[Release] MuOnline Packet Sniffer & Analizer

[Razzor]

Currently I working on packet sniffer(like wpe but only read)

Features:
Capturing Packets between Client <-> Server,CS
Showing All Info About Packet: Len, Direction, Decoded Data If Needed, Counter ....

Analyze Data Structure - (Now I Working On It)

Some screen:

[MentaL]

[laudaicat]

Why you do it, while gameserver with pdb released ?

[Razzor]

For fun. For learn some new function while coding it, get some skills. For get deeper in packet structure(learn too).


So now u know:)

[Phant0m]

Can you share a source? I'd like to see how it works.

[nitoygo]

Can you share a source? I'd like to see how it works.

Yes, please do share. I'd also like to make something like this :D

[Razzor]

When i finish i will release source

[Razzor]

I have small problem to read item packet F3 10 for main 0,97d. For example 22 BC 24 how to shift it to get double axe +7+s+l?

22 >> 4 & 0x0F =2
22 & 0x0F =2
But doubleaxe is 1 2

[[RCZ]ShadowKing]

I have small problem to read item packet F3 10 for main 0,97d. For example 22 BC 24 how to shift it to get double axe +7+s+l?

22 >> 4 & 0x0F =2
22 & 0x0F =2
But doubleaxe is 1 2

You may want to use structs to get info from item's hex code as it's much easier than shifting and shits.
Here it is for versions with 16 bytes length hex code of items:

Code:

#pragma pack(push, 1)

struct ItemInfo
{
    /* 00 */BYTE id;            // ok
    union
    {
        struct
        {
            BYTE bAdd    : 2;
            BYTE bLuck    : 1;
            BYTE bLevel    : 4;
            BYTE bSkill    : 1;
        };
    /* 01 */    BYTE OptionData;    // ok
    };

    /* 02 */BYTE Durrability;    // ok
    /* 03 */DWORD Serial;        // ok

    union
    {
        struct
        {
            BYTE bAddE        : 1;
            BYTE bExeOp1    : 1;
            BYTE bExeOp2    : 1;
            BYTE bExeOp3    : 1;
            BYTE bExeOp4    : 1;
            BYTE bExeOp5    : 1;
            BYTE bExeOp6    : 1;
        };
        /* 07 */BYTE ExeOp;        // ok
    };

    /* 08 */BYTE AncientOp;

    union
    {
        struct
        {
            BYTE bOp380    : 4;
            BYTE bType    : 4;
        };
    /* 09 */BYTE type;            // ok
    };

    union
    {
        struct
        {
            BYTE bOpId        : 4;
            BYTE bOpType    : 4;
        };
    /* 10 */BYTE JoHOp;            // ok
    };

    /* 11 */BYTE SocketOp1;        // ok
    /* 12 */BYTE SocketOp2;        // ok
    /* 13 */BYTE SocketOp3;        // ok
    /* 14 */BYTE SocketOp4;        // ok
    /* 15 */BYTE SocketOp5;        // ok
};

#pragma pack(pop)

I never worked on 0.97d but if you tell me the DB version I may take a look today and post the struct.

EDIT: in your code you lack parenthesis and "AND" operation is applied on 4, the correct code would be "(22 >> 4) & 0x0F".

[Phant0m]

but if you get the source... you can add the packet editor feature xD

Most kids don't have the required knowledge to program, so the release of this source, as is, is not a threat to any game server. It's sole purpose is to help further develop the game.

[Razzor]

Someone can help me how to read this right site packet?

C4000B-F310-01- ##### 00 20 00 12 00 Small Axe +0 No skill,No Lack,No Op No Exe

Ok I Found it

[GM-Andromeda]

but if you get the source... you can add the packet editor feature xD

you cant, he said u can only "read" messages, not modify them.

i bet he is using some library like tcpdump to sniff all traffic, then filter all that data by ip/port and then getting ip src/dest mac info and layer 7 (data) and then show that info.

so, if this is the case (of course, no need to hook any dll, any function), you can only "watch" what u receive and send. if you want to send data, the easy way would be to hook WSASend or any other win32 api using the current socket. Otherwise, u will need to use Scapy or any other alternative to inject packets directly to the tcp stack. just kid stuff...

at least that's what i used to do.

[Razzor]

You are in wrong forum, this is development section not how to cheat. I dont write anywhere that is for only reversing login packet lol. This sniffer is for learn how all packet are build, how looks communication between server<-> client, to try in future write basic server

[GM-Andromeda]

this was a simple sniffer i coded a while ago, used to dump messages for another game, but it is the same idea.

for each message (or packet, whatever), u can create a class, and inherit a method from an interface, absrtact class etc, called, lets say, "AsText()" o just "Print()"

so for each message, you would see, the entire byte string and a description, like positions, ids, etc

for example



if u click one message, a description will appear in the grey textbox, showing the hex string and all the fields used in that message, like positions, names, ids, etc. I think that's the best way to do it, so u can see the actual flow, very quickly and if u want details, just "click" the message :)

pd: dont feed the trolls, they will eat you.

PD2: i think u already did what i've just said hahaha, one single message in listbox and then details in textbox. next time i'll spend more time reading instead of writing. :P

[[RCZ]ShadowKing]

Please stop posting things that don't contribute to this development!

[Zitinho]

Good job. Keep doing it.