IntPe9 0.5.0 – all purpuse sniffer included



I just release IntPe9 0.5.0. Proud on the release, i am! But I would love to have some more feedback from users and increase its user base. So spread the word and this packet editor/sniffer. It has now a core “General winsock” that will sniff all packets send by as good as all windows processes. So try it and see for yourself!!

Download link for IntPe9 0.5.0

IntPe9 0.5.0:
– Two new cores
– IntPe9 now can only run one instance
– Proxy dll system
– Small bug fixes

– First proxy dll that is able to sniff com packets for Stollmann NFCStack+Eva R04

– General winsock sniffer core
– Sniffs send/recv/WSASend/WSARecv/WSASendTo/WSARecvFrom
– Places hooks with IAT by default
– If IAT hooks fails uses inline hooks (tested on windows seven x64)

Remember it is open source so you can write your own cores. If there are any issues with this release please post them here.



BoxBilling custom licence server




Because they using ionCube and a license on a remote server i just had to hack it (mainly because of there encrypted php files)

So here you go a mini tutorial for setting up a custom BoxBilling license server

Read the rest of this entry »

[Recruiting] People to work on LoL server emulator



The guy who motivated me to start the project HeroWars dissapeared. So i’m searching for people to do tiny parts on HeroWars to keep me motivated. (Big parts are ofcourse even more welcome).

Little details:
Game: League of Legends
Goal: Full game server sandbox
Opensource repo:
Tool for packet analyse: (Also packet editing capability’s look at the python interpreter extensions)
Language: C++

So if you like to write wiki entry’s, do packet research, code some C++, design some images, make a standalone good forum or have any other thing you can provide or help.

Send me a mail and go to work!
You can also find me lurking in (Ping me as only then the screen goes active)

I’m hoping forward to meet you!


League of Legends uses enet 1.2



So thanks to Jiwan ( i knew that LoL used enet, so i downloaded the latest version and start making a proxy and doing shit, but there was something off from the enet header….

So at first i thought they where using some custom mods to enet lib, and after 1 day searching it struck me that enet got different version, and YES LoL uses enet 1.2 protocol (compatible with enet 1.2.5)

Stay tuned for more updates to packet-lol (, IntPe9, and perhaps a sandbox…


The Sims 3 general patcher



So i thought well why not make a quick patcher for everyone to use.


If you like it please say thanks 😉


The Sims 3 No-DVD patches



So today my GF wanted to play The Sims 3. Well you can not say no of course. So i downloaded everything and installed it, but I wasent able to find a no-dvd patch for 1.24.3 so i just made one myself. (well looked at changes from previous no-dvd patches so credits to those makers)

So find the address with the AoB then do that address + offset and change that byte to EB. Do that for TS3W.exe and for TSLHost.dll and happy playing. Should work with most versions if not all.

	33 c0 81 c4 ?? ?? ?? ?? c3 8B 84 24 ?? ?? ?? ?? 50 8D 4c

	2 Offsets:
	+20 (32 dec) EB (BYTE)
	+3E (62 dec) EB (BYTE)
C3 CC CC CC CC CC 53 56 8B 74 24 ?? 33 DB 3B F3 ?? ?? A1 ?? ?? ?? ?? 50 56

2 Offsets:
+10 (16 dec) EB (BYTE)
+70 (112 dec) EB (BYTE)


A epic way to find memory leaks!



So i’ve been developing a self store kind of app with a big db behind it to keep track of everything (logistic and money wise)

So after a lot of hours writing stuff I started to see that a did not clean up tidy…. I saw a few new statements w/o deletes…. omg! Looking at the mem usage i was like WUTTEFUCK! Its as leak as a net.

I went to search through the code but well, it was rather large already. I then sought what geniuses had thought up for solutions. And yes, I think this is some epic solution so go check it out!


Stupid headers!



So i’ve been trying to figure this out and well, its not that simple. BUT HEY! That makes it good!

So the the decrypting is coming along nicely. So with that all my notes i have i published in a pastebin. Ofcourse there is a lot of stuff not done yet, i’m having a lot of troubles with the different header sizes, and the main header type flag, or something……

O well its a lot of fun. If you need help with decrypting the packets contact me 😉 i can provide you with some code examples if needed.

O YA!, 1 more important point. It seems that the packets are in big endian form!


League of Legends (LOL!)



Well, i’ve been playing this game for quite some time now, and i’m really enjoying it. But o well the hacker in me always comes snooping around. So here are some facts (some better proven then others)


  • Uses blowfish ECB for send/recv
  • Uses WSARecvFrom & WSASendTo
  • The key for that game session is given to the game client thought command line by the launcher process
  • The key is base64 encoded
  • Still not sure what they do with the (packetLenght-headerSize) % 8, i’m thinking of some custom simpel xoring, but no idea yet for that part.

I’m currently trying to derive what the different headers for the recv packets means, its quit a hassle but i think i’m starting to see the pattern. You have 2 different types, a multi packet header (32 bytes) and a solo packet header (14 bytes)

Well while i’m making this, i’m upping my IntPe9 packet editor, and its getting awesome. Currently it works through:

  • Boost IPC (message que)
  • Qt GUI client
  • Skeleton hooking system for a per target app

Well i keep you informed about progress on these 2 projects.


Qt gui inside a dll



Well i really did my best to avoid Qt. Why? i really do not know that. But a few days back i had some real issues with VCL from Borland and i had enough. I wanted to have GUI’s from any compiler. So my search began. I stumbled many many many times across Qt and every time i ignored it. So i did found something which had a very good design (eGUI++) but it required boost. (And also that i tried to avoid, Why? i still do not know).

So i decided o what the hell lets set up boost in a correct solid way. It worked just fine and it was very easy to setup. But then i thought by myself can i not setup Qt in a way i  dont have much hassle about includes libs etc etc etc. And so i did. In not to much time i had a sexy running Qt GUI application. And then i was changed. I do support Qt now!

Anyways, back to the point. I like finding exploits etc. So i decided well lets make a dll from that Qt GUI. So changed some settings and WinMain injected it in a process. and it froze. I was already tired (i had to stand up at 01:45 AM to bring some people to some party’s but i couldn’t sleep after that anymore so i was broken)

Once again i decided fock this, lets debug it. So i started tracing around in Olly and then i noticed it was breaking on “CoCreateInstance” so some more googling and there you go:

And when i red that i was like. O god, doho! So i added some simple threading from where the QtApp and QtGui are created and it works like a charm.

So if you want sexy GUI’s inside a injected dll remember to start a thread from where you will create the QtApp!