Anyone Play Yahoo Pool???

[hoser2001]

I sometimes have time at work to play some yahoo pool, one day I was playin and apparently I was doing good, because someone accused me of using an "aimer". After some research, i found out that there are many applications available that can be run while playing yahoo pool, that will re-create the table, and provide extra 'cheat' lines that help you make the shots easier. I'm not very familiar with JAVA, but I know that yahoo pool uses it to work. I want to know what steps I would take to make my own yahoo pool aimer. If anyone can offer some guidance that would be great.

[Lop]

From what little I know, Java loads on the client side so everything being executed is local. That means if you get a TCP sniffer you could see all of the actions between players. Not sure how this helps you....

Maybe you could just decompile the Java?

[hoser2001]

I don't need to know anything about what the other players are doing, I'm guessing all I need to do is somehow capture the script and modify it. In Yahoo Pool, when you aim, a line is drawn to the ball you want to hit, them from the ball to (what you hope is) the pocket. The aimer programs merely extend the line from the ball to the pocket, because yahoo only limits it to a few pixels.

[John]

Reverse-engineering compiled software is considered hacking/cracking and should not be discussed in these forums.

[Jordan]

I've always wondered how these hack programs work. If you find the answer let us know.

[v0id]

Yes, the great thing about Java is that it runs on your own computer, and not on the server (like Lop pointed out.) The Java applet is then communicating with the server, and maybe are sending it commands which does stuff, which later is sent to the player you're playing against.

But it isn't as easy as it sounds - they're not stupid, so most applets is using encryption to prevent this kind of cheat. It's going to be a lame job to crack the encryption, if you know nothing about that kind of stuff, but there's another alternative; the applet. It's the applet which is sending the encrypted commands to the server, and receives some as well. That means that the encryption algorithm is in the applet.

If you not are extremely brain-death you can remember that the applet is running at our computer. Yes, our own computer. So we have full access to the applet. The Java applet works somewhat like Javascript does. When the browser sees Javascript, it handles it and executes it. It's the same with Java, but instead of executing it, it sends it to the Java machine, which is communicating with the browser, and executing the Java source. The Java source is fully available, but still not. It's compiled into class files, which only the Java machine can handle. Not good, eh? Then it's good there's something called decompilers (like Lop also pointed out.)

The Java class-files is usually saved in so-called cabinet files (*.cab), which is on the server. F.ex. on Yahoo!'s server. As I said, it's like Javascript, so you're able to download this cabinet file (it's basically just a RAR-compressed file, so it's easy to get its content.) When that is done, you end up with a lot of class files. You've to decompile those, and then you'll end up with a complete Java sourcecode (depends on the quality of the decompiler.)

Now you probably have the ****tiest job in front of you. You've to read through the sourcecode to find the encryption algorithm. But it's sometimes easy to find. When you're playing the game, then there's usually some kind of message, or other stuff that could lead you some where, f.ex. "Loading..." which maybe could lead you to the place where it communicates with the server - which means it encrypts messages and sends them. Then you just have to move backward.

When you've got the encryption algorithm, you can implement it in your own application, or whatever you want to. So let's say you want to make an application which receives and sends messages. You've to connect to the server on the right port (if you have problems finding it, look in the source) and then encrypt the messages and sent them, or decrypt them if you want to receive.

Have in mind that it probably isn't messages like "Do this and that" you're receiving, it could be something like "x 1, 1" which actually meant "Go to position 1 at x-axis and 1 at y-axis." To deal with this problem, you've to look at the sourcecode again. Somewhere you'll found the different messages, and such.

You've to remember one important thing; this is cracking and is illegal. So you've to do this on your own risk. But good luck, if you really want to try.

I think that answered your question as well, Jordan.