How to spoof
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: How to spoof

  1. #1
    Junior Member
    Join Date
    Oct 2001
    Posts
    13

    How to spoof

    I know you wont trust me. I would like this purely for educational purposes because I do not know if this can be done. I have read about packet sniffers, and know how you can forge packets. So if I recorded a packet that logged me onto a multiplayer gaming server, could I use this packet to get onto servers I would be baned from. I have been told proxies don't work. Maybe I just totaly got this wrong since I am a newbie.

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    115
    theoretically, it you did forge packets, you could conmtinue to play on that server. but why would you? if you are baned form a server, you probably deserved it

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    681
    i agree with gamemaster... you only get banned from servers for beng a jerk... at least in most cases. why do you need to spoof. besides... theoretically it could work, but i have never tested it, so do not quote me.
    Learn like you are going to live forever, live like you are going to die tomorrow.

    Propoganda

  4. #4
    Banned
    Join Date
    Mar 2002
    Posts
    968
    I have heard that some people have tried something similar to that for Everquest, but they get noticed not long after.....

    Something I heard, so like

  5. #5
    Junior Member
    Join Date
    Oct 2001
    Posts
    13

    Yes

    I totally agree that, that person is a jerk. In fact h has promised me not to tell anyone, thats how I found out what he was upto. So now its upto me to stop the little.

  6. #6
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Umm, I really don't see this working like you are hoping though. Lets say your ip is 192.168.1.10. Ok, you get a copy of a packet logging on from IP 10.10.10.1. The game server is going to authenticate bassed on your ip address, so....you send the packet as 192.168.1.10, then they know it is you and bam, your banned. If you send it as 10.10.10.1, then the reply will be sent to 10.10.10.1, not to you. So, you still can't get on...
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  7. #7
    Junior Member
    Join Date
    Oct 2001
    Posts
    27
    A true spoof of an IP packet is a one way street. To make it 2-way, you need to go through a porxy server. But that still traceable with a little work

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Posts
    356
    Originally posted here by souleman
    Umm, I really don't see this working like you are hoping though. Lets say your ip is 192.168.1.10. Ok, you get a copy of a packet logging on from IP 10.10.10.1. The game server is going to authenticate bassed on your ip address, so....you send the packet as 192.168.1.10, then they know it is you and bam, your banned. If you send it as 10.10.10.1, then the reply will be sent to 10.10.10.1, not to you. So, you still can't get on...
    just incase any of you guys dont quite get that i'll expound on it a bit. lets say you get baned from a game server. for the sake of this arguement we'll say its an IP ban, instead of some kind of unique id ban. that means that when you try to join the server from then on(assuming its a perm ban), the server checks your ip with a list of banned ip's and says "no, you cant join because you are banned". now, if you were to try to fake your ip this is what happens:
    you try to join the server with a fake IP. the server sends its responce to the computer(if there is one) at your fake IP, not yours(because by faking the IP it doesnt know that its really your computer which is trying to join, it thinks its a comp with the fake IP you gave it). end of story, you are never able to join the server.

    now, whoever said a proxy wont work is wrong. if you get a proxy that will forward your traffic to the gameserver you want to join and send the info the server sends back to you, then it will definatly allow for avoiding of IP bans. the down side would be more lag than you would usually get, possibly enough to make some games nearly totaly un-playable.

    out if curiosity, what game are you refering to(let me take a wild guess...Counter-Strike, DoD, or some other HL based mod)?

    if it is HL, from a server admin's POV, the best thing to do when encountering a wanker is to addban their WonID, cause most lamers dont know enough to be able to change that. then if they come back addban their ip and they should be toast. if they STILL come back they are probably dial-up and you can just ban their entire subnet and that sould keep em out
    -8-

    There are 10 types of people in this world: those who understand binary, and those who dont.

  9. #9
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Yeah, good point, it may have been some other type of id ban. Then, the forged packet would probably work, as long as you used your own ip. BUT, I am pretty sure that it is going to check you WonID, or some other ID more then just once when you login. It would have to be a primary form of identifying who you are. Soooo, after you were loged in, the first time it checks who you are, you would be rebanned.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  10. #10
    Senior Member
    Join Date
    Sep 2001
    Posts
    138

    Wink Something everyone has failed to mention.

    Just a lil' tidbit. You might want to open a term and type "man 2 socket", setting the SOCK_RAW attrib on your socket *will* allow you direct access to the packets (although you will need to be running an OS that does allow this first, ie. Not windows 9x, or NT, I think 2000 and XP allow this). With direct access to the packets, yes you could technically do what you want, say chance the *source* address of a packet to something that is not your's.....on the other hand as others have already mentioned, doing this causes the game server (in this case) to address information to the "spoofed" source address.

    Most game servers use UDP, thus spoofing is technically trivial (no sequence number to guess). The thing that stops people from doing it is the shear nightmare of gameplay. Lets say you do manage to get past the server handshake. You are still playing the game blindly, you have no idea where the game is putting the mobs, where the other players are, or what the other players are carrying.

    But hey...if you want to try it....give me a few days (it will only take an hour to two, but I am a busy person) to throw you some source together and if you can get it to work on a windows box have fun (if you have a spare linux box laying around network it and use it... ).
    http://www25.brinkster.com/cheeseball

    -- Do not dwell in the past, do not dream of the future, concentrate the mind on the present moment--

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •