How can I reverse engineering packets? (eg. packet sniffing)

J

jmk396

Gawd
Joined
Jul 22, 2004
Messages
787
I'm interested in writing automation software for an online game (Magic The Gathering Online) but in order to do that I need to figure out what is being sent back/forth between the client and server. I've taken a look at the packets and apparantly they are encrypted/compressed so I have no clue what is actually being sent back and forth.

How does one go about figuring this out?

Apparantly others have figured it out because several "trading bots" exist but I can't find any websites for them...
 
Are we discusssing 100% legal stuff here? If not, you should run and hide. ;) Teh mods don't want this to become a hacking forum. Plus, i don't believe that game is open source, so you probably shouldn't try reverse engineering it. Sounds like a way for someone to quickly pwn a game by cheating.... But maybe that's just me.
 
I use ethereal to watch packets. It's a great program for legal packet sniffing.
 
The ShowEQ project did just this with Everquest, by reverse engineering by packet sniffing. It took them years to develop, and still Sony continually attempts to change the encoding of the packets to break this project. You might learn something by reading over old posts in their developer forums.

However, such is against Sony's terms of service, and anyone caught using such will have their account banned. Many other players consider this cheating as well, as it gives some an unfair advantage over others. I am sure any online service has similar policies.

But basically with any game you are not going to see plaintext human-intellegible information in the packet transactions. Most will be in a binary format and encoded using proprietary protocols. Without in-depth knowledge of how the game's network code works, it will be nearly impossible for an individual to reverse-engineer the meaning of the packets.
 
As the other people have said, Ethereal is a good program to use for packet sniffing and almost every game utilizes its own set of optimized application protocols. If it is using real encryption, good luck cracking it. You would probably have better luck trying to inject code or catch calls utilizing some sort of third party macro software, but this is also likely banned by the EULA and/or local laws. It is a lot of work to reverse engineer protocols for interopability (just look at SAMBA or the BitKeeper fiasco) so I hope you have a lot of sleepless nights available.

-hoka
 
You must log in or register to reply here.
Back
Top