Well when i started this project, i used Wireshard and WPK Pro but after many tries these program seems to be useless for me atm. Or im much noob to use them the right way. So i made my own Proxy Program under VB in order to read In-Out packets and to be able to inject them. I made a nice inject mechanism so you are able to inject all or a specific packet size and a specific byte of any packet.
A working hack example:
When we click to walk in rappelz Client sends a <Packet Size:15 Bytes> to server
Your avatar do not move until the server's response that is a <packet with 27 bytes> size.
[[THIS IS A WORKING HACK:If you Inject the Incoming <27 Bytes Packet> the 16th byte by +1]] you get a Super High walking speed ,always depending on encryption code, sometimes you may get a Super Low speed.The good news is that your new position is not fake, its validated by server..
i used a level 1 character to reach (TOA Dungeon :Betrayal Boss) with this way. NO TRAINS NO DEATHS. All locations accessible easily.. Now what i can understand from this cheat is that the packet is not scrambled or if its scrambled it has the same scrambling algorithm because this hack working always with 16th byte.This sounds good, but still we are far away from our target.
Anyway its not so importand hack(at least for me), back to work now.
To decode a packet randomly (bad news now ^^) you have to increase the 15th byte of all the <30 Bytes Size> incoming packets by +1. Sometimes depending on encryption code, this inject confuses the client and makes client not to execute the incoming command but to add it into chat box and ofc DECODED
. That was the way that i captured some Rappelz Messages. This is not enough, we need a way to decode EVERYTHING. So while we play we study the C-S language and at the same time we making our EMU or Server or whatever you want to name it...
...Later i will add here an example of a encrypted packets and the Decoded state of the same packet so i leave my hopes on a good coder that can use it to make the algo that nflavor used to encrypt the packets...
Here is the example:
32 Bytes Packet as String
:PPOS|-2147482893|124254|136719|
The same 32 Bytes Packet as Bytes
58 80 80 79 83 124 45 50 49 52 55 52 56 50 56 57 51 124 49 50 52 50 53 52 124 49
51 54 55 49 57 124