GateKeeper - Packet Inspector (ReClass based)

GateKeeper - Packet Inspector (ReClass based) 1.0

Login to enable download
Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat
Gatekeeper usage
================

First things first: Gatekeeper is a tool that requires you to have already put in some ground work. That ground work being: locating where packets are sent and/or received. This could be ws2_32!send/recv, or a function further/prior that has unencrypted packets*.

* There is disabled functionality to write your own decryptor if one chooses, if desired i can reenable it but as it stands i didnt wanna beautify it.

There are two ways to use Gatekeeper, i will explain one way, the second is pretty simple, just involves skipping a few steps.

Once started, you should see something like this: .

At this point, Gatekeeper is waiting for a connection to be made to a pipe that it has created which will receive packet information. In this method, you select a process to inject into by clicking the top left button. The process list is filtered to only show those processes which contain ws2_32.dll, the standard networking binary for windows.

But what is it injecting? A dll of your (potentially) own creation. One that hooks the desired functions and sends them into the pipe.

An example such dll is here:


Creation of the pipe

C++:
    HANDLE hPipe = CreateFileA( R"(\\.\pipe\Gatekeeper)", GENERIC_WRITE, FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, 0 );
    if ( !hPipe )
    {
        // loop and wait..? orrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
        hPipe = CreateFileA( R"(\\.\pipe\Gatekeeper)", GENERIC_WRITE, FILE_SHARE_WRITE, 0, OPEN_EXISTING, 0, 0 );
        Sleep( 1000 );
    }

    printf_s( "hPipe == %p\n", hPipe );

Hook example, thread safe, hopefully lmfao

C++:
HOOK SendHook(registers_x86_t* pRegs)
{
    REF_PARAM(SOCKET, s, pRegs, 0);
    REF_PARAM(char*, buf, pRegs, 1);
    REF_PARAM(int, len, pRegs, 2);
    REF_PARAM(int, flags, pRegs, 3);

    AddSend( s, len, buf, flags );
}

void AddSend(SOCKET s, int length, char* dat, int flags)
{
    EnterCriticalSection(&send_critical);
    send_vec.push_back(new send_struct(s, length, dat, flags));
    LeaveCriticalSection(&send_critical);
}

Can do a constant loop in another thread, or you can send them one by one as they appear in your hook function, who cares.

C++:
   while (true)
    {
        if (send_vec.size() > 0)
        {
            EnterCriticalSection(&send_critical);

            size_t stSize = send_vec.size();
            for ( size_t i = 0; i < stSize; ++i)
            {
                auto send_st = send_vec[i]; // not using send_vec.at REEE
                // TODO: Stick dick in blender
                //  Also write the data in the send struct to a pipe.

                //PRT|S/R|TIME|SIZE|DATA for now.
                auto time = GetTickCount( );
                auto size = send_st->len;

                char *writeBuffer = new char [ size + 0x200 ]; // nice stack u got there.
                memset( writeBuffer, 0, size + 0x200 );

                CSADDR_INFO sockInfo;
                int addrSize = sizeof( SOCKADDR_STORAGE ); // fuck you microFUCK
                auto var = getsockopt( send_st->s, SOL_SOCKET, SO_BSP_STATE, ( char* )&sockInfo, &addrSize );
                if ( var != 0 )
                {
                    printf( "Send BSP == %X\n", WSAGetLastError() );
                }

                sockaddr_in * sockAddr = nullptr;
                if ( sockInfo.RemoteAddr.lpSockaddr )
                    sockAddr = ( sockaddr_in* )sockInfo.RemoteAddr.lpSockaddr;// why do they have 2 structs for the same thing smh.

                auto port = sockAddr ? ntohs( sockAddr->sin_port ) : 0;

                if ( port != 80 && port != 443 )
                {
                    sprintf_s( writeBuffer, size + 0x200, "%d|%u|%d|%d|", port, 0, time, size ); // copy bytes to the endddddddddd
                    memcpy( writeBuffer + strlen( writeBuffer ), send_st->data, size ); // good?

                    WriteFile( hPipe, writeBuffer, size + 0x200, 0, 0 );
                }
                delete writeBuffer;
            }

            send_vec.clear();

            LeaveCriticalSection(&send_critical);
        }
By the way, in the WriteFile, send is 0, recv is 1.

Gatekeeper will attempt to inject any dll named "heimdall_x64" or "heimdall_x86".dll found in its own directory.

After injection, the main window will populate, like so:
Currently, there is no way to save packet captures, and there likely wont ever be because im lazy.
Anyways, you can then see (if you sent it properly) the time it was sent, port, size, etc.

If you double click, you get met with this garbage screen:
Its bad, dont use it, i dont use it, im just too lazy to remove it. But if you click open in PClass, you get a beautiful screen instead!:
Here you can do things similarly to ReClass. The buttons up top stand for Byte, Word, Dword, Float, and heX (to revert your fucked up judgement to the default for that line)

Theres a dump class button which will dump your changes with appropriate padding as a C style struct, i dont remember if it works though. Try it out. You can also change the numbers youre reading from little endian to big endian, cause networks are annoying like that.

Example of modified shit:
Exact same thing, swapped to big endian:
And if you double click another packet in the main window, it adds another tab, like so:
Oh. Also you can rename tabs and variables by double clicking. They'll change color and shit. You have to press ENTER once youre done otherwise itll keep listening for key presses.

And as an aside, here's what the default variable namings look like if you dont change them:
Checkout our huge guide on packets
Guide - Game Hacking Using Packets ? Start Here

And checkout the MapleStory hack made using this tool
Guide - The basics of Packets. Case study: MapleStory
Source Code - MapleStory Packet Hack & NGS Bypass
Author
mambda
Downloads
159
Views
2,030
First release
Last update
Rating
0.00 star(s) 0 ratings
Community Mods League of Legends Accounts