0x3f4 packet

Page 1 of 2 1 2
10/29/2007 15:52 MrGenious#1
What is it? botcheck or something? I cant figure out what it is.
10/29/2007 18:56 high6#2
Quote:
Originally Posted by MrGenious View Post
What is it? botcheck or something? I cant figure out what it is.
Its a "Ping-Pong" packet.

Format is...

Short - size
Short - PacketID
Int - PlayerID
Int - PlayerID xor GetTime()
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
short - random(0x0,0xFFFF)
Int - Algorithm(InGameName) //OR 0x9D4B5703 //Wouldn't suggest 0x9D4B5703

Location in memory for creating the packet is 0x004AB0D1
10/29/2007 19:42 MrGenious#3
What is it used for?
10/29/2007 19:53 high6#4
Quote:
Originally Posted by MrGenious View Post
What is it used for?
The server sends you a 0x3F4 packet and you have to send one back or you get disconnected.
10/29/2007 20:40 Queen-Of-Evil#5
Quote:
Originally Posted by high6 View Post
The server sends you a 0x3F4 packet and you have to send one back or you get disconnected.
To check for accounts still "Logd On" when there not actually log'd on?
10/29/2007 20:46 high6#6
Quote:
Originally Posted by Queen-Of-Evil View Post
To check for accounts still "Logd On" when there not actually log'd on?
Yes, so an account wont stay connected if the client crashed or didn't send the disconnect packet.
10/29/2007 22:52 MrGenious#7
So basicly it's the botcheck like I said from the begining? this is what behelit used for his standalone bot right?

Edit: and hey queen do you have some sort of messenger to talk in? I want to ask something
10/29/2007 23:53 XtremeX-CO#8
Yes, a client check basically, not bot check.
10/29/2007 23:55 MrGenious#9
I thought bot check was the same thing, so there are 2 checks?
10/29/2007 23:57 Queen-Of-Evil#10
Quote:
Originally Posted by MrGenious View Post
So basicly it's the botcheck like I said from the begining? this is what behelit used for his standalone bot right?

Edit: and hey queen do you have some sort of messenger to talk in? I want to ask something
I dont use MSN anymore :/ but ill be getting a new messenger soon so i'll let you know ^^

This packet is what lets the peaple using coproxy decendant proxies d/c after loggin out with the proxy (* As some peaple may know when you d/c with a proxy your still online for about 10 seconds after you d/c unless you use /break command *)
10/30/2007 18:15 flowerpot!#11
Fail to answer bot check properly, and you go to bot jail.
Fail to answer connection check properly, and you just dc.
10/30/2007 21:24 XtremeX-CO#12
Quote:
Originally Posted by Queen-Of-Evil View Post
I dont use MSN anymore :/ but ill be getting a new messenger soon so i'll let you know ^^

This packet is what lets the peaple using coproxy decendant proxies d/c after loggin out with the proxy (* As some peaple may know when you d/c with a proxy your still online for about 10 seconds after you d/c unless you use /break command *)
Thats due to poorly programmed proxy. Ive fixed that LONG ago. Its a 1 line fix.


And yet again, like caff did (if he did), I have to point out your noobiness. MSN/Windows Messenger does NOT have an exploit (most recent update). The fact that your a noob, and cant make the difference between things, does not mean that something is as you say, and may be quite the reverse. The other option, that you cant tweak something correctly, and messed up your messenger, is a different fact. After all, all those scripts u dl, half are filled with rootkits and trojans, so I wouldnt wonder your messenger screwing up.
10/30/2007 22:03 Queen-Of-Evil#13
Quote:
Originally Posted by XtremeX-CO View Post
Thats due to poorly programmed proxy. Ive fixed that LONG ago. Its a 1 line fix.


And yet again, like caff did (if he did), I have to point out your noobiness. MSN/Windows Messenger does NOT have an exploit (most recent update). The fact that your a noob, and cant make the difference between things, does not mean that something is as you say, and may be quite the reverse. The other option, that you cant tweak something correctly, and messed up your messenger, is a different fact. After all, all those scripts u dl, half are filled with rootkits and trojans, so I wouldnt wonder your messenger screwing up.
And like I pointed out to Caff PacketStorm have proven that when you go to share files with someone over MSN the two computers make a direct link meaning the other person can get your i.p. address, and from that perform simple TCP Fin scans and Vecna scans to determine how best to comprimise your computers security ^^
10/30/2007 23:56 iliveoncaffiene#14
No, coproxy just closes the socket from Client-Server and the socket from Server-Client.
It theoretically wont disconnect until the server doesn't get a reply for the 3f4.
10/31/2007 00:43 MrGenious#15
Quote:
Originally Posted by XtremeX-CO View Post
Thats due to poorly programmed proxy. Ive fixed that LONG ago. Its a 1 line fix.


And yet again, like caff did (if he did), I have to point out your noobiness. MSN/Windows Messenger does NOT have an exploit (most recent update). The fact that your a noob, and cant make the difference between things, does not mean that something is as you say, and may be quite the reverse. The other option, that you cant tweak something correctly, and messed up your messenger, is a different fact. After all, all those scripts u dl, half are filled with rootkits and trojans, so I wouldnt wonder your messenger screwing up.
Cause of poor programming? lol it was probably made for testing, atleast that is what I would to while in testing phase, AND it's not a dumb thing to have it there :/
Page 1 of 2 1 2