Topic: Did Anyone Do Some Network Sniffing? (Read 109 times)

g0tr3wt23 · « **on:** January 04, 2005, 10:56:00 AM »

QUOTE(Penguin_BE @ Jan 4 2005, 01:08 PM)

Would't building a descent firewall rule or spoof prevent banning ?

Penguin_BE · « **Reply #1 on:** January 04, 2005, 02:54:00 PM »

Anyways...

The xbox wouldn't have to connect to a program, but PASSING a "DMZ" where the specific Live codes in the IP packages are being altered before sending to M$ and vice versa...

@g0tr3wt23: If you don't have a smart answer, then don't answer

exploit · « **Reply #2 on:** January 04, 2005, 06:32:00 PM »

then buy me another xbox penguin. =)

r1v3n · « **Reply #3 on:** January 05, 2005, 02:01:00 PM »

QUOTE(Penguin_BE @ Jan 4 2005, 01:08 PM)

Did anyone already done some network sniffing?

Penguin_BE · « **Reply #4 on:** January 06, 2005, 12:49:00 AM »

just finding someone with good IP knowledge and programming skills, and we might be getting there in fooling M$

Penguin_BE · « **Reply #5 on:** January 06, 2005, 12:57:00 AM »

interesting page....

seems we all have a .net account
[email protected]

Even when not activating xbl

r1v3n · « **Reply #6 on:** January 06, 2005, 09:06:00 AM »

Mike117 · « **Reply #7 on:** January 06, 2005, 02:26:00 PM »

) of the xboxes so they can very easily create this type of protocol to be used client and server side. If anyone could do it, they would be like... uber 1337!

Penguin_BE · « **Reply #8 on:** January 07, 2005, 12:43:00 AM »

From what I found (Can't sniff at the moment, my xbox is banned) it is not encrypted.

Well yes it is, but it's just kerebros authentication.

I'm trying to find out if there are "man in the middle" attacks available for kereberos

If others read this, please try to find info as well.
I feel this will be the only way we can fool xbl servers, and keep on playing xbl

r1v3n · « **Reply #9 on:** January 12, 2005, 11:12:00 AM »

mod7 · « **Reply #10 on:** January 12, 2005, 11:32:00 AM »

This stuff is easy. Research my older posts you may find some of the answers your looking for. Basically programs exist to do the kind of man in the middle attack you guys are thinking about with a "proxy". The hard part is finding out what information to spoof. Such as serial number etc.

A good test if anyone would be willing to do it would be this:

Log all packets from an xbox that has never been on live during it's fist connect. Then log a normal connect after that.

After that turn your modchip on and log into live while sniffing all packets again. We then use a unix box to compare the two traffic streams and find out what has changed.

If you do this test it would help to discover what is different. You will be banned in the process however. I will not go further into the means of changing packets on the fly. If you do not know how to do this then you should not be messing with it anyway.

Author Topic: Did Anyone Do Some Network Sniffing? (Read 109 times)