CO Packet decryption.

ChingChong23 · 11/15/2008, 13:33

Hi, i recently made a Java proxy, I'm wondering if anyone would like to share with me the CO packet encryption/decryption packet structure.

I wouldn't mind it for testing purposes, thanks.

Sorsha · 11/17/2008, 04:55

Umm i cant help you with your packet problem but i wanted to ask you, would you be releasing this in the future?

Sammi

BoboDundo · 11/20/2008, 17:31

What language did you write the proxy in? So you were able to get pass the Open SSL? The packet structure is the easy part once you are pass the Open SSL.

Which packet structure are you looking for? The older version or the newer version. Are you going to be using your proxy on private servers or the actual CO Servers?

iliveoncaffiene · 11/26/2008, 04:23

"the Open SSL", as you call it, is a sign that you don't know what Open SSL is.

You don't get past "the Open SSL", you use OpenSSL encryption algorithms to get past the initial handshake and to decrypt/encrypt all other packets.

Of all the algorithms in OpenSSL, only 2 are needed and both are not OpenSSL specific. Both may be ported to Java (I have done this, so it is possible) and used in a proxy written in java (my proxy and CIDProxy are proof). The 2 algorithms that are used are visible in the disassembled client as strings referencing files in the openssl package (can be found on sourceforge.net).

The implementation of these 2 is not quite straightforward (you need to fit them with the packets TQ uses during the initial handshake).

onpaint · 11/26/2008, 10:48

Quote:

Originally Posted by iliveoncaffiene

"the Open SSL", as you call it, is a sign that you don't know what Open SSL is.

You don't get past "the Open SSL", you use OpenSSL encryption algorithms to get past the initial handshake and to decrypt/encrypt all other packets.

Of all the algorithms in OpenSSL, only 2 are needed and both are not OpenSSL specific. Both may be ported to Java (I have done this, so it is possible) and used in a proxy written in java (my proxy and CIDProxy are proof). The 2 algorithms that are used are visible in the disassembled client as strings referencing files in the openssl package (can be found on sourceforge.net).

The implementation of these 2 is not quite straightforward (you need to fit them with the packets TQ uses during the initial handshake).

what these 2 algorithms are?
could you explain more in detail?

Some-Guy · 11/26/2008, 17:08

Quote:

Originally Posted by onpaint

what these 2 algorithms are?
could you explain more in detail?

He has given you all the information you need to find them....as well as a link to the OpenSSL package, what more detail do you want? short of caff giving the answer out.

ChingChong23 · 11/27/2008, 00:59

Quote:

Originally Posted by iliveoncaffiene

"the Open SSL", as you call it, is a sign that you don't know what Open SSL is.

You don't get past "the Open SSL", you use OpenSSL encryption algorithms to get past the initial handshake and to decrypt/encrypt all other packets.

Of all the algorithms in OpenSSL, only 2 are needed and both are not OpenSSL specific. Both may be ported to Java (I have done this, so it is possible) and used in a proxy written in java (my proxy and CIDProxy are proof). The 2 algorithms that are used are visible in the disassembled client as strings referencing files in the openssl package (can be found on sourceforge.net).

The implementation of these 2 is not quite straightforward (you need to fit them with the packets TQ uses during the initial handshake).

How come you used a program to make it windows executable/native code, could have just obfuscated it and left it as java class files :P

I'll take a look into some OpenSSL wrappers for java, if no port it to java myself, thanks for the co-operation.

onpaint · 11/28/2008, 07:05

i write a simple client to connect to Conquer Game Server,
the server sent first packet to me before i send any data.
is that packet a handshake packet?
why not the client should send the first handshake packet?
and what information in that packet?
how can i decode it?
is there any references or docs i can find in the internet?
Thanks

ChingChong23 · 11/28/2008, 12:57

Quote:

Originally Posted by onpaint

i write a simple client to connect to Conquer Game Server,
the server sent first packet to me before i send any data.
is that packet a handshake packet?
why not the client should send the first handshake packet?
and what information in that packet?
how can i decode it?
is there any references or docs i can find in the internet?
Thanks

Upon connecting is enough to get the server to send data first.

iliveoncaffiene · 12/05/2008, 00:32

you wont find any wrappers for what you need, and the Java implementations that are already out there are inadequate (poorly coded or not exactly like OpenSSL). I copied a good portion of my implementation from the gnu-crypto package for Java. The function you need is a modification of a block cipher algorithm that allows for any number of bytes to be encrypted/decrypted at a time (block ciphers normally require the array to be a multiple of it's block size).
So you may copy the block cipher method from gnu-crypto, then look into OpenSSL and make your own copy of its function.
I really wish I could tell you the function or at least the algorithm, but it's still closed knowledge so I have to help you help yourself :P

ChingChong23 · 12/05/2008, 08:39

k Disassembled the client, half of the strings found are about cryptography, lots of packages/class names i have no idea where to start.

RSA/DSA may possibly be the 2 algorithm's used, looked through gnu.crypto.cipher.* and i have a feeling Anubis is the one you used.

Before i possibly waste a lot of time attempting, is there any more hints you'd like to throw at me

would help.

HishamHHH · 12/07/2008, 00:45

i need it plez