hi all reverser gurus.

Im reversing a multiplayer server of a very well known game.

Im interested mainly in comunication protocol between client/server. I decoded almost 90% of protocol, now I want to change some packets and send it back to server to see what happens.

Im using Clearsight for packet sniffing but Iīve found not too much useful cause I canīt modify packets, only watch them.

So, here is the question, which tool should I use to sniff this thing??

if you want to modify packets on the fly and have it be very customizable like
"if *(header+0x10) == 0x6E then *(header+0x4C) += 0x08", then you're probably best off coding your own tool with winpcap.

if you're just looking for passive sniffers though, iris (www.eeye.com ("http://www.eeye.com")) and/or ethereal should suffice

hi!

have you seen C0mmview of Tam0soft?, i 've used it for years and works great for me

regards!

Best approach to modifing packets for those sort of games is to create a simple program that accepts input packets and passes them on to the internet

That way you configure the game to connect to your interface which then handles the packets being transferred between client and server. Similiar to a Proxy Client. If the client won't let you connect to the local machine then use a lan and connect to another machine which has internet access. That way you can easily decompile the packets.

Note that these packets typically have checksums associated with them. Best way is to slowly tweak the specifications as requried while recalculating the required checksum.

umm, i forgot about an app called "PacketForge" by famous Aphex,

try to find it in iamaphex.cjb.net

regards friends!

I recommend WPE PRO 0.9A (XP)

You can get it here: http://membres.lycos.fr/tsearch/cheattools.html

Don't use 1.3 if you have XP, 0.9A is the latest for XP.


From the help file:

Thanks for all advices guys, it saved me lot of time!!