Jump to content
  • Sky
  • Mint
  • Azure
  • Indigo
  • Blueberry
  • Blackcurrant
  • Watermelon
  • Strawberry
  • Pomegranate
  • Ruby Red
  • Orange
  • Banana
  • Apple
  • Emerald
  • Teal
  • Chocolate
  • Slate
  • Midnight
  • Maastricht
  • Charcoal
  • Matte Black
Sign in to follow this  
Swagter123

Tutorial How To Hack Some Online Games with Charles Proxy

21 posts in this topic

Recommended Posts

Requirements:

  • PC/MAC with Charles Proxy installed
  • Brain (most important)
You can find tutorial how to set up charles proxy and connect your device to it here in Tutorial section, just search "Charles". I hope you dont need tutorial how to use search default_biggrin.png

 

Ok, now seriosly: be ready that 95% of what you wanna hack you cant hack, there are many reasons: strong protection, hashes, checks, your low lvl knowledge, etc. So dont give up, search and you will find

 

Now lets start learning that "easy" hacking style

Lesson 1: Traffic Monitoring

First step is to find what we can hack, it look like that

9e95gps.jpg

 

1 - Main structure where we can see url's

2 - Content (request, response) is the place where we search things to hack and copy them to create rewrite rules

* "unknown" means that traffic is protected (SSL/TSL), press right mouse button on url and select "SSL Proxying", if its symmetric SSL you will see content in next packet, if assymetric you need to hack server and get private key (good luck default_lol.png ) if you enabled SSL and still cant see what inside packet i recommend you to turn off SSL to that url coz it can block packets.

 

I will not explain how to find what you need, its individually to every game you wanna hack, so look everywhere (request, response, headers, even url's can contain useful stuff)

 

When you find anything useful you neet to try hack it and we go to lesson 2

 

Lesson 2: Creating rewrite rule

Go to "Tools -> Rewrite" and you will see that (but empty)

C8TcUtM.jpg

It contains 3 main blocks

1 - Here you add Set's and see names of your sets

2 - Here is url's list, it's different to every set

3 - Here is rewrite rules

 

Now how to add rewrite rule step by step

  • Press add button in block 1 to add your first set
  • Now wery important part, all rewrite rules in that set will be applied only to packets with specific url adress and i recommend you dont ignore that, coz if you will leave block 2 empty rules will be applien to all packets that goes thru charles and it can cause a probles. Take url from block 1 lesson 1, you can add it like i did (room.tankdomination.com) or more specify like room.tankdomination.com/battle/ (just example)
  • Rewrite rules block, here we add rules and that is most important part, so we move to lesson 3

Lesson 3: Rewrite Rule

How it look like

A1LnoVl.jpg

 

1 - Here we select location of information that we want to change (it depends on where you find useful stuff to hack, so select carefully (you can see what type to select in block 2 from lesson 1)

2 - Here is match value, where you enter what you wanna to be rewritten

3 - Here is replace value, what you will got after replace (replace first/all - depends on what you hacking, for example if you hacking HP and your and enemies HP in one packet "Replace all" will cause everyones HP to be modified)

 

Now more info about replace hacking:

Important: when you take something to replace from request/responce always turn to "Text" type of view (block 2 from lesson 1 lower part)

 

For example you wanna hack resourses and found something like that in request/response

gold=100,wood=20,rock=15
if you just put that values to rewrite match field only that values will be replaced and if your amount of gold will be 101 nothing will be replaced. So to replace values that always changed you need enable "Regex" in 2 block and input in match field
gold=.?[0-9]{1,},wood=.?[0-9]{1,},rock=.?[0-9]{1,}
What that mean: .? mean that replacing value unknown, [0-9] mean that it contains only numbers and {1,} mean that it contains any amount of symbols

Next you just input in replace block something like that

gold=999999,wood=999999,rock=999999
And values will be replaced.

 

______________________________

 

Another example, you playing RPG and find out that you can edit equipment and got something like that

Player(Armor=NoobArmor,Weapon=StickOfPainInAss,HPpotions=5,MPpotions=5)
Like in previous example, better to use regex coz if any of item/amoun will be changed charles will not apply rewrite. So you input in match field that
Player(Armor=.?[a-zA-Z]{1,},Weapon=.?[a-zA-Z]{1,},HPpotions=.?[0-9]{1,},MPpotions=.?[0-9]{1,})
So [a-z] and [A-Z] means that value contains upper and lowercase symbols from a to z

Now you replace it to something like that

Player(Armor=GodOfDefence,Weapon=SwordOfWorldDomination,HPpotions=500,MPpotions=500)
Yeah, now you are cool default_cool.png

 

______________________________

 

Ok, now example, where some values need to be leaved as they are, like

PlayerHP=100,PlayerMP=100,sessionID=12443652,PlayerGold=500,PlayerExp=1000
Here we need to leave sessionID as it is, it happens sometimes that appear values that need to be leaved as they are for any reasons, so in match field we will input that
PlayerHP=.?[0-9]{1,},PlayerMP=.?[0-9]{1,},(sessionID=.?[0-9]{1,}),PlayerGold=.?[0-9]{1,},PlayerExp=.?[0-9]{1,}
you see that i taken sessionID in ( ) - used to create group, and i added .?[0-9]{1,} coz value can be any.

Now we input in replace that

PlayerHP=1000,PlayerMP=1000,$1,PlayerGold=500000,PlayerExp=100000
$1 means that here will be reference group 1 at it is. You can create many groups and put them in typing $1 $2 etc, count from left to right in match field

 

______________________________

 

Now i will show you part of my Tank Domination hack

Here is match value

<tank><stts>(<f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}>(<f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>(<f_.?[0-9.-]{1,}><f0_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>(<f0_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}>(<f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}><f0_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}>(<f_.?[0-9.-]{1,}><f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}>(<f_.?[0-9.-]{1,}>)<f_.?[0-9.-]{1,}>
and rewrite
<tank><stts>$1<f_1100>$2<f_30><f_550><f_450><f_150>$3<f_0.11><f_0.12><f_0.99>$4<f_1.99>$5<f_80>$6<f_0.20>$7<f_0.99>
Why so many groups? Coz sometimes in request/response functions can be without any ID's or names, just <f_1><f_2> etc. that goes one by one. They contains everything, reload time, aim time, power, speed etc but also contain stuff that dont need to be changed. I cant just take <f_*> as match coz it will cause all values to change. What i did... i start match field with <tank> coz all tank info are stored afrer that, than i grouped values that dont need to be changed with ( ), and put in rewrite only what i need to hack with groups between rewritten values.

 

 

And few tips:

  • Be careful, remember that when you replace something you can miss one symbol and packet will be returned with error by server/game
  • When your match value contains ( { [ symbols you cant use regex, so try to take part without them, for example of you wanna replace something like that "[gold=100][wood=100] just create two rewrite rules for each resourse
  • You can input anything inside [ ], for example of your match look like HP=150,5 you input in match field "HP=.?[0-9,] just add any symbol you need.
  • Dont give up default_wink.png

Credits:ISky

Edited by Infamous-Ash
  • Like 2
  • Upvote 3

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • By 0xS14T3R
      hey guys its Nichole
       
      Okay so to crack on ios 11 you need :
      1. this folder
      Hidden Content
      React or reply to this topic to see the hidden content. More info
      2. to make sure you have adv-cmd and core utilities installed from cydia 3. putty / mobile terminal 
      4. igg / gamegem just for pid no other use 
      5. a massive ego 
      Steps
      1. download the file above and extract to /var/root  rename the folder to bfinject.
      2. open putty/terminal  then 
      cd *bfinject 3. open the app you want to crack in my case its battle hand once open then go to igg and find the pid of the app.
      4. back to putty once you have the pid type this 
      bash ./bfinject -P yourpidhere -L decrypt should looks something like this in putty
       


      and like this on device



      once its complete you'll get a message something about net cat just close it
      then your decrypted ipa will be in the documents folder of the app you cracked 
      will be called decrypted-app.app
       
      location is something like this :
      /private/var/mobile/Containers/Data/Application/D943EA5D-E3DA-4D78-A9C5-8EE21061C252/Documents
    • By Anonymonk
      hey guys, 
      i have been breeding dogs all day, so i come with a script to delete your progress, and replace it with a older one, then launch the game.
      very usefull to keep your gear and weapon when you die..
      btw it seem that leveling a dog from lvl3 to lvl4 is base on some count because i was preparing 5 white puppy and 3 black puppy from some lvl3 dogs and no matter how many time i reset my app, i was alway getting a single lvl4 on the second puppi.. no matter witch one..
       
      Step 1
      Open Filza and Navigate to the container data of LDOE app ; /var/mobile/Containers/Data/Application/665F3714-681D-4286-A0AC-65FD12F51CCD/
      Remember every 665F3714-681D-4286-A0AC-65FD12F51CCD are unique random number, your number will be different.
      Create a folder named "backup" and copy/paste the folder "Documents" inside your new folder.
       
      Step 2
      Now go to /bin/ and create a file, named for exemple "ldoe" without extention, open it with a txt editor and paste
      rm -r /var/mobile/Containers/Data/Application/665F3714-681D-4286-A0AC-65FD12F51CCD/Documents/ cp -r /var/mobile/Containers/Data/Application/665F3714-681D-4286-A0AC-65FD12F51CCD/backup/Documents /var/mobile/Containers/Data/Application/665F3714-681D-4286-A0AC-65FD12F51CCD/  
      Be sure that both path match with your directory and not mine 😁
      save it and, in the file's property, set permissions to 777
       
      Step 3
      now lets go to : setting > activator,
       go in "Anywhere" section
      tap "Build" on the upper right and select "icon 3d touch" and select LDOE app.
      again in "Anywhere" section go down to springboard section and select "LDOE icon 3d touch"
      again tap "Build" on the upper right and select "Run command".
      there, as title, type for exemple "LDOE reset" and as command, type : "/bin/ldoe"
      go back and sweep down to the new "Run command" section where "LDOE reset" appear.
      assign it with your 3d touch, and
      go all the way down to the "User Applications" section to add a multiple assignment with "Last day on earth... > activate application"
       
      thats it, it should delete the old data paste the new one and launch the game.
       
      enjoy!
    • By Basmal121
      Instead of typing /var/theos/bin/nic.pl every time you want to run theos...
      1. Open iFile or FIlza File Manager, then navigate to /bin
      2. Make a new file named "theos"
      2. Open file with text editor and Inside the file, type
      /var/theos/bin/nic.pl Note: If You are using Filza Set the permission of the file to 0777. Thanks @Amuyea
      Now, whenever you want to run theos, just type "theos" in any Terminal.
    • By bR34Kr
      Hey there! Today we will learn how to make a UIWebView. A UIWebView is an asset in an app that displays a web page. Let's get started
      Note that we will not create an application, we will add an asset to it. That means your projects needs to be setup before doing this.
       
      Declaration:
      UIWebView *webView = [[[UIWebView alloc] initWithFrame:CGRectMake(0, 0, self.view.frame.size.width , self.view.frame.size.height)] autorelease]; So with our UIWebView *webView we declare a UIWebView named webView. Our CGRect make spawns the view at 0, 0 and makes it the same size as the screen. So on any device it will resize to the screen size  Because self.view.frame.size.xxx specifies what it does, since Obj C uses dot notation we can read it as it follows:
      self.view.frame.size.height = Get height from the size of the frame of the view (Load view)
       
      Calling our website and displaying it:
      webView.scalesPageToFit = YES; [self.view addSubview:webView]; [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"https://www.iosgods.com"]]]; We will add this under our existing code. So we scale the page to fit and we subview our UIWebView. The next line calls the website to be loaded, so I put iOSGods.com to display iOSGods.com in the app  
       
      Hope you learned a thing or two from this and if you have any questions ask it in the comments  
  • Recently Browsing   0 members

    No registered users viewing this page.


    • Administrator |
    • Global Moderator  |
    • Moderator  |
    • ViP Plus |
    • ViP |
    • Cheater |
    • Modder  |
    • Novice Cheater |
    • Rookie Modder |
    • Contributor |
    • Senior Member |
    • Member |
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.