Hacking server-sided money on SAMP.

[JizzInMyPants]

So, I've been reading posts here and there, overall doing some research if this is actually possible. I have a question about this and would like to start getting some answers whether than not is this something that can work. ((This is exclusively oriented for CBCNR server))
The main question is:
*Would packet editing actually work? If so, how is it doable*

 

[0xf0rd]

It would work if you can use the packets you capture in some kind of exploit so when you edit the packet then replay it, it would use that exploit you found to get money. Also SAMP packets are encrypted so it will be hard to decrypt it then edit it then resend it unless someone had found a way to decrypt the packets and shared it.

 

[JizzInMyPants]

We could record packets during the money mission using WPE Pro, but decrypting it and changing the value eh..

 

[0x_]

What kind of shit are you guys talking...
Serverside IS SERVERSIDE (Server)side (the "Server") is the Keyword, these value's are saved in the server's ram and probably some account database (for restoring).
Theres not transmission of these values neither a way of changing serverside variables...

The only possible way is using the C+P Logic of many SA:MP Scripters (max integer etc).

 

[JizzInMyPants]

Can you be kind enough to explain the "C+P Logic". Basic stuff like what that is, how it works..

 

[0xf0rd]

What kind of shit are you guys talking...
Serverside IS SERVERSIDE (Server)side (the "Server") is the Keyword, these value's are saved in the server's ram and probably some account database (for restoring).
Theres not transmission of these values neither a way of changing serverside variables...

The only possible way is using the C+P Logic of many SA:MP Scripters (max integer etc).

As I said you would have to use an exploit, you can't modify server side values. Please delete your last line. "The only possible way ...". We don't want people to know about it.

 

[0xf0rd]

Can you be kind enough to explain the "C+P Logic". Basic stuff like what that is, how it works..

By C+P Logic he meant you would have to go through the script of the server's gamemode and find a hole to be able to exploit it.

 

[JizzInMyPants]

So you basically have to get the script handed by one of the scripters.  :table_flip:

 

[BBB]

here some possible exploits, but probably you won't find them on any decent server:
- "decrement negative value"
- integer overflow
- server trusts your client-side money value, when (increment) decrement

 

[0xf0rd]

here some possible exploits, but probably you won't find them on any decent server:
- "decrement negative value"
- integer overflow
- server trusts your client-side money value, when (increment) decrement

Why the hell would you reveal that.

 

[springfield]

Why the hell would you reveal that.

Because it's not 2011 anymore.

 

[|]_ReT1neX_[|]

Why the hell would you reveal that.

And because of your signature

"I believe everything should be open to the public"

:trollface:

 

[0xf0rd]

_ReT1neX_[| link=topic=11444.msg65649#msg65649 date=1418025769]
And because of your signature

"I believe everything should be open to the public"

:trollface:

Lol ok then. But let's leave it for others to find their own exploits to use the methods you mentioned

 

[UlcrFsker]

Lol ok then. But let's leave it for others to find their own exploits to use the methods you mentioned

what the fuck is wrong with you?
you talk like a pro all known hacker but the fact is you are fucking idiot.
get the fuck out of here.

:angry: :fuck_yea: :youdontsay:

#User has been warned for this Post.

 

[|]_ReT1neX_[|]

what the fuck is wrong with you?
you talk like a pro all known hacker but the fact is you are fucking idiot.
get the fuck out of here.

:angry: :fuck_yea: :youdontsay:

:surprised:    :motherofgod_

:face_palm:

 

[JizzInMyPants]

As a nawb, I am completely lost.  :stoned:
What are these values you mentioned and how do you edit them?
"- "decrement negative value"
- integer overflow
- server trusts your client-side money value, when (increment) decrement"

 

[0x_]

You should have enough information todo something with it, go ahead and try and fail and then win.

 

[JizzInMyPants]

I don't even know where to start!  :imoverit:

 

[monday]

"- "decrement negative value"
For example, if the server has no condition for negative numbers then you can use something like "/pay -99999" and it will give you money.

- integer overflow
I have no idea

- server trusts your client-side money value, when (increment) decrement"
If it happens on some server and you have your money value changed by a cleo, cheat engine or any other mod then the server will save the money you set for yourself

 

[0xf0rd]

what the fuck is wrong with you?
you talk like a pro all known hacker but the fact is you are fucking idiot.
get the fuck out of here.

:angry: :fuck_yea: :youdontsay:

#User has been warned for this Post.

What? Have I insulted you any where? If I did then I am really sorry. What I love about this community is that everyone respects others so I apologize if I did something wrong toward you. But please let me know I have done wrong before you call me names.