How World of Warships was hacked…

Posted on by

Source: http://world-of-ru.livejournal.com/3136620.html

Hello everyone,

if you dabble in reading various internal game files (models and such), you can imagine how useful a full game client can be. You can pull all sorts of things from it, including models, maps and a lot of other interesting stats. In any case, it is pretty undesireable for Wargaming to actually spread the client around.

Today, we’re going to look at how Russians “hacked” the World of Warships (not a hack really, just… well, you’ll see). This was posted by a LJ user the_komp (der_komp in the game).

First, he started thinking: all the Wargaming projects are started via a launcher, so there is no reason for WoWs to be any different. This launcher transmits a special xml file with the client version, checking against the server, whether the client needs an update. All you need to know is the address of the updating server. For WoT, it’s http://update.worldoftanks.ru, for WoWp, it’s http://update.worldofwarplanes.ru/, so for WoWs, it should be http://update.worldofwarships.ru? Not quite.

So, the player started to look for it.

He ran a scanner (specifically, MyLanViewer) and scanned all known IP’s and sub-networks of Wargaming. He took the known IP address of the World of Warships developer blog (185.12.242.181) and scanned the entire IP range from 0 to 255 on it.

Bingo:

image

There are tons of servers running on those IP’s – from magazines to EU test server apparently. The interesting address in this case is 166 – trying to access it (https://185.12.242.166) automatically changes the server address to http://update-v4r4h10x.worldofwarships.ru/ and throws a “Bad Request” error. Which means that there has to be a correct request.

The player then sent a request, using “Advanced REST client for Google Chrome” – target=client&client_ver=unknown

image2

And this was the server’s answer:

image3

Basically, what happened here – he requested a version of the client and in turn recieved the link for client download. Then he changed “target=client&client_ver=unknown” to “target=launcher&launcher_ver=unknown” and recieved the current launcher link.

http://dl.wargaming.net/wows_a/ru/patches/wows_013.000033_launcher_ru.patch

http://dl.wargaming.net/wows_a/ru/patches/1.6_Zmr4nFm30FpeI6f/wows_16.37952_client.patch

http://dl.wargaming.net/wows_a/ru/patches/1.6_Zmr4nFm30FpeI6f/wows_16.37952_client.patch.torrent

The links are no longer working (this was posted yesterday). However, this way, he was able to get his hands on an alpha World of Warships client:

image4

The player then reported this exploit to Wargaming, the developer answer is that they will check it out. As his final statement that I feel is worthy of quoting:

“You know what’s the most interesting part? Wargaming can blame testers, close alpha test in Europe, ban players for leaks, but they can never fix the errors on their part.”

39 thoughts on “How World of Warships was hacked…

  5. This is just an example of a great ‘hacker’: He found a leak and in stead of exploiting it he notified Wargaming so the leak will be fixed. +1 for the effort sir!

    • Well, yeah, anyway, being a hacker can even bring you a stable job of testing security vulnerabilities for example…which is both legal and well payed.

    • There is a name for this type of hacker who will hack companies simply to then post how he hacked them and make it known they have a bug in public for both other hackers and the company to know(As opposed to simply telling only the company, or simply telling other hackers and then exploiting the hack)

      They are grey hat hackers. http://en.wikipedia.org/wiki/Grey_hat

      • There are a few different types of hackers. blackhat/greyhate/whitehat are the most commonly heard of hackers. then there are a subsection of whitehat or greyhat which are called penetration testers, they are working as hackers in a legal manner since they are hired specifically for testing the companies security. while this is similar to the description you gave for the greyhat, the greyhat can still get in a lot of trouble for breaking in uninvited. then there are the commonly referred to script kiddies who are sometimes the most damaging type of hacker as they can just run things that they don’t know about and break a lot more than they intend.

        Of course, you may know all of this, but it may also be of interest to the people reading the comments.

  6. They should just grant him access to the Alpha closed test cause of that. That was pretty neat to report that bug to them and not exploit it!

    • Getting a permission for alpha for this?
      Then 200+ people would be part of the CIA and FBI already by this standard. :D (Most hackers don’t exploit.)

  7. All he found was the client launcher and patches for WoWS. He didn’t gain access to the game. It’s not particularly hard to find the downloadable content, getting into the game takes skill. He would have to hack the access and give himself permission to get into it.

    Hardly reportable even as News.

  10. Looool nice one. And no1 is rly supraised that drunk russian programmers can’t do single thing right. I would laugh my ass off if it turned out that some chinese came up with that before, mined some data and now they will publish their own version of WoWs faster than WG ;p

  11. “You know what’s the most interesting part? Wargaming can blame testers, close alpha test in Europe, ban players for leaks, but they can never fix the errors on their part.”

    -Um, Yes they can, and they do. Most everything in cyber space is able to be exploited in some way, a ‘hacker’ would know that. Only thing you can do is cover those holes as they are found. If sometimes testers happen to be those holes, then so be it.

    Not sure how it is the most “interesting” part, but sounds like a thing a troll with a bone to pick with WG would say. Good on him to report the exploit to them though. Deserves respect for that.