Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Game is not giving packages

Richard | Last updated: Jul 24, 2018 05:55PM UTC

Hi so the game I’m testing is called “Marvel Contest of Champions “ and I’m trying to sniff the packets but I’m getting only a few packets, I want all the packets to be intercepted. A person has done this before(but can’t be contacted anymore) and said set a transparent proxy with the id_proxy of the domain url. So my question is how do I do this? I read the guide on invisible proxy but I’m confused. How do I know if the game is a Thick Client? Can anyone test this application? Or help me identify if it is a Thick Client? Cheers.

Liam, PortSwigger Agent | Last updated: Jul 25, 2018 09:16AM UTC

Richard, it may be that Marvel CoC does not obey proxy settings. What I suggest you do is set up a laptop as a wireless access point, and connect the phone to the access point. Run Wireshark on the laptop and open the application. This will show the network traffic, which you can analyse to work out what's going on. Please let us know if you need any further assistance.

Burp User | Last updated: Jul 25, 2018 12:42PM UTC

I have done that already! And the game does obey proxy settings but I don’t know how to set up invisible proxy for it! When I edit the hosts file with the server domain and my IP address and set a invisible proxy with Burp Suite the game doesn’t give me any packets, it just says “error connection” so how do I fix this??

Liam, PortSwigger Agent | Last updated: Jul 25, 2018 01:25PM UTC

I assume you have followed a process similar to this tutorial: - https://support.portswigger.net/customer/portal/articles/2899081-using-burp-s-invisible-proxy-settings-to-test-a-non-proxy-aware-thick-client-application Would it be possible to send a screenshot of the error message? (support@portswigger.net)

Burp User | Last updated: Jul 25, 2018 07:26PM UTC

Hey there, I’m getting this error: https://imgur.com/a/yVCRc0J The game does not load at all, and I can’t intercept the packets with invisible proxy, however when I do normal proxy I do get some packets but not all the communication with the server. I want these packets: https://imgur.com/a/v8uOBAp But instead I’m getting these packets: https://imgur.com/a/svnAp8T I basically want to catch all the communication with the server and gain access to all the packets the client sends to the server, and what the server sends to the client. Like,every time you do a battle, a fight packet is sent to detect for cheating, and server login is established with details. I hope you can help me.

PortSwigger Agent | Last updated: Jul 26, 2018 01:09PM UTC

Hi Richard, Thanks for following up. How did you determine that the game obeys proxy settings? If this is the case, when you use WireShark, you should only see packets with the destination of the proxy server. In this case, you do NOT need an invisible proxy; you should use the standard Burp proxy. It may be that this game use certificate pinning, which makes it much harder to intercept. You may be able to do this, but it will require considerable fiddling. Burp does not provide a point and click solution to this. There's some information here: - https://blog.netspi.com/four-ways-bypass-android-ssl-verification-certificate-pinning/ It may actually be that the game only uses pinning for some requests, which is why you're capturing some traffic but not all of it. This game sounds quite a difficult app to test. You would to well to try intercepting a simple app first to build up experience and work up to this. Please let us know if you need any further assistance.

Burp User | Last updated: Jul 26, 2018 02:24PM UTC

A user who did this before said to change https to http in asset with server url Would that potentially gain me all the packets? Cause https is for secure and May be locked and secure packets and then if you could translate https to http you could remove the locked and secure function and gain access to all packets?

PortSwigger Agent | Last updated: Jul 26, 2018 02:28PM UTC

Hi, That sounds like a good approach. I can't say for certain that it will work but it's definitely worth trying.

Burp User | Last updated: Aug 03, 2018 04:18PM UTC

It is impossible to sniff the packets of the game or decrypt them in the new v19.1 Update. Kabam have patched it:( it is more secure, and no longer lets you sniff packets without developer key:(

Ben, PortSwigger Agent | Last updated: Aug 06, 2018 01:12PM UTC

Hi Benjamin, Are you trying to capture the packets of a particular game? Have you read the following page in order to setup an invisible proxy for non-proxy aware thick applications: https://support.portswigger.net/customer/portal/articles/2899081-using-burp-s-invisible-proxy-settings-to-test-a-non-proxy-aware-thick-client-application

Burp User | Last updated: Jan 12, 2020 10:43PM UTC