View Full Version : Editing raw packets
Obelix1987
May 28th, 2005, 08:03
Hi im new to this olly thing and im trying to learn how to edit raw packets. For example when i type a message with "hi" then how can i change this message to like "go away". Ive read a little and it has to do with brakepoints... . Can anyone help me out with a nice guide how to do this? As far as im now, i can open olly then somehow i cant attach the game im playing but i can open it. (its attachet then too right?) After that i get a message that the process is terminated and i press f9 the problem is that olly keeps saying the procces is terminated.. i can still play the game.. but olly says "terminated" damm i need some serious help. Any help is appreciated.
xcracx
May 28th, 2005, 13:18
ok first of all your game has a luncher...
1) you have to run the luncher executable for running the game
2) your game has some kind of memory protection options:
a. some kind of gamehack protect like NProtect,HackShield, IOProtect.. etc
b. a dll is injected by the luncher that prevent the game to be attached or seen by the taskmanager
c. debugger protect.. (try using HideOllydbg plugin, but i think its more like those two options above)
NOTE: if it has any of those cases you need to bypass the protection
in this case... you need to check if the file is Packed(crypted) which then
you need to unpack(decrypte) it to view the orginal code that is able to get bypassed
3) after all that.. for changing the msgbox text it can be like:
a. most of the cases it will be : PUSH EAX(for msg text) so you'll need to create a code cave that will pop your own msgbox.. (that you will create in another offset)
b. it will have a call that sets the text string (change it lol)
c. otherwise look at the code and post it here then
wish you luck,
xcracx
xcracx
May 28th, 2005, 13:26
if you did not ment to msgbox .. now that i read your post again
i think i might made a mistake and explained you something else
anyways.. you need to check if the file is packed then unpack it..
then look at the code and
1) get the routine that sends your packet to the game host then you'll need to program something that uses that routine (depend on the programming language)
2) use WPE filters.. and replace the "hi" msg packet with "???" msg packet..
Obelix1987
May 28th, 2005, 16:44
Thnkx im gonna try a little more with youre answer and yes this wasnt just for a message... you are betweens the lines and did see it right that well we'are trying to duplicate certain items. The problem is that figuring out how to dupe isnt the problem (atleast i think that) but getting the program to work/attach that was the problem. Thnkx anyway now i can do like mre with olly (atleast the first step :P)
Obelix1987
May 28th, 2005, 16:50
But about the memory protect, the game that im refering to is rose online and i dunnot know if this is protected and even not how. Any suggestions how i could figure this out?. And i can see it in the taskmanager , but i just can attach it.
xcracx
May 28th, 2005, 18:05
so for my opinion it has some dll injected
humm have you tried to use HideDebugger Plugin?
what error excatly do you get? (if its on olly attaching list.)
1bitshort
May 29th, 2005, 01:52
Welcome to Cracking 101
skyally
May 29th, 2005, 02:38
这里发中文可以吗?
Obelix1987
May 29th, 2005, 05:23
Where ca i download this Debugger plugin, cant seem to find it.. btw did some tutorials on ollydbg (especially on cracking serials etc, took me on day and now i understand alot more of olly.) Only problem cant find alot of tutorials on how to bypass/find thing with attach.... so ill have to find it out myself. Anyone who can give me a link on where to download the plugin, cant find a working link...
THnkx
Obelix1987
May 29th, 2005, 05:30
nvmind found a working link and got the plugin/dll in my olly folder ... gonna try if i can attach trose to olly.

.... still can get it attached... it says; unable to attach to process Trose...
this debugger is againt dll injection or do i need to do smething completely different for fighting against dll injection.
GOT it; just use processguard and then i can attach it , tnkx you guys.
Obelix1987
May 29th, 2005, 07:06
Next thing :P... ok ive attached olly to my client and set a breakpoint on send. Then i logged in and olly popped up, show at the TOS the location of the send call. Then im stuck there are like 3 codes;
0BF4FF80/00404B00/ Call to send from Trose.00404AFB
socket = 168
data = ... bla bla
so on but the main thing is the code in TOS so ill have to use eather 0BF4FF80
... 00404B00 or 00404AFB to get directy on the send call... now i press ctrl + g and then i use one of the codes.. but them im stuck can anyone help me out with the next step.. when im on the send call i need to see the encrypted packets *dont know where* and next ill have to find the clients send function, but how do i find the clients send function ? ....
xcracx
June 5th, 2005, 16:25
gets the code that sends packet to the internet
should be call that is using the send function which i think you already found
find the code the creates the packet and tells the send routine you've found the specific data
and change it at will btw....
give me your msn messenger for more help
crspyjohn
June 5th, 2005, 19:40
xcracx im working on the same thing and im at the same part heh could you help me out?
crspyjohn@hotmail.com
gulan
June 6th, 2005, 17:42
can you help me out as well? chensongfeng@hotmail.com
eman
June 6th, 2005, 18:45
same problem oooemanooo@hotmail.com tx
steveleeht
June 7th, 2005, 03:50
same problem with me too ~
steveleeht@hotmail.com
THX~ alot
xcracx
June 8th, 2005, 05:23
hum lol...
i've added you guys.. i won't help ppl that has no clue
what im talking about...
remember im not gonna teach you how.. i will help ppl that is knowladaged
hope you will know what your talking about
not only "I wanna hack a game what should i do?"
xcracx
fang_3000
June 15th, 2005, 17:50
hey, im interested to get around hackshield
do i have to use c++ to get pass?
Bob
June 20th, 2005, 13:55
1bitshort
Welcome to Cracking 101
Yeah.. I thought it was naughty to talk of cracking ?
xcracx
June 21st, 2005, 05:02
fang its off topic
and you need to bypass the dll injection from hackshiled folder
hackshiled injecting an dll from its folder to the applaction
that prevent locking it by normal lock.. need to use special hooking
you need to bypass the injection then make Knights Online work
without the injection
if its knight online you need to unpack it 1st
xcracx
Erick
June 21st, 2005, 12:11
Hi xcracx can you give me hand too? i'm trying the same as the guys but i found some points of interest, can you give me a hand too please

msn: cyberbrand@hotmail.com
liew985
June 21st, 2005, 21:03
xcracx
I need help in editing raw packet.
Can you add me?
msn : lkm985@icqmail.com
neonrt2
July 1st, 2005, 19:24
xcracx...
any chance you know of a good "how to" or where to find the info..
i've never been one to just take a download to make something work.
I'm tring to get Knight Online to work without hackshield...
then I'll do my own searching for offsets..
I'm stuck on blocking this DLL inject.
Neonrt2..
blah415
November 11th, 2005, 13:31
hey xcracx if you wouldnt mind adding me to your msn i would like to discuss something about hackshield if you dont mind.
xamaniac@yahoo.com is my msn
thanks
hcong
January 4th, 2006, 10:36
i m interested in crack games too ~
hcong85@hotmail.com
thx 1st
olidibag
February 13th, 2006, 16:40
hi...if someone tells or tech us how the hackshield bypass i am very please...
first 谋 unpacked the knightonline.exe and launcher..
then run with olly but olly terminated kolauncher.exe....so i didnt do anything because hackshield is running knightonline.exe....
so please help me about bypassing hackshield...
how can i this.....help me please...
thx..
Obelix1987
February 17th, 2006, 20:02
@ Crack add me Mike.Taselaar@gmail.com.. I know its some time ago, but I really wanna understand this better.
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.