
Ask HN: How does online game bots intercept packets? - maruhan2
I&#x27;m not trying to make a bot. I just want to know for educational purposes.<p>For bots and scripts on games like league of legends, you have to be able to intercept packets and send your own. I can&#x27;t seem to find tutorials on that aspect. I&#x27;ve tried using keywords such as tcpdump and wireshark, but no good results. What are typical ways to read packets from online games and send them back?
======
sparkie
There are a number of ways to intercept packets, the one to use really depends
on the game you're playing.

The simplest method is to check in the game's configuraton files to see if
there's a domain/ip for the game to connect to - it can be as simple as
modifying a config file to connect locally instead, and have a proxy sat in
the middle which connects to the server.

Another option is to hook into the game and intercept the data before they
even get sent to the socket, modify them in memory. This is usually the
preferred option because games will generally encrypt all of their messages
and if you can find somewhere to modify them before encryption is performed,
it saves you having to reverse engineer the encryption. The downside to this
approach is that it needs redoing every time the game binary is updated.

One trick on Windows is to provide a fake "ws2_32.dll" in the directory of
your game, which exports the whole winsock API and simply wraps calls the
original functions - intercepting data where you want.

A trickier, but more robust approach on Windows is to implement your own
Winsock service provider, which can transparently intercept all winsock
traffic. (Search: dark side of winsock).

Unless the game sends messages in plain text, you're generally going to need
to reverse engineer some of the game client to hook into it, or to figure out
the cryptography being used so you can emulate it on a proxy. For that you'll
need a debugger (IDA w/HexRays, OllyDbg or WinDbg). Lots of games have
protection software which will detect if a debugger is running and are much
more difficult to reverse engineer.

------
blackflame7000
Are the games using unencrypted communication channels or else replay attacks
would be difficult. Are you sure they aren’t analyzing the game memory, system
events, or display in order to respond?

