[Guide] Using edxSilkroadProxy to Create a Simple AutoIt Clientless

Page 2 of 3

09/23/2009 20:02 kealper#16

PLEASE NOTE: unless you updated the opcodes yourself, this clientless is only good for a server status monitor, attempting to log in with it using an unmodified version of the autoit clientless WILL get you a 7-day ban...

BTW thx a ton drew, this definantly saved me a ton of time since you already laid the groundwork, and building each individual part of the whole packet by using different functions, makes adding more features/figuring out packets much easier!

09/23/2009 20:41 pushedx#17

Agreed kealper, good post. Trying to use a CL on ISRO right now is not a good idea simply because they keep on changing the opcodes. It's good for server stats or understanding the concepts, but I definitely do not suggest trying to login with it unless you are 100% sure of the opcodes you are using.

zeldalcl, the edxSilkroadProxy_Lite project was just a little sie project to get some testing into the proxy framework and provide a means of an easy clientless. However, since JM is intent on banning gold bots and illegal 3rd party program users that are opcode based, I won't be updating it all since the real edxSilkroadProxy_Full version contains no version specific features and works with all SRO versions. I only added those to have something 'new' to post because I've posted many proxies before and it would have just been the same thing over and over :)

09/27/2009 04:47 WorldDj#18

Quote:

Originally Posted by pushedx

Agreed kealper, good post. Trying to use a CL on ISRO right now is not a good idea simply because they keep on changing the opcodes. It's good for server stats or understanding the concepts, but I definitely do not suggest trying to login with it unless you are 100% sure of the opcodes you are using.

zeldalcl, the edxSilkroadProxy_Lite project was just a little sie project to get some testing into the proxy framework and provide a means of an easy clientless. However, since JM is intent on banning gold bots and illegal 3rd party program users that are opcode based, I won't be updating it all since the real edxSilkroadProxy_Full version contains no version specific features and works with all SRO versions. I only added those to have something 'new' to post because I've posted many proxies before and it would have just been the same thing over and over :)

I don't think you waste time to play the entire game than coding stuff/making guides for it...this is really what many people should do, otherwise lets waste our time leveling up?

10/26/2009 13:31 virtuos_e#19

It would be nice If some1 can share opcodes for KSRO as Shadowz75 do it for tSRO

Spoiler

11/01/2009 07:04 deadviolence#20

Works?

01/23/2010 10:11 kenan557#21

I've succesfully implemented this guide on the ECSRO VIP server up until after login, however, I don't know what the char listing opcode is nor how to find/reverse/extract it?

Could anybody help me with learning, finding, extracting opcodes? I would greatly appreciate it.

01/24/2010 00:20 Googlemano#22

you can use recyfer's srproxy using the normal client and log the packets as non.binary.

you will get somthing like this.

S>C decrypted
0000 01 00 03 A1 02 01 01 .
C>S
0000 01 00 76 73 01 00 02 // request charlist
S>C
0000 4A 00 76 B3 02 00 // charlist

C>S
0000 0C 00 9C 76 01 00 // loginchar

the opcode is the 3 and 4 bytes as a word

example 0C 00 9C 76 01 00 = OPCODE is 0x769C

recyfer.info

this is the simplest way althoguht not the fastest or better...theres others tools you can use to but you have to find them like the packet analizer.

01/24/2010 07:28 kenan557#23

This just shows how powerful a proxy that handles the security is, I can now login and send messages without problems.

Also, does anybody know a good way of actually parsing the data of the packets after successfully sniffing them (are there any lists of opcodes and packet structures)... it would be nice to compile a database of all the opcodes and their structures and make a wiki or something.

At the moment I know which opcode to use to move my character but I don't know what data to send or the logic behind the packet data... Is there anything in the community that could help me with this?

Many thanks.

01/26/2010 01:00 Googlemano#24

look at this [Only registered and activated users can see links. Click Here To Register...] btw just like that isn't working you have to update some adresses and stuff which i couldn't in the past

the movement packet i haven't fiugure it out yet, but the structure is soemthing like this

01 // something...
0000 // area
0000 // elevation
0000 // x
0000 // y

im not really sure about the elevation x and y i just copy the whole data and use it to move my bots to grinding spot

02/21/2011 05:44 Darkness�#25

how can i get the locale of swsro ?

and if i succes changing the opcodes and the other things this will work in pservers?

someone can help ? i want atleast log on an char with that tool, maybe this help with those chars wich are bugged when you press start then -> dc or client crash.

02/21/2011 18:06 kevin_owner#26

You could try edxSilkroadLoader and add the swsro sro_client.exe to see which locale it has i don't know if it works but you could give it a try:)

so what you would like to do is to create a clientless and login to something like swsro get the character information and parse it to see if there is anything missing or wrong values?

Anyway I hope I helped you a little and good luck:)

02/21/2011 19:32 Darkness�#27

Already tryed, but this give me an error.

[Only registered and activated users can see links. Click Here To Register...]

i just want to test if the clientless is the solution for those bugged accounts/chars.

hehe, thanks anyways. :(

02/22/2011 06:55 lesderid#28

Quote:

Originally Posted by Darkness�

Already tryed, but this give me an error.

[Only registered and activated users can see links. Click Here To Register...]

i just want to test if the clientless is the solution for those bugged accounts/chars.

hehe, thanks anyways. :(

The blowfish key for the SWSRO PK2s is different from the official servers.
Change it in the source of edxSilkroadLoader5, recompile and it'll work.

02/22/2011 20:51 lolkop#29

the locale of allmost all pservers is 4 (old csro client)...
its stored in the divisioninfo.txt

02/23/2011 10:55 jremy#30

Thanks pushedx, still working fine at least for swsro and rsro :) @Darkness, for the opcodes see Shadowz75's post in the 1st page, these are for pservers and rsro too!

Some changes to make it work for swsro (you also have to change all the opcodes, see Shadowz75's post!):

Code:

[b]line 63:[/b]

Global $controlServer = GUICtrlCreateCombo("SWSRO", 80, 80, 121, 20)

[b]line 116:[/b]

AppendByte(4) ; PSRO locale
AppendWord(9) ; length
AppendString("SR_Client") ; identity
AppendDword(1029) ; version

[b]line 589:[/b]

AppendByte(4)

[b]ServerToId function:[/b]

Func ServerToId($server)
	if StringCompare($server, "SWSRO") == 0 Then
		return 1
	Endif
EndFunc

[b]And charlisting:[/b]

case "B007" ; Char listing [TODO: Update each opcode change]
	BeginParse($packetData, Dec($packetSize))
	$operation = Dec(ParseByte())
	if $operation == 2 then ; char listing
		$result = Dec(ParseByte())
		$charCount = Dec(ParseByte())
		AppendStatusText("Found " & $charCount & " characters")
		For $c = 1 to $charCount
			$charType = Dec(ParseDword())
			$charNameLength = Dec(ParseWord())
			$charName = ParseAscii($charNameLength)
			AppendStatusText("Found character: " & $charName)

			GUICtrlSetData($controlCharacter, $charName, 1)

			$charVol = Dec(ParseByte())
			$charLvl = Dec(ParseByte())
			AppendStatusText("Level: " & $charLvl)
			$charExp = Dec(ParseQword())
			$charStr = Dec(ParseWord())
			$charInt = Dec(ParseWord())
			$charAttr = Dec(ParseWord())
			$charHp = Dec(ParseDword())
			$charMp = Dec(ParseDword())
			AppendStatusText("HP/MP: " & $charHp & "/" & $charMp)
			$doDelete = Dec(ParseByte())
			if $doDelete == 1 then
				$charMinsToDel = Dec(ParseDword())
			EndIf
			$unk1 = Dec(ParseWord())

			$itemCount = Dec(ParseByte())
			AppendStatusText("This character has " & $itemCount & " items equipped.")
			For $i = 1 to $itemCount
				$itemId = Dec(ParseDword())
				$itemPlus = Dec(ParseByte())
				AppendStatusText("[" & $itemId & "][+ " & $itemPlus & "]")
			Next

			AppendStatusText("")
		Next
	Endif

And for rsro (1.023):

Code:

[b]line 63:[/b]

Global $controlServer = GUICtrlCreateCombo("Zeus", 80, 80, 121, 20)
GUICtrlSetData(-1, "Venus|Artemis|Ares") ; add other item snd set a new default 

[b]line 116:[/b]

AppendByte(40) ; RSRO locale
AppendWord(9) ; length
AppendString("SR_Client") ; identity
AppendDword(23) ; version

[b]line 589:[/b]

AppendByte(40)

[b]and ServerToId function:[/b]

Func ServerToId($server)
	if StringCompare($server, "Zeus") == 0 Then
		return 220
	Endif
	if StringCompare($server, "Venus") == 0 Then
		return 221
	Endif
	if StringCompare($server, "Artemis") == 0 Then
		return 224
	Endif
	if StringCompare($server, "Ares") == 0 Then
		return 230
	Endif
EndFunc

Page 2 of 3