(adsbygoogle = window.adsbygoogle || []).push({}); You must login or register to view this content.

*Correct me if I am wrong about this, I haven't went packet messing in a couple of months*

// Things in italic I'm pretty sure makes no sense or is wrong

[size='4']// Also this is not the exact way to do it, doesn't show how to bypass checks, following it this way will you get you nowhere unless you know how to complete all pre-tasks (which will not be included because I want it kept secure and out of noob reach)[/size]


Also if you don't understand a raw packet or packet injection then don't read this! If you think you put this into your savefile also stop reading this. You see a source code you compile correct? OF COURSE!




Basically take this source code in a compiler and compile the script (if you don't know how to do that then forget it just please stop reading now).

After compiling continue the concept below the source code.

You must login or register to view this content.

    #define SRC_ETHER_ADDR "aa:aa:aa:aa:aa:aa"

#define DST_ETHER_ADDR "bb:bb:bb:bb:bb:bb"

#define SRC_IP "192.168.0.10"

#define DST_IP "192.168.0.11"



typedef struct EthernetHeader{



unsigned char destination[6];

unsigned char source[6];

unsigned short protocol;



}EthernetHeader;



typedef struct ArpHeader{



unsigned short hardware_type;

unsigned short protocol_type;

unsigned char hard_addr_len;

unsigned char prot_addr_len;

unsigned short opcode;

unsigned char source_hardware[6];

unsigned char source_ip[4];

unsigned char dest_hardware[6];

unsigned char dest_ip[4];

}ArpHeader;





int CreateRawSocket(int protocol_to_sniff)

{

int rawsock;



if((rawsock = socket(PF_PACKET, SOCK_RAW, htons(protocol_to_sniff)))== -1)

{

perror("Error creating raw socket: ");

exit(-1);

}



return rawsock;

}



int BindRawSocketToInterface(char *device, int rawsock, int protocol)

{



struct sockaddr_ll sll;

struct ifreq ifr;



bzero(&sll, sizeof(sll));

bzero(&ifr, sizeof(ifr));



/* First Get the Interface Index */





strncpy((char *)ifr.ifr_name, device, IFNAMSIZ);

if((ioctl(rawsock, SIOCGIFINDEX, &ifr)) == -1)

{

printf("Error getting Interface index !n");

exit(-1);

}



/* Bind our raw socket to this interface */



sll.sll_family = AF_PACKET;

sll.sll_ifindex = ifr.ifr_ifindex;

sll.sll_protocol = htons(protocol);





if((bind(rawsock, (struct sockaddr *)&sll, sizeof(sll)))== -1)

{

perror("Error binding raw socket to interfacen");

exit(-1);

}



return 1;



}





int SendRawPacket(int rawsock, unsigned char *pkt, int pkt_len)

{

int sent= 0;



/* A simple write on the socket ..thats all it takes ! */



if((sent = write(rawsock, pkt, pkt_len)) != pkt_len)

{

/* Error */

printf("Could only send %d bytes of packet of length %dn", sent, pkt_len);

return 0;

}



return 1;





}



EthernetHeader* CreateEthernetHeader(char *src_mac, char *dst_mac, int protocol)

{

EthernetHeader *ethernet_header;





ethernet_header = (EthernetHeader *)malloc(sizeof(EthernetHeader));



/* copy the Src mac addr */



memcpy(ethernet_header->source, (void *)ether_aton(src_mac), 6);



/* copy the Dst mac addr */



memcpy(ethernet_header->destination, (void *)ether_aton(dst_mac), 6);



/* copy the protocol */



ethernet_header->protocol = htons(protocol);



/* done ...send the header back */



return (ethernet_header);

}



ArpHeader *CreateArpHeader(void)

{

ArpHeader *arp_header;

in_addr_t temp;



arp_header = (ArpHeader *)malloc(sizeof(struct ArpHeader));



/* Fill the ARP header */

arp_header->hardware_type = htons(ARPHRD_ETHER);

arp_header->protocol_type = htons(ETHERTYPE_IP);

arp_header->hard_addr_len = 6;

arp_header->prot_addr_len = 4;

arp_header->opcode = htons(ARPOP_REPLY);

memcpy(arp_header->source_hardware, (void *)ether_aton(SRC_ETHER_ADDR) , 6);

temp = inet_addr(SRC_IP);

memcpy(&(arp_header->source_ip), &temp, 4);

memcpy(arp_header->dest_hardware, (void *) ether_aton(DST_ETHER_ADDR) , 6);

temp = inet_addr(DST_IP);

memcpy(&(arp_header->dest_ip), &temp, 4);



return arp_header;

}







/* argv[1] is the device e.g. eth0 */



main(int argc, char **argv)

{



int raw;

unsigned char *packet;

EthernetHeader *ethernet_header;

ArpHeader *arp_header;

int pkt_len;



/* Create the raw socket */



raw = CreateRawSocket(ETH_P_ALL);



/* Bind raw socket to interface */



BindRawSocketToInterface(argv[1], raw, ETH_P_ALL);



/* create Ethernet header */



ethernet_header = CreateEthernetHeader(SRC_ETHER_ADDR, DST_ETHER_ADDR, ETHERTYPE_ARP);



/* Create ARP header */



arp_header = CreateArpHeader();



/* Find packet length */



pkt_len = sizeof(EthernetHeader) + sizeof(ArpHeader);



/* Allocate memory to packet */



packet = (unsigned char *)malloc(pkt_len);



/* Copy the Ethernet header first */



memcpy(packet, ethernet_header, sizeof(EthernetHeader));



/* Copy the ARP header - but after the ethernet header */



memcpy((packet + sizeof(EthernetHeader)), arp_header, sizeof(ArpHeader));



/* Send the packet out ! */



if(!SendRawPacket(raw, packet, pkt_len))

{

perror("Error sending packet");

}

else

printf("Packet sent successfullyn");



/* Free the memory back to the heavenly heap */



free(ethernet_header);

free(arp_header);

free(packet);



close(raw);



return 0;

} 

This code is in c++ for a raw socket (?or packet holder?) which allows you to modify packets given from a gave to save it,edit it, and injected/resend(?) it back into the game server allowing different effects. Taking the raw socket you can now connect with ws/we/wireshark and start the real business.

Caputre:
The packets come by the tens,hundreds,and thousands. One or two packets can contain same data just going to different places. Capture the ammo packet which is fairly easy. Set-up,shoot,capture.

Edit:
The fun part, you edit what the packet does and the instructions to whenever decrease or increase the ammo amount. Therefore you can take the packet that subtracts hex from one place to another and basically put 90's all around the code data. Most programs read hex 90 has 'No Operation'.

Send:
This part is what makes the hack work. Basically just send the edited packet before interval between packet 1 and duplicate packet 1(2) comes in. This takes mere seconds and quite easy. Now test the hack.

Credits:

• Coldblade (myself for this guide)
  
• the_god91 (source code)
  

Edit 1:
#define SRC_IP "192.168.0.10"
#define DST_IP "192.168.0.11"

60% of the time leaving this like that will mess up the process. You need to find a free IP
that other computers don't connect to. Some computers uses 2 IPs, 1 for main networking and another for proxy transfer. Edit the source IP (SRC) and detestation (DST) ip to what suits your settings.

Edit 2:


I had to modify the header a little to prevent noobs from reading this. You don't put this into your save file !>.>!

Good explanation.

yeah um english?!?!?!

OMG! Read.

how do you do this? what do you need and where do you get it from??

For the people who don't know how to do this.
#define SRC_ETHER_ADDR " If your using Ethernet put "your" ip here "
#define DST_ETHER_ADDR " Ethernet, the place you want to send it "
#define SRC_IP " If your using wifi your IP goes here "
#define DST_IP " The destination you want to send it "

typedef struct EthernetHeader{

unsigned char destination[6];
unsigned char source[6];
unsigned short protocol;

}EthernetHeader;

typedef struct ArpHeader{

unsigned short hardware_type;
unsigned short protocol_type;
unsigned char hard_addr_len;
unsigned char prot_addr_len;
unsigned short opcode;
unsigned char source_hardware[6];
unsigned char source_ip[4];
unsigned char dest_hardware[6];
unsigned char dest_ip[4];
}ArpHeader;


int CreateRawSocket(int protocol_to_sniff)
{
int rawsock;

if((rawsock = socket(PF_PACKET, SOCK_RAW, htons(protocol_to_sniff)))== -1)
{
perror("Error creating raw socket: ");
exit(-1);
}

return rawsock;
}

int BindRawSocketToInterface(char *device, int rawsock, int protocol)
{

struct sockaddr_ll sll;
struct ifreq ifr;

bzero(&sll, sizeof(sll));
bzero(&ifr, sizeof(ifr));

/* First Get the Interface Index */


strncpy((char *)ifr.ifr_name, device, IFNAMSIZ);
if((ioctl(rawsock, SIOCGIFINDEX, &ifr)) == -1)
{
printf("Error getting Interface index !n");
exit(-1);
}

/* Bind our raw socket to this interface */

sll.sll_family = AF_PACKET;
sll.sll_ifindex = ifr.ifr_ifindex;
sll.sll_protocol = htons(protocol);


if((bind(rawsock, (struct sockaddr *)&sll, sizeof(sll)))== -1)
{
perror("Error binding raw socket to interfacen");
exit(-1);
}

return 1;

}


int SendRawPacket(int rawsock, unsigned char *pkt, int pkt_len)
{
int sent= 0;

/* A simple write on the socket ..thats all it takes ! */

if((sent = write(rawsock, pkt, pkt_len)) != pkt_len)
{
/* Error */
printf("Could only send %d bytes of packet of length %dn", sent, pkt_len);
return 0;
}

return 1;


}

EthernetHeader* CreateEthernetHeader(char *src_mac, char *dst_mac, int protocol)
{
EthernetHeader *ethernet_header;


ethernet_header = (EthernetHeader *)malloc(sizeof(EthernetHeader));

/* copy the Src mac addr */

memcpy(ethernet_header->source, (void *)ether_aton(src_mac), 6);

/* copy the Dst mac addr */

memcpy(ethernet_header->destination, (void *)ether_aton(dst_mac), 6);

/* copy the protocol */

ethernet_header->protocol = htons(protocol);

/* done ...send the header back */

return (ethernet_header);
}

ArpHeader *CreateArpHeader(void)
{
ArpHeader *arp_header;
in_addr_t temp;

arp_header = (ArpHeader *)malloc(sizeof(struct ArpHeader));

/* Fill the ARP header */
arp_header->hardware_type = htons(ARPHRD_ETHER);
arp_header->protocol_type = htons(ETHERTYPE_IP);
arp_header->hard_addr_len = 6;
arp_header->prot_addr_len = 4;
arp_header->opcode = htons(ARPOP_REPLY);
memcpy(arp_header->source_hardware, (void *)ether_aton(SRC_ETHER_ADDR) , 6);
temp = inet_addr(SRC_IP);
memcpy(&(arp_header->source_ip), &temp, 4);
memcpy(arp_header->dest_hardware, (void *) ether_aton(DST_ETHER_ADDR) , 6);
temp = inet_addr(DST_IP);
memcpy(&(arp_header->dest_ip), &temp, 4);

return arp_header;
}



/* argv[1] is the device e.g. eth0 */

main(int argc, char **argv)
{

int raw;
unsigned char *packet;
EthernetHeader *ethernet_header;
ArpHeader *arp_header;
int pkt_len;

/* Create the raw socket */

raw = CreateRawSocket(ETH_P_ALL);

/* Bind raw socket to interface */

BindRawSocketToInterface(argv[1], raw, ETH_P_ALL);

/* create Ethernet header */

ethernet_header = CreateEthernetHeader(SRC_ETHER_ADDR, DST_ETHER_ADDR, ETHERTYPE_ARP);

/* Create ARP header */

arp_header = CreateArpHeader();

/* Find packet length */

pkt_len = sizeof(EthernetHeader) + sizeof(ArpHeader);

/* Allocate memory to packet */

packet = (unsigned char *)malloc(pkt_len);

/* Copy the Ethernet header first */

memcpy(packet, ethernet_header, sizeof(EthernetHeader));

/* Copy the ARP header - but after the ethernet header */

memcpy((packet + sizeof(EthernetHeader)), arp_header, sizeof(ArpHeader));

/* Send the packet out ! */

if(!SendRawPacket(raw, packet, pkt_len))
{
perror("Error sending packet");
}
else
printf("Packet sent successfullyn");

/* Free the memory back to the heavenly heap */

free(ethernet_header);
free(arp_header);
free(packet);

close(raw);

return 0;
}


Ignore the ones like this...
/*message here */

That is just for copyright

what progam do you need for this?

i dont understand what does it do?

You people are retarded you you dont know how to compile code, and anyway even if you o it wont work so it doesnt matter