Metin2 Handshake Packets?

06/28/2014 13:28 falchonn#1
Hello guys i want to make a clientless metin2 bot.So i dediced to start from somewhere.

I can pass first handshake packet but im stucking in handshake mid packet.

Example:

-> (Server sends)
-< (Client sends)

-> ff 50 fa 5c 0f 06 3e 33 05 64 00 00 00

<- ff 50 fa 5c 0f ce 3e 33 05 00 00 00 00

06 3e 64
ce 3e 00

-> ff 50 fa 5c 0f b2 3f 33 05 72 00 00 00

<- ff 50 fa 5c 0f 96 40 33 05 00 00 00 00

b2 3f 72
96 40 00

Server sends handshake mid packet and client does something to 5. and 6. index of array then sends again.I couldn't solve this problem.Thanks for anyway
06/28/2014 16:22 Mi4uric3#2
Quote:
Originally Posted by falchonn View Post
Hello guys i want to make a clientless metin2 bot.So i dediced to start from somewhere.

I can pass first handshake packet but im stucking in handshake mid packet.

Example:

-> (Server sends)
-< (Client sends)

-> ff 50 fa 5c 0f 06 3e 33 05 64 00 00 00

<- ff 50 fa 5c 0f ce 3e 33 05 00 00 00 00

06 3e 64
ce 3e 00

-> ff 50 fa 5c 0f b2 3f 33 05 72 00 00 00

<- ff 50 fa 5c 0f 96 40 33 05 00 00 00 00

b2 3f 72
96 40 00

Server sends handshake mid packet and client does something to 5. and 6. index of array then sends again.I couldn't solve this problem.Thanks for anyway
The Metin2-sourcecode has been leaked, it's available somewhere in the internet, you can simply copy their code :P
06/28/2014 19:06 falchonn#3
Quote:
Originally Posted by Mi4uric3 View Post
The Metin2-sourcecode has been leaked, it's available somewhere in the internet, you can simply copy their code :P
Thank you very much, is that source code 2.60 gb right ?
06/28/2014 19:06 Mi4uric3#4
Quote:
Originally Posted by falchonn View Post
Thank you very much, is that source code 2.60 gb right ?
I don't know as I don't own it
As long as you can find the handshake in it the size doesn't matter ;D
06/28/2014 19:45 [uLow]NTX?!#5
The handshake packet has the following structure:
<header> <handshake> <time> <delta>

So you need to modifiy the delta.
06/28/2014 22:26 falchonn#6
Quote:
Originally Posted by [uLow]NTX?! View Post
The handshake packet has the following structure:
<header> <handshake> <time> <delta>

So you need to modifiy the delta.
thanks man it worked ;)

I'm stucked in encryption system.Server sends 256 byte data and client does something.

I found something about Diffie Helman, but i couldn't translate it to c#

Here is the code:


Code:
size_t DH2KeyAgreement::Prepare(void* buffer, size_t* length) {
#ifdef __THEMIDA__
	VM_START
#endif

	// RFC 5114, 1024-bit MODP Group with 160-bit Prime Order Subgroup
	// http://tools.ietf.org/html/rfc5114#section-2.1
	Integer p("0xB10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
		"9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
		"13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
		"98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
		"A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708"
		"DF1FB2BC2E4A4371");

	Integer g("0xA4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
		"D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
		"160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
		"909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
		"D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24"
		"855E6EEB22B3B2E5");

	Integer q("0xF518AA8781A8DF278ABA4E7D64B7CB9D49462353");

	// Schnorr Group primes are of the form p = rq + 1, p and q prime. They
	// provide a subgroup order. In the case of 1024-bit MODP Group, the
	// security level is 80 bits (based on the 160-bit prime order subgroup).		

	// For a compare/contrast of using the maximum security level, see
	// dh-unified.zip. Also see http://www.cryptopp.com/wiki/Diffie-Hellman
	// and http://www.cryptopp.com/wiki/Security_level .

	AutoSeededRandomPool rnd;

	dh_.AccessGroupParameters().Initialize(p, q, g);

	if(!dh_.GetGroupParameters().ValidateGroup(rnd, 3)) {
		// Failed to validate prime and generator
		return 0;
	}

	size_t count = 0;

	p = dh_.GetGroupParameters().GetModulus();
	q = dh_.GetGroupParameters().GetSubgroupOrder();
	g = dh_.GetGroupParameters().GetGenerator();

	// http://groups.google.com/group/sci.crypt/browse_thread/thread/7dc7eeb04a09f0ce
	Integer v = ModularExponentiation(g, q, p);

	if(v != Integer::One()) {
		// Failed to verify order of the subgroup
		return 0;
	}

	//////////////////////////////////////////////////////////////

	spriv_key_.New(dh2_.StaticPrivateKeyLength());
	epriv_key_.New(dh2_.EphemeralPrivateKeyLength());
	SecByteBlock spub_key(dh2_.StaticPublicKeyLength());
	SecByteBlock epub_key(dh2_.EphemeralPublicKeyLength());

	dh2_.GenerateStaticKeyPair(rnd, spriv_key_, spub_key);
	dh2_.GenerateEphemeralKeyPair(rnd, epriv_key_, epub_key);

	// Prepare key agreement data
	const size_t spub_key_length = spub_key.size();
	const size_t epub_key_length = epub_key.size();
	const size_t data_length = spub_key_length + epub_key_length;

	if (*length < data_length) {
		// Not enough data buffer length
		return 0;
	}

	*length = data_length;
	byte* buf = (byte*)buffer;
	memcpy(buf, spub_key.BytePtr(), spub_key_length);
	memcpy(buf + spub_key_length, epub_key.BytePtr(), epub_key_length);

#ifdef __THEMIDA__
	VM_END
#endif

	return dh2_.AgreedValueLength();
}
06/29/2014 07:32 [uLow]NTX?!#7
Quote:
Originally Posted by falchonn View Post
thanks man it worked ;)

I'm stucked in encryption system.Server sends 256 byte data and client does something.

I found something about Diffie Helman, but i couldn't translate it to c#

Here is the code:


Code:
size_t DH2KeyAgreement::Prepare(void* buffer, size_t* length) {
#ifdef __THEMIDA__
	VM_START
#endif

	// RFC 5114, 1024-bit MODP Group with 160-bit Prime Order Subgroup
	// http://tools.ietf.org/html/rfc5114#section-2.1
	Integer p("0xB10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
		"9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
		"13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
		"98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
		"A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708"
		"DF1FB2BC2E4A4371");

	Integer g("0xA4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
		"D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
		"160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
		"909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
		"D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24"
		"855E6EEB22B3B2E5");

	Integer q("0xF518AA8781A8DF278ABA4E7D64B7CB9D49462353");

	// Schnorr Group primes are of the form p = rq + 1, p and q prime. They
	// provide a subgroup order. In the case of 1024-bit MODP Group, the
	// security level is 80 bits (based on the 160-bit prime order subgroup).		

	// For a compare/contrast of using the maximum security level, see
	// dh-unified.zip. Also see http://www.cryptopp.com/wiki/Diffie-Hellman
	// and http://www.cryptopp.com/wiki/Security_level .

	AutoSeededRandomPool rnd;

	dh_.AccessGroupParameters().Initialize(p, q, g);

	if(!dh_.GetGroupParameters().ValidateGroup(rnd, 3)) {
		// Failed to validate prime and generator
		return 0;
	}

	size_t count = 0;

	p = dh_.GetGroupParameters().GetModulus();
	q = dh_.GetGroupParameters().GetSubgroupOrder();
	g = dh_.GetGroupParameters().GetGenerator();

	// http://groups.google.com/group/sci.crypt/browse_thread/thread/7dc7eeb04a09f0ce
	Integer v = ModularExponentiation(g, q, p);

	if(v != Integer::One()) {
		// Failed to verify order of the subgroup
		return 0;
	}

	//////////////////////////////////////////////////////////////

	spriv_key_.New(dh2_.StaticPrivateKeyLength());
	epriv_key_.New(dh2_.EphemeralPrivateKeyLength());
	SecByteBlock spub_key(dh2_.StaticPublicKeyLength());
	SecByteBlock epub_key(dh2_.EphemeralPublicKeyLength());

	dh2_.GenerateStaticKeyPair(rnd, spriv_key_, spub_key);
	dh2_.GenerateEphemeralKeyPair(rnd, epriv_key_, epub_key);

	// Prepare key agreement data
	const size_t spub_key_length = spub_key.size();
	const size_t epub_key_length = epub_key.size();
	const size_t data_length = spub_key_length + epub_key_length;

	if (*length < data_length) {
		// Not enough data buffer length
		return 0;
	}

	*length = data_length;
	byte* buf = (byte*)buffer;
	memcpy(buf, spub_key.BytePtr(), spub_key_length);
	memcpy(buf + spub_key_length, epub_key.BytePtr(), epub_key_length);

#ifdef __THEMIDA__
	VM_END
#endif

	return dh2_.AgreedValueLength();
}
And now? What do you want from us? That we Write the class for you?

Its funny that you make it in c#.
06/29/2014 09:51 falchonn#8
Quote:
Originally Posted by [uLow]NTX?! View Post
And now? What do you want from us? That we Write the class for you?

Its funny that you make it in c#.
I found a class for c# Diffie Helman , but i couldn't understand what exactly does dh key exchange.

It is here:

[Only registered and activated users can see links. Click Here To Register...]
06/29/2014 10:19 [uLow]NTX?!#9
Whats about using Google?
-> [Only registered and activated users can see links. Click Here To Register...]

Its very har to use, or ?
06/29/2014 12:52 falchonn#10
Quote:
Originally Posted by [uLow]NTX?! View Post
Whats about using Google?
-> [Only registered and activated users can see links. Click Here To Register...]

Its very har to use, or ?
I understood key agrement method but I couldn't understand how that codes creating static p, g, q.Is that code making them to hex string ??

Code:
Integer p("0xB10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
		"9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
		"13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
		"98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
		"A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708"
		"DF1FB2BC2E4A4371");

	Integer g("0xA4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
		"D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
		"160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
		"909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
		"D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24"
		"855E6EEB22B3B2E5");

	Integer q("0xF518AA8781A8DF278ABA4E7D64B7CB9D49462353");
Edit : Ok, that codes are converting that hex strings to bigint.