Conquer Proxy's; How do they work?

Quote:

Originally Posted by DeathByMoogles okay so 08 00 27 1A 56 AC B2 C1 Open calc put in A172 in hex mode switch to dec and i get 41330 that right? if it is, what can i do with that info?

naww

1A 27

Each byte is its own unique value. You reverse the bytes, not the internal values (it's like saying I have 100 and 12. You have 112 not 211)

here's an example packet.

*Note* Doing this from memory so I may have my values wrong.

Client>server General data

25 00 1A 27 3D 9A 1B 00 2D 01 B4 00 00 00 00 00
65 1B DB 0E 89 00 00 00 2E 01 C0 00 33 04 00 00
FF FF FF FF 00 54 51 43 6C 69 65 6E 74

00 25 (or just 25) is packet length in hex. (37 in dec) + 8 = number of bytes. The 8 bytes are for the seal (TQClient or TQServer)
1A 27 is packet type (10010 in dec cause 271A)
3D 9A 1B 00 Character ID (1808957)
2D 01 X Coord
B4 00 Y Coord

4 byte break

4 byte time stamp (easy to find, log lots of the same packet and see what value keeps changing)

2E 01 Other X
C0 00 Other Y (in jump there is a from and a to x/y... I forget which is which seeing as I'm doing this from memory)

89 00 00 00 = subtype (137 is jump) (calling it a DWord simply because it's simpler than shifting 3 bytes after reading it)

33 04 00 00 Map


After that there is some FF'd values which afaik are not used. It's different in the returned server>client packets though so basically just follow guidelines from the packets you log.


54 51 43 6C 69 65 6E 74 Server seal (convert to string to get what it says.) TQClient in this case meaning it's going Client>Server. The seal says where the packet is coming FROM. This is VERY important. Seal with what you need or else you get dc'd.

Note: the way to convert to string fyi is Encoding.ASCII.GetString(bytes) iirc


There's a very basic breakdown of a very common, current(ish) packet. using that + a packet reader/writer you should be able to create your own packets to send to either client or server to create the desired action (jump in this case. Also works for correct coords/flash step if sending to client)


<edit>

You asked what you do with the info once you have it. See what I did where I interpret the values I pull from the packet? I guess and test different uses for chunks of bytes and figure out what they are used for. Packets are always structured the same! (although it changes between some patches) so once you know what the X'th byte represents in one general data packet (type 10010) then you know what it represents in ALL general data packets. Once you know what all (or most) of the bytes represent then you can create them all on your own using custom values to create actions such as a bot that jumps around by sending packets to the server with custom x/y info... or reading incoming packets to determine what monsters are near you.

Quote:

Originally Posted by pro4never naww 1A 27 Each byte is its own unique value. You reverse the bytes, not the internal values (it's like saying I have 100 and 12. You have 112 not 211) here's an example packet. *Note* Doing this from memory so I may have my values wrong. Client>server General data 25 00 1A 27 3D 9A 1B 00 2D 01 B4 00 00 00 00 00 65 1B DB 0E 89 00 00 00 2E 01 C0 00 33 04 00 00 FF FF FF FF 00 54 51 43 6C 69 65 6E 74 00 25 (or just 25) is packet length in hex. (37 in dec) + 8 = number of bytes. The 8 bytes are for the seal (TQClient or TQServer) 1A 27 is packet type (10010 in dec cause 271A) 3D 9A 1B 00 Character ID (1808957) 2D 01 X Coord B4 00 Y Coord 4 byte break 4 byte time stamp (easy to find, log lots of the same packet and see what value keeps changing) 2E 01 Other X C0 00 Other Y (in jump there is a from and a to x/y... I forget which is which seeing as I'm doing this from memory) 89 00 00 00 = subtype (137 is jump) (calling it a DWord simply because it's simpler than shifting 3 bytes after reading it) 33 04 00 00 Map After that there is some FF'd values which afaik are not used. It's different in the returned server>client packets though so basically just follow guidelines from the packets you log. 54 51 43 6C 69 65 6E 74 Server seal (convert to string to get what it says.) TQClient in this case meaning it's going Client>Server. The seal says where the packet is coming FROM. This is VERY important. Seal with what you need or else you get dc'd. Note: the way to convert to string fyi is Encoding.ASCII.GetString(bytes) iirc There's a very basic breakdown of a very common, current(ish) packet. using that + a packet reader/writer you should be able to create your own packets to send to either client or server to create the desired action (jump in this case. Also works for correct coords/flash step if sending to client) <edit> You asked what you do with the info once you have it. See what I did where I interpret the values I pull from the packet? I guess and test different uses for chunks of bytes and figure out what they are used for. Packets are always structured the same! (although it changes between some patches) so once you know what the X'th byte represents in one general data packet (type 10010) then you know what it represents in ALL general data packets. Once you know what all (or most) of the bytes represent then you can create them all on your own using custom values to create actions such as a bot that jumps around by sending packets to the server with custom x/y info... or reading incoming packets to determine what monsters are near you.

Okay, that makes a little more sense, but what I dont understand is decrypting the packets.

Any info that a complete noob could understand?
:D

wait, does VB has a function for converting the packets into strings?

There are full decryption routines posted in a number of sources and on the packet wiki. For the login sequence you use login encryption and normal game server stage you use game server encryption (blowfish)

remember the encryption is reversed with direction.... so it's best to setup in your decrypt function a bool controlling which direction the packet is going