[Exploit] Winsock Packet Editor + Guide

[CriticalError]

well first hello well upon request from this user gerero in this post

[url]http://www.maxcheaters.com/forum/index.php?topic=49214.0[/url]

I got asked to make a tutorial on WPE Pro, so I will

 

I'll explain all the things you need to know to start with WPE.

 

First of all, your Anti-Virus will probably recognise WPE as a Trojan, but it isn't really one, i donwload it and give me equal error from other guys buts it just uses similar things as a Trojan don't worry.

 

Now, the main 5 things about WPE are:

Attaching WPE Pro

Packet Sniffing

Packet Sending

Packet Editing

Packet Filters

Saving/Loading Packetlists/filters

 

These are the 5 things I will be explaining in this tutorial

 

Attaching WPE Pro:

To get started, you need to attach your WPE to the program you'd like to hack.

To attach WPE to a program you need to have both WPE and the program running ofcourse.

As an example I will be using Dark Eden, to use some old screenshots I already had.

Now, to attach WPE to the program press the "Target Program"-button (marked with 1). After clicking it a window will pop up, and in that window you search for the program you'd like to attach to and highlight it (as in 2). Now press "Open" (marked with 3) and you'll have attached WPE to the program!

 

 

Packet Sniffing:

To sniff for packets going in and out a program, you need to attach to the program and press the play button in the Trace Control (upper box with the meters in it). If you press the button WPE will start sniffing packets and will keep doing that untill either you press the red stop button or the buffer is maxed. (To adjust your max. buffer go to View>Option and change the number in the Buffer area to what you'd like to be the max. buffer)

When WPE stops recording a window will pop up containing all the sniffed packets. It will show the number of the packet, the first 50 double digits and the translation of those 50 digits and if it's either Send, Sendto, Received or ReceivedFrom.

Send means the packet started in your computer, Received means it came from somewhere else.

If you want your WPE pro to only snif for a certain type of packet go to View>Option and tag/untag the corresponding boxes in the Winsock Functions part. (In example, if you want to snif only for Send packets, untag Received, ReceivedFrom and SendTo)

 

Packet Sending:

If you want to start sending packets, you need to know how to add packets to your sending list. There are 3 possible ways: Making a new packet(as marked with 2), Loading a saved packetlist or getting one out of your sniffed packets list.

I won't explain how to make completely new packets, because beginning hackers won't have any use with it, and Loading a saved packetlist will be explained later on.

To get one out of your sniffed packet list you need to double click it in the window that poped up after sniffing for packets. Note: Received packets are often not good for sending.

If you added one to your list you will see "[]New Packet" in your send list.

If you do not see it it could either be because you didn't add it well, or you're still on your filter list. To go to your send list just press the Send tab (marked with 1).

 

http://img26.imageshack.us/img26/3872/88633356.png[/img]

 

To start sending the packets you need to tag the boxes ([ ] > [X]) of those you'd like to send, and then press the play button in the Actions Console (bottom part with the Send and Filter list in it). A new window will pop up. Here you can fill in how many times you'd like to send the packets, and at what speed. You can also chose between Open Socket and New Socket, I won't explain New socket so just stick to Open socket.

if you use open socket, you'll have to make sure the propper port is filled in. To make sure you've filled in the propper port, just right click on one of the packets in the Sniffed packets list and select "Set Send list with this socket id". You only have to do this only once per time you attach to a program.

When all is in order in the Send Settings Window, you press the play button and WPE will start sending packets. To stop sending packets, click the red stop button in the Actions Console.

 

Packet Editing:

To edit a packet you need to have it in your send list.

Double click the packet and a new window will pop up with all the information about the packet. In there you can read all the information there is about the packet and not only the first 50 double digits.

Things there are to change:

a. double digits

b. translation of the digits

c. name

d. size

 

a. Just higlight one of the digits and press the key you want to change it with. Note: this will automaticly generate the new translation aswel.

b. Just highlight the part you want to change, and change it. Note: this will also change the digits accordingly, but they might change in the wrong ones.

c. The name your packet has in your send list, no biggy, only makes it easier to differ one packet from another.

d. Changes to this number will change the amount of double digits you have in your packet. Increasing it will add a couple of 00 digits, and decreasing will remove a couple of the last double digits.

 

I can't tell you in what you should change the digits when changing them, because every game uses his own coding his packets.

 

Packet Filters:

First of all go to the Filter list by pressing the Filter tab in the Actions Console.

There you'll see a list of empty filters. To add new filters you have 2 possible ways: making one yourself or loading a saved one(I'll explain this in the next chapter).

Making your own filter is easy. Double click one of the filters in the list and a Filter Edit window will pop up.

 

 

1. The name your filter will have in the filter list.

2. To which type of packets the filter will be aplied to.

3. What type of filter you want. I'll explain the normal filter first.

4. Tag this box ([ ] > [X]) if you only want the filter to stop these packets from coming in, and not edit them.

5. Search: The double digits the filter will search for. Modify: Into what the filter will change the found packet's double digits.

6. Number of times it will apply the modification.

7.Advanced Filter option, will be explained later on.

 

To make a normal filter, just fill in after SEARCH the double digits it needs to look for manually or copy paste it from the packet window in the send list. Then fill in after MODIFY what those digits need to change in.

You can also make the filter only change Send or Received packets by tagging/untagging the coresponding boxes.

 

Advanced filters are for the little bit more advanced hackers, but aren't that hard really.

 

 

This will be the window when you select "the beginning of the packet". Modifications will now start from the point in the packet where the matching double digits were found.

Now you can also adjust the max. length in the packet the filter will search in. Just tag the box and fill in the number, no biggy.

You can also make the filter change one or 2 double digits in the found packet instead of the whole found packet.

 

 

This is the window you get when "from the position of the chain found" is selected.

Here you can modify digits that came before the chain you were looking for, and not only after or in. Nothing else changes really.

 

 

Ok, now you know how to make filters. To run filters, just select them and press the little "On" button. The filter list will turn gray, and you won't be able to edit the filters anymore, but they will be active. To stop using the filters just hit the little "On" button again.

 

 

Saving/Loading Packetlists/Filters:

Packetlists:

 

To save a packetlist just press the little floppy disk (marked with 1), fill in the name for your list (marked with 2) and press the "Save" button(marked with 3).

If saved properly you will see a file in the directory with the name of your list and a .spt ending (like the one marked with 4).

 

http://img4.imageshack.us/img4/9167/26751814.png[/img]

 

To load a packetlist press the folder button(marked with 1), chose the propper file(as for example the file marked with 2) and press "Open"(marked with 3). The list will show up under the current list in your Send list.

 

http://img14.imageshack.us/img14/2139/45759516.png[/img]

 

Filters:

Same as in packetlists, but then when you're looking at the Filters Tab.

Note: you can also create a password protected save with filters.

 

That's all for the tutorial kids, if you enjoyed reading it, or/and found errors in it, feel free to post Smile.

Owh and, ofcourse, reputation is always welcome Smile (a positive one that is XD) hoep help this enjoy guys

 

[url]http://rapidshare.com/files/203976284/wpepro09x.rar[/url]

 

Password: www.maxcheaters.com/CriticalError

[KnightOfH3ll]

Its even more confusing than phx. But can it do serious stuff?

[ĐarkSlayer]

What this prog doing can u explain me plx ? :D :D thx

[CriticalError]

What this prog doing can u explain me plx ? :D :D thx

well man i add more info about that specially this is a TCP / IP Packet Sniffer  With Virus Capabilities Mistaken For A Trojan

 

1. Disable Anti-Virus (Because these days security can detect Wpe)

2. Open WPE PRO.exe (WpeSpy.dll Must be in same folder)

3. Target The Process You Wish To Hack / Sniff.

 

In Most Cases:

Iexplore.exe

Firefox.exe

Or Game Process.

 

Make filters if needed, I rarely use them.

Press the Record button (Looks like this for those who cant see what'sn front of them Its a black arrow top left)

Stop when the event you are waiting for happens.

 

Look through the bottom packets that appear until you find what you need. (also look through them all, because you might find something you would find to come in handy later.)

 

Right click to see a menu appear.

Send: A new window will appear allowing you to see the IP of the server your connected to.

And will also allow you to view the port and edit & send the packet again.

 

Add to send list: Ads the packet to the send list, To view this list go to bottom left hand corner & click the tab "Filter / Send" (send)

In hear you can also save packets & open previously saved packets.

 

Set send list with socket id: This speaks for its self, It adds the port that the packet was received from.

This way you can send saved packets in the send list, Without having to add a port manually.

 

fun :)

 

Best Regards

CriticalError

[¤FunkyCobra¤]

Eh man..i didnt get it..Can u tell me with one sentence what this programm does?

[ĐarkSlayer]

So we can have anything we this or wtf? XD

 

i know i am stupid xD xD

[Kroti]

;/

[Wyratrux]

Its  like Cheat Engine !!!! Edit your stats .. bla bla ...but it gets detected by GG . :(

 

Nice share though ... I know how to use it :)

 

I used it on cheating some games :)

[FRU]

Just another sniffer. Anyway, thank you for the guide.

[hakanbey]

Ty thats what i was looking for

[provid]

to much work with this shit but ty

[lazos1993]

Is this something like L2phx?

[ultrawolf]

Is this something like L2phx?

Yes, but this also works on other programs..I used this for hacking wow btw :D

Pretty confusing stuff... :D

[Armind]

nice share... and thx crit ^^

[lazos1993]

It looks way more complicated than l2phx though :)