Post: Bmxdude9's Packet Injection MW2 Series Week #1
02-16-2010, 03:22 AM #1
bmxdude9
Million Miles Of Fun!
(adsbygoogle = window.adsbygoogle || []).push({}); I feel that since I got Prem for free that I need to contribute my share....

I also feel that this is something that a lot of people were once interested in but over time frustration and what have you got the better of people and packet injection became a thing of the past. Well once again I decided to bring back packet injection for everybody and this time easier at that. This is part one of a series on how to packet inject/exploit MW2, in this installment I cover the basics of packet injection.

Its a .mov file and I expect most people have the codec, the original file was like 2gb and that would take me two fortnights to upload at my speed. I included a readme for anybody interested. If you have any questions or comments please post them in this thread. I did improve the sound/video quality for anybody wondering.

Note to Premium Users: This topic and its contents are to remain Soley in this section, leaking is AGAINST the rules and will result in a ban from NGU. Now onto the positive part... the perks of being premium for this is that you get it at least one week prior to the public so you have extra time to play around and ask questions/comments before everyone else and also you guys get the actual file, while the public has to suffer with ONLY the youtube link, meaning you have a save-able file to view on your computer.

Download Link:
Originally posted by another user

You must login or register to view this content.


Password:
Originally posted by another user

NextGenUpdate.comPREMIUM


Its like 65mb uncompressed, 40.5mb compressed rar.

Enjoy. Happy
(adsbygoogle = window.adsbygoogle || []).push({});

The following 10 users say thank you to bmxdude9 for this useful post:

-Lazy-, af12314, D3cH, eddydiep, ibombo, jconrad6309, leukotic, Pure Pwnerer ©, rjive, thedufeys
02-16-2010, 04:29 PM #11
Password dont work ive tried loads of times and ive tried to copy and paste it.
02-16-2010, 05:57 PM #12
SystemErrorApps
Bounty hunter
it never asked me for a password.....
02-16-2010, 09:18 PM #13
bmxdude9
Million Miles Of Fun!
Originally posted by leukotic View Post
Alright, just watched the video, good introduction to the basics. Now I know this is just the first of the series, but a couple questions popped up while I was watching.

First is the opportunity of injection. Basically lets say I modified a packet that gives me more health (if that's possible). The only time this will work is if the packet is sent while I am being shot or hurt? Is there any possibility of looping thus packet all the time just so when I was getting hurt or shot it would basically automatically pick up that packet? Cause it seems injecting a packet or packets during a very specific amount of time would be very hard and counter productive (unless I had some kind of macros that was activated by a foot pedal or something).

Next question is the checksum. So basically if I understand right and I edit a packet, the checksum has to match the previous checksum of that packet exactly? Or does it just have to be a correct checksum for that packet?

And last but certainly not least (Happy), the packet IP addresses. Lets say I capture some packets from a previous game. I don't edit them or anything, and the IP addresses match the previous games IP addresses (meaning a different host/server IP). Will these packets still work in other games? Or do the server/host IP addresses have to match up exactly every time?

That's it for now, and I just have to say the part in the video where you were looking for the capture file cracked me up, LOL. I have noticed that Colasoft doesn't see the save file captured in Wiresharks default save format. You have to save it as Microsoft Netmon which is .cap There may be others that work as well, but I have found saving it under this format works well for Colasoft. Not sure why Wiresharks default save format doesn't get picked up by Colasoft, but I have often wondered if this effects the packets at all.

Anywho keep up the vids, and don't be bashful on the details! Sometimes people who are really experienced in something don't realize how the most minuscule information can make or break somebody when trying to figure something out Happy


Oh one last thing, from the video it sounds like you said that wireless is a acceptable form of bridging, can you confirm this? because I don't have two Ethernet adapters on any of my computers. I do however have wireless and wired connections for my laptop which can successful be bridged.


1. yes you can only send the modified one where the one is being sent to the server, you CAN loop the packet BUT that can cause lag, errors and other issues. The best way to properly do it without any manual work would to be write up s program that can use raw sockets to hold the data until the data is received(you would have to specify both, original/modded) then quickly inject your modded value.

2. Just has to match the checksum for the packet, usually they are always the same or else the headers would be giant.

3. IP's should remain the same, if they didn't it wouldn't be a server now would it?(yours might differ when your bridge different devices such as how you have 192.168.2.X X is the device, it increments when you add a new device to the network)

So for example...

My main pc would be 192.168.2.1 as its the first one registered on my home network
My PSP would be 192.168.2.2 becuase it was the second registered
My PS3 would be 192.168.2.3 because it was next
My laptop would be 192.168.2.4 as its the newest registered

And so on....
02-16-2010, 10:47 PM #14
leukotic
Climbing up the ladder
Thank you for the answers BMX I really appreciate it. Sadly, it wasn't what I wanted to hear, lol. Based on those facts, packet injection really isn't something that is exactly convenient. It seems like it is more of a novelty than anything.

I mean not only do you have to inject at the exact precise moment which is hard to pull that off in a quick FPS like MW2, unless you are a programmer capable of writing some software that would automate that. But you also need to have matching IP's every single time (which varies every single match due to different hosts). So at the beginning of the match you would have to start up Wireshark, start capturing to figure out the host/server IP then manually change the host/server IP on every single packet. And unless you were to somehow find that one magical packet that was the one you wanted, you would have dozens upon dozens of packets to edit. And this would need to be done in every single match to keep up with the host/server IP.

I dunno, it seems packet injection is just something that is not suited for the average, or even the above average user. Unless somebody was able to make us a program that would automate the process (changing the IP's and sending at the right moment etc etc) this is not something that most of the people here are capable of pulling off. Maybe once or twice if all they focus 100% on this, but surly not a regular routine in every single match.

I mean heck, just editing the packets alone to get the IP right would take hours. Because even for a capture that is 3 seconds long, you may have 600 or more packets to edit. And as far as I know, Wireshark, nor Colasoft are capable of doing this automatically or by any other 'easy' means. The only way this wouldn't be 100% inconvenient is if you were to do a capture in the game you are currently playing and then use the same capture packets of a kill or something and try and send those out at the right precise moment. But surely there is not going to be any on-the-fly editing going on here to get unlimited ammo, more health, etc etc etc before the match ends.


However, if somebody could make some software that automates this tedious process, then we may have some hope. Hell, I would be willing to PAY for something like this. Basically the program would have to do all the things that are slightly beyond our abilities to pull off in a fast paced game.


-Basically it would need to be able to send out the packets at the right moment, and to do this it would have to currently look at all the packets as you are playing, then when it see's packets similar to the ones you have captured (data wise), it starts sending out.

- It would also need to correct and update the host/server IP on all the captured packets every time you join a new match. This way all the IP's are current and match the current host/server IP.

- It also would be nice to have it 'mass edit' packets for you if you happen to edit one of them for infinite ammo, or extra health or something like that. And since it's near impossible to find a single packet that is exactly what you want, you would have to edit all of them right? Well, this program should be capable of doing this.


If I was a programmer, I would definitely attempt to build something like this. As something like this could almost be the 'gameshark' of current online gaming. And it would be compatible with EVERY online game and the results could be VERY positive if packet injection really works like you say it does. The only manual thing you would need to do is simply capture the right packets and load them into the program, simple! And if you wanted to go more in-depth you could use the 'mass-edit' feature to try and get unlimited ammo, unlimited health or whatever.

It's a shame this will never happen... at least not with the mainstream public it won't. Something like this could make somebody a whole shit load of money.
02-16-2010, 11:22 PM #15
bmxdude9
Million Miles Of Fun!
My dad was a programmer(30 some years I thin) so Ill talk to him and try to collaborate something with him so we can put together my packet skills and his programming skills and hopefully output something awesome for everyone. Basically using raw sockets would allow you to do so MUCH more and A LOOOOOT easier. Now I think you might be sorta confused, this game while it does not use a dedicated server its host IP should be the same(or differ by a number or too like xxx.xxx.x.X where X changes and thats it, and there is a limit to X too)

But I think you are sorta confused, the host is a medium not an actual server as its P2P, so unless we have the server client data headers ON OUR GAME DISC then the IP should be the same. Now if there are infact headers on our game(I cant really look until geohot's exploit gets somewhere) then we can simply crack open the headers, mod them and BAM "packet hacks" no injection and the ability to freely do whatever you want.

Believe me stick with it, it pays off.

The following user thanked bmxdude9 for this useful post:

leukotic
02-16-2010, 11:35 PM #16
DBA
Pokemon Trainer
Originally posted by bmxdude9 View Post
My dad was a programmer(30 some years I thin)


wow thats cool lol my dad doesnt do shit, but thanks for the tutorial ive always wanted to know how to do this.
02-16-2010, 11:39 PM #17
leukotic
Climbing up the ladder
Cool man, that would be great to see! Happy And I am definitely confused on the IP thing. How do I find the main IW server IP? Man... now I am really confused, lol. Where does the host of the match IP come into play? Because that is the only IP I see when capturing packets from a game (well, aside from my own). And it's always linked directly to the specific host, not a IW server (since I cannot host).
02-16-2010, 11:52 PM #18
bmxdude9
Million Miles Of Fun!
For anybody that the password wouldn't work for, I have re-uploaded a version(same rar) just without a password. Same rules apply, no leaking. If you have ANY suggestions or want to see something more in week 2 besides whats already going to be covered lemme know!

You must login or register to view this content.
02-17-2010, 08:05 AM #19
ITageI
ItzTageSon
can there be a packet for all my guns to be one hit kill? and has this gone anywhere yet like is anyone doing it?

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo