[Discuss] OllyDBG discussion

[boever]

Hi all,

 

We all know that wow packets are getting encrypted, some partially some in total. In the past we could mess around by filtering some packets and modifieng certain slots.

What if we could really get to the packets before they get encrypted? It would offer alot more fields to test wouldn't it?

 

Well, ollyDBG is a program that reads the assembler of ur comp. I have small experience with this program and I am looking for some1 to find out more about it.

I don't know for sure where i should place breakpoints, at what specific adresses.

I know the lines must look like : PUSH EAX and CALL wow.xxxxx but I find many of these.

 

How can i know where to place a Breakpoint? Do i have to test all of those lines?

 

Greetings ;)

[anath3ma]

packet is other and asm is other thing

the assembly code its not the same with packets

example mov eax,1 <---- this is sys_exit

              mov ebx,0 <---- 0 error mesage

              int    80h    <---- kernel call

this is sys_exit

or system exit command

the shellcode of this is:

\xb8\x01\xbb\xcd\x80

or more clear

0xb8 0x01 0xbb 0xcd 0x80

and in packet is:

0x00000000: 6d 6f 76 09 65 61 78 2c - 31 0a 6d 6f 76 09 65 62  movIeax,1JmovIeb

0x00000010: 78 2c 30 0a 69 6e 74 09 - 38 30 68 0a                    x,0JintI80hJ

anyway the server encrypt the packets not the client

you know server side shits...if u want t dcrypt u must find the encryption way and make ur decryptor

lets say 1 2 3 i wanna encrypt this using 1 + 1, 2 + 1, 3 +1 so 123 is now 2 , 3, 4 this is encrypted to decrypt it u must make something to do 2 - 1, 3 - 1, 4 - 1

good luck