Post: Interesting Packet Injection
Options
11-28-2009, 08:17 PM
#1
s3recap
Bounty hunter
0x0000 00 22 75 5C 69 96 00 1F-A7 11 C9 16 08 00 45 00 ."u\i–..§.É...E.
0x0010 00 39 ****BB EA 00 00 40 11-B2 92**** C0 A8 02 03 45 3C .9»ê..@.²’À¨..E<
0x0020 04 50 0C 02 0C 02 00 25-D1 62 0E 02 00 00 00 00 .P.....%Ñb......
0x0030 00 00 00 00 00 00 00 00-00 00 00 00 FF 00 FF 00 ............ÿ.ÿ.
0x0040 00 00 FF 00 FF 00 00 ..ÿ.ÿ..
0x0000 00 22 75 5C 69 96 00 1F-A7 11 C9 16 08 00 45 00 ."u\i–..§.É...E.
0x0010 00 39 ****F8 68 00 00 40 11-76 14**** C0 A8 02 03 45 3C .9ø[email protected].À¨..E<
0x0020 04 50 0C 02 0C 02 00 25-D1 62 0E 02 00 00 00 00 .P.....%Ñb......
0x0030 00 00 00 00 00 00 00 00-00 00 00 00 FF 00 FF 00 ............ÿ.ÿ.
0x0040 00 00 FF 00 FF 00 00 ..ÿ.ÿ..
That is the second part of the packet. The first part also differs on that line.I am almost 100 percent certain this line contains the data for the game score, time, kills, etc. As of now I'm trying to manipulate the numbers and inject them at the right time and speed. Over injecting might make the data null. Unless they do not have something to stop the data from excessively injecting. Ill find out soon. Just keeping everyone up to date.
11-28-2009, 09:30 PM
#2
TryCatchMe
Like A Boss
11-28-2009, 10:41 PM
#5
bmxdude9
Million Miles Of Fun!
First off good work and good luck, please dont get your hopes up as there are many packets sent multiple times that are similar such as for walking etc, no there is a limit before the server Capotes and doesn't let you do anything and kicks or times you out but you should be fine if you inject it around ever 2/4 or so of a second in a loop for awhile and then just kill people and it should change it.
Careful loopage is the best way as getting it to intercept @ the exact time it needs to be is very tricky unless you have a socket holder or a better way to inject. You COULD write a program if you were good to hold the packet and then when that data is intercepted then change it with 'this data'(the modded data)
If you need more help let me know but heres a hint the best way is to kill a few people in a pile in the same fashion(meaning no headshots on anyone, with the same gun and in a very short time with several people so YOU GET THE SAME PACKET data every time or close enough you can start more accurate testing. Also look for the data offset that always helps. (example of data offset in hex)
that is an example, but the data will your looking for will most likely go up or down with the same bytes for score, kills etc. If your still confused lemme know! But the values offset will be more than 04 and it will be more hexish(lulz) with e.f's etc.
Careful loopage is the best way as getting it to intercept @ the exact time it needs to be is very tricky unless you have a socket holder or a better way to inject. You COULD write a program if you were good to hold the packet and then when that data is intercepted then change it with 'this data'(the modded data)
If you need more help let me know but heres a hint the best way is to kill a few people in a pile in the same fashion(meaning no headshots on anyone, with the same gun and in a very short time with several people so YOU GET THE SAME PACKET data every time or close enough you can start more accurate testing. Also look for the data offset that always helps. (example of data offset in hex)
#Score offsets $example
0x000000ff //negative, score decreases
0x00000000 //default, nothing happened
0x00000004 //score increases with a headshot
0x00000008 //score increases with a osk
0x00000010 //score increases with multi
0x0000000c //unknown
that is an example, but the data will your looking for will most likely go up or down with the same bytes for score, kills etc. If your still confused lemme know! But the values offset will be more than 04 and it will be more hexish(lulz) with e.f's etc.
11-29-2009, 01:57 AM
#9
bmxdude9
Million Miles Of Fun!
Originally posted by Icey
How do you inject in Builder Packet? reply please
It depends if your Sirius(seems like you are as you really ask questions directly) then I would recommend commview if your that Sirius about it. Its a great tool(there is a version for wifi though you MUST have a wireless card and its usually what I use) because you can sniff/inject in the SAME program. I used to use it with the PS2/PSP and other things but the reason I dont recommended to these people here is because if you want a legit full version it will cost you around $500 or you could get a free trial.
Its used by professionals so believe me it works the best, I only used it as my dads work had it and I was able to use and play around with it.
11-29-2009, 02:37 AM
#10
T-Icey
Samurai Poster
Originally posted by bmxdude9
It depends if your Sirius(seems like you are as you really ask questions directly) then I would recommend commview if your that Sirius about it. Its a great tool(there is a version for wifi though you MUST have a wireless card and its usually what I use) because you can sniff/inject in the SAME program. I used to use it with the PS2/PSP and other things but the reason I dont recommended to these people here is because if you want a legit full version it will cost you around $500 or you could get a free trial.
Its used by professionals so believe me it works the best, I only used it as my dads work had it and I was able to use and play around with it.
Its used by professionals so believe me it works the best, I only used it as my dads work had it and I was able to use and play around with it.
OMG! bmxdude9 you should be a Moderator of NGU
you answer all questions (you're really interested helping the other ppl)
hmm i got the NETGEAR, so it means i have access to wireless too i got it like this:
With cable:
Channel 1: My brother's PS3
Channel 2: My PS3
Channel 3: My computer
Channel 4:
Wireless:
The laptop
So i don't know, i think at least i understand 50% now, but i still cant find the IP of my PS3 with Wireshark and i dont know how to...
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
