Where to get WPE

For software allows you to capture, edit, and playback packets that are sent/received to/by a specific program running on your computer.
Message
Author
User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Where to get WPE

#1 Post by Administrator » Sat Jan 05, 2008 6:25 pm

WPE Pro download page: http://wpepro.net/index.php?categoryid=9
You may also use PermEdit with WPE.

Winsock Packet Editor allows you to capture, edit, and send packets to whatever program you want. It is detected by GameGuard and similar programs, though. It might even be detected as a virus (this is a false positive--the software is clean).

Using this, I was able to fake completing quests in Lunia, and level up my character just by standing around doing nothing. Other uses are duplicating items, speed-attacking, and other typical hacks.

Solaris
Posts: 4
Joined: Sun Apr 06, 2008 3:26 pm

Re: Where to get WPE

#2 Post by Solaris » Sat Apr 19, 2008 4:57 pm

i tried this..

Double clicking the Icon for the .exe says "Cannot create event" and closes

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Where to get WPE

#3 Post by Administrator » Sat Apr 19, 2008 6:09 pm

I've never seen that happen before. Are you using Vista? You might need to make sure it is running as Administrator with XP emulation set. You'll find those settings by right clicking the executable and selecting properties.

jim151222
Posts: 8
Joined: Wed Jul 09, 2008 5:21 am

Re: Where to get WPE

#4 Post by jim151222 » Thu Jul 17, 2008 8:53 am

would you happen to know of any other games that this works with?
most games ive played around with disconnect when using this tool.

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Where to get WPE

#5 Post by Administrator » Thu Jul 17, 2008 8:33 pm

When do they disconnect? As soon as you open it? If that is the case, then it's the anti-cheat protection that is signaling to the game to disconnect you. Disable the anti-cheat first, then you're set.

If you disconnect after trying to send a packet, this is typically because of a malformed packet. If the headers (typically the first 4 - 8 bytes) do not match the expected (and these change from packet to packet), or if any of the data does not match the expected format for this specific packet, then it typically will cause a disconnection. You may not be able to continuously send the same packet again and again because of the headers.

Filters are useful for when the above problem arises. Lets assume that the packet looks like this:

Code: Select all

4 byte header | 2 byte spell id | 4byte target
This packet would be, in our example, the message sent when we want to cast a spell. Using a filter, we can add a search on slot 05,06 (ignore first 4, the header) to look for spell ID 1234 (D2 04 in hex [We probably will need to swap to network-ready endian, so that's why it's not 04 D2]). In the modify, we change it to 1235(D3 04).

Ok, now if you turn the filter on, whenever you try to cast whatever spell ID 1234 is, you should actually cast 1235. Unless there is protection server-sided to prevent you from casting 1235, say, if it were a spell from another class.

User avatar
3cmSailorfuku
Posts: 354
Joined: Mon Jan 21, 2008 6:25 pm

Re: Where to get WPE

#6 Post by 3cmSailorfuku » Fri Jul 18, 2008 7:05 am

elverion wrote:When do they disconnect? As soon as you open it? If that is the case, then it's the anti-cheat protection that is signaling to the game to disconnect you. Disable the anti-cheat first, then you're set.

If you disconnect after trying to send a packet, this is typically because of a malformed packet. If the headers (typically the first 4 - 8 bytes) do not match the expected (and these change from packet to packet), or if any of the data does not match the expected format for this specific packet, then it typically will cause a disconnection. You may not be able to continuously send the same packet again and again because of the headers.

Filters are useful for when the above problem arises. Lets assume that the packet looks like this:

Code: Select all

4 byte header | 2 byte spell id | 4byte target
This packet would be, in our example, the message sent when we want to cast a spell. Using a filter, we can add a search on slot 05,06 (ignore first 4, the header) to look for spell ID 1234 (D2 04 in hex [We probably will need to swap to network-ready endian, so that's why it's not 04 D2]). In the modify, we change it to 1235(D3 04).

Ok, now if you turn the filter on, whenever you try to cast whatever spell ID 1234 is, you should actually cast 1235. Unless there is protection server-sided to prevent you from casting 1235, say, if it were a spell from another class.
Also its possible that the server encrypts their packets with a timestamp, this will cause you to disconnect on any packet.

If WPE is blacklisted or is not suitable for your useage you always can try the alternative rPE which is written in Delphi. It doesn't have a quite userfriendly gui and is a bit buggy, but it offers easy scripting.

Lucky89
Posts: 2
Joined: Fri Nov 14, 2008 4:05 am

Re: Where to get WPE

#7 Post by Lucky89 » Fri Dec 05, 2008 11:33 am

Hi all, i got WPE and i'd like to use it for Shaiya, but it doesn't find the game.exe process, even if i use PerEdit to grant permission...
Does Anyone know why ? What should i do ?

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Where to get WPE

#8 Post by Administrator » Fri Dec 05, 2008 12:03 pm

You'll need to use the GameGuard patch located here. Once that's patched you should be able to find it.

User avatar
3cmSailorfuku
Posts: 354
Joined: Mon Jan 21, 2008 6:25 pm

Re: Where to get WPE

#9 Post by 3cmSailorfuku » Fri Dec 05, 2008 1:21 pm

Uploaded a old, modded version from Cyrus that lets you use 0 or less delay in sending packets. By default its capped at 100ms.
Been useful for many years for me in Ragnarok Online.
Attachments
WpePro_0delay.rar
(324.13 KiB) Downloaded 561 times

Lucky89
Posts: 2
Joined: Fri Nov 14, 2008 4:05 am

Re: Where to get WPE

#10 Post by Lucky89 » Sat Dec 06, 2008 4:12 am

I have already downloaded Jewebacca bypass for GG, and i also managed to do something with CE. I'd like to try wpe....but it seems it cannot find Shaiya process: game.exe while CE do....cant understand why...

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Where to get WPE

#11 Post by Administrator » Sat Dec 06, 2008 2:35 pm

I don't know what to tell you then. There are other alternatives out there. You can try Packet Edit Studio and see if that helps.

User avatar
Gulron
Posts: 12
Joined: Mon Dec 29, 2008 8:10 pm
Location: United States

Re: Where to get WPE

#12 Post by Gulron » Mon Mar 02, 2009 5:15 pm

After the file being quarantined ten times I have finally got it to work. Looks like a nifty program to tinker with.

Thanks
Image

User avatar
Rishijin
Posts: 49
Joined: Sat Jul 04, 2009 4:25 pm
Location: Kauai

Re: Where to get WPE

#13 Post by Rishijin » Sun Jul 05, 2009 4:05 pm

What are the advantages to using packets in a bot instead of memory?

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Where to get WPE

#14 Post by Administrator » Sun Jul 05, 2009 5:15 pm

Depends how you use it. If you are able to figure out the encryption (if any) and packet structure, you can create a full clientless bot. You could potentially run hundreds of bots on the same machine like this because you don't need to load up the full game client, which will be quite bulky.

You could also create a bot that relies on packet injection. This will allow you to write a bot that shouldn't need much modification when the game updates. It means you won't need to find addresses and offsets each time.

More often, packet editing is used to cheat certain things. In Lunia, you used to be able to play-back a quest complete packet repeatedly to level up while standing in town.

User avatar
Rishijin
Posts: 49
Joined: Sat Jul 04, 2009 4:25 pm
Location: Kauai

Re: Where to get WPE

#15 Post by Rishijin » Sun Jul 05, 2009 8:18 pm

Is packet injection featured on micromacro? Could I use the netSendMessage function?

User avatar
Administrator
Site Admin
Posts: 5306
Joined: Sat Jan 05, 2008 4:21 pm

Re: Where to get WPE

#16 Post by Administrator » Sun Jul 05, 2009 9:46 pm

No. netSendMessage() is a function for MicroMacro's own networking. In order to use packet injection, you need to write a DLL that can be injected into the target process which will hook it's send function or Winsock's send(). The new IPC system that is being worked on will help make this much easier to create and use.

User avatar
3cmSailorfuku
Posts: 354
Joined: Mon Jan 21, 2008 6:25 pm

Re: Where to get WPE

#17 Post by 3cmSailorfuku » Mon Jul 06, 2009 4:07 am

Administrator wrote:No. netSendMessage() is a function for MicroMacro's own networking. In order to use packet injection, you need to write a DLL that can be injected into the target process which will hook it's send function or Winsock's send(). The new IPC system that is being worked on will help make this much easier to create and use.
You could though write a dll that has exported functions and use it in micromacro, that might aid you to transmit packets over the hooked function with the returned socket, ip & adress. You'd have then an easy scripting enviroment.

Theoretically, since winsock is a WinAPI you could make a general hook that works with almost all games.

User avatar
Rishijin
Posts: 49
Joined: Sat Jul 04, 2009 4:25 pm
Location: Kauai

Re: Where to get WPE

#18 Post by Rishijin » Tue Jul 14, 2009 11:51 pm

3cmSailorfuku wrote: You could though write a dll that has exported functions and use it in micromacro, that might aid you to transmit packets over the hooked function with the returned socket, ip & adress. You'd have then an easy scripting enviroment.

Theoretically, since winsock is a WinAPI you could make a general hook that works with almost all games.


This all sounds fantastic, except I don't know anything about writing dlls.
I know its a relatively standard procedure for C++ users, but I haven't used C++ in 10+ years!

Is there somewhere you can recommend for me to learn about writing a dll to hook winsock and send / recv packets?
Or a good book about this kind of stuff?

User avatar
3cmSailorfuku
Posts: 354
Joined: Mon Jan 21, 2008 6:25 pm

Re: Where to get WPE

#19 Post by 3cmSailorfuku » Wed Jul 15, 2009 6:48 pm

Rishijin wrote:
3cmSailorfuku wrote: You could though write a dll that has exported functions and use it in micromacro, that might aid you to transmit packets over the hooked function with the returned socket, ip & adress. You'd have then an easy scripting enviroment.

Theoretically, since winsock is a WinAPI you could make a general hook that works with almost all games.


This all sounds fantastic, except I don't know anything about writing dlls.
I know its a relatively standard procedure for C++ users, but I haven't used C++ in 10+ years!

Is there somewhere you can recommend for me to learn about writing a dll to hook winsock and send / recv packets?
Or a good book about this kind of stuff?
Learn to use the detours library and msdn for the function.

Example:

Code: Select all

/*
Tormen Raßmann 
http://www.schlurmania.org/
Microsoft Detours 1.5
Winject
Microsoft Visual Studio 2008
*/

#include <windows.h>
#include <detours.h>

#pragma comment(lib, "detours.lib")

typedef int (WINAPI *MBoxTyp)(HWND hWnd, char* lpText, char* lpCaption, UINT uType);
MBoxTyp origMessageBox = NULL;

int WINAPI MyMBox(HWND hWnd, char* lpText, char* lpCaption, UINT uType)
{
	return origMessageBox(hWnd, "I've been detoured :(", ":(", uType);
}

BOOL WINAPI DllMain(HANDLE HDllHandle, DWORD Aufrufgrund, LPVOID Reserved)
{
	if(DLL_PROCESS_ATTACH == Aufrufgrund)
	{
		origMessageBox = reinterpret_cast<MBoxTyp>(DetourFunction((PBYTE)&MessageBoxA, (PBYTE)&MyMBox));
	}
	return TRUE;
}
This would hook the MessageBox that appears in the injected application, and return a modified string.
The same you do with ws2_32, you hook the send function and save all required information.
Theres a difference though, instead of just doing it like in the example, you have to modify the trampoline a bit so it won't overwrite the actual data and send it whenever you want.

Anaughtymouse
Posts: 2
Joined: Sun Jul 19, 2009 11:41 am

Re: Where to get WPE

#20 Post by Anaughtymouse » Sun Jul 19, 2009 12:07 pm

Hey guys, just trying to play with this....heh its new to me even if it isn't to you guys....I can't seem to get it to work properly for Shaiya.

I can pick up all the packets etc, work out which ones relate to which actions, but sending them insta disconnects me. I guessed this was to do with the first couple bytes acting up...I've removed them as I read in another thread might help but then the packets don't seem to do anything atall.

Very much a nub at this but any advice from people who have had luck with Shaiya or maybe somewhere I can read up first would be appreciate, thanks for you time!

Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests