Jump to content

Wireshark and online game data


Stevie

Recommended Posts

I don't know if this is a thing that would be answered but I'll ask anyway.

Attempting to learn a bit of Wireshark and got me thinking about online games. Not using wireshark for hacking them but to see the data they send back for various areas.

For example back in the day with Star Wars Galaxies and now World Of War Craft. The auction houses, would this data, as it's sent back to the client (me) be encrypted? I'm curious as I'm currently playing and enjoying Elite Dangerous. Playing it in the Solo Mode but got me curious if you could see the Commodities Market being sent to your client. If you, could you not take the date to put in a spreadsheet instead of having to note it down for every star port you visit? I've tried to run Wireshark but don't really know what to look for. I do, however, think i see where the data comes in but it does look like it's encrypted, I guess they don't want people taking that data to make an app for it.

Interesting.

Link to comment
Share on other sites

Since there are financials involved, yeah, almost certainly encrypted. You could try to MITM the connection so you might see things in plain text (assuming the client doesn't have the public key stored locally for verification purposes) but it's also very likely to be a custom binary protocol so I wouldn't get my hopes up of making much sense of it in the near term.

Link to comment
Share on other sites

With Elite Dangerous specifically the financials are only fictional and there is no monthly fee or anything like that. But I just had another thought, because their Commodities Market is actually influenced by other player trades then yes, you're probably right, it is encrypted. As real money is involved in WoW that would certainly be encrypted.

Link to comment
Share on other sites

Most games these days send data in a format encrypted and sent to a central server befor going back to other users in multiplayer games, but also compressed; so while it may look encrypted, it might also be that its just compressed for their needs and their netcode to reduce overhead since encryption also slows down gaming speeds and adds more overhead I would think. Probably a proprietary protocol for gamer communication with their servers though, or they could get owned if it was easily sniffed by anyone and modified easily.

My guess is you would probably be better off using a debugger vs wireshark in this case, since you should be able to hook into the program and look at memory dumps and such that expose where and when things happen in the actual program, plain text strings that are only app driven, and not going to show in plain text from wireshark packet data(although we don't have a sample so can't say one way or the others). I wouldn't know where to begin with assembly language debugging, but security tube has some tuts for beginners in looking at data and understanding function calls, stepping over or modifying them, which is similar to testing shell code against vulnerable apps so there is always the added advantage to learning something new in that area as well.

If its data you want to modify, its most likely in memory where you will find what you want to look at though since that should show the unencrypted traffic data(in theory). Once you find what makes it tick, you should then (theoretically) be able to make an app or mod the game to post data to their servers that lets you increase your wallet, add infinite lives or other such type of things related to a game hack. This is also why a lot of games use things like punkbuster, to prevent mods to games and hacks that allow users controls not normally enabled in online gaming but there may already be circumvention methods out there for what you want to look at. I use something in BF4, browser side for example, that lets me change my emblem to any custom avatar I want for the most part, which just requires me to use a browser with console mode capabilities to paste in some JS data against the logged in web portal, and poof, my emblem and in game avatar is now whatever I made it to be for my uniform and vehicles. Probably not that easy with what you are after but I never played Elite Dangerous, so not familiar with how the game works.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...