Results 1 to 10 of 10
  1. #1
    Zededarian's Avatar
    Join Date
    Dec 2005
    Posts
    151
    Reputation
    11
    Thanks
    139

    WPE for Beginners (Flash Games)

    This is for all you people who don't quite understand how WPE Pro works.
    If you need a copy, I took the pains to upload one for you (actually I was just too lazy to
    look for someone else's download link). This is just a beginner's tut,
    but You'll learn how to:
    1. Collect & dissect packets to find out what they mean
    2. Forge packets
    3. Filter packets (both ways)

    I'm going to use Stick Arena as an example game (
    https://www.xgenstudios.com/stickarena/stickarenaxgs.swf ), because it's
    easily accessible for everyone and has little to no hack protection. And
    yes, I know you can hack SA with Cheat Engine, but this is just to teach
    you how to use WPE Pro. Specifically, I'll teach you how to:
    1. Make a protective shield of constant hammer strikes (forging packets)
    2. Turn weapons into other weapons (filtering outgoing packets)
    3. Become invincible (filtering incoming packets)

    I assume you've downloaded WPE Pro at this point. Unpack it to a folder
    somewhere (yes, I know virus protection things don't like it, if yours
    won't ignore it either disable active scanning or launch the program from
    the rar) and boot it up. Press the target program button in the upper
    left and select your browser's process (probably either IE.exe,
    firefox.exe, or Opera.exe). This attaches wpespy.dll, which is what WPE
    Pro uses to catch and send packets.

    The first hack I'm going to cover is making a protective shield of constant hammer strikes. Since striking with a hammer is caused by something you do (clicking the mouse when you have a hammer), we want to be watching the packets we SEND to the server. To do this, go to View at the top and select options, then make sure only the box next to Send (not SendTo) is checked, then press OK. Now enter a game in SA and press the button with the big black triangle under target program to start recording packets. After you get around 20, press the big red square to the right of it. This is your sample of gameplay when you're not swinging the hammer. Now go pick up a hammer, start recording again, swing the hammer facing right, swing the hammer facing down, and stop recording.

    In my game (it may be different in yours), the first sample of packets were all of length 30, 34, or 1. In the second sample, however, there were two packets of length 14! these must be the packets for swinging the hammer. Now, here's the part you have to watch for. The first swing has the value 34 30 38 39 30 30 38 30 30 30 38 35 37 00. Translated out of hex code (WPE does this automatically in the function column on the right side of the packets window), you have the value 4089008000857.. The second swing has a translated value of 4089008001807.. All you changed between these two packets is the direction you swung the hammer, so the difference between these two packets will be the part that determines direction. I have it underlined below:
    4089008000857.
    4089008001807.
    So the number 85 corresponds vaguely to “facing right” and 180 corresponds vaguely to “facing down”. If you haven't guessed, these are angle measurements in degrees, with facing straight up being 0. My first swing wasn't perfectly to the right, if it had been that 85 would have been 90.

    Now on to forging. A little research using the google (a key part of almost any hack) shows that the sledgehammer has an angle of attack of 35 degrees. To hit all around us, then, we'd need to have hammers hitting in 35 degree intervals around us. However, 360 / 35 doesn't give a whole number, so we're going to go in intervals of 30 degrees for the sake of simplicity. 360 / 30 gives 12, so we're going to need 12 packets. Right click either one of the sledgehammer hit packets and click “add to send list” 12 times, then right click it one last time and choose “set send list with this socket ID”. These are your raw packets, now you just have to edit them.

    To do this, first get to the send window by pressing the send tab (on the left, a little under the middle, right under the packet/filter box and next to the filters tab). Now double click the first packet, edit the number on the right to read 4089008000007. and press OK. Check the box next to it (this is necessary to send it, and also helps you keep track of what you've done). Now edit the second packet the same way, making it 4089008000307. and so on until you reach 4089008003307..

    Now, you've probably been kicked from your game for inactivity, so go join another one. When you're in the room, Press the black triangle right below the “gauge” tab and right above the packet/filter box. Make sure you've selected “continuously” and “100 milliseconds”, then press play. The little number next to “error” right below the packet/filter box should start shooting up. This is because the open port changed. Stop sending by pressing the red square (the one closes to the triangle you pressed to start, not the one at the top), then record some random new packets from the game you're in like you did before. Pick a random one, right click it, and choose “set send list with this socket ID”, then start sending the packets again. This time the little number next to the word “sent” should start shooting up. Congratulations! Anyone coming near you will get pounded by a hammer. Sometimes people can get near you without getting hit for a bit, this is usually a lag issue.

    “Wait,” you say, “I don't see anything!” That's normal. You won't see anything at all, but to other people in the room you're swinging a hammer all around you incredibly fast. Most people will misinterpret this as a simple speed hack, which shows how much they know. If you think you got the gist of this, try doing the same thing with the shotgun—THAT will piss some people off, especially in open maps.

    Now we move on to the second hack I plan to teach you, turning weapons into other weapons. I already went over determining which part of a packet changes when you do something different in the last section, so here I'll just list what you find out by shooting different weapons (the angle changes, too, but we already know that isn't it from before).

    4089008000007. – Hammer
    4089008000006. – Shotgun
    4089008000005. – Ak47
    4089008000004. – Glock
    4089008000003. – Sword
    4089008000002. – Bat
    4089008000001. – ???
    4089008000000. – Hands

    NOTE: All of these packets are for firing straight up.

    Now, let's say we want to shoot shotgun shells by punching. Sounds fun, no? All we have to do is make a filter to replace 4089008000000 with 4089008000006. To do so, click the filters tap in WPE Pro (right next to the send tab). Double click the first filter. First the preparatory stuff; make sure you've selected “normal” under mode, that block is unchecked, that everything except SEND is unchecked under “Search In” (NOTE: after unchecking everything except SEND under “Search In”, select “Winsock 2.0” from the drop-down box under it and uncheck all the WSA options, including WSASend), and rename the filter to something like “Shotgun Hands”.

    Now all that's left is the actual filter. The filter has to be written in Hex code, so we're switching back to that. The way you know the packet you're sending is a punch is that it starts with the number 4 (hex code 34) and has a thirteenth number of 0 (hex code 30), meaning we want packets where byte 1 is 34 and byte 13 is 30. To do this, simply put 34 in the search row under column 001 in the data box at the top of the filter window, and put 30 in the search row under column 013. Then, you want to edit byte 13 to be 6 (hex code 36), so you but 36 in the modify row under column 013. Now press apply, check the box next to shotgun hands, and press the big ON button (right between the pencil and the X).

    Once again, congratulations, every time you punch you shoot an invisible shotgun shell. However, to other people in the game, the first time you punch a shotgun appears in your hands. Also, you move faster than you should with a shotgun, and shoot faster (you shoot at punch speed), so with a slow weapon like the hammer people will, once again, think you're speed hacking (ignorant fools!). This can be repeated to turn anything into anything else.

    Now, the final hack, invincibility. For this you want to change other peoples' attacks, so go to view, options, uncheck Send, and check Recv. Now start recording, play the game for a bit, and stop. The packets here are much more confusing...so confusing, in fact, it would be unfair to ask you to try and pick them apart on your first try. Let's say that a little bird came down and told me that 11 bytes after an M (hex code 4D) is the code for whatever weapon a person is shooting. Right now I'm just trying to teach you how to make variable-spot filters, so it's not particularly important how I found that out.

    Alright, so now we have to make a filter on Recv packets that replaces everything 11 bytes after an M (hex code 4D) with something we take no damage from. If you remember the table of weapon values above, 1 (hex code 31) is unoccupied, meaning we can't take damage from it. Go to the filter tab in WPE Pro, double Click Filter 2, change “mode” to advanced, choose “from the position of the chain found” under “start modifying from”, make sure only Winsock 1.1's Recv is checked under “Search in”, name the filter something like “Invincible”, and change “nbr time to apply” to 10 (there can be more than one M in a packet, so we want to make this change a maximum of 10 times. If you get speed issues, try lowering this number to 3 or 4).

    Whew, sorry that was so long. Now simply put 4D in the Search row under column 001, and put 31 in the Modify row under column +011 (if you've read the rest of this tut, you should know why). Press apply, check the filter, and turn your filters on (NOTE: wait until you're in a game to turn it on or there's a roughly 5% chance you won't be able to join because of a random error). Pretty handy little tricks, eh? Anyway, that's about it for this tut. If anything in here didn't work for you, I attached my copy of the filters and packets for you to compare yours against. Comments are appreciated!

  2. The Following 50 Users Say Thank You to Zededarian For This Useful Post:

    1bodevil (02-23-2015),1it2 (07-08-2010),aapikz (11-24-2014),aaronminecraft (12-04-2014),Adorboy (08-05-2014),Apacuka (01-28-2013),Ariano2009 (10-20-2009),battlewingz (01-19-2014),bharod (11-26-2012),Billy evan (05-10-2016),bls1999~ (04-01-2016),CodedByte (01-15-2015),dadaXD (02-07-2013),damienj10 (10-27-2012),dealfire (11-08-2014),draman (08-13-2011),end360 (07-29-2013),fleahlit (07-30-2012),FlyzBerg (08-11-2015),foreveryoung78 (12-08-2015),Gebel (07-28-2014),Ghosticus (12-19-2012),goku123 (03-29-2013),I_Cheat (08-18-2009),kawilarang.rjk (10-16-2012),kedaxx (07-27-2009),Koyte (10-24-2018),KuroAmine (11-21-2012),Kushala Daora (02-20-2015),Lx2master (06-29-2013),Marsicano (08-09-2008),maxownage01 (07-06-2013),monstrousluck (11-03-2014),mouser29 (06-23-2015),NathanYoung (04-21-2013),NeTBuS (11-11-2012),newaccount01 (06-01-2015),pascanio (10-01-2015),rv2k11 (03-09-2014),Sapphira (06-19-2013),SkyWarrior (11-22-2012),sobhi200 (03-05-2009),Tarrik (07-05-2009),The Potato Wolf (05-05-2016),uciltampan (03-24-2014),UnReal_Scavenge (03-28-2015),whjsky (08-03-2013),wmtdanimal (05-30-2013),yackeryacker (01-12-2016),[Supreme (03-24-2014)

  3. #2
    llamafarmer1's Avatar
    Join Date
    Jan 2011
    Gender
    male
    Location
    huh?
    Posts
    9
    Reputation
    10
    Thanks
    0
    I'm still trying to work out how to do this with Dofus.

  4. #3
    RamenThief's Avatar
    Join Date
    Dec 2011
    Gender
    male
    Location
    in the "closet"
    Posts
    134
    Reputation
    6
    Thanks
    5
    My Mood
    Sick
    Download doesn't work.

  5. #4
    hugejass's Avatar
    Join Date
    Jul 2011
    Gender
    male
    Posts
    7
    Reputation
    10
    Thanks
    0
    If you want me to be honest. You rock and tut is so very descriptive but cant get any of it to work. dont even see the same weapon numbers or anything and i had to target "plugin-container.exe" because firefox wasnt showing up any packages:/
    so is that my problem? cause plugin-container shows same values just sitting in one spot but when hitting and stuff shows different just numbers aint the same as yours and tried health and sledge hammer both didnt work
    little help here

    ---------- Post added at 12:45 AM ---------- Previous post was at 12:40 AM ----------

    wow the downloads are amazing thank you for everything PS i havent tried them yet but can compare easily this way
    +10 for you

  6. #5
    Skyknight181's Avatar
    Join Date
    Apr 2012
    Gender
    male
    Posts
    1
    Reputation
    10
    Thanks
    0
    i just go tback and im not sure if this is against the rules, but can you please help me find values for a game called crazy fairies

  7. #6
    ApprenticeCoder's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Posts
    24
    Reputation
    10
    Thanks
    5
    My Mood
    Brooding
    Hello,I am learning about computer security and I started looking into packet injection(I want to be a white hat hacker)but I noticed something wrong with WPE,after creating exclusions in my firewalls,Norton Search and Norton autoprotect,disable UAC and such,I cannot get WPE to send data.I have captured and found the packet I need to send,added it to send list,changed the socket,and clicked send,every 100 miliseconds.WPE says it was a success,but ingame nothing happens.I am trying to hack Stick Arena,which I read in a tutorial,I just want to see if I can get it to work,not really cheat like most of you do here.Could someone help me?Any help would be much appreciated,I want to pursue a career in computer security but I cannot yet afford any schooling for it,thank you.

  8. #7
    ApprenticeCoder's Avatar
    Join Date
    Jan 2015
    Gender
    male
    Posts
    24
    Reputation
    10
    Thanks
    5
    My Mood
    Brooding
    Just to inform any newbies,stick arena seems to have added checksums,so you can't do this anymore,try some other game...

  9. #8
    Troy_J's Avatar
    Join Date
    Aug 2015
    Gender
    male
    Posts
    3
    Reputation
    10
    Thanks
    0
    download is a virus. Mcafee stopped it in its tracks. Im sure one of them was a key logger

  10. #9
    amazinghuntrat's Avatar
    Join Date
    Feb 2016
    Gender
    male
    Posts
    12
    Reputation
    10
    Thanks
    0
    My Mood
    Cynical
    Maybe you did something wrong?
    Sent the wrong packet?

  11. #10
    Nukanpro's Avatar
    Join Date
    Mar 2016
    Gender
    male
    Posts
    3
    Reputation
    10
    Thanks
    2
    let me check

Similar Threads

  1. What would you look for in a game hacking tool kit?
    By Dave84311 in forum General Game Hacking
    Replies: 23
    Last Post: 06-02-2015, 06:34 AM
  2. best c++ tutorial for beginners!
    By WacKer in forum C++/C Programming
    Replies: 31
    Last Post: 12-05-2009, 06:30 AM
  3. Flash Games =]
    By neoRUS in forum Spammers Corner
    Replies: 30
    Last Post: 08-15-2006, 05:52 PM
  4. any way to use wpe for damage editing?
    By zelda803 in forum WarRock - International Hacks
    Replies: 10
    Last Post: 02-09-2006, 02:33 AM
  5. Connection About for Annomalation in Game
    By asdasd in forum WarRock - International Hacks
    Replies: 7
    Last Post: 12-30-2005, 08:17 PM