Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:21

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 7 posts ] 
Author Message
 Post subject: SA:MP 0.3a Help
PostPosted: 05 Jan 2010 02:01 

Joined: 24 Dec 2009 23:33
Posts: 3
Hey Luigi can you please help me with making fake player bug for new version of SAMP

I sniffed some packets with WPE pro, both sent and received from the server.
I tried sending first few packets as they seem to be always the same, but nothing happened to the server :p

Where should I start, I am using java/jpcap to create packets. I saw your previous version of sampfp and I saw that you used zlib decompression...

Here are the sniffed packets http://pastebay.com/80391


Top
 Profile  
 
 
 Post subject: Re: SA:MP 0.3a Help
PostPosted: 05 Jan 2010 17:14 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
oh well, I don't know why there is so much interest around this PoC, anyway I have just updated sampfp


Top
 Profile  
 
 Post subject: Re: SA:MP 0.3a Help
PostPosted: 05 Jan 2010 18:09 

Joined: 24 Dec 2009 23:33
Posts: 3
aluigi wrote:
oh well, I don't know why there is so much interest around this PoC, anyway I have just updated sampfp



Thanks, can you tell me what tools do you use for packet sniffing, how do you know which packet is the thing you need to for fake player bug, I read that SAMP uses zlib, how do you decyphher packet that is compressed with zlib

Did you sniffed server or client?


Top
 Profile  
 
 Post subject: Re: SA:MP 0.3a Help
PostPosted: 05 Jan 2010 18:17 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
in this specific case I used the debugger to analyze the packet because it's used a simple encryption (xor with the server's port & 0xff) and a 8bit crc check.
no compression is used in version 0.3, at least not in the packets needed for sampfp


Top
 Profile  
 
 Post subject: Re: SA:MP 0.3a Help
PostPosted: 09 Aug 2010 00:46 

Joined: 08 Aug 2010 18:22
Posts: 1
Hi Luigi, sorry that i write in another topic, but i would like to ask your help - i can not understand the packages samp. In general, i have enough experience in their editing, but Samp put spokes in the wheel by encryption. How to remove encryption, or how to editing sent packets samp? A friend said that he can not set breakpoint in debugger at the right place because of the large number of sent garbage bags . Can you anything to help in this, please?


Top
 Profile  
 
 Post subject: Re: SA:MP 0.3a Help
PostPosted: 28 Dec 2010 18:44 

Joined: 28 Dec 2010 18:30
Posts: 1
bump because I want to know too


Top
 Profile  
 
 Post subject: Re: SA:MP 0.3a Help
PostPosted: 29 Dec 2010 06:13 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
uhmmm strange, I didn't notice or didn't remember that post of the 09 August.
anyway if you refer to the encryption used in the packets take a look to my samp03_crypt function in sampfp.c.
in SA:MP 0.3b you must use:
size = samp03_crypt(buffer, size, 1, 1); // encrypt it
size = samp03_crypt(buffer, size, 0, 1); // decrypt it (it seems not used by the client)

this is the only encryption of which I'm aware.


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 7 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron