|
You last visited: Today at 23:37
Advertisement
[C#] Packet Decrypt Algo.
Discussion on [C#] Packet Decrypt Algo. within the Cabal Hacks, Bots, Cheats, Exploits & Macros forum part of the Cabal Online category.
03/23/2008, 19:59
|
#1
|
elite*gold: 0
Join Date: Jun 2006
Posts: 965
Received Thanks: 576
|
[C#] Packet Decrypt Algo.
Not sure if this is used for ever packet yet or just login. I believe it is for every packet because I didn't see a switch, anyways I will be doing a rewrite in C++ later along with C#/C++ of the encrypt algo. (Very tired, been up for 38 hours...). Also it looks very very messy because I just didn't feel like using "unsafe" code.
External link because the key is 65536 bytes and too much for a post :P.
You didn't hear it from me... Expect a clientless bot soon :P.
|
|
|
03/25/2008, 12:55
|
#2
|
elite*gold: 0
Join Date: Mar 2008
Posts: 2
Received Thanks: 0
|
well done. keep it up.
|
|
|
03/25/2008, 14:02
|
#3
|
elite*gold: 0
Join Date: Jul 2007
Posts: 243
Received Thanks: 13
|
sorry for the noob question but wat does this do
|
|
|
03/25/2008, 14:29
|
#4
|
elite*gold: 0
Join Date: Sep 2007
Posts: 32
Received Thanks: 1
|
Oh Baby. A foreseen downfall of cabal within months =]
|
|
|
03/25/2008, 19:17
|
#5
|
elite*gold: 0
Join Date: Jun 2006
Posts: 965
Received Thanks: 576
|
Encryption is done now I am writing out the different packets. I will release all of it later.
|
|
|
03/25/2008, 19:21
|
#6
|
elite*gold: 0
Join Date: Feb 2008
Posts: 59
Received Thanks: 21
|
Quote:
Originally Posted by auggie
sorry for the noob question but wat does this do
|
He decrypted a complex algorithm packet.
|
|
|
03/25/2008, 20:45
|
#7
|
elite*gold: 0
Join Date: Jun 2006
Posts: 965
Received Thanks: 576
|
I think I might start an open source bot. Make an svn for it too.
|
|
|
03/25/2008, 22:49
|
#8
|
elite*gold: 0
Join Date: Feb 2008
Posts: 6
Received Thanks: 6
|
i stil dont know what this does >_> <-------noobsauce
|
|
|
03/26/2008, 06:05
|
#9
|
elite*gold: 0
Join Date: Jan 2008
Posts: 15
Received Thanks: 3
|
Quote:
Originally Posted by Locketej
i stil dont know what this does >_> <-------noobsauce
|
I don't know if I'm exactly right about this but here it goes: The client(or the server) send packets(information) to the server(client?) wich get encrypted somewhere along the way. This encryption prevents the client from sending any packet he wants to to the server. But high6 now says he can decrypt and encrypt the packets and that means you can sen anything you want to the server and with that you can make a bot and stuff
I do not know if this is right. It just cam straight from my head and i basically know nothing about TCP/IP stuff or anythung so can someone please explain this a little more accurately :P
|
|
|
03/26/2008, 07:47
|
#10
|
elite*gold: 0
Join Date: Jan 2006
Posts: 39
Received Thanks: 2
|
lol nice
|
|
|
03/26/2008, 17:37
|
#11
|
elite*gold: 0
Join Date: Mar 2007
Posts: 19
Received Thanks: 8
|
Keep up the good job high6! I'm looking for your next release or svn and of course, I'll be helping you. In most cases, finding the algorithm is the hardest part of a packet bot.
Thanks! =)
|
|
|
03/26/2008, 20:48
|
#12
|
elite*gold: 0
Join Date: Jun 2006
Posts: 965
Received Thanks: 576
|
Encrypt function :P.
Keyss is the 65536 byte key from the decryption in the OP.
Code:
void Encrypt(ref byte[] packet,PacketInfo PI)
{
uint size = (uint)packet.Length;
Array.Resize(ref packet, packet.Length + 4);
if (size < 0x0A)
return;
BitConverter.GetBytes(BitConverter.ToInt32(packet, 0) ^ PI.Key).CopyTo(packet, 0);
uint Key = (BitConverter.ToUInt32(packet, 0) & 0x3FFF) * (uint)PI.Mul;
Key = BitConverter.ToUInt32(Keyss, (int)(Key * 4));
uint t = (size - 8) >> 2; //Shift right 2 = divide by 4
uint t1;
uint i = 8;
while (t > 0)
{
t1 = BitConverter.ToUInt32(packet, (int)i);
t1 = t1 ^ Key;
BitConverter.GetBytes(t1).CopyTo(packet, i);
t1 = (t1 & 0x3FFF) * (uint)PI.Mul;
Key = BitConverter.ToUInt32(Keyss, (int)(t1 * 4));
i += 4;
t--;
}
t1 = Keys2[((size - 8) & 3)];
t1 = ~t1;
uint t2 = t1;
BitConverter.GetBytes((t1 & Key) ^ BitConverter.ToUInt32(packet, (int)i)).CopyTo(packet, i);
Array.Resize(ref packet, packet.Length - 4);
/*
* unused code.
Key = (Key & 0x3FFF) * (uint)PI.Mul;
t1 = (t1 & t2) ^ BitConverter.ToUInt32(Keyss, (int)(Key * 4));
uint t3 = t1;
*/
PI.Step = ((PI.Step + 1) & 0x3FFF);
PI.Key = BitConverter.ToUInt32(Keyss, (int)((PI.Step * PI.Mul) * 4));
}
|
|
|
03/27/2008, 17:37
|
#13
|
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 275
|
edit
this was to lock/krille
/edit
packets are the interface from client -> server -> client
if you lets say talk
you send a packet which is an array of bytes (ie: 1a 2b 3c 4d 5e 6f 07 08 09)
now to prevent hacking and good stuff of the sort, its encrypted
so what is actually sent to the server is more along the lines of (going by the above packet: 9c 7a 7e 8f 3c 32 01 00 00 8c 47 83 0c 0a f7 e2 a7 02 c4 00 00 c2 00)
that is the encryption. the server receives it then decrypts it back into the original packet (1a 2b 3c 4d 5e 6f 07 08 09) and says "ok he said this..." then sends a packet to everyone who saw the message which equally is encrypted by the server then decrypted by the client (magical i swear)
understand that?
anyways something it uses the same encryption/decryption so all you have to do is literally run the decryption routine for receiving packets on the encrypted, sometimes it uses different ones. afaik cabal uses diff ones, which you have to find the point where the packet stats the encryption and then reverse it using that routine, then change then encrypt and send. hacking received packets is kinda silly but it does have some advantages.
|
|
|
03/28/2008, 17:35
|
#14
|
elite*gold: 0
Join Date: Mar 2008
Posts: 2
Received Thanks: 0
|
WoW, Encrypt function, nice.
Currently i playing Cabalsea, not sure the key will work for Cabalsea or not -.~
i trying to make pixel bot using VB, but the xtrap really drive me mad =.=
hook all the API i want to use. The API i want to get the pixel color has been hook, so i try using ReadProcessMemory to get the HP value, but this API also has been hook by xtrap, !@$%!@%% =.=
|
|
|
03/29/2008, 02:48
|
#15
|
elite*gold: 0
Join Date: Jun 2006
Posts: 965
Received Thanks: 576
|
Quote:
Originally Posted by shen27
WoW, Encrypt function, nice.
Currently i playing Cabalsea, not sure the key will work for Cabalsea or not -.~
i trying to make pixel bot using VB, but the xtrap really drive me mad =.=
hook all the API i want to use. The API i want to get the pixel color has been hook, so i try using ReadProcessMemory to get the HP value, but this API also has been hook by xtrap, !@$%!@%% =.=
|
The key is calculated in the exe at runtime so if you want to send me the sea exe I can check if its different.
|
|
|
|
|
Similar Threads
|
Ayuda en algo
07/16/2010 - RF Online - 7 Replies
Hola.
Alguien me podria explicar el Dupe, es que yo me lo sabia ,pero lamentablemente se me olvido por que deje de jugar un tiempo RF
El que pueda muchas gracias n.n
|
*HOT* Packet Encryption - Decrypt/ReEncrypt HowTo
06/07/2008 - CO2 Guides & Templates - 112 Replies
Click for quickjump for english translation:
http://www.elitepvpers.com/forum/index.php?...t=15 &#entry12035
all lvl2 epvp Members quitted playing Conquer Online, so we release our Packet Encryption Guide, I hope it is usefull for all AGH's out there
Urheberrechte und Copyright dieser Guide liegen bei elitepvpers.com
You will not use any information obtained from this guide for malicious purposes.
All information from this guide is for intellectual purposes only, and you are...
|
packet editor mit TEA decrypt ?
08/15/2007 - General Coding - 1 Replies
Servus,
ich such für nen Game in dem die Packets mit TEA verschlüsselt werden nen packet editor, weis einer obs da scho was gibt , oder hat jemand ne idee das "einfach" zu lösen ?
das leichteste was ich mir vorstellen kann die funktion hooken wo das ausgehende packet vom spiel verschlüsselt wird so das man das packet editieren kann bevor es verschlüsselt wird, aber dll injection/function hooking is nich wirklich meine stärke.
Vlt hat ja jemand ideen :)
|
All times are GMT +2. The time now is 23:37.
|
|