Possible cps hack? like the old money hack?

~~andrewxxx~~ · 01/11/2012, 11:34

hey wait jacob i dont really think u got what i mean
what i mean is
ill send to his client with packet seal/encryption AS IF IM THE SERVER
the server will send him 0 cps but after that ill send him 107k cps so he will be seeing the 107k (about how to send to his client , its exactly the same idea how the proxy send to u)
so if the proxy works like this
client >> proxy >> server >> another client
it will be
client >> proxy >> server >> another client THEN proxy >> another client
----
yup it worth it he is rude and all the time insulting me so f it
----
again cuz maybe u didnt get what i mean
how the proxy works ?
client >/< proxy >/< server
so the proxy can send data to the server as if he is the client
also the proxy send me data AS IF ITS THE SERVER
so what im saying is ill let the proxy send to his client data AS IF HE IS THE SERVER
how he will be the server ? simply the server encryption and the server seal key
proxy isnt just encryption ? yup it isnt , BUT IF U KNOW THE Cryptography(BF/DHkey) u dont really need coAI to send packets and data , with no offence to coAI he always include it in anything he is talking about , even if i told him the condom got broken he will say use coAI and she wont get prego !
so yes u can send him packets (not from ur client but by any tool/proxy not must coai as he said)
i guess all he want is every one make a login , bend down u will get much -.-
banned or infr. for me insulting him is something i should be proud of -.-
and here , u will be server if u r able to send packets for/from all players , the point is how u will reach his client
aka now im getting packets from private server and sending to it
source 46.214.23.160(SERVER):9958 Destination 192.168.1.4(CLIENT):56897/56898
and this packets was saying someone added in our trade 0 cps !
now if i sent to him from PROXY to his CLIENT packets
and this packets saying that one added in our trade 99999 cps !
what he will see on his client is 0 THEN 99999 cps ! , server dont know about what i did , and when he send his accept it will be to the server so the trade will be clean and legit
maybe there is no way to send to his client from the proxy , maybe im fully wrong , my socketing and encryption knowledge is 0 on scale of 0-10 , but if in future i knew its wrong and i can get back the time ILL TYPE THE SAME I JUST DID

~~I don't have a username~~ · 01/11/2012, 11:58

Quote:

Originally Posted by andrewxxx

hey wait jacob i dont really think u got what i mean
what i mean is
ill send to his client with packet seal/encryption AS IF IM THE SERVER
the server will send him 0 cps but after that ill send him 107k cps so he will be seeing the 107k (about how to send to his client , its exactly the same idea how the proxy send to u)
so if the proxy works like this
client >> proxy >> server >> another client
it will be
client >> proxy >> server >> another client THEN proxy >> another client
----
yup it worth it he is rude and all the time insulting me so f it
----
again cuz maybe u didnt get what i mean
how the proxy works ?
client >/< proxy >/< server
so the proxy can send data to the server as if he is the client
also the proxy send me data AS IF ITS THE SERVER
so what im saying is ill let the proxy send to his client data AS IF HE IS THE SERVER
how he will be the server ? simply the server encryption and the server seal key
proxy isnt just encryption ? yup it isnt , BUT IF U KNOW THE Cryptography(BF/DHkey) u dont really need coAI to send packets and data , with no offence to coAI he always include it in anything he is talking about , even if i told him the condom got broken he will say use coAI and she wont get prego !
so yes u can send him packets (not from ur client but by any tool/proxy not must coai as he said)
i guess all he want is every one make a login , bend down u will get much -.-
banned or infr. for me insulting him is something i should be proud of -.-
and here , u will be server if u r able to send packets for/from all players , the point is how u will reach his client
aka now im getting packets from private server and sending to it
source 46.214.23.160(SERVER):9958 Destination 192.168.1.4(CLIENT):56897/56898
and this packets was saying someone added in our trade 0 cps !
now if i sent to him from PROXY to his CLIENT packets
and this packets saying that one added in our trade 99999 cps !
what he will see on his client is 0 THEN 99999 cps ! , server dont know about what i did , and when he send his accept it will be to the server so the trade will be clean and legit
maybe there is no way to send to his client from the proxy , maybe im fully wrong , my socketing and encryption knowledge is 0 on scale of 0-10 , but if in future i knew its wrong and i can get back the time ILL TYPE THE SAME I JUST DID

You cannot send data to a client as if you are the server, because the client is not connected to you LOL. Do you know how sockets work?

To send a packet to a client, the client needs to be connected to you.
To get a connection from a client you need to bind your server to a port.

Server/Client sockets work like this

Code:

//This has to be done before you can receive/send any packets server side
Server.Bind()//binding the server to a specific ip/port whatsoever
Server.Listen()//listening for connections
Server.BeginAccept()//beginning to accept connections

//This has to be done from the client to the server
Client.Connect()//Connecting to the server using a specific ip/port
Client.BeginReceive()//Beginning to receive data from the server you are connected to

Server.NetworkClient.BeginReceive()//The networkclient (Client at serverside, which begins to receive data from the client (This is still the server, but you assign every client with such one to handle their data, this sooner used as Game Client or whatever.)
Client.Send(PACKET) OR Server.Send(PACKET)//Sending packets to either the client or the server.

You see the clients are not connected with each other in any way and for that reason you cannot send your own packets pretending to be the server between a client and a client, you can send a packet to the server and let the server send it to the client.

Before you talk more bullshit about it, please go read up on socket programming.

~~andrewxxx~~ · 01/11/2012, 12:30

Quote:

maybe im fully wrong , my socketing and encryption knowledge is 0 on scale of 0-10 , but if in future i knew its wrong and i can
get back the time ILL TYPE THE SAME I JUST DID

bullshit dont bother reading

Spoiler

so client wont receive what u send if there is no connection ? , well cant u edited in the packets the server sending to this client ?
well anyway thanks jacob but that was what i thought of without knowing a shit about socketing but hell how this is related to what we talking about ?
we talking about using coai as proxy or using any other program to send the packets to the server , what the proxy is ? program sending packets

well u r right i should not talk a shit about what i duno but before u smile check this quotes again

Quote:

maybe there is no way to send to his client from the proxy , maybe im fully wrong , my socketing and encryption knowledge is 0 on scale of 0-10 , but if in future i knew its wrong and i can get back the time ILL TYPE THE SAME I JUST DID

Quote:

when demon17 send his case tq know nothing about what the scammer did as there data base isnt effected with this
and that is the most i believe

but yup its my fault i was talking about something im not really perfect at -.-

~~I don't have a username~~ · 01/11/2012, 12:45

Well the server is authenticating the clients. You can send packets to the client, but they have to be legitimate, unless you find an exploit that allows you to send other data than you usually should. Reminds me when I made a proxy to send custom chat messages for 5165 pservers, because they had no checks on chat types lol.

~~andrewxxx~~ · 01/11/2012, 13:07

Quote:

You can send packets to the client, but they have to be legitimate

how legitimate ?

~~I don't have a username~~ · 01/11/2012, 13:13

Quote:

Originally Posted by andrewxxx

how legitimate ?

1. Correct Structure
2. Correct Size
3. Correct Packet Type (Aka. PacketID.)
4. Correct Encryption

The packets do not tell what client to send to, but some packets contains an UID, which is the target where the packet is going to and most packets have to fit the senders UID with the receivers, unless it's attack/spawn etc. then you send it to a range of UID's, but again you still do not have a directly connection between the clients, so everythin is going through the server, which identifies the clients and then do whatever it have to do.

~~andrewxxx~~ · 01/11/2012, 13:18

Quote:

1. Correct Structure
2. Correct Size
3. Correct Packet Type (Aka. PacketID.)
4. Correct Encryption

that's the point we was talking about earlier which is send packets throw a proxy or without , without proxy u need to figure those all out but with the proxy they will be already done in this proxy

Quote:

but again you still do not have a directly connection between the clients, so everythin is going through the server, which identifies the clients and then do whatever it have to do.

no need for a directly connection , its just one packet to let him see a fake number , its like this

server talks to him said that the scammer added 0
u talk to him saying that scammer added 99999
its just one packet which he wont even answer it

any dam way ill stop talking about this till im good enough in socketing to argue about it

~~I don't have a username~~ · 01/11/2012, 13:27

Quote:

Originally Posted by andrewxxx

that's the point we was talking about earlier which is send packets throw a proxy or without , without proxy u need to figure those all out but with the proxy they will be already done in this proxy

no need for a directly connection , its just one packet to let him see a fake number , its like this

server talks to him said that the scammer added 0
u talk to him saying that scammer added 99999
its just one packet which he wont even answer it

any dam way ill stop talking about this till im good enough in socketing to argue about it

Ermm you don't get it. The money is stored serverside and not stored in any packets send from client -> server. So he cannot add whatever value he want. Also every client have their own encryption keys etc. You would understand it much better if you looked into how a PServer was actually build, because you would understand how the server works.

~~andrewxxx~~ · 01/11/2012, 13:35

Quote:

Also every client have their own encryption keys etc.

?
every client got its own encryption keys ? thats new info i never knew

well here , i guess u dont get what i said , we wont show him what is in the trade
simply here
what happens once u r trading someone and u add money ?
u sent to server saying u added money , if there is enough money for this it let it and send this info to the other side who is trading
right ?
what im saying is ill send another info after/instead of tq packet
i believe this packet dont need an answer it just tell the other side who is trading how much the other added
so we dont need the server to check about the money cuz the reality is 0 cps but the other side is seen fake packet

hey who else think that what im saying is totally bull **** ?

Captivate · 01/11/2012, 14:44

Been there, done that with CoAI indeed.

OELABOELA · 01/11/2012, 15:42

Quote:

Originally Posted by andrewxxx

?
...
hey who else think that what im saying is totally bull **** ?

I do. You are spamming threads with egyptian trashtalk. Please, use proper english and don't think you know everything about conquer, because you DON'T. Even i don't, and i've been here for a while.

So don't post to tl;dr post that are so trashy that we don't bother reading it even more.

cristi2092 · 01/11/2012, 16:19

wtf do you say here.THe thread it that if exist anything that can hack cps.Yes it is but you can't get it

~~I don't have a username~~ · 01/11/2012, 18:00

Quote:

Originally Posted by andrewxxx

?
every client got its own encryption keys ? thats new info i never knew

well here , i guess u dont get what i said , we wont show him what is in the trade
simply here
what happens once u r trading someone and u add money ?
u sent to server saying u added money , if there is enough money for this it let it and send this info to the other side who is trading
right ?
what im saying is ill send another info after/instead of tq packet
i believe this packet dont need an answer it just tell the other side who is trading how much the other added
so we dont need the server to check about the money cuz the reality is 0 cps but the other side is seen fake packet

hey who else think that what im saying is totally bull **** ?

There is more than one encryption used in Conquer lol. Ermm there is the password seed etc. it has to be random and whatsoever.

When you trade someone and enters a value, then it sends a packet to the server with the value and the server checks at your character if you actually have that much and then it sends the packet to the client you're trading, but not the same packet.

Example:
Client with 1000 cps he enters 500 cps in the trade.
The packet gets send to the server, it might handle it something like

Code:

if (Client.CPs >= Client.TradeCps)
{
//send packet to the trade client
}

There is no way you can just put whatever value you want lol.

~~andrewxxx~~ · 01/11/2012, 18:22

kool thanks jacob , ill get old p.s and 2 clients and try this (before that ill read some more)

~~pro4never~~ · 01/11/2012, 18:57

Quote:

Originally Posted by andrewxxx

////////

Edited and infracted

Here I hoped that people were finally learning at least the BASICS of client>server communication but apparently not...

It's been discussed slightly in this thread already but here's the thing..

#1: Client and server use encryption

This should be obvious but to some people it apparently isn't. In order to create/modify packets pretending to be the client/server you have to be able to either place a proxy in between the traffic (man in the middle attack) or directly hook into the client's send and receive methods (hook/memory based hacks).

This lets you send whatever you want but it does NOT mean you can do whatever you want. This leads to point 2.

#2: Client>Server

Your client ONLY has a connection to the server... you cannot send anything to any other clients. That's simply not possible.

You send packets to the server. The server then validates these packets and based on what you sent and its own checks decides what to do. In the case of SOME packets this means it will send a packet to another client. This does not meant that the new client gets what you sent to the server!

#3: Tq may be dumb but they aren't completely retarded.

Server checks over MANY things. This includes stupidly simple checks such as how much cps you have. If you try to trade more then you have it obviously won't work.

#4: There are lots of holes in programming

Finding and exploiting these holes can be done and that's how exploits are made.

#5: CoAI as a hack development tool

I haven't used CoAI but it's already a proxy inbetween the client and server, it allows you to log/send packets and it allows for scripting... This means you can write your own bots using the CoAI scripting framework. This does NOT mean that the exploits you write for CoAI are "only possible" by using CoAI, it just means that you wrote them for that system as it was an easy and effective way of implementing your hack!

#6: Non Public Encryption

Encryption is not currently public for the current client. This means that the paid bots, or writing your own hook based bot are the only likely way common people will be able to directly interact with conquer client<>server packets.

Annndddd done ranting for now. I don't have time to do more cleaning on this thread right now but please guys... stop randomly attacking eachother for no reason Z_Z