As the Internet is becoming more and more widepsread, online computer games are gaining more and more popularity. These computer games usually employ proprietary message formats to exchange information among the server and the players, rarely performing any sanity or security checks on the messages, assuming that all participants can be trusted. This, in theory, enables an attacker to:

a) run a modified server to exploit vulnerabilities in the game client;

b) send specially crafted messages to crash or exploit vulnerabilities in the server and the other clients.

The task of the student is to choose an online game, understand its networking functions and message handling, then design and implement a proxy application that can:

a) passively monitor and log all messages that are sent and received;

b) inject messages to the message stream;

c) delete messages from the message stream;

d) alter messages that are sent and received.

Using this proxy, find potential vulnerabilities in the game client, and optionally in the server (if the source code is available). Propose a solution to detect and protect the server and/or the clients from malformed packets.