Wednesday, January 21, 2015

PwnAdventure 3

Last weekend I participated in Ghost in the Shellcode, a capture the flag competition (ie. hacker contest) which included several unique challenges that involved hacking (cheating) at an MMORPG style game. The game was built using the Unreal 4 Engine, so it's possible that this protocol is same across other games with the same engine, but I have yet to confirm that.

As someone who loves huffing ethernet and inspired by talks such as "DEFCON 19: Hacking MMORPGs for Fun and Mostly Profit", I immediately went for reverse engineering the protocol so that I could build a proxy to perform all sorts of cheats. Sadly, I didn't have enough time to build a proxy, but I was able to write a Wireshark plug-in that parses most of the protocol (available here).

There is a lot to cover in this protocol, so this post will only cover some highlights.

For starters, this is a TCP based protocol that hops around on port 3000 through 3016. This is typical of MMORPGs that spread what looks like a unified map and environment over multiple servers and instances.