Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I would like to read the League Of Legends chat during a match and log it all to a file.
Though I do not have the slightest idea how to actually connect to the server and read the chat.
Does anyone have a link or an idea how to accomplish this?
Regards
You'll have to do some reverse-engineering, since the game's source code is not available. This is likely illegal based on your local laws.
You'll need to use a tool such as Wireshark to figure out how packets are encoded and what is being sent. You'll likely see text strings some of the time, cluing you in to what is happening. By sorting packets and seeing their frequency when doing certain actions, you may be able to deduce what packets must be sent for authentication, keepalive, and chat, and what packets must be listened for.
You can then build a Java implementation using Socket or DatagramSocket for TCP or UDP, respectively, depending on what the original uses. This is quite a bit of work, however, a a major (and did I say possibly illegal?) undertaking. Even with games where the source is available, redeveloping arcane network protocols is difficult and due to lack of information, will require quite a bit of hardwiring (using byte arrays often) for parts of packets.
Just so you're aware, this is probably illegal and I'm fairly certain they'll close your account for this.
The author of this post, Stack Exchange (inc), Stack Overflow, any affiliated parties, or organizations, will not be held liable for any legal consequences you may face. You may choose to do this at your own risk
Edit: You could try to use Robot and simple OCR or text extraction of some sort. It's still a somewhat questionable activity from the standpoint of game administrators and not too reliable.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I'm trying to develop an app with self-encryption for android.
The idea is following:
app should perform it functions (for example display "Hello world!") but...
the app code stored fully (partially) encrypted, i.e. "all what can be encrypted should be encrypted", so it can not be read by simple disassembling in a right way (i.e. it is literally encrypted (by AES for example) so it is represented to system as a number of random commands/symbols or smth. incorrect).
the "part" of the app should be decrypted before execution;
unused "parts" of the app should be decrypted after usage;
all operations mentioned above should be done by app itself.
So the core idea is self-encryption.
I know what is obfuscation so please don't mention it. The same thing with any side apps. I'm not going to spend all rest of my life in reverse-engineering))). So...
What is the right way to self-encrypt Android (JAVA) code?
How can be implemented the algorithm mentioned above?
Please provide any code snippets if u are able to do such things OR any links/information/articles/pseudocode/ideas
I thing the idea is great and really interesting, plus many people will be glad to know how to protect their apps.
[EDITED]
Thanks #Pace and #JimmyB for custom ClassLoader idea. I'll try to implement it. Also my thanks to #xalo which proposed metamorphic engine concept, I'll dig into this theme because i think it will satisfy my goal to a greater extent.
You shouldn't try to self-encrypt your app, it will add a lot of complexity for not so many protection.
In fact, hacker just have to reverse your decryption routine or to dump memory once the app is running.
Best way to protect against reversing as Java/Android app is obfuscation.
You can also look into remote metamorphic engine concept https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Amro-Abdelgawad-The-Remote-Metamorphic-Engine.pdf
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 7 years ago.
Improve this question
What i am trying to do is an app similar to teamviewer using java.I was thinking to get the Input stream (monitor's) and send it to client so that the other machine can show the screen. I learnt that kernel acts as an interface between hardware and software, and i end up asking about kernel's interaction. can u plz give me the idea so that i can get things done..
Am i doing things wrong??
Please help me out..
You can use a ScheduledExecutorService to perform an action or task after a specific delay (or at a specific time).
This is how you can trigger a thread and therefor the processor to perform instructions at a given time.
I was thinking to get the Input stream (monitor's) and send it to client so that the other machine can show the screen.
For this sort of question is it not to useful to think in terms of what the kernel is actually doing other than to not you can't pass an InputStream from one process to another, let alone one machine to another.
What you can do if establish a socket connection between the two machines and copy the InputStream into the Socket connection. At the other end you will get an InputStream which has all the data the original InputStream has.
I learnt that kernel acts as an interface between hardware and software, and i end up asking about kernel's interaction.
The kernel's role is to control and manage the TCP socket and the network adapter. The JVM interacts with the kernel for you so you don't need to know all the details, in fact you don't need to know the actual system call used which is useful as it can be different on different OSes.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I am confused how simple message protocols work. I understand the basics of a 3 way handshake checksums, and the like, but from an implementation perspective how do I know if what I am reading is what I should be reading?
When I'm programming a thread to read the input stream of a socket, are there any guarantees? Should each message I send have an ID described from the previous message so I know I am receiving them in order? How can I detect when a message is missed (such as the very last message) so that I am not sitting and waiting for a message that will never come (should I just use simple timeouts)?
Tips on what to search would also be helpful!
TCP sockets guarantee that packets come in the right order. If you look at the headers of a TCP packet, you will notice they have a sequence number. If you are re-implementing TCP over UDP, you will need to provide some of these features yourself.
You should not need to detect if a message has been missed (received 1 and 3 but not 2).
Sockets can be closed unexpectedly though. If a computer goes offline then you aren't going to receive any other packets and there is no time for it to send a warning. Ping/Pong message are often used to make sure both ends are still communicating. Timeouts are your other option.
Are you talking protocols such as TCP (a good low level read)?
Or are you building a chat protocol? XMPP might be a good read for you.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
The recent revelations on NSA/GCHQ's snooping operations have been frightening. I believe as developers we have a responsibility to protect our users data. What steps can we take to prevent data theft, using methods like the ones described in this article: http://www.theguardian.com/world/2014/jan/27/nsa-gchq-smartphone-app-angry-birds-personal-data
The Guardian article, while nice, lacks specifics in the attacks. Hence, I would worry less about this specific article and focus more on how generally you can prevent "data theft", as you phrase it.
The #1 thing to do is use SSL for all your Web interactions, such as Web service calls. Use equivalent encryption options for other protocols as appropriate (e.g., TLS for email). This will go a long way towards protecting "data in motion". It is also something that is generally easy to implement. Consider adding in certificate pinning and similar techniques to help defend against man-in-the-middle (MITM) attacks.
Here are four blog posts of mine from last year that go into more about SSL on Android:
http://commonsware.com/blog/2013/03/04/ssl-android-basics.html
http://commonsware.com/blog/2013/03/05/ssl-android-mitm.html
http://commonsware.com/blog/2013/03/06/ssl-android-memorizing-pinning.html
http://commonsware.com/blog/2013/03/07/ssl-android-onionkit.html
(though this material is a bit more up to date in my book)
Equivalent advice is available for the other platforms you cite (I hope).
In terms of "data at rest" (stored on the device), consider offering encryption as an option to the user. As with SSL, the details of the techniques will vary by platform. SQLCipher is a personal favorite, and it is available for most platforms, including the list from your tags. However, there are plenty of other options.
If you do offer encryption, make sure that the user has the option for supplying the passphrase, versus using some hard-coded passphrase or something derived from other on-device data. If the passphrase can be determined without human intervention, it is at risk of being discovered, or at least obtained automatically by an attacker.
Beyond that, I would recommend that you ask questions focused on techniques for a specific platform. "Shotgun" questions like this, with tags for a range of platforms, tend not to fare especially well here on StackOverflow.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I am not sure if this is the correct forum to ask this but i am not sure where to ask either. So here is my question:
what does "deep ping" mean. I tried google but still did not get any information about it. Also who does deep ping mean in web servlet`s context. Thanks.
I'm not sure it's the "official definition" if there is such a thing, but I've head "deep ping" used about functionality that allows you to (in contrast to a regular ping) send a message to the server that passes through as much of the webstack as possible before returning an "ok" response.
As an example, you can make a ping transaction that passes from the network straight down the stack to the database and there does a dummy select to read the ok from a dummy table and return that result. That allows you to (in contrast to a "normal ping" that tests only the network) have confidence that all layers in the application including the database are actually alive.
- Ping is one of the most basic and useful network commands. It sends request to networked computer and waits for response. It’s easy to ping single PC but it’s pain to ping dozens (or even hundreds) of them.
- The process of Pinging the entire Subnet which can have N nos of PCs are known as Deep Ping. Network scanners are usually used to do this....