idcwhat
-
Posts
1 -
Joined
-
Last visited
Everything posted by idcwhat
-
Help/Support Any tools for hacking server sided games?
idcwhat replied to Iv4n125's topic in Help & Support
So before we learn, lets talk about client side and server side. Any data process and executed by the client is client sided Any data processed by the game's server or any other computer is server sided. What we need is a tcp proxy. Lets pretend our client'S source ip is 0.0.0.0 port 123 While server's source ip and port is 1.1.1.1 port 000 So we get the tcp proxy,and navigate to our game. We capture a packet, and it gets a breakpoint or pauses. The packet consists of gold and cash.7 The server (1.1.1.1) has sent the client(0.0.0.0), Gold and cash. During the breakpoint we edit the gold value to 999999999, and we also edit our client's ip and port to the server's. Then we submit the packets through the network. The data and changes are then processed on the server's computer and not the client's If you think about it, we spoofed the server's machine basically. Also spoofing itself defintion wise, is gaining unauthorized access to computers; and other words illegal access. You also need to know gaining access to the server's computer is a way to hack erver sided games, but we access it in the ip headers sort of, and injected data to it. Another fact that adds up to the exploit is: If you ever use the server's computer of the game, and packet edit on its own computer the gold or cash you change would be viewable to everyone in the game. Also the source ip for the server would be the same for the destination in the gold and cash packet, since you know, youre on the game server's computer. Speaking of identical source and destination Ip. When we spoofed our client's ip to the server in the headers, the source and destination was the same for the server as well, when we injected it through the network. Its the same exact thing if you were to packet edit on the server's computer, since it would have the same ip for src and des. So try this put please guys, ive never seen any similar idea, which i feel like it works. Plus ive spoofed my source ip and port to my friend's, and he was able to see my unusual gold changes like 9999999, but i wasnt. If he can have it processed on his computer,game's computer can too. Game server computer is no different than myy computer or yours. Read more: http://www.bitshacking.com/forum/exploits-vulnerabilities/115507-hack-any-server-sided-game-value-educational-purposes.html#ixzz3qBK5I4Rb