What makes an application not go through the proxy? And then it clicked with me - not every application respects proxy settings. I opened up mitmproxy on a macOS machine, then installed its root certificate on my Windows box and started routing traffic through it, which led me to the exact same result I saw with Fiddler - some Xbox Live service calls, but nothing Halo-specific that would interest me. What gives? If this is just HTTPS traffic, why do I not see it in Fiddler with a root certificate ready? I was thinking that maybe Halo is doing something funky behind the scenes to detect Fiddler or a different certificate and route around that somehow, but that seemed like a stretch. I could very clearly see that there was, in fact, a request happening to - it even used http-over-tls as the protocol. Unlike Fiddler, Wireshark does not create a proxy and instead taps directly into the network stack, which allows me to track all outbound traffic. To confirm or deny my assumption, I fired up Wireshark. Is the Halo Infinite service sending data over UDP sockets, that doesn’t get captured by Fiddler? That seemed suspicious, especially considering the fact that I knew there were requests happening. No matter what options I’d choose in the game, no outbound requests were going out. There were quite a few that were going to Xbox services, even a WebSocket connection was opened for the lobby service, and then - absolute silence. With Fiddler running, and the root certificate installed (this will allow me to analyze encrypted HTTPS traffic), I launched Halo Infinite on the desktop and started watching network requests. Most applications respect the system proxy settings and make sure to send their traffic through it when it’s present. For folks that don’t know how Fiddler works, the gist of it is that it creates a local proxy on your Windows computer that all traffic passes through before going out to your router. I installed Halo through the Xbox app (thank you Game Pass), fired up Fiddler, and was good to go - or so I thought. Surprise, surprise - nothing more special than that. Luckily, because Halo is also on PC that means that I can use the same standard toolkit I always use - Fiddler, mitmproxy, and Wireshark. If you’ve ever tried doing traffic analysis from an Xbox, you’ll know that it’s a pretty tedious and complicated process, so that was way too much overhead for what I wanted to do here. I could either analyze the traffic from the Xbox or the PC game. Given that this is all network-based (stats are stored somewhere and are requested dynamically), the clear next step is traffic analysis. Which means that now I need to figure out how to get them out of the game. If there is a way to show that data in the game, surely there is a way to do that outside the game too? It very well may be that 343 Industries just hasn’t prioritized that work just yet but I am impatient - I want my game stats now. The game, on the other hand, has all the stats captured and shown in an easily-consumable format - both on PC and Xbox. The question about stats in Halo Infinite is interesting, because both Halo Waypoint website and the mobile application do not have that information at all. NET wrapper for the API that makes endpoint interaction a bit easier.Īs with most of my reverse engineering stories, this one starts with “ Hmm… I wonder if I can get this data anyway?” I mentioned this in my previous blog post that I just finished the Halo Infinite campaign, and the next step was multiplayer, which also meant that I wanted to keep track of my stats to see just how bad I am playing against real people and aimbots. You can read more about the authentication process to get started with the API endpoints right away. This post is part of a series about the Halo Infinite Web API.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |