Researcher Cracks Elder Scrolls Online, Dark Age of Camelot, and Wildstar (Livestream archive)

37
8



Video starts 3:06
Stream ends: 1:50:00

Adrian Bednarek is a security analyst at Baltimore’s Independent Security Evaluators (ISE), and today he’ll be showing us how he’s broken into popular Massively Multiplayer Online Role-Playing Games.

Bednarek has been reverse engineering, writing low level tools to aid in the reverse engineering process, and creating custom exotic exploits for over 20 years. He specializes in reverse engineering proprietary communications protocols, especially those of MMORPG’s. In many cases he has created tools and workflows to circumvent anti tampering, software and or hardware fingerprinting countermeasures.

Bednarek will show how exploits could be used on Elder Scrolls Online, Dark Age of Camelot, and Wildstar. To be clear, Bednarek has reported these exploits to the game developers and they are now patched.

Nguồn: https://trulyluminary.com/

Xem thêm bài viết khác: https://trulyluminary.com/game/

37 COMMENTS

  1. What's the reasoning for injecting the proxy dll. Cant you edit the host file. or use proxifier. Whats the advantage of injecting the dll over other methods. plz someone answer.

  2. compressed and encrypted data using static libs for connection, and then anti-debug, PE protectors, and blacklisting services on top of server-side logic.. These guys are BS artists.. What he showed in ollydbg was suppose to be a buffer overflow I guess and that only counts if it's remote or through a named pipe or parser..

  3. I appreciate the effort but the info isn't really that current; the games are ancient and cadence of the guy delivering info is very slow. He doesn't provide much useful guidance–that is, he mentions/teases tools he doesn't present and plays a video of exploits rather than doing them live.

  4. My god, is it to much to ask to be prepared for a livestream? See if you have the tools you want to use and what/how you want to show stuff instead of basically taking over half an hour to just show the first step. Plus a more engaged and enthusiastic team wouldn't kill. Such a monotone voice, and slow speech…. you're killing me. No wonder it took you 13 years to develop your skills… everything you did in these two hours could've been communicated in 15-20 minutes.

  5. Amazing video, the host is way too apathetic though. You need someone who a) cares about what the guest is talking about and b) can help fill in the silence and make the guest feel more comfortable.

  6. Interesting. Basically these guys look for economy exploits.
    Some of the best kind for sure; in particular if you are trying to make money off the game selling virtual currency.

    The guy whines about how hard it is to find two points to hook, he should try making bots like I do.
    You might have to maintain dozens of offsets, both code and data, each time there is an update.
    And it takes some serious reversing; usually months of work to find them all in the first place.

    Game currency is not going to level your characters (unless there was some odd game mechanic that would).
    And not going to help with framing rare items and materials (unless you can find and buy them off an auction house).

    With just packet monitoring it typically only need two hooks. You have a "send packet" and a "parse packet" function that you need to find.
    Some might have dozens if the code is setup to inline, and or just set up with some kind of C++ instancing paradigm.
    Like he says the static size struct ones are easier, the streaming ones can be difficult.
    Sometimes though it's as easy as just tracing back on the stack to where the packet stream finalizer function is located and then yea you'll have to look at the code to see how the packet is constructed (the fields that compose it).

    For Elder Scrolls Online, I added a feature where I can see items (like chests to loot) and players on the minimap.
    And then I made an auto lock-pick feature. Particularly helpful when you can see where chests are when you're playing.
    A cheap thing is you can even see stealthed players in the PVP zones, but I rarely switched it on as I didn't think it was fair and eventually people would report me for it.
    I've done things like this for at least a half a dozen MMOs, just for myself rarely shared them knowing how easy people leak things.

    It's foolish to think and act that he's the only one doing it. There have been people doing this kind of thing since there ever was an online game.
    There are a lot of us. I do it just for fun, as a hobby.
    It's nothing like getting interested in a game and making your own bot so you can level up as many characters as you want, farm stuff automatically that would take you hours/days to from manually playing, etc. Or just adding features to the game that make it more fun to play, getting rid of some annoyances, etc.
    It can be a hell of a lot of work though..

  7. a hacker telling people not to hack him wtf lol. if you dish it out you should be able to take it as well. live by the gun die by the gun right

  8. I get the angle of theory.
    But regards hacking Routers..
    It was a CUNT manoeuvre to name and show all the warez used…..

LEAVE A REPLY

Please enter your comment!
Please enter your name here