So my idea was.. There is a program that require login to be able to use(the pro

Question

So my idea was.. There is a program that require login to be able to use(the program should work offline aswell not requiring any online data), so i want to make that program to be able to run offline aswell, so what i did is i captured the packets (with wireshark) that moved to the program while logging in, next i tried to replay (with bittwist and colasoft packet player) those packets in offline while trying to log in in the program with that i tried to fake log in, but it not seems to work, the program doesn't receive or accept those packets. What's wrong with my idea or method or how should i do this?

Explanation / Answer

Is the connection encrypted? If it is, then probably they also use some kind of replay protection. This means that there's not much you can do. Maybe if it's HTTPS you could forge a certificate and add to the root certificates on your PC. I saw this being done to defeat need-to-stay-online games.

If not, you could look at the information on the packets and write a simple authentication server with python (or something similar). Just look at the patterns and reply something meaningful. This is more guaranteed to work than simply replaying packets and it's not really difficult.

Forgot to mention: To make the application send packages to your local server and not the online server, you could edit the HOSTS filename in Windows.

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.