• Welcome to Valhalla Legends Archive.
 

hooking into an existing TCP stream

Started by Juniper, June 22, 2006, 02:17 AM

Previous topic - Next topic

Juniper

Hi,

I'd like to set a couple of facts before I actually ask my question.

Layout - I have a linux gateway that's connected to the internet, all the traffic goes through it.

Goal - A computer on my network will start D2-LoD and enter a game. I'd like to be able to build a valid packet on the linux gateway and send it to b.net.

Now, what do I mean when I say "valid packet"? As you're all probably well aware of, all the traffic to and from b.net is TCP (at least D2GS packets, which interest me), which means I can't just make up a D2GS packet and send it to b.net because there are things to consider. Things like sequence numbers, ack numbers and so on.

My question is - How can I "hook" onto the existing tcp stream that's comming from the computer running D2 and send packets from my gateway which will seem legit to b.net servers? is it even possible to do from that gateway, or do I have to do it from the computer actually running D2?

I'd like to code this in perl, but any help on this matter will be appreciated.

thanks,
J

Banana fanna fo fanna

iirc there are sequence numbers that will mess you up. You're going to want to hack the D2 application to do it via attaching to the process or something.

Juniper

QuoteYou're going to want to hack the D2 application
That's like telling me that all I need to do in order to be rich is to win the lottery :)

How do I go about hacking D2 that way? where do I even start?

J

MyndFyre

Well, to start, you'd probably want to get the process handle, and patch memory where there are calls to send()/recv().  These memory locations can be found in a disassembler.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Kp

You could run D2 through a proxy on the Linux system that plays with the message stream.  That'd be cleaner than injecting into D2.  If you're sitting inline, sequence numbers are handled automatically.  You'll end up with some very messy code if you try to do this in perl.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!