packet structure

L3r0y~J3nk1n$ · 03/08/2008, 06:27

For what I'd like to do, I think packets are the place to start. After that, probably java then C and VB. This is a question for the people here who are self-taught... what resources would you recommend for...
1. understanding packet structure
2. learning some programming language without enrolling at the local university

I'm mainly interested in packet structure and how to capture/decipher/edit/send them, and eventually I'd like to "automate" these functions by writing some programs. Where can I go to learn this stuff?

BaGGy · 03/08/2008, 06:34

Packet Structure is quite a large subject to start with... first thing to learn is the OSI model, which then leads to TCP/IP and finally then you can learn packet frames and structure. Both you wont learn overnight, they will take extensive reading and research to just learn the basics.

L3r0y~J3nk1n$ · 03/08/2008, 06:41

I'm familiar with the OSI model, and have worked on Cisco routers and switches in the past (setup and config, etc) but what I'm asking is how to look at the information in the packets and (guessing here cuz I'm noob at this) how that relates to API functions... I'd also like to look into editing dll files eventually. Can you recommend some recources?

Hiyoal · 03/08/2008, 06:49

Most of us self taught programmers dont know packets that well. Even leavemealone is still learning about them.

I would personally start on a programming language, such as VB or VC#.

Ive started on VC# just in the last week and ive already made my first "Real" hack in which I will be releasing soon

Hiyoal

BaGGy · 03/08/2008, 07:16

Packets have a lot of depth. They revolve entirely around the OSI Model, and follow through extremely well with the TCP/IP Protocol. If you understand both, then the next step is to learn a few things about programming. Because you can't edit DLL's theoretically speaking; however, you can use them to your advantage. Generally you DLL's aren't even the house for a lot of these packets anyway.

But you are trying to mix two different subjects when you ask how packets relate to API functions.

But let me tell you this, if you just want to learn how they work together look into Winsock 1.1 and 2.0 as well as socket programming. Also look into code injection, code caves, function hooking/detours, and api spying. Again its not just learning one thing and assuming you can play with it, it will require a lot of research. Because not only will you get involved with packets themselves, but you eventually will learn PE tables, IAT, and all sorts of neat things that make computers work.

I probably ranted too much, but to sum it up. Looking at what is inside that packet will take more than just a simple packet sniffer; which does work in some cases.

---
Also know that anyone can know syntax, but few understand what it takes for that syntax to execute.

bone-you · 03/08/2008, 07:42

I think the question was misunderstood. The question isn't about layers of hardware and such regarding packets, but how to manage and manipulate them in *** language?

All a packet is, is a "struct {}" in theory.

Each value can be represented by it's size.

For example, every CO packet starts with the same 2 values first. size, then identifier which are both 2 bytes each.

struct {
unsigned short size;
unsigned short identifier;
}

would be the start to -every- CO packet. The rest of it is packet dependent. This is just a visual representation of the packet though. You can just as easily work with the packet as a single entity and access each value by offset instead of struct member. ^^ hope that is what you were asking.

L3r0y~J3nk1n$ · 03/09/2008, 05:40

Thanks for the answers guys! So, the size/id is why I see people referring to packets by a 4 byte designation.

Bone was right about what I'm asking...
1. How to understand what I'm looking at when I see a packet (then I can find what to edit)
2. How to do stuff with it, using code of some kind

I'd like to figure out the contents of a packet, and then I can learn how to do stuff with it. If I lack the tools to do what I want, I'll have to learn how to write some.

Maybe I'll make a hobby of this if it's not to hard to pick up in my spare time.

leavemealone · 03/09/2008, 05:59

Seems like you might want to learn how to make a proxy that can handle and manipulate packets. With Conquer Private Servers, the client sends certain packets to the server and the server has packet structures in it on what to send to the client for the client to understand it etc. First of all you would probably want to learn how to log packets and decrypt them then understanding them.

L3r0y~J3nk1n$ · 03/09/2008, 06:10

Yep I need a noob-friendly primer on the subject and once I get my feet wet I should be able to figure out where to go from there, what to read, etc.

leavemealone · 03/09/2008, 06:21

I never exactly took tutorials, i usually went to open source sites like

etc and found certain things i looked at interesting then recoded them to my needing/likings.

iliveoncaff2 · 03/09/2008, 08:10

OOoo OOooo PICK ME PICK ME!
I'm one of those self-taught'rs that knows just about EVERYTHING about CO packets (really, lmao).
1. Learn about the Little Endian byte order (CO uses this) and you might as well see what that means in comparison to Big Endian byte order.
2. For decrypting/encrypting you'll need the sequences which haven't changed since Day 1 of Conquer Online.
3. Learn about the use of byte objects and write a simple program using your encryptions/decryption to simply filter/display all decrypted CO packets.
4. Once you've done that, just experiment. Look at packets and find out what happens when you do something - like jumping and/or attacking, for example.

L3r0y~J3nk1n$ · 03/09/2008, 09:15

Hahaha thanks bro, is that how you figured this stuff out?
I've read the packet encryption thread by lowfyr and came away confused LOL didn't make any sense.
I think #3 will be the hardest for me... I don't know any programming languages.

Oh well, I'll give it a shot.

Korvacs · 03/09/2008, 09:34

i would download a few private server sources, if not to setup and use, but so that you can see various ways of laying out packets within a programming enviroment

it should also give you a greater understand on how to create a proxy, since a server is basically a proxy, the only difference being it doesnt forward the packets onto a designated server,

caff along with others have been stabbing away at conquers packets for a long long time now, having worked on various servers and proxys his knowledge is like off the scale, but not everyone is perfect, i would imagine theres some stuff he doesnt know :P

bone-you · 03/09/2008, 13:24

If I might ask, what language are you going to be using?

iliveoncaff2 · 03/09/2008, 19:34

Quote:

Originally Posted by Korvacs

but not everyone is perfect, i would imagine theres some stuff he doesnt know :P

[liar]Nope, I'm 100% perfect.[/liar]