Help with Packet Encryption?

04/15/2009 04:31 the_destroyer#1
can someone help with these packets? im completely lost lol.i typed in A,B,ABC aand recorded the 3 packets

A

2C 35 52 66 BF 66 15 E1 2C 3A D6 AD E3 29 82 A9 BC C5 EE F5 90 A9 1A 71 0C CD 06 3D FC 3A F6 5C A7 A1 4C 30 63 CD 03 AE 12 A6 20 88 1E C0 E8 95 19 F3 3D A7 42 3A 09 22

B

A7 9E F9 6D D4 5D 9E 6A F7 81 0D D6 B8 22 D9 52 57 8E E5 9E 9B 92 31 9A 97 F6 DD 46 A7 11 ED A7 6C 8A E7 7B 08 F6 48 65 09 EE C8 80 76 78 00 1D 81 8B 85 BF 79 F2 D1 BA

ABC

0D D6 91 65 3C 85 B6 E2 8F D9 55 2E A0 EA A1 2A FF C6 4D 96 B3 6A 19 12 0F CE 25 5E 5F D9 35 3F 04 42 4F 73 20 2E A0 ED B1 36 90 B8 6E B0 38 A5 69 43 ED B5 92 08 FA 32 AF 2E

the only thing ive seen in common is the 4th set(or w/e its called) all of them start with 6 so that could be the packet type but anyone who knows more then me id appreciate some help(this is my first time trying to break a packet encryption)
04/15/2009 14:44 Adroxxx#2
[Only registered and activated users can see links. Click Here To Register...]

[Only registered and activated users can see links. Click Here To Register...]

Read this Tutorials. Could help you.
04/15/2009 23:24 the_destroyer#3
yea i read those and any other guides i could find but the packets repeat almost nothing and the few things they do repeat dont seem to mean anything like for example in every walking packet the 2nd bit is the same in every byte except for the 11th and 13th but it changes like if i record 3 walking packets they would be like this

E1 2B D8 D3 3B 12 3A 6C 08 41 C7 64 3D 2F 91 B4

F1 FB A8 03 2B E2 CA DC 38 11 36 D4 4D FF 01 E4

C1 8B 38 73 5B B2 5A 0C 28 21 A1 04 C5 8F B1 54

then i can wait a few minutes,record and take 3 steps again and it looks like this

FA B0 03 C8 E0 89 E1 37 13 1A 18 3F C2 B4 8A EF

EA E0 B3 98 F0 B9 51 C7 E3 4A AB CF 22 E4 1A BF

1A D0 23 28 C0 E9 C1 97 F3 BA 3A 9F 72 D4 6A 4F
04/15/2009 23:31 Adroxxx#4
Then hook the send() function and you see the packets decrypted.
04/16/2009 01:52 the_destroyer#5
Quote:
Originally Posted by Adroxxx View Post
Then hook the send() function and you see the packets decrypted.
i really hate sounding stupid but how do i do that?i dont really know much about coding and this is the first time ive tried to edit packets so yea...ive read about hooking the send function and sending the packet back to the client or something but no idea how i would do it lol
04/16/2009 01:58 Adroxxx#6
Quote:
Originally Posted by the_destroyer View Post
i really hate sounding stupid but how do i do that?i dont really know much about coding and this is the first time ive tried to edit packets so yea...ive read about hooking the send function and sending the packet back to the client or something but no idea how i would do it lol
are you kidding me?

i thought you've read the tutorials i posted...
[Only registered and activated users can see links. Click Here To Register...]
04/16/2009 02:04 the_destroyer#7
i have read them.i didnt see anything about the send function but ill look through it again
04/16/2009 02:06 Adroxxx#8
Tracing the Code ....

Quote:
[....]
So now Run the game, and attach olly to it. Our goal now is to back-trace from the Winsock Send() function, and hopefully find some interesting routines to work with.
Once we successfully have done that, we type “bp send” in the olly command bar.
Now in Water Margin type anything…We quickly break inside the call to send().

[....]
04/16/2009 02:12 the_destroyer#9
yea i think i read it when i was really tired lol.ill see if i can find anything doing that thanks
04/16/2009 03:18 the_destroyer#10
yea i cant seem to figure it out like i said ive never done this before think you could explain a little more indepth? if its not to much trouble