I'm not trying to make a bot. I just want to know for educational purposes.<p>For bots and scripts on games like league of legends, you have to be able to intercept packets and send your own. I can't seem to find tutorials on that aspect. I've tried using keywords such as tcpdump and wireshark, but no good results. What are typical ways to read packets from online games and send them back?
There are a number of ways to intercept packets, the one to use really depends on the game you're playing.<p>The simplest method is to check in the game's configuraton files to see if there's a domain/ip for the game to connect to - it can be as simple as modifying a config file to connect locally instead, and have a proxy sat in the middle which connects to the server.<p>Another option is to hook into the game and intercept the data before they even get sent to the socket, modify them in memory. This is usually the preferred option because games will generally encrypt all of their messages and if you can find somewhere to modify them before encryption is performed, it saves you having to reverse engineer the encryption. The downside to this approach is that it needs redoing every time the game binary is updated.<p>One trick on Windows is to provide a fake "ws2_32.dll" in the directory of your game, which exports the whole winsock API and simply wraps calls the original functions - intercepting data where you want.<p>A trickier, but more robust approach on Windows is to implement your own Winsock service provider, which can transparently intercept all winsock traffic. (Search: dark side of winsock).<p>Unless the game sends messages in plain text, you're generally going to need to reverse engineer some of the game client to hook into it, or to figure out the cryptography being used so you can emulate it on a proxy. For that you'll need a debugger (IDA w/HexRays, OllyDbg or WinDbg). Lots of games have protection software which will detect if a debugger is running and are much more difficult to reverse engineer.
Are the games using unencrypted communication channels or else replay attacks would be difficult. Are you sure they aren’t analyzing the game memory, system events, or display in order to respond?