Recent Videos
Let's talk!
Behavioural analysis - Variable Length Packets
-
This is trickier. PoE's Client/server comms commonly are not self describing whatsoever, when you don't understand may packet then you need no idea where it ends as well as the next one begins. Starting will be the hard part but after identifying an increasing number of packet types you may usually pick them apart POE Currency inside a raw blob.
Does a specific packet contain variable length fields? Strings are a clear one (always preceded by their length) but once a alternation in one byte results in a very drastic change inside whole structure from the following packet then it is probably time for it to start reversing the binary.
Packet injection
Dynamic analysis is a lot more fun when it is interactive, to test a theory in what a packet field may be (or just fiddle by it and see what are the results) you want to be in a position to inject packets into the buyer at run-time and find out what happens. I didn't want to make this happen when talking for the real game servers because -
The client trusts the server. Bad input often helps it be crash/hang in a very variety of un-managed ways therefore the server is even remotely as trusting on the client then it is might crash instance servers men and women are playing on.
Testing is noisy, particularly when the data is malformed. The accounts are free of charge but getting IP-banned is a pain.
On live servers there may be a lots of background activity helping to make results challenging to replicate.
The solution were to create a dummy server - just functional enough to get a client (with modified crypt data) to log into as often as we want together with the same state everytime. We can read everything the customer sends to see what happens if we send it stuff. Now more ways to Buy POE Currency, as an example, visit official MMOAH site.