Printable View
I know you wont trust me. I would like this purely for educational purposes because I do not know if this can be done. I have read about packet sniffers, and know how you can forge packets. So if I recorded a packet that logged me onto a multiplayer gaming server, could I use this packet to get onto servers I would be baned from. I have been told proxies don't work. Maybe I just totaly got this wrong since I am a newbie.
theoretically, it you did forge packets, you could conmtinue to play on that server. but why would you? if you are baned form a server, you probably deserved it
i agree with gamemaster... you only get banned from servers for beng a jerk... at least in most cases. why do you need to spoof. besides... theoretically it could work, but i have never tested it, so do not quote me.
I have heard that some people have tried something similar to that for Everquest, but they get noticed not long after.....
Something I heard, so like
I totally agree that, that person is a jerk. In fact h has promised me not to tell anyone, thats how I found out what he was upto. So now its upto me to stop the little.
Umm, I really don't see this working like you are hoping though. Lets say your ip is 192.168.1.10. Ok, you get a copy of a packet logging on from IP 10.10.10.1. The game server is going to authenticate bassed on your ip address, so....you send the packet as 192.168.1.10, then they know it is you and bam, your banned. If you send it as 10.10.10.1, then the reply will be sent to 10.10.10.1, not to you. So, you still can't get on...
A true spoof of an IP packet is a one way street. To make it 2-way, you need to go through a porxy server. But that still traceable with a little work
just incase any of you guys dont quite get that i'll expound on it a bit. lets say you get baned from a game server. for the sake of this arguement we'll say its an IP ban, instead of some kind of unique id ban. that means that when you try to join the server from then on(assuming its a perm ban), the server checks your ip with a list of banned ip's and says "no, you cant join because you are banned". now, if you were to try to fake your ip this is what happens:Quote:
Originally posted here by souleman
Umm, I really don't see this working like you are hoping though. Lets say your ip is 192.168.1.10. Ok, you get a copy of a packet logging on from IP 10.10.10.1. The game server is going to authenticate bassed on your ip address, so....you send the packet as 192.168.1.10, then they know it is you and bam, your banned. If you send it as 10.10.10.1, then the reply will be sent to 10.10.10.1, not to you. So, you still can't get on...
you try to join the server with a fake IP. the server sends its responce to the computer(if there is one) at your fake IP, not yours(because by faking the IP it doesnt know that its really your computer which is trying to join, it thinks its a comp with the fake IP you gave it). end of story, you are never able to join the server.
now, whoever said a proxy wont work is wrong. if you get a proxy that will forward your traffic to the gameserver you want to join and send the info the server sends back to you, then it will definatly allow for avoiding of IP bans. the down side would be more lag than you would usually get, possibly enough to make some games nearly totaly un-playable.
out if curiosity, what game are you refering to(let me take a wild guess...Counter-Strike, DoD, or some other HL based mod)?
if it is HL, from a server admin's POV, the best thing to do when encountering a wanker is to addban their WonID, cause most lamers dont know enough to be able to change that. then if they come back addban their ip and they should be toast. if they STILL come back they are probably dial-up and you can just ban their entire subnet and that sould keep em out :)
Yeah, good point, it may have been some other type of id ban. Then, the forged packet would probably work, as long as you used your own ip. BUT, I am pretty sure that it is going to check you WonID, or some other ID more then just once when you login. It would have to be a primary form of identifying who you are. Soooo, after you were loged in, the first time it checks who you are, you would be rebanned.
Just a lil' tidbit. You might want to open a term and type "man 2 socket", setting the SOCK_RAW attrib on your socket *will* allow you direct access to the packets (although you will need to be running an OS that does allow this first, ie. Not windows 9x, or NT, I think 2000 and XP allow this). With direct access to the packets, yes you could technically do what you want, say chance the *source* address of a packet to something that is not your's.....on the other hand as others have already mentioned, doing this causes the game server (in this case) to address information to the "spoofed" source address.
Most game servers use UDP, thus spoofing is technically trivial (no sequence number to guess). The thing that stops people from doing it is the shear nightmare of gameplay. Lets say you do manage to get past the server handshake. You are still playing the game blindly, you have no idea where the game is putting the mobs, where the other players are, or what the other players are carrying.
But hey...if you want to try it....give me a few days (it will only take an hour to two, but I am a busy person) to throw you some source together and if you can get it to work on a windows box have fun (if you have a spare linux box laying around network it and use it...:) ).
I wasn't expecting that kind of response. This is a totally cool community that I would like to learn and share with. If you would enjoy doing that thing for me Cheeseball then I certainly wouldn't object. I play Deus Ex Multiplayer because I love the augmentation and skills element. I recommend you promote this community because it's only smallish, but an amazing game(3000 players small). Sorry to go off topic we are desperate. You will find the relative files at www.planetdeusex.com
I know it uses unreal code, but thats about it. Since I wouldn't have much use for this code because I don't get banned :cool: I would just be happy to know how to implement it. Is it a TCP/IP programming thing? How do you execute these things into the game? Are they protocols? <- ?
I don't know much :confused:
I have to agree with the souleman and 8*B@ll, but I have to wonder if the game server would really be using something as simple to defeat as an IP ban. Especially considering that a lot of their traffic comes from "educational institutions" and Internet cafes where switching to a different machine (with a different IP) is a trivial thing to do. ...not to mention that this method is completely ineffective against many dial in points who assign IP's from a pool at random.
If I were ye, I would do some homework looking into all of the things that would be involved in banning a user on THAT particular system, before I started completely focusing on one aspect of one type of blocking strategy. Physics approach:
Step 1) deffine problem
Step 2) plot a route to the desired solution
Step 3) flesh out the course
Step 4) win :)
well, most traffic from game servers doesnt come from places like that, its mostly from people's homes...anyway, who will go so far as to disconnect from their ISP then reconnect just to re-join a server when they can just go to a different one?Quote:
Originally posted here by garrion
I have to agree with the souleman and 8*B@ll, but I have to wonder if the game server would really be using something as simple to defeat as an IP ban. Especially considering that a lot of their traffic comes from "educational institutions" and Internet cafes where switching to a different machine (with a different IP) is a trivial thing to do. ...not to mention that this method is completely ineffective against many dial in points who assign IP's from a pool at random.
i cant speak to Deus Ex's implemtation of their ban system, but i know Half-Life's inside out(i'm an AVID TFCer).
basically, if you have the "rcon"(remote console, the way you admin a HL server) password for a server you can use commands that will kick and ban as you would expect. when you wish to ban sombody you can pick between 2 ban methods. 1 is "banid <time> [WonID] (kick)" time is the length in seconds for the ban to last(0 = perm), WonID is an ID generated from your CD key given to you through an authentication prossess don on the Won servers(hence WonID). this is unique to each CD Key. kick is an optional command at the end to also kick the user. the other command allowed is "banip <time> [IP] (kick)". ip is the person's ip address...the rest is the same as above.
advantage to WonID ban's - as long as that person doesnt change CD keys(by editing the regestry) they will be perminantly baned reguardless of IP changes which are so common to to Dial-ups.
advantage to IP ban's - it unfortunatly isnt that hard to find and download cd keys off the net, and your cd key is kept in plain text in your regestry, so its easy to change that, but your IP can only very soo much untill you exaust all your ISP's available IPs.
The "easiest" way to implement this would be to make a server package on one of your local machines to forward the game login information (Thus making the code reusable and keeping the programmer from needing to know what information to send). Again, doing this will be blind, and playing the game will end up impossible, but there are other "possible" uses for such a thing (exploiting trusted host, getting by firewalls, and echoing UDP packets to an TFTP server to name a few). read the man page for socket if you get bored (yes it is TCP/IP programming).