[Question] Proxy - deciphering server key packet

I have managed to set up properly packet relay mechanism between client and server, so i am moving on to deciphering the packets. Right now i am stuck with the DH key packet sent by the server. I have read and re-read korvac's conquer wiki many times, but the codes are not documented, and is not self documenting to a java learner like myself, lol.

My understanding of CO cipher is that client receives DH key packet from server, client then performs initial cipher uses blowfish algorithm to decipher the packet to obtain the p,g,A keys. The key used for initial cipher is "DR654dt34trg4UI6". After obtaining p,g,A keys, a new shared public key is generated and will be used for future(starting from the second) packet ciphers.

[Problem description] Under the presumption that my understanding of the cipher is correct. I need THREE things to initialize my cipher object. (i) a key = "DR654dt34trg4UI6", (ii) an algorithm name = "Blowfish", (iii) an initial vector!!! Initial Vector is the problem i am having. combing through the codes on conquer wiki, (i might have overlooked)i have not seen the EncryptIV ever being initialized. Seems to me that it's always left as a new array of eight zeros.

[Request] May i know what the initial vector supposed to be, and i'd deeply appreciate if supporting knowledge is being shared.

[EDIT] Now i am wondering if my understanding is wrong or if i am using the wrong padding scheme or mode. Inferring from the wiki source("BF_cfb64_encrypt"), i believe CipherFeedBack mode is used, though i dont really understand what 64_encrypt means, but i am guessing it has something to do with 8bytes of data/IV.

Action speaks louder than words.. so i gave it a shot on by writing a little util tool that deciphers server key packet. here is a code snipplet in java
I have never had any prior knowledge of cryptography, so i am not too sure of the decryption mode and paddings. Logically speaking, since blowfish is a 64bit block cipher, and the sizes of p,g,A varies with every generation, some form of paddings has to be done. The output of the above piece of code is a complete mess. So i do ponder if there is an encryption or not, or where did i do wrong to obtain current wrong result?
[End of Edit]

The following is a sample of what i currently being getting. High lighted in green is the dh key packet from server. I have also noticed this packet size always varies.

While I respect you quite a bit for going through this all yourself.. there is a leaked 5200+ proxy posted in one of the threads where I was first working on getting a proxy working.

That being said... here's some snippets you might find useful ^^

Basically you want to edit the server/client packets to use for each side of the encryption. Then one is used to encrypt/decrypt server data and one for client data.

Credits for that go to Tannel seeing as it's his proxy that got leaked lol.

Quote:

Originally Posted by pro4never While I respect you quite a bit for going through this all yourself.. there is a leaked 5200+ proxy posted in one of the threads where I was first working on getting a proxy working. That being said... here's some snippets you might find useful ^^ Basically you want to edit the server/client packets to use for each side of the encryption. Then one is used to encrypt/decrypt server data and one for client data. Code: public class ClientDHPacket { public string Client_PubKey; int JunkLength; public ClientDHPacket(byte[] Packet) { MemoryStream MS = new MemoryStream(Packet); BinaryReader BR = new BinaryReader(MS); BR.ReadBytes(7);//JUNK BR.ReadUInt32();//Length JunkLength = BR.ReadInt32(); BR.ReadBytes(JunkLength); Client_PubKey = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); BR.Close(); MS.Close(); } public void Edit(byte[] Packet, string NewKey) { MemoryStream MS = new MemoryStream(Packet); BinaryWriter BW = new BinaryWriter(MS); BW.Seek(19 + JunkLength, SeekOrigin.Current); BW.Write(Encoding.ASCII.GetBytes(NewKey)); } } public class ServerDHPacket { public byte[] ServerIV; public byte[] ClientIV; public string P; public string G; public string Server_PubKey; int JunkLength; public ServerDHPacket(byte[] Packet) { MemoryStream MS = new MemoryStream(Packet); BinaryReader BR = new BinaryReader(MS); BR.ReadBytes(11);//JUNK BR.ReadUInt32();//Length - Like i care of it JunkLength = BR.ReadInt32(); BR.ReadBytes(JunkLength);//JUNK ServerIV = BR.ReadBytes(BR.ReadInt32()); ClientIV = BR.ReadBytes(BR.ReadInt32()); P = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); G = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); Server_PubKey = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); BR.Close(); MS.Close(); } public void Edit(byte[] Packet, string EditedPubKey) { MemoryStream MS = new MemoryStream(Packet); BinaryWriter BW = new BinaryWriter(MS); BW.Seek(55 + JunkLength + P.Length + G.Length, SeekOrigin.Current); BW.Write(Encoding.ASCII.GetBytes(EditedPubKey)); BW.Close(); MS.Close(); } } Credits for that go to Tannel seeing as it's his proxy that got leaked lol.

Wow... that is a really valuable piece of reference you gave me. That instantly defeated my 2nd hurdle. But that still left me with my initial question: the server DH packet is encrypted using blowfish with "DR654dt34trg4UI6" as the key right? The reason for this question is that i immediately set up my tool based on the methodology of the the above ServerDHPacket class and found out the out put of junklength is ridiculously large/unreal, thus i suspect it is encrypted; By contrapositive reasoning. if the logic for dh exchange is to establish a shared key for client and server's blowfish, why is there a need for the initial DR.....UI6 key?

Quote:

Originally Posted by pro4never While I respect you quite a bit for going through this all yourself.. there is a leaked 5200+ proxy posted in one of the threads where I was first working on getting a proxy working. That being said... here's some snippets you might find useful ^^ Basically you want to edit the server/client packets to use for each side of the encryption. Then one is used to encrypt/decrypt server data and one for client data. Code: public class ClientDHPacket { public string Client_PubKey; int JunkLength; public ClientDHPacket(byte[] Packet) { MemoryStream MS = new MemoryStream(Packet); BinaryReader BR = new BinaryReader(MS); BR.ReadBytes(7);//JUNK BR.ReadUInt32();//Length JunkLength = BR.ReadInt32(); BR.ReadBytes(JunkLength); Client_PubKey = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); BR.Close(); MS.Close(); } public void Edit(byte[] Packet, string NewKey) { MemoryStream MS = new MemoryStream(Packet); BinaryWriter BW = new BinaryWriter(MS); BW.Seek(19 + JunkLength, SeekOrigin.Current); BW.Write(Encoding.ASCII.GetBytes(NewKey)); } } public class ServerDHPacket { public byte[] ServerIV; public byte[] ClientIV; public string P; public string G; public string Server_PubKey; int JunkLength; public ServerDHPacket(byte[] Packet) { MemoryStream MS = new MemoryStream(Packet); BinaryReader BR = new BinaryReader(MS); BR.ReadBytes(11);//JUNK BR.ReadUInt32();//Length - Like i care of it JunkLength = BR.ReadInt32(); BR.ReadBytes(JunkLength);//JUNK ServerIV = BR.ReadBytes(BR.ReadInt32()); ClientIV = BR.ReadBytes(BR.ReadInt32()); P = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); G = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); Server_PubKey = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32())); BR.Close(); MS.Close(); } public void Edit(byte[] Packet, string EditedPubKey) { MemoryStream MS = new MemoryStream(Packet); BinaryWriter BW = new BinaryWriter(MS); BW.Seek(55 + JunkLength + P.Length + G.Length, SeekOrigin.Current); BW.Write(Encoding.ASCII.GetBytes(EditedPubKey)); BW.Close(); MS.Close(); } } Credits for that go to Tannel seeing as it's his proxy that got leaked lol.

I was looking @ [Only registered and activated users can see links. Click Here To Register...] read at least 10 times and for me looks like it was incomplete?

I mean, Class DH inherits Base (base class doesnt exists)? BigNumber type? and what about this?
base(Base.ExpectNonNull(DH_new()), true)... from where this came from? Theres no base class, at least on the wiki.


pro4never, not that I would like that my job would be leaked but do you have a link for that proxy? just want to take a look.

Thanks u/korvacs for the support.

Quote:

Originally Posted by vDrag0n I was looking @ [Only registered and activated users can see links. Click Here To Register...] read at least 10 times and for me looks like it was incomplete? I mean, Class DH inherits Base (base class doesnt exists)? BigNumber type? and what about this? base(Base.ExpectNonNull(DH_new()), true)... from where this came from? Theres no base class, at least on the wiki. pro4never, not that I would like that my job would be leaked but do you have a link for that proxy? just want to take a look. Thanks u/korvacs for the support.

Even though it's already leaked, here's the 5228 proxy, rar'd and password'd.

Currently brute forcing the rar file, lol. I'll wait to see what gems i can find in there.

Actually, that piece of code only serves as a reference. When you speak of DH.cs, that inheritance, imo, is not important. You should be able to find implementations of blowfish and dh on the web. All that's important to you right now is probably how the skeleton is like.

Quote:

Originally Posted by Kiyono Even though it's already leaked, here's the 5228 proxy, rar'd and password'd.

I'll check it, thanks for this!

Quote:

Originally Posted by shitboi Actually, that piece of code only serves as a reference. When you speak of DH.cs, that inheritance, imo, is not important. You should be able to find implementations of blowfish and dh on the web. All that's important to you right now is probably how the skeleton is like.

So you do not need the password anymore?

Quote:

Originally Posted by shitboi Currently brute forcing the rar file, lol. I'll wait to see what gems i can find in there.

Really, i guess Kiyono have sent you the password, or you will take FEW ERAS to discover it.

lol.

Btw, just out of curiosity I was trying to compile but i always get a BadImageFormatException @ debug. Is it related with x86/x64 dlls?

Actually if you can give me the password, i'd deeply appreciate it ... I dont wanna wait a few days for the password to come out, lol. So, PLEASE...

Quote:

Originally Posted by shitboi Actually if you can give me the password, i'd deeply appreciate it ... I dont wanna wait a few days for the password to come out, lol. So, PLEASE...

Send.

Quote:

Originally Posted by Kiyono Send.

Any idea why it does give me BadImageFormatException?

This is something with libeay32.dll -i'm on 32 bit tho.

Quote:

Originally Posted by vDrag0n Any idea why it does give me BadImageFormatException? This is something with libeay32.dll -i'm on 32 bit tho.

No, I'm getting the same problem.

Thanks pro4never and kiyono for your help. Now i am pretty sure i was and am on the right track. I revisited my codes and realized i made a mistake when converting "string representation of packet" into byte[] thus getting wrong output with cipher. After correcting that mistake i suppose this should be a valid serverDH packet after blowfish. It's validity is proven by the TQserver signature in Red.

Quote:

��^�dP�Y&V[b , ^��ؚ���j_��odB���%+׶�? a�5����>(�)!����� �0��X֍ �|��݀ A320A85EDD79171C341459E94807D71D39BB3B3F3B5161CA84 894F3AC3FC7FEC317A2DDEC83B66D30C29261C6492643061AE CFCF4A051816D7C359A6A7B7D8FB 05� 660811FF745F03973DE6DA19F81BC651A6B09C7B1816A2937C 6BDADBE78E9FB9A66C6F98873B3CA49DB3E8F47E1E8DC860EB 941E3A6D9FF13A613A5A603053E2TQServer��Z1�|x{"��$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|��u$w �|�