Conquer Resource Wiki

Page 10 of 17

08/15/2010 18:14 CptSky#136

The structures are complete, I think...

Server -> Client

Code:

UInt8[11] -> Junk
Int32 -> Length
Int32 -> Junk Length
UInt8[] -> Junk
Int32 -> ServerIVs Length
UInt8[] -> ServerIVs
Int32 -> ClientIVs Length
UInt8[] -> ClientIVs
Int32 -> P Key Length
Char[] -> P Key
Int32 -> G Key Length
Char[] -> G Key
Int32 -> A Key Length
Char[] -> A Key

Client -> Server

Code:

UInt8[7] -> Junk
Int32 -> Length
Int32 -> Junk Length
UInt8[] -> Junk
Int32 -> B Key Length
Char[] -> B Key

08/15/2010 19:43 fm_sparkart#137

Quote:

Originally Posted by CptSky

The structures are complete, I think...

Server -> Client

Code:

UInt8[11] -> Junk
Int32 -> Length
Int32 -> Junk Length
UInt8[] -> Junk
Int32 -> ServerIVs Length
UInt8[] -> ServerIVs
Int32 -> ClientIVs Length
UInt8[] -> ClientIVs
Int32 -> P Key Length
Char[] -> P Key
Int32 -> G Key Length
Char[] -> G Key
Int32 -> A Key Length
Char[] -> A Key

Client -> Server

Code:

UInt8[7] -> Junk
Int32 -> Length
Int32 -> Junk Length
UInt8[] -> Junk
Int32 -> B Key Length
Char[] -> B Key

Thank you.... It wasn't on the Wiki: [Only registered and activated users can see links. Click Here To Register...]

08/16/2010 08:48 fm_sparkart#138

Okay, so I decrypted the packet and have this:

Code:

1 4e 80 da b5 42 b7 d0 48 a 2c d2 e2 3c 91 79 7a a9 c9 44 5a 9d 11 37 a3 f4 20 b
8 af 63 65 c1 3e ce 6b b3 76 ab b f3 a1 1c 3c 70 4c 7b 94 9e b0 4d 5c dc 8d 54 7
0 56 bb 73 bb 38 2b 8d ad e4 b3 fd b a0 e5 71 b1 1d dd 87 a0 56 86 95 48 ac ae d
5 bf 95 1d e2 36 d3 5f 1d 73 24 4e 8c 6c b7 f3 d8 4d 2b f8 b3 1f 9b 22 72 a e4 9
0 41 a1 a 43 19 48 61 7e 5a c8 77 52 b0 93 71 5b ca 4b 91 48 af 3b a7 dc c 14 1c
 ee df e3 9 97 19 43 ae eb 3c 4d 63 92 dc 41 ee e1 fc e4 c4 b8 5a 8 ad bd de 40
c0 d6 4 af c8 51 dd e9 41 a9 98 12 59 68 e1 75 30 3a ce 27 21 da 7e be 46 f5 9 8
1 ba aa df ea d0 11 da a1 52 15 e1 89 aa c4 5b e9 f2 6c dd 9 3d 82 84 bc 46 2a a
7 c 4f 1 c 25 1f 79 c3 b9 7f da a 96 10 59 9a f1 b0 ee 28 a0 40 16 ab 12 f3 57 d
6 82 33 51 a6 47 cf 57 98 a9 9d f0 de 67 eb 10 2 a6 49 3f 75 46 f2 b0 6d 78 4 1
57 40 2d f8 86 f0 41 f2 4e c d8 33 68 1a be 83 c1 a8 5f e9 8b 8 cd 3c 89 a6 b8 9
a 93 e3 8c 6c c5 4c 50 5e e2 8c 6b 2b b3 e1 c9 24 f6 6f c6 2f 5b a4 b9 e8 88 26
ce 8 d 69 29 c9 46 2a

If I am correct, this is the first junk, right?

Code:

1 4e 80 da b5 42 b7 d0 48 a 2c

Then this is the length:

Code:

d2 e2 3c 91

=> -1858280750 ?

08/16/2010 10:39 Korvacs#139

That packet wasnt decrypted properly.

08/16/2010 10:50 fm_sparkart#140

Quote:

Originally Posted by Korvacs

That packet wasnt decrypted properly.

Code:

7d b2 2b 1 89 e6 53 ed 5c dc f 4d 71 c5 3c fe 9a 5a e7 5b f4 d8 48 4a 7a 89 f1 8
d cf 94 c7 e7 d8 79 8d 63 2 65 3d c1 f0 b8 e5 b2 35 56 f3 12 15 27 0 66 7 d1 d6
2d 97 34 f5 d4 8 a9 8b e5 d4 1d f7 86 44 5f 1d 9c 79 af 8d bc 8b 3a a5 3b e1 31
f3 56 6d 7f d6 a1 80 2a 1 86 1e 28 a0 e3 f1 65 4b 1 bd c6 d2 ac 3c df 37 ad f5 2
1 1d 91 e1 2d 7f 25 4a 93 f0 18 19 24 25 20 6 cd ee b5 76 44 be cf 19 90 2d 1a 9
0 f9 9c 97 b 50 e5 8a 42 61 80 7 80 ac 9d 82 cf f 3e 8e 38 52 bb 10 84 74 1b db
6f 8b b7 aa 50 6c 8b e3 16 c6 28 51 e0 60 36 7c cd c6 92 a8 4e d0 1f df 90 1b 3d
 a8 c1 a1 38 71 61 bd ed e0 19 75 b4 92 9e ed 38 3b 7b 43 52 a6 57 e9 4a fd 39 4
0 89 d0 85 c6 20 8 be 3d fd 0 7 29 d3 3a e6 67 ae 23 d9 d0 f8 bc ed 30 30 72 4d
35 22 d4 cb 59 7b 95 e1 d9 b2 1a fe 5b 7c 62 42 8 da a1 e3 8b 72 3a b5 3a 6c 4e
65 d5 38 f7 75 d8 3c 11 f1 81 ea f 5c 79 43 c6 ca a7 5e c2 d6 51 40 de f5 c9 a3
cc 8f 8e b7 e4 db 27 6d 72 d3 60 d2 1 ae 7a da 85 3d e 4a a6 da a2 ce e6 50 ce 9
3 5a 3e 10 3f

Here's the code responsible for receiving/sending this packet:

Code:

    // Accept incoming client connection.
    if ( proxyGameServer.Accept( gameClient ) == sf::Socket::Done )
    {
        std::cout << "[SYSTEM] - CLIENT CONNECTED TO PROXY (AS GAME SERVER)\n";
        if ( gameServer.Connect( gameIP, gamePort ) == sf::Socket::Done )
        {
            std::cout << "[SYSTEM] -  PROXY CONNECTED TO GAME SERVER AT: " << gameIP << "\n";
            gameServer.Receive( _packet, sizeof( _packet ), _received );
            _crypt.DecryptServerPacket( (unsigned char*)_packet, _received );
            PacketReader p( _packet );
            p.show( _received );
            _crypt.EncryptClientPacket( (unsigned char*)_packet, _received );
            gameClient.Send( _packet, _received );
            gameClient.Receive( _packet, sizeof( _packet ), _received );
            gameServer.Send( _packet, _received );
        }
        break;
    }

Here are the encryption/decryption methods being used:

Code:

    void DecryptServerPacket( unsigned char* packet, unsigned short length )
    {
        for ( unsigned short i = 0; i < length; i++ )
        {
            packet[i] = (BYTE)(_key1[_decryptCounter & 0xFF] ^ packet[i]);
            packet[i] = (BYTE)(_key2[_decryptCounter >> 8] ^ packet[i]);
            packet[i] = (BYTE)((packet[i] >> 4) | (packet[i] << 4));
            packet[i] = (BYTE)(packet[i] ^ 0xAB);
            _decryptCounter++;
        }
    }


    void EncryptClientPacket( unsigned char* packet, unsigned short length )
    {
        for ( unsigned short i = 0; i < length; i++ )
        {
            packet[i] = (BYTE)(packet[i] ^ 0xAB);
            packet[i] = (BYTE)((packet[i] << 4 ) | (packet[i] >> 4));
            packet[i] = (BYTE)(_key2[_encryptCounter >> 8] ^ packet[i]);
            packet[i] = (BYTE)(_key1[_encryptCounter & 0xFF] ^ packet[i]);
            _encryptCounter++;
        }
    }

08/16/2010 11:04 Korvacs#141

You need to use the blowfish decryption methods to decrypt that packet, not the conquer auth decryption.

08/16/2010 11:09 tanelipe#142

The problem with that is that you're using the authentication cryptography still, when you switch over to game server you need to start using blowfish. (Handshake from server is the first packet that uses this) I'll paste the whole code if you want.

PHP Code:


			
new GameCipher("DR654dt34trg4UI6");



GameCipher::GameCipher(char *szInitialKey)

{

    DecryptIV = new unsigned char[8];

    EncryptIV = new unsigned char[8];



    DecryptCounter = EncryptCounter = 0;

    Key = new BF_KEY();

    BF_set_key(Key, 16, reinterpret_cast<unsigned char*>(szInitialKey));

}

    void Encrypt(unsigned char *In, unsigned char *Out, int Length)

    {

        BF_cfb64_encrypt(In, Out, Length, Key, EncryptIV, &EncryptCounter, 1);

    }

    void Decrypt(unsigned char *In, unsigned char *Out, int Length)

    {

        BF_cfb64_encrypt(In, Out, Length, Key, DecryptIV, &DecryptCounter, 0);

    }

08/16/2010 11:13 fm_sparkart#143

Oh, I thought the encryption was the same, as this packet is part of the login routine? Where do I get the key to decrypt this packet?

edit:
Thanks for the info, tanelipe.

But where does this key come from?

08/16/2010 11:23 tanelipe#144

"DR654dt34trg4UI6" is embedded in the client.

08/16/2010 11:26 Korvacs#145

Its the private key which both client and server contain to allow for the creation of the rest of the cryption. You werent going to get very far without it :p

11/09/2010 03:34 pro4never#146

I feel like being generous atm.

Refinery Item info packet

Patch: taken from 5310, assuming it's the same since refinery was added though. Super simple packet for use with refinery stuff. There is an alternate version though which I assume to be dealing with dragon souls which is different lengths. I'll structure it when I'm bored later.

ushort(36, 0)//Length
ushort(2077, 2)//packet type
uint(Item.Location, 4)
uint(Item.UID, 8)
uint(Item.RefineryType, 16)
uint(Item.RefineryLevel, 20)
uint(Item.RefineryEffect, 24)
uint(Item.RefineryTimeRemaining, 28)

<edit>
Confirmed. The length change is when dealing with dragon souls and takes into account the original item id and multiple effects.

Simple packet really.

Show Equipment:
Deals with ACTUAL display of gears on a client after you spawn them to someone

ushort(76, 0)//len
ushort(1009, 2)//type
uint(Client.UID, 4)
uint(46, 8)//not sure... it works when I hard code it though
uint(Equip[1].ID, 32)
uint(equip[2].ID, 36)

Continues in sequence up to 72 for slot 11.

Enjoy! (not that hardly anyone will need/use it)

12/10/2010 04:48 samehvan#147

Quote:

Originally Posted by pro4never

Show Equipment:
Deals with ACTUAL display of gears on a client after you spawn them to someone

ushort(76, 0)//len
ushort(1009, 2)//type
uint(Client.UID, 4)
uint(46, 8)//not sure... it works when I hard code it though
uint(Equip[1].ID, 32)
uint(equip[2].ID, 36)

Continues in sequence up to 72 for slot 11.

Enjoy! (not that hardly anyone will need/use it)

i may confirm that and the 46 is the Packet 1009 subtype
by the way the items wont count as Power Points (sockets,quality nor even gems) until the character receives this packet ,yet the most strange thing is that Towers and Fans are exceptions of that Base dunno why !

the Item Info packet is also changed
Client 5330

Code:

            ushort(68,0);
            ushort(1008,2);
            uint(Item.UID,4);
            uint(Item.ItemID,8);
            uShort(Item.Dura,12);
            uShort(Item.MaxDura,14);
            uShort(1,16);//where to show the item 1=My Item 2=Trade 4=Other's equipments
            uShort(Item.Position,18);
            uint(Item.SocketProgress,20);
            byte(Item.Soc1,24);
            byte(Item.Soc2,25);
            byte(Item.Plus,33);
            byte(Item.Bless,34);
            byte(Item.Free,35);
            byte(Item.Enchant,36);
            bool(Item.Suspecious,44);
            ushort(Item.Locked,46);
            uShort(Item.Color,48);
            uint(Item.CompositionProgress,52);
            byte(Item.ShareWithGuild,56);

there are some values at the missing bytes but i ddn't figure them out yet

(Edit) if anyone has the new Npcs/Monsters database tables i would appreciate it

12/10/2010 05:56 pro4never#148

Quote:
Originally Posted by samehvan
i may confirm that and the 46 is the Packet 1009 subtype
by the way the items wont count as Power Points (sockets,quality nor even gems) until the character receives this packet ,yet the most strange thing is that Towers and Fans are exceptions of that Base dunno why !

the Item Info packet is also changed
Client 5330
Code:
            ushort(68,0);
            ushort(1008,2);
            uint(Item.UID,4);
            uint(Item.ItemID,8);
            uShort(Item.Dura,12);
            uShort(Item.MaxDura,14);
            uShort(1,16);//where to show the item 1=My Item 2=Trade 4=Other's equipments
            uShort(Item.Position,18);
            uint(Item.SocketProgress,20);
            byte(Item.Soc1,24);
            byte(Item.Soc2,25);
            byte(Item.Plus,33);
            byte(Item.Bless,34);
            byte(Item.Free,35);
            byte(Item.Enchant,36);
            bool(Item.Suspecious,44);
            ushort(Item.Locked,46);
            uShort(Item.Color,48);
            uint(Item.CompositionProgress,52);
            byte(Item.ShareWithGuild,56);
there are some values at the missing bytes but i ddn't figure them out yet

(Edit) if anyone has the new Npcs/Monsters database tables i would appreciate it

It's also annoying cause based on the new item packet you also can't use any item skills until that is sent... therefor you can't use it for the disguise items or w/e they are called (lightsaber/fan/wheel/etc). Need to log that packet still lol!

Also... viewing others gear is supposed to be packet type 1108 not 1008... not exactly sure why but it's what I logged off real servers.

Very strange seeing as it does use subtype 4... so that would indicate viewing other's gear... Not quite sure why they have 2 very similarly structured packets using diff types...

12/14/2010 17:24 samehvan#149

The Unknown Packet Type 1134

Note:- That is what i could figure , may be i am not right or missed something so you should test it

it's about Public Quests
the public quests Ids starts with 600 and increases by 1

Client ---> Server

Code:

byte Type =Data[4]

if (Type==3)
The Client asks about it's public quests status

ushort Count=ReadShort(Data,6); // how many quest the client needs to know about
uint StartAt=ReadLong(Data,8); //the first quest Id at the row

so the response should be as follow

Dictionary Or array or whatever store u like saves the Quests Ids and status for this Client starting from requested

Server Handling

Code:

         Dictionary<uint, PublicQuest> ToSend = new Dictionary<uint, PublicQuest>();
         for (uint x = 0; x < Count; x++)
             ToSend.Add(MainServer.PublicQuests[StartAt + x].Id, MainServer.PublicQuests[StartAt + x]);

then send the Packet

Code:

Pcket Lenght ushort (12+(Quests.Count*12))
PAcket Type ushort (1134)
ushort(SubType) //3 = Quests status
ushort(Quests.Count)

foreach Quest
uint (Quest.Id) // 4 bytes
uint (Quest.Status) //4 bytes    2=Avialable  ,, 1= Accepted  ,, 0=Not available (Already Done or not for that level or class)
uint (0) //4 bytes
End foreach

uint (0) // 4 bytes

12/15/2010 18:30 stickray#150

Can somebody tell me the Packet Structure of 1109? Guess this packet handles the Vendor_IDs if you enter the Market no?

Thanks

Page 10 of 17

« First

Last »