Page 1 of 1

MMO & Online Game Hacking - EXTENDED

Posted: Wed Apr 11, 2012 5:25 am
by ronokae
Well All, I've been dead again [tell me how much you missed me later :P]. But I'm back to help.
Anyway I hope Seth stickies this one under his first post about MMO hacking, to make things easier, as he does not deal with MMOs, However I have some experience So hopefully we can get something done here.
===================================================================================
INTRO
Due the many seperate topics I've seen its obvious we need a basic overview, I will add more onto this as I learn and update as needed.
This guide will introduce you to MMO hacking and point out the differences between MMO/online and regular game hacking
This guide also assumes you've read Seth's Basic Game Hacking & MMO Hacking topics, for this is merely an extension. it also assumes you have some basic PC understanding.
This will clarify why and how Memory editing tools such as Tsearch work on regular games and not MMO's.
This will also point you to tools, and what you may need in order to hack MMOs

Key Differences in MMO/Online Games & Regular PC games
As most of you are aware (or should be aware of) MMOs [massively multiplayer online games] are more complex than standard Single PC games when it comes to hacking, most the time at least.

To understand this guide you need to know a few terms and the differences between them:

Example of Memory Hacking

When playing regular PC games, the game you play loads up data into your RAM (random access memory) until it is saved to your hard drive by you exiting/pressing save button or whatever.
After this data is in your RAM it sits there and changes as you progress, level up, switch weapons, etc; almost anything you do changes a value.
For instance you have a Sword in your hand the PC has this: 1325(sword ID) in hand.
you use tsearch and change 1325 into 1326,
the PC then changes your weapon from 1325 (sword) into 1326(gun)
You now have 1326(gun) in hand.
This is what is called memory hacking.
Hence the term MEMORY in both raM and MEMORY hacking. When you use Tsearch you are simply manipulating data and values that are stored on YOUR computer. This is why you can make such easy Trainers, hacks, etc, all of it is controlled by you.
----------------------------------------------------------------------------------------------------------------------------------------------
MMO hacking & exploitation

Client-Side: The portion of data and information that is stored & controlled client side of the MMO. The client is the computer connected to the server, not the server itself. When you run a game on your computer, it does not mean you have full control, becase clients are everyone connected to the MMO, not running it. So when you log-in, you are a client.
Note* Clients have very little control over game data. Hence, if clients had more control, you wouldn't be here.
Analogy: client-sided games are simply You & the PC, this is something like you talking to yourself on the phone, you can tell yourself whatever you want to hear.

Server-Side: This is the portion of data and information that is stored & controlled on the SERVER. The server is the computer that is hosting the game you are playing. The server and you communicate by packets [blocks of data]: You send the server something, it sends you something.
This computer holds your information and keeps the game online: if this computer shuts down, you disconnect; if this computer deletes your character file, then your character is gone.
Hence the term SERVE - To serve. The server, is simply serving you by handling your information and upholding your connection to it. you simply connect to it to send and retrieve data.
Anology: Server-sided games are simply you & the server, this is something like a telephone conversation as well, you send the server something, it sends something back in reaction. *Hence unlike memory hacking, you cannot control this reaction: unless.. ''

For example: You have 200 gold, you kill an enemy, and pick up 300 more. when you pick up that gold you send the server [57 88 23 51 FF 89] (I have picked up 300 gold), the server updates with this information and is now informed that "Player 1 now has 500 gold".

Or your hp reaches 0, you send packet [98 AA 83 38 21 21] (player 1 has died). In return the server sends you [88 99 00 3A 45 9F 9C 77] (penalty: Take away 100 gp and subtract 10% of skillpoints or whatever)

This is communication, you the client have sent information to the server, and in turn the server has either updated with this information or sent this information back

Now heres one confusing issue: you can use a memory editor on some online games to make it LOOK like you have an extra 300 gold.
This is because the numbers you see are actually in your computesr RAM, the server just sends packets to you telling you to update those numbers when you actually earn gold legitimately.
However because it is your cpus RAM, the "200 gold" you see on your screen can be changed.
if you change this, it will have NO effect because the server has in ITS memory "Player 1 has 200 gold" so until you change ITS memory (by sending it a packet telling it to update you), you will simply have "200 gold".
Fool's gold! (i love my puns) no but seriously the gold won't be "real" if you just update your own memory. I see people do this a lot with Artmoney & Cheat engine on runescape youtube videos and think that they're making some mistake, they're doing it perfectly. Just not on the right computer.

My point here
The key difference here is this: ONLY SOME INFORMATION IS MANAGED BY YOU WHEN YOU ARE ON AN ONLINE GAME.

For instance, earlier (above in the post) you were able to switch from a sword to a gun, simply by switching a memory value from 1325 to 1326. However, on a server sided game its not like that. You would have to send what is called a packet (a block of data) to the server, telling it that you have the gun and you are putting it in place of the sword.
Trouble is, you can't do that by tricking to your own computer (Analogy: you can't talk to someone else on a telephone by talking to yourself).

For server side hacking you need some sort of Packet editor/manager, Tools
-WPE Pro
-Commview
-WireShark, etc.

WPE Pro is simple, one of the most simple of these, however it lacks certain features but its quite usable.

For instance, say you want to level up faster, each kill you get 85xp, and you wanna change that.
now for simplicity's sake lets pretend this server has VERY little protection.

You could use a packet editor here to do 2 possible things i will name.
You can record yourself sending a packet saying you have killed the enemy and earned 85xp. with that recorded you can send that packet OVER and OVER, which would level you up faster, because you can send it with something like WPE which sends so many packets per second.

Alternatively, you can learn Hexadecimal [i say learn hexadecimal because packet editors/PC's usually hold info in this language]. AFter you learn hex, find the part of the packet you sent that says 85, and change that number to like 3000 or something
which will in turn send 3000 xp when you send it. if you wanna get creative you can set up filters and make it so that you get 3000xp per kill.

Like a memory editor a packet editor can help you when hacking a server:
Don't think "Oh a packet editor controls the memory of the server." It DOES NOT.

A packet editor simply MODIFIES the information you are sending to the server which in turn modifies the servers memory. it is not directly controlling that server's memory. ACKNOWLEDGE that you are not directly controlling the server's memory or computer, but you are manipulating the data you send to confuse it, which is only similar.

This is all i will post for now, i will update this within a few days with full info on how to use WPE pro possibly with pics and examples. I reccomend you look it up on google, check youtube (there are lots of notes of RSPS hacking & Club penguin hacking with it). You shuold take notes
if oyu're gonna use it i reccomend you start with private servers first. As other games will require security bypasses and stuff, you can find those on the net as well. THanks for your time thus far.
HOpe this helped all, and saved you a lot of questions seth.
............................................
This my friends, is only a small part the art of hacking, for those who respect it: the idea is to be bright and manipulate with what you can. discretion, and logic & creativity. Get what you want, and back the hell off.

Please, don't think you're hard stuff. You're simply a script kiddie at this point if even barely that. When you manage to RAT Runescape, Silkroad online, Flyff, Ragnarock, ETC, Then you can get excited. And don't think if you record your firefox sending a payment to paypal you will get x2 the money, its not that simple either. I don't mean to be rude to my audience, however its annoying when kids learn something this simple and go "I R L33T HAXXOR"... Shut the hell up. You kids make educating the world dangerous, as its slowly filling with stupidity..

Re: MMO & Online Game Hacking - EXTENDED

Posted: Sun Apr 15, 2012 4:14 am
by AMAGAF
Absolutely beautiful my friend. Absolutely beautiful. Very well said - all of it! I especially loved your ending hahaha!! So very true... Sadly
Anyway I'm new here and I am definately NOT haxxar ha ha ha! Ive always been into manipulating stuff like this and recently have been digging as much as I can into this very thing. I'm a total know-nothing at this point tho. My iPhone is jailbroke and I play with ifile :-P The most stupendous achievent of mine ever was duplicating apps LMFAO
Reason why I'm here (aside from my natural curiosity) is I play a server-sided game called Emross Wars - addicting as hell for some reason - and there's this total douche bag in my server who's a total prick to everyone and he just makes the game suck (long story that I'll leave at that) So basically I wanna either beef the hell outta one of my accounts and/or steal his from him. I'm not looking to ruin the game for other players - this guy already has - I (along with 90% of the rest of the server) want him removed and/or shut down
I know I know... It sounds like some chump complaining about a douche bag bully or somethin. But this server has hundreds of players in it and nearly all of us feel the same - this guys a douche.... We all just wanna PLAY and have FUN !
So please, on behalf of of my Emross server, any help would be gaciously accepted :-)
Is there anything AT ALL that I can do from just a jailbroken iPhone? My broke ass ain't got a pc with the intraweb :-p hahaha
I tried SQL injection of true statement into log in screen but theres no effect at all :-(
Again, I'm a total greenhorn noob with a natural curiousity and I'm just trying to rid my server of this douche to help level playing field for all of us and shut him up too ;-) I promise I will not abuse any knowledge, I'm not that type, I just wanna have fun with this :-)
THANK YOU in advance

Re: MMO & Online Game Hacking - EXTENDED

Posted: Thu May 07, 2015 5:09 am
by Pentagen
I am grateful to suppress That have come into this website.