Packet Sniffing

Hello!

I was trying to follow some guides on FGO packet sniffing but it seems like they are out of date?
All of the data I am getting with Wireshark seems to be encrypted…
Is it not possible to use wireshark to figure out info about the stage you are on? (drops, etc)

Back in 2015 a guide was made on how to do this:

But apparently, at least for iOS, application security was increased in 2016 with something called “Application Transport Security”. I am not super sure what this entails, but it seems like all of the transmissions are encrypted now.
Does anyone who is more versed in this subject matter know anything about this? Is this actually the case, or am I missing something?

Never heard of packet sniffing before. I skimmed the guide… I’d say it would be easier to either just set up FGA to farm for you and walk away or wait for the engine updates to implement a cut the battle loading times down.

1 Like

Seeing as how this is from 2015 back during JP Launch, I figure they probably updated it to the point where people couldn’t do this anymore.

1 Like

@ArcanaApocalypse
Ahhh, yeah that makes sense.
Thanks for the feedback.

@Mysty
Lol, yeah that’d be sweet, but as far as I know there is no way to do auto-farming on iPhones :fgo_seiba:
I’m not actually interested in doing what the guide I posted is designed for, I just wanted to play around with packet sniffing to see if I could find the instant-death values for enemies in a wave.
(Although, those values seem to be listed online such as on the wikia pages for fgo)
It was more an intellectual curiosity than anything else :stuck_out_tongue:

1 Like

Just a word of warning: despite what the article says, companies generally don’t approve of users intercepting their games’ data packets, and even if they aren’t encrypted, it could be considered “deconstruction” of the game files, which violates the TOS. I can’t speak for FGO, but I have heard of people getting banned for such activities in other online games. There may not be any practical cheating possible with this sort of thing, but it’s the kind of information gathering hackers engage in to figure out exploits and such, so it’s not always considered harmless.

Just saying, be wary. Curiosity is fine, but it’s probably lot worth risking your account over.

2 Likes

I googled a little bit about this app transport security, and it seems you’re out of luck.

key points
Apps can only connect to servers using the TLS 1.2 protocol
Apps can only connect to servers providing strong ciphers. - Strong ciphers are described as AES128+ and SHA2
Apps must connect to servers using perfect forward secrecy (PFS).

In short: yes the packets are encrypted, at least the game data portion sections should be.
and you’re out of luck trying to break AES128/SHA2
App Transport Security appears to just be iOS’s name for the mobile app version of TLS.

that being said though, it’s entirely possible you can glean some information, though i doubt anything pertaining to ingame data will be available.
@Lexi

2 Likes

You’re getting gabbled data because of SSL encryption, so you need to install a SSL certificate for your sniffer for it to work. An example of how to do it for Charles:

https://www.charlesproxy.com/documentation/using-charles/ssl-certificates/

iOS is relatively easier to packet sniff than Android. Anything above Android N (7.1+) SSL Certificate won’t work at all, because it’s controlled at the apk level, so you’ll need to use an emulator with older Android version.

You need

  1. Proxy software
  2. Android Emulator
  3. Proxy the wifi connection on the emulator
  4. Install SSL Cert
1 Like