[Question] Sending data

Page 2 of 3 1 2 3
02/25/2013 20:22 bloodx#16
Code:
//Account
Type: 0x00 Format: Ud - Restore Char
Type: 0x01 Format: ? - HS
Type: 0x02 Format: Uss - Login
Type: 0x03 Format: ? - HS
Type: 0x04 Format: Usbwwwwwbb - CharGen
Type: 0x05 Format: Ud - Ping
Type: 0x07 Format: Ud - Delete Char
Type: 0x08 Format: dddddbb - Connect
Type: 0x09 Format: Ubd - Check Version
Type: 0x0a Format: Uddd - LoadPlayer
Type: 0x75 Format: Ubs - 2nd Pass

//Char
Type: 0x0a Format: Uddd - GameStart
Type: 0x0c Format: Ubdd - Attack
Type: 0x0d Format: Ubbd - Attack with Skill
Type: 0x0e Format: Us - Chat

Type: 0x10 Format: Ub - Relog
Type: 0x11 Format: Ubbb - Move
Type: 0x12 Format: Ubbb - MoveStop
Type: 0x13 Format: Ud - Talk To NPC
Type: 0x14 Format: Ud - Merchant Get Tax
Type: 0x15 Format: Um - Merchant Buy
Type: 0x16 Format: Um - Merchant Sell
Type: 0x17 Format: Udd - DropItem
Type: 0x18 Format: U - Quit Game
Type: 0x19 Format: Um - Trade insert item

Type: 0x1b Format: Ub - Stat Up
Type: 0x1c Format: Ub - Rest
Type: 0x1d Format: Uddd - Pick Item
Type: 0x1e Format: Ud - Use Item
Type: 0x1f Format: Ud - Request Trade

Type: 0x20 Format: Ubd - OnAskTrade
Type: 0x21 Format: U - Cancel Trade
Type: 0x22 Format: U - Revive

Type: 0x27 Format: Ub - SkillUp
Type: 0x28 Format: Ubd - Skill (Prep Ani)
Type: 0x29 Format: Ud - Request Party
Type: 0x2a Format: Ubd - Party Onask
Type: 0x2b Format: ... - guild {...}
Type: 0x2c Format: U - Party Leave
Type: 0x2d Format: d - Party kick
Type: 0x2e Format: Um - StorageKeeper CheckIn
Type: 0x2f Format: Um - StorageKeeper CheckOut

Type: 0x30 Format: Ud - NPC-Reply
Type: 0x31 Format: U - Storage Keeper Show Invent

Type: 0x33 Format: Ubd - Statue Save
Type: 0x34 Format: Udd - Pimp
Type: 0x35 Format: bddd - Player Shop AddItem

Type: 0x38 Format: Udb - Ani (Dance)
Type: 0x39 Format: U - Trade confirm

Type: 0x3a Format: Ud - Destroy Item
Type: 0x3b Format: Ub - Friendlist
Type: 0x3c Format: Ud - PutOn Item
Type: 0x3d Format: Ud - PutOff Item
Type: 0x3e Format: Ub - Cancel PlayerShop
Type: 0x3f Format: U - CancelFishing



Type: 0x40 Format: bd - Check Playershop Shop
Type: 0x41 Format: Um - Buy Playershop

Type: 0x47 Format: U - Request AssaList
Type: 0x48 Format: Ud - Request Duel
Type: 0x49 Format: Ubd - Duel OnAsk

Type: 0x4d Format: Ub - Student (open Window)

Type: 0x4f Format: Ub - ? beim login

Type: 0x51 Format: Ubd - Blacksmith
Type: 0x52 Format: Um - FL Parcel

Type: 0x54 Format: Ud - Treasure Box

Type: 0x57 Format: Udbb - Teleport (fisher?)

Type: 0x9d Format: Ub - Triangular Battle
02/25/2013 20:39 iszoPL#17
Thanks. I love you xDD I'd try to check it myself after decrypting send packets but it's huge help for me ;) I guess encrypt table can be also used to decrypt packets. I know it's a stupid question but it's better to ask if i'm not sure xD heh I just started cryptography at this semester so i will know more when it ends ^^
02/25/2013 20:48 bloodx#18
DecryptTable != EncryptTable :P

in some Games / Applications sure, but here are 2 different used.
02/25/2013 20:51 iszoPL#19
hmm so i have to find decrypt table in order to decrypt packets right and decrypt function. Or just use encrypt function in reversed order?
02/25/2013 21:02 bloodx#20
u also can use the engine crypt function like I did with SendPacket ;) hehe

or u just use BakaBugs released stuff hehe I think his Decrypt and Encrypt Table is still the same like now.
02/25/2013 21:08 iszoPL#21
But this function u gave is encrypt. I didn't yet tried to reverse it. I guess it takes buffer and some other stuff to do it. I guess it would be easier to find their decrypt function and just use it. hmm but when it will be used ;p Somewhere before receiving? or in send also?
02/25/2013 21:21 bloodx#22
u can see Decrypt Function @ recv :P
02/25/2013 21:52 iszoPL#23
I'm guessing that

00484E80 is Decrypt func and at 007412E0 is DecryptTable right? ;) Now i have to guess what parameters they are taking ^^
02/25/2013 21:56 bloodx#24
same like bakabugs function I think :p
02/25/2013 23:17 meak1#25
use bakabugs source, update crypt/decrypt table(changed 1 time long time ago), use pointer for AESkey or dumb it.
02/25/2013 23:36 iszoPL#26
There is alot to reverse ;p I guess it's not a job for today. It seems like alot of work for me since I am new at reversing ^^ and baka source's are complicated for me. Specially that I've never had to deal with cryptography ;) I don't even really know what for is this DecryptTable function xD I'm guessing it decrypts header and size seperately and rest of packet is decrypted by AESPacketDecrypt but who knows xD
02/25/2013 23:47 meak1#27
u didnt need to know, just copy it ;d

thought sooner too, dat bakabug is a boss on coding but later i found all in IDA, he just copied all out from IDA ;\

Edit: Gogo, if ur fast enough we can handle the HS d;
i just look sometimes into it, got the first HS packet i guess
02/25/2013 23:50 iszoPL#28
heh most of his stuff is generated by IDA as i see ;) Now i'm tracing call of decrypt func so i can find this stupid eas key xD I already have decrypttable. xor key also changed? Oh, and HS is too difficult for me xDD Maybe someday. For now it is not a problem since i'm able to work even with hs on.
02/26/2013 00:27 meak1#29
y u have time E;
Xor not changed.
02/26/2013 14:37 iszoPL#30
I'm trying to reverse this shit and it's so annoying ;p I can't find anywhere in near calls any trace of AES key. I thought that recv packet are not crypted and as it turns out they are ;p

There are some func i was able to find. Any hints where to look next?

[Only registered and activated users can see links. Click Here To Register...]

Encrypt is used both by send and recvEngine but there is this this func that is using it and i have no idea what is it for. 5A0000
Page 2 of 3 1 2 3