MITM Server Sided

[AccountDeleted]

Well JoJo decided to make a Visual Basic application which would allow users to spam packets via client side via the method of "MITM(Man in The Middle)".

Non the less without a doubt he probably just ripped some simple source code off google, but anyway my point is this was being used to crash fame so I decided to take an active measure against it.



I'll be tracking every single player packet, option and actually build a lot of functions into this system... the thing that's cool about it is it's based on packets only so it's compatible with any server really.

Google for MITM or Man in the middle attack if you don't understand what it is.

Anyway, this will be released as a binary to public after a lot of newer options are added.

Commands Currently Available Through The System In Fame

Code:

Do.Repeat
Desc: Do.Repeat, Repeats the last "[Notice]" or "System" message that was displayed over again.

Current Options

Code:

Disable/Enable All Commands From Being Used
Disable/Enable All Items from being dropped.

When the above application is done you could only imagine the control the server administrator could have over players/clients... anything along the lines of even sending packets as the client to control their character.

Forcing them to do things only a server administrator could do.

The ability to actually universally link this with other game servers as well as long as the packets aren't encrypted for chat systems and etc an externally scripting system for it may even be a possibility for other games.

Once you understand/framework the entire packet structure of any game really you could alter what ever you wanted especially if you could act as other people and communicate over their connections as well as your own to the server.

[MentaL]

[Roxuw]

Wow cool:P
off-topic:First reply.

[Dekokjeroen]

Nice =)

10char

[Tyyrant]

thank you this was very helpfull, my problem is now fixed!!

[Shinija]

Nicee. really nice.

[Darkdevil2]

thank you this was very helpfull, my problem is now fixed!!

oO

but this looks nice.

[Organic]

Omnomnom.
A week's or so worth of work here.

[divinepunition]

Nice it could be a really usefull tool

[Roachy]

I have to say, that IS very interesting Deadly. And I agree with you and others that it could end up being a very valuable tool for server owners in the future. I'm assuming that since the first two options you added were "Disable Item Dropping" and "Enable Commands" that those were probably the packets Jojo was using to crash the Fame server. That's just an assumption, though.

And I've got a couple questions about how this works exactly since I've always been a sucker when it comes to details and I also always like to make sure I understand things properly.

The "Enable Commands" option, does that refer to common player commands, Admin/GM commands, or all commands in general? And the "Disable Item Dropping" command, does that disable item dropping for the entire server or is there/will there be a way to filter out only the attacking packets?

Thanks for any clarification you can give, as I admit I've still got a lot to learn, but every little bit of info helps.

[GlaphanKing]

From what deadly and I spoke of, its going to be a per person manager in its completed form. That way they can single out one person at a time and do what they need to do. This is what a well programmed ISC can do and more.

[blazingracer]

Wow so instead of punishing the whole server, you can terminate the packets from ever being processed?

[Roachy]

From what deadly and I spoke of, its going to be a per person manager in its completed form. That way they can single out one person at a time and do what they need to do. This is what a well programmed ISC can do and more.

Oh, thank you Glaphan for that bit of knowledge. That honestly makes it sound even THAT much more promising then it originally sounded.

I assumed (or at least hoped) if it didn't already have that feature, it would eventually as I thought that would be the best way to go about it, but since I'm no programmer yet I wasn't sure of what limitations there may be.

But also seeing as Deadly did mention that he'd be tracking every single player packet, that made me realize it would more then likely be possible to filter out just certain packets. I'm glad I went ahead and asked though, as I'd much rather hear it straight from the horses mouth then to go and make assumptions anyday.

Wow so instead of punishing the whole server, you can terminate the packets from ever being processed?

That's what it sounds like blazing. Although just from what I've heard (don't quote me on this though, as again it's only "what I've heard"), most "typical" attacks aren't very long, only long enough to crash said server.

So even IF it affected the whole server, depending on what packet was being used to crash it at least, it probably wouldn't end up effecting too many people as long as the attempted "attack" wasn't very long. But I've heard of continous "auto attacks" so guess that could be a factor too. Luckily, looks like Deadly's really putting a lot of time and hard work into this so none of that will be an issue.

I can just say one thing to that. And that is, looks like all that knowledge he has aquired over time and worked so hard to perfect ends up paying off once again. As it'd be difficult to make a tool like this very effective without that knowledge to begin with.

Knowedge truly IS the most powerful tool anyone could ever possess...