WSASend buffer Need DECRYPT

06/15/2017 16:32 emreozan625#1
Hello,
I am 15 years old. I am new in this assembly. I have not good English. So I hooked WSASend function on C++. Packets crypted i wanna decrypt this packets.
Like this:

[Only registered and activated users can see links. Click Here To Register...]

This is buffer data:
[Only registered and activated users can see links. Click Here To Register...]

Sorry for my bad English. Thanks :) :handsdown:
06/15/2017 20:38 qoaway#2
its not good idea to hook WSASend, check out Iwa's Sro++
[Only registered and activated users can see links. Click Here To Register...]
06/15/2017 20:53 emreozan625#3
How can i decrypt this packets?
06/16/2017 11:48 florian0#4
Quote:
Originally Posted by emreozan625 View Post
How can i decrypt this packets?
Capture the Handshake, steal the clients secret (CoCreateGuid) and calculate the shared secret. Decrypt the packets using existing blowfish libraries.
If you want to inject packets, too, you need mess with the count-byte.

[Only registered and activated users can see links. Click Here To Register...]
The one from Jim Conger is really close to the one used in ClientNet.
The other C++ one is close to the implementation used in GFXFileManager.

These might even be the original implementations they are using. (Maybe someone with access to the source can clarify this).

Both should work fine, if you really want to go the hard way.

Some more info on the Handshake:
[1] [Only registered and activated users can see links. Click Here To Register...]
[2] [Only registered and activated users can see links. Click Here To Register...]
[3] [Only registered and activated users can see links. Click Here To Register...]
[4] [Only registered and activated users can see links. Click Here To Register...]
06/16/2017 13:22 emreozan625#5
Quote:
Originally Posted by florian0 View Post
Capture the Handshake, steal the clients secret (CoCreateGuid) and calculate the shared secret. Decrypt the packets using existing blowfish libraries.
If you want to inject packets, too, you need mess with the count-byte.

[Only registered and activated users can see links. Click Here To Register...]
The one from Jim Conger is really close to the one used in ClientNet.
The other C++ one is close to the implementation used in GFXFileManager.

These might even be the original implementations they are using. (Maybe someone with access to the source can clarify this).

Both should work fine, if you really want to go the hard way.

Some more info on the Handshake:
[1] [Only registered and activated users can see links. Click Here To Register...]
[2] [Only registered and activated users can see links. Click Here To Register...]
[3] [Only registered and activated users can see links. Click Here To Register...]
[4] [Only registered and activated users can see links. Click Here To Register...]
Thanks for your comment :)
Which function should I call? How can this functions find? Do you have any videos on this subject? Thanks :) :rolleyes:
06/16/2017 17:05 florian0#6
Quote:
Originally Posted by emreozan625 View Post
Thanks for your comment :)
Which function should I call? How can this functions find? Do you have any videos on this subject? Thanks :) :rolleyes:
No, there aren't any useful videos on sro security. Learn from text and existing code. Search the forums for silkroad security. I've linked in an example implementation in my previous post.
06/17/2017 02:17 Chernobyl*#7
You are using my old ClientLib aint u ? ;p
06/17/2017 09:35 emreozan625#8
Quote:
Originally Posted by Chernobyl* View Post
You are using my old ClientLib aint u ? ;p
i just wanna send packet with wsasend. I need decrypt packet
06/17/2017 13:29 florian0#9
I gave you all the information you need. If you cant solve it, then you are not ready for it. Learn it. Or use some of the existing libraries if you dont want to learn.
But stop begging for complete solutions because there are plenty around ready to use.
06/18/2017 20:30 emreozan625#10
Thanks for your help. I will learn this. :)