This tutorial is a little bit old, but it dosn't update until today, so it works perfectly, here we go:
First of all, your Anti-Virus will probably recognise WPE as a Trojan, but it isn't really one, it just uses similar things as a Trojan.
Now, the main 6 things about WPE are:
Attaching WPE Pro
These are the 6 things I will be explaining in this tutorial
Attaching WPE Pro:
To get started, you need to attach your WPE to the program you'd like to hack.
To attach WPE to a program you need to have both WPE and the program running ofcourse.
As an example I will be using Dark Eden, to use some old screenshots I already had.
Now, to attach WPE to the program press the "Target Program"-button (marked with 1). After clicking it a window will pop up, and in that window you search for the program you'd like to attach to and highlight it (as in 2). Now press "Open" (marked with 3) and you'll have attached WPE to the program!
To sniff for packets going in and out a program, you need to attach to the program and press the play button in the Trace Control (upper box with the meters in it). If you press the button WPE will start sniffing packets and will keep doing that untill either you press the red stop button or the buffer is maxed. (To adjust your max. buffer go to View>Option and change the number in the Buffer area to what you'd like to be the max. buffer)
When WPE stops recording a window will pop up containing all the sniffed packets. It will show the number of the packet, the first 50 double digits and the translation of those 50 digits and if it's either Send, Sendto, Received or ReceivedFrom.
Send means the packet started in your computer, Received means it came from somewhere else.
If you want your WPE pro to only snif for a certain type of packet go to View>Option and tag/untag the corresponding boxes in the Winsock Functions part. (In example, if you want to snif only for Send packets, untag Received, ReceivedFrom and SendTo)
If you want to start sending packets, you need to know how to add packets to your sending list. There are 3 possible ways: Making a new packet(as marked with 2), Loading a saved packetlist or getting one out of your sniffed packets list.
I won't explain how to make completely new packets, because beginning hackers won't have any use with it, and Loading a saved packetlist will be explained later on.
To get one out of your sniffed packet list you need to double click it in the window that poped up after sniffing for packets. Note: Received packets are often not good for sending.
If you added one to your list you will see "New Packet" in your send list.
If you do not see it it could either be because you didn't add it well, or you're still on your filter list. To go to your send list just press the Send tab (marked with 1).
To start sending the packets you need to tag the boxes ([ ] > [X]) of those you'd like to send, and then press the play button in the Actions Console (bottom part with the Send and Filter list in it). A new window will pop up. Here you can fill in how many times you'd like to send the packets, and at what speed. You can also chose between Open Socket and New Socket, I won't explain New socket so just stick to Open socket.
if you use open socket, you'll have to make sure the propper port is filled in. To make sure you've filled in the propper port, just right click on one of the packets in the Sniffed packets list and select "Set Send list with this socket id". You only have to do this only once per time you attach to a program.
When all is in order in the Send Settings Window, you press the play button and WPE will start sending packets. To stop sending packets, click the red stop button in the Actions Console.
To edit a packet you need to have it in your send list.
Double click the packet and a new window will pop up with all the information about the packet. In there you can read all the information there is about the packet and not only the first 50 double digits.
Things there are to change:
a. double digits
b. translation of the digits
a. Just higlight one of the digits and press the key you want to change it with. Note: this will automaticly generate the new translation aswel.
b. Just highlight the part you want to change, and change it. Note: this will also change the digits accordingly, but they might change in the wrong ones.
c. The name your packet has in your send list, no biggy, only makes it easier to differ one packet from another.
d. Changes to this number will change the amount of double digits you have in your packet. Increasing it will add a couple of 00 digits, and decreasing will remove a couple of the last double digits.
I can't tell you in what you should change the digits when changing them, because every game uses his own coding his packets.
First of all go to the Filter list by pressing the Filter tab in the Actions Console.
There you'll see a list of empty filters. To add new filters you have 2 possible ways: making one yourself or loading a saved one(I'll explain this in the next chapter).
Making your own filter is easy. Double click one of the filters in the list and a Filter Edit window will pop up.
1. The name your filter will have in the filter list.
2. To which type of packets the filter will be aplied to.
3. What type of filter you want. I'll explain the normal filter first.
4. Tag this box ([ ] > [X]) if you only want the filter to stop these packets from coming in, and not edit them.
5. Search: The double digits the filter will search for. Modify: Into what the filter will change the found packet's double digits.
6. Number of times it will apply the modification.
7.Advanced Filter option, will be explained later on.
To make a normal filter, just fill in after SEARCH the double digits it needs to look for manually or copy paste it from the packet window in the send list. Then fill in after MODIFY what those digits need to change in.
You can also make the filter only change Send or Received packets by tagging/untagging the coresponding boxes.
Advanced filters are for the little bit more advanced hackers, but aren't that hard really.
This will be the window when you select "the beginning of the packet". Modifications will now start from the point in the packet where the matching double digits were found.
Now you can also adjust the max. length in the packet the filter will search in. Just tag the box and fill in the number, no biggy.
You can also make the filter change one or 2 double digits in the found packet instead of the whole found packet.
This is the window you get when "from the position of the chain found" is selected.
Here you can modify digits that came before the chain you were looking for, and not only after or in. Nothing else changes really.
Ok, now you know how to make filters. To run filters, just select them and press the little "On" button. The filter list will turn gray, and you won't be able to edit the filters anymore, but they will be active. To stop using the filters just hit the little "On" button again.
To save a packetlist just press the little floppy disk (marked with 1), fill in the name for your list (marked with 2) and press the "Save" button(marked with 3).
If saved properly you will see a file in the directory with the name of your list and a .spt ending (like the one marked with 4).
To load a packetlist press the folder button(marked with 1), chose the propper file(as for example the file marked with 2) and press "Open"(marked with 3). The list will show up under the current list in your Send list.
Same as in packetlists, but then when you're looking at the Filters Tab.
Note: you can also create a password protected save with filters.
That's all for the tutorial guys, if you enjoyed reading it, or/and found errors in it, feel free to post or send me a PM.
WPE Indetectable, by christoff:
Tutorial Packets - Sniffing and Analysis, by Dwar:
Translation Site, translates Text into HEX and HEX into Text, incase you want to make your own packets etc...
ASCII Character Set
Written by Monks.
Edited by Shinky.