############################
#                  Introduction                 #
############################

This is the the attack replay tool provided by community. There are four file of packets corresponding to four different vulnerabilities of BDS found in network layer.

1. Disconnect bug
This is an old vulnerability and affects BDS 1.14.0-1.18.11, earlier versions may be affected as well.
When these packets are sent to a BDS server, it will crash
It is caused by ServerNetworkHandler::handle(DisconnectPacket), which uses the return value of ServerNetworkHandler::_getServerPlayer directly without checking the null pointer

2. The overflow bug
This bug is caused by ClientCacheBlobStatusPacket::_read (packet deserializer)
More information can be found at https://github.com/nt1dr/CVE-2021-45383

3. Jamming1 & Jamming2 bug
These two bugs are caused by something wrong about PurchaseReceiptPacket (0x5C)
When these packets are sent to a BDS server, the main thread of BDS will jam, and the game logic will freeze. Players may not be kicked out from the server, but they can't play any more.
Bugs like this is more dangerous than crash because they are hard to discover, recognize and fix.

############################
#                  Usage of tool                #
############################
These network packets are caught by Wireshark, and can be replay to any other BDS server by reconstructing data packets.
However, this tool provided is just for debug and you can only send packets to server on you own system.
***This tool only supports Windows system.

# Steps to use
1. Sure that Python 3.7 is prepared on your system
2. Install necessary Python library by command "pip install -r requirements.txt" in command shell
3. Start a BDS server (and attach it with a debugger if necessary)
3. Run "replay.py", and a window will occur to let you choose a .pcap file to send. Choose one of those files provided
4. The console will show a list of Network Adaptors to be sent. Choose the adaptor which is mostly used to test, and press Enter
5. Input the port to be sent. If nothing is input, it will be 19132 as default
6. Press Enter, and attack will start. Check the BDS under attack to get problems found.
7. You can also open these packet files by Wireshark, and check for those Raknet packets recorded. 
These pcap files may also contain some normal packets which is unrelated to vulnerabilities. Only part of these packets can cause problem.