Automated Packet Reverser
Started by tbjoker


Rate this topic
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5


4 posts in this topic
tbjoker
Junior Member
**


0
10 posts 1 threads Joined: Nov 2014
19-03-2015, 08:27 PM -
#1

I did some progress on my automated packet reverser, but still does need some work. It doesn't support function call following, however that'll be added soon.. Function calls = ERROR
<p href="<fileStore.core_Attachment>/monthly_2015_03/ss+(2015-03-19+at+08.17.17).png.7aaef98874086e4976914a08dfd408e3.png">[img]<fileStore.core_Attachment>/monthly_2015_03/ss+(2015-03-19+at+08.17.17).thumb.png.cc7dc5ace5d5b4b250f8a1878286ed93.png[/img]

Polymo
Someone who thinks he can code
****


0
328 posts 39 threads Joined: Sep 2014
19-03-2015, 08:39 PM -
#2
looks like a nifty tool. Currently we are using a generated sdk that almost has all information needed, we just need to open ida or ollydbg to see what the packets expect or where they go. The harder part is to find out how the values are used.

tbjoker
Junior Member
**


0
10 posts 1 threads Joined: Nov 2014
19-03-2015, 08:49 PM -
#3
Locate base pointers and then track the values maybe? :x just throwing out ideas.. I mean even if the information is incorrect after the read (It wont fail instantly as memory works that way) having the base pointers you can track them and see which functions are using them.. and where, then you know what type of variable it is etc.
 
Edit:
This is probably something you'll have to do since you'll probably want to hook the game up onto your own DLL so that you can add content and change logics etc.. Fix bugs.

This post was last modified: 19-03-2015, 08:50 PM by tbjoker.
Saltiel
Retired dev
***


0
122 posts 3 threads Joined: Sep 2014
19-03-2015, 08:50 PM -
#4
What would be awesome is if your generator generated an output in Wiki format in order to easily update what we found about a packet! With one page by packet category (one page for every packet would be too huge and hard to maintain). I don't know if it's easy or not, but I think that could be very handy. [Image: default_smile.png]
 
Edit: Btw tbjoker I would be very interested to learn how to program codes like that! The only thing I managed to do in programming RE is dll injection. I have no idea about pointer tracing etc...

This post was last modified: 19-03-2015, 08:52 PM by Saltiel.
tbjoker
Junior Member
**


0
10 posts 1 threads Joined: Nov 2014
19-03-2015, 09:02 PM -
#5
Well there's alot of things to consider... You might want to make an interface for a class, or just inject a DLL, or just have a detour manager for functions.
Pointer tracing is actually really easy.. There's alot about it on the net, and I mean... you wont have any problems understand it, and its needs.
But for right now my tool only tries to evaluate which types of data that are read, i mean a DWORD could be Float, Int, unsigned int, etc. you know, so once it computes the data perfectly I might make it store it in a "wiki" format so that a human could edit etc..



Forum Jump:


Users browsing this thread: 1 Guest(s)