlpp::options::url("auth3.bpsecure.com/sas/authentication/bigpoint?authUser=slfsf randomly generated token adfasf");
request.setOpt(new curlpp::options::HeaderFunction(curlpp::types::Wri teFunctionFunctor(utilspp::BindFirst(utilspp::make _functor(&writeData),&buffer))));
request.setOpt(new curlpp::options::WriteFunction(curlpp::types::Writ eFunctionFunctor(utilspp::BindFirst(utilspp::make_ functor(&writeData),&buffer))));
request.setOpt(new curlpp::options::Referer("something i also don't know..."));
request.setOpt(new curlpp::options::Post(true));
request.setOpt(new curlpp::options::PostFields(form));
request.setOpt(new curlpp::options::CookieFile("something that will be recieved after loging in i think??"));
request.perform();

Anyway this is C++ VS, I had some idea that i could create a webbrowser control to navigate to site and login, and a tcplistener that would record the authentication variables that would then be used to send this packet but 1. that would make it slow and 2. i think that the authentication variables are time based so it can only be used once or for x time. All help is appreciated thanks.

Edited: Yeah by the way all of those ::o are not supposed to be emoji's it is actually :: options without the space

So you are programming in C++ right? You could see the UDOBot source, may will help you.

What if the token is generated, if it can parse. )))

Quote:

Originally Posted by KaloianBG So you are programming in C++ right? You could see the UDOBot source, may will help you.

Hm it seems they actually do it differently they decide to connect to an already created connection. So they never even go through with what i am doing. I mean it has the downside of you having to log in through website before using bot or i mean you could even have the bot check that if you wanted its not that hard to create an extra webbrowser control to read off some html. Well thanks man i have not ever heard of this bot. But damn it has a lot of code.

Quote:

Originally Posted by raposik What if the token is generated, if it can parse. )))

I don't think you can parse the SAS token. But i may be wrong.

First get the basics of coding and web development. Then try to create a "packet bot".

Darkorbit has 2 encryption systems and 1 custom. Theres a key exchange but not this way

Quote:

Originally Posted by parkemia Hey guys so i have been looking into tcp clients and how packets are posted and requested anyway. I recorded all traffic coming through pc with live httpheaders and logged into darkorbit. I found the post request for it however i realized that the url is SAS authenticated meaning the client has to present authentication information to the server to allow the client to be authenticated. It supposedly requires server authentication, by sending a 401 (“Unauthorized”) response to the client's initial request. This response will contain a WWW-Authenticate header providing the client with details on how to authenticate with the server. However i didn't find that when logging into DO i don't know if i just wasn't looking hard enough or wrong program was used maybe i need to use wireshark or something. Anyways i want to post this packet but don't know the ulr :( request.setOpt(new curlpp::options::UserAgent("Mozilla/5.0")); request.setOpt(new curlpp::options::AutoReferer(true)); request.setOpt(new curlpp::options::url("auth3.bpsecure.com/sas/authentication/bigpoint?authUser=slfsf randomly generated token adfasf"); request.setOpt(new curlpp::options::HeaderFunction(curlpp::types::Wri teFunctionFunctor(utilspp::BindFirst(utilspp::make _functor(&writeData),&buffer)))); request.setOpt(new curlpp::options::WriteFunction(curlpp::types::Writ eFunctionFunctor(utilspp::BindFirst(utilspp::make_ functor(&writeData),&buffer)))); request.setOpt(new curlpp::options::Referer("something i also don't know...")); request.setOpt(new curlpp::options::Post(true)); request.setOpt(new curlpp::options::PostFields(form)); request.setOpt(new curlpp::options::CookieFile("something that will be recieved after loging in i think??")); request.perform(); Anyway this is C++ VS, I had some idea that i could create a webbrowser control to navigate to site and login, and a tcplistener that would record the authentication variables that would then be used to send this packet but 1. that would make it slow and 2. i think that the authentication variables are time based so it can only be used once or for x time. All help is appreciated thanks. Edited: Yeah by the way all of those ::o are not supposed to be emoji's it is actually :: options without the space

Said shortly if you want to make a packet bot in each new Darkorbit build you have to decrypt/deobfuscate their damned main.swf and then to change the packets because in each new version they are changing the packets... Or if you figure out something which is doing this process automatically, that will be big hit. :)

I thought they are just exchanging the packet IDs?

Quote:

Originally Posted by Red_John I thought they are just exchanging the packet IDs?

Lately they are dooing more then that, changing the params order of packets and more.

Quote:

Originally Posted by Sήøwy Lately they are dooing more then that, changing the params order of packets and more.

and shifting integers randomly

So are you trying to make a bot for the client or for the website?

Quote:

Originally Posted by manulaiko3.0 So are you trying to make a bot for the client or for the website?

Wait they have a downloadable client for DO i did not even know that where do you get it. Because i thought they were all about playing games without downloads.

Quote:

Originally Posted by parkemia Wait they have a downloadable client for DO i did not even know that where do you get it. Because i thought they were all about playing games without downloads.

The game ur playing is a client. A flash client.

the main.swf is the first step but ...it "s encrypted.

Quote:

Originally Posted by mouradhndr the main.swf is the first step but ...it "s encrypted.

Well i already have that and i am looking through it. Its really just looking for all the different variables i need. I am also considering making an updater program for the bot that will detect the current build of DO and if its a new build it will update the program itself so the bot will work.