NosTale Research

08/10/2008 11:59 Cholik#1

Well I'm doing some research on this game.
I'll post my status here as soon as I'll find something new.

---------------
NosTale
---------------

Packet Encryption : Ok there are different encryptions. The one used for the recv-stream (packets from server) was just cracked by me lolz. Although as soon as you get ingame the whole encryption changes.

Quote:

Originally Posted by Packet Encryption Recv-Stream (login,char-procedure)

byte packet[];
byte bl;

for(int i = 0; i < packet.Length; i++)
{
bl = packet[i] - 0x0F;

if((bl - 0x0A) >= 0)
{
i++; //or break ??
}
else
{
packet[i] = bl;
}

}

Anti-Hack Protection : nProtect GameGuard, found some references to Xtrap-Stuff in the executable...
Anyway ... GG seems not to be activated.

08/10/2008 23:45 Cholik#2

Easy Bot

1. Run NosTale
2. Start WPE and select the NosTale process
3. Goto View -> Options and deselect Recv and RecvFrom so that you only get the Packets that are sent
4. Start record and run once ingame, so that you know which is the run packet.
5. Now choose a Monster, start record, attack it and find the attack packet ... if you know whats the Walk-packet its easy to determine whats the attack packet.
6. Rightclick the Attackpacket and add it to the send-list, also choose "Set send list with this socket id"
7. Do that in an area where not much ppl run around, do it with 3~4 Monsters
8. Change to the sendlist (where the filters are, the tab at the bottom)
9. Hit Start and have fun

08/11/2008 01:53 jacktheherrer#3

Quote:

Originally Posted by al_j

Easy Bot

1. Run NosTale
2. Start WPE and select the NosTale process
3. Goto View -> Options and deselect Recv and RecvFrom so that you only get the Packets that are sent
4. Start record and run once ingame, so that you know which is the run packet.
5. Now choose a Monster, start record, attack it and find the attack packet ... if you know whats the Walk-packet its easy to determine whats the attack packet.
6. Rightclick the Attackpacket and add it to the send-list, also choose "Set send list with this socket id"
7. Do that in an area where not much ppl run around, do it with 3~4 Monsters
8. Change to the sendlist (where the filters are, the tab at the bottom)
9. Hit Start and have fun

what does this exactly do ? i know wpe good from wow but i get no clue from that set send list... i guess its faster attack but i am going to test it tomorrow.

ok i tried it but i have to chose the enemy manually, so it has no botfunction to me. it did not increase the attack speed too, so what is it ?

08/11/2008 14:02 silkbotter#4

wpe records the pakes that say "hey. i'm attacking the monster with id:XXXX"
if you attack severals monsters, and put all the attack pakets in the list, wpe will send all attack pakets to the server...
and you will be attacking those monsters all the time.

08/11/2008 14:26 antrix99#5

emmm kann mir einer sagen was er damit sagen will ich kann leider kein englisch

08/11/2008 14:57 jacktheherrer#6

Quote:

Originally Posted by silkbotter

wpe records the pakes that say "hey. i'm attacking the monster with id:XXXX"
if you attack severals monsters, and put all the attack pakets in the list, wpe will send all attack pakets to the server...
and you will be attacking those monsters all the time.

^^ das ist schon klar... bei mir haut er einfach nur in die luft nachdem die monster tod sind... ist das das ziel oder was ? denke mal nicht

08/11/2008 16:41 Cholik#7

Well you should use the same spot ... like you go somewhere and record the attack packets just for the monsters you see on the screen. You can't attack monsters which are too far away. And when they respawn, wpe will attack them again, since the MonsterID doesn't change. Thats how i've done 25 levels while watching tv.

08/11/2008 21:31 silkbotter#8

they will be at xyour range sooner or later...

german:
wenn ihr mehrere monster angreift, und alle pakete in die send-liste schickt, dann wird wpe diese ganzen pakete immer wieder zum server schicken, und ihr werdet diese monster immer angreifen. nat�rlich nur wenn sie in euer n�he sind, aber fr�her oder sp�ter sind sie wieder in eurer n�he ;)
und de monster-id ist die gleiche sobald das monster wieder erneut erscheint.

08/11/2008 21:45 Cholik#9

Ok I just cracked the first part of the packet encryption (see first post). The encryption used for the recv-Stream ( packets which are sent from server to client ) is cracked ... working on the other one...

08/12/2008 12:15 antrix99#10

k�nnte man das denn nicht mit nen bogensch�tzen machen ich mein das sind dann 100te pfeile und damit kann man so einig highlvl mobs killn oder???

08/12/2008 16:35 Cholik#11

What do you mean ? Well it's just like a normal bot. But in my opinion current Bots are too stupid ... they run around and also try to attack stuff like npcs (at least the lastest i tested). So i thought ... why not staying at the same spot and killing the same mobs. Well it's kinda farming for me... since i use spots where not much players are around... Of course you can use it for every class and every kind of attack.

08/12/2008 21:50 jacktheherrer#12

Quote:

Originally Posted by al_j

What do you mean ? Well it's just like a normal bot. But in my opinion current Bots are too stupid ... they run around and also try to attack stuff like npcs (at least the lastest i tested). So i thought ... why not staying at the same spot and killing the same mobs. Well it's kinda farming for me... since i use spots where not much players are around... Of course you can use it for every class and every kind of attack.

ah ok now i get your point ^^ but i think those usal bots work out for the most people, and none of the tested bots attacked npcs for me dunno. but i am going to try some shit with wpe in a while when i have better items and possibilities to get some dupe shit or attack id change, dunno maybe its possible, for other similar games it worked ot too.

12/16/2008 19:11 Rofltimmy#13

*hust* do you sure that in the archive is no virus?
O.o