| View previous topic :: View next topic |
| Author |
Message |
Ax3l
Cheater
![]() Reputation: 1
Joined: 22 May 2011
Posts: 37
|
 Posted: Wed Aug 24, 2011 5:51 pm Post subject: Manipulate http requests ? |
 |
|
Is there any way I can breakpoint http responses(I meant that not requests) and manipulate them before they are received ? I want to do this in C++
I assume this is very complex 
_________________
|
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 204
Joined: 25 Jan 2006
Posts: 8580
Location: 127.0.0.1
|
| Posted: Wed Aug 24, 2011 10:45 pm Post subject: |
|
|
What would be the point of altering them? Whats shown to you wouldn't really make much of a difference if you edited it since it's already sent from the server so it's just visuals at that point for you. Editing it would have no effect on anything server sided.
Better question would be what are you attempting to do?
_________________
- Retired. |
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Fri Aug 26, 2011 4:30 am Post subject: |
|
|
Well potentially editing stuff client-sided can help you hack things. For example, let's say the server returns to you the position of monster X. You edit it so client-sided the monster appears to be next to you. You then hit it (which the client allows because it is only checked for proximity). Bam, we send back to the server we just bashed a monster.
Now this kind of exploit relies on the game being 'badly' coded such that it will allow you to call the procedure for sending the attack packet without checking on the server first (this is normal). What is unusual, and what you would be exploiting is the fact that the server does not make a check for the coordinates when it receives the packet. I wouldn't say this is common but there have been cases where this has been exploited successfully, and at the same time it's surprisingly not that rare.
In response to the question what you are probably looking for is the wrapper procedure which constructs the packet after the bytes are received from the raw socket. At the socket level you'll have to deal with encryption, filter out packets you're not interested in and a heap of other madness. If you debug back up the stack when you find a packet you are interested in, you should be able to get the decryption routine where it is transformed from raw bytes to the game's packet structure and that is where you want to place your hook.
|
|
| Back to top |
|
|
Ax3l
Cheater
![]() Reputation: 1
Joined: 22 May 2011
Posts: 37
|
| Posted: Tue Aug 30, 2011 5:34 pm Post subject: |
|
|
Okay I will try to make my question easier(I did this with fiddler and it works just like I want to so there should be some way to do it)
this is what I did in fiddler:
I set breakpoints before requests
I let it break on response
Edit it
let it resume
So; Break on response , edit and resume , all over HTTP
I have some additional questions: how do I get the process of that response/request
Lol I really know shit about HTTP in programming
_________________
|
|
| Back to top |
|
|
HomerSexual
Grandmaster Cheater Supreme
 Reputation: 5
Joined: 03 Feb 2007
Posts: 1657
|
| Posted: Wed Aug 31, 2011 7:29 pm Post subject: |
|
|
like Slug said, you need to hook the raw sockets, process every packet through (presumably port 80), and filter which ones you want to change. Change those ones, and let the others pass through unmodified to their destination.
_________________
|
|
| Back to top |
|
|
Slugsnack
Grandmaster Cheater Supreme
![]() Reputation: 71
Joined: 24 Jan 2007
Posts: 1857
|
| Posted: Thu Sep 01, 2011 1:53 am Post subject: |
|
|
| No don't hook the raw sockets. Hook the wrapper functions to them, it'll make your life a lot easier.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
