Register for your free account! | Forgot your password?

Go Back   elitepvpers > New Arrivals > Blade & Soul > Blade & Soul Hacks, Bots, Cheats & Exploits
You last visited: Today at 07:19

  • Please register to post and access all features, it's quick, easy and FREE!

 

[Guide] Basics of Packet Editing in BnS

Reply
 
Old   #16
 
elite*gold: 0
Join Date: Dec 2007
Posts: 73
Received Thanks: 2
I'm glad to see this thread hasn't gone south as I thought it was going too Kappa



DJSketch is offline  
Old   #17
 
elite*gold: 0
Join Date: Feb 2008
Posts: 31
Received Thanks: 2
Quote:
Originally Posted by Izeliae View Post
Butthurt much?
Lmao you even copied it from a completely different thread. I'm impressed with your stupidity. Go to school
I am pretty sure it was sarcasm.....

here are some headsup.

For thoes who understand

a0y3e7lbWzrrwKP7NUHrVNlSs5Ur6ew9 <- package


If you are premium you can abuse the Premium Shop as wel as the currency exchange. (Got banned after 1 day doing that so it is not save but feel free to try)

If you know IDEA you can use the above "package" and have fun.


ExerlosMyst is offline  
Thanks
1 User
Old   #18
 
elite*gold: 0
Join Date: Dec 2007
Posts: 73
Received Thanks: 2
Quote:
Originally Posted by ExerlosMyst View Post
I am pretty sure it was sarcasm.....

here are some headsup.

For thoes who understand

a0y3e7lbWzrrwKP7NUHrVNlSs5Ur6ew9 <- package


If you are premium you can abuse the Premium Shop as wel as the currency exchange. (Got banned after 1 day doing that so it is not save but feel free to try)

If you know IDEA you can use the above "package" and have fun.
Kinda a pointless post if you ask me without any type of explanation, other then the fact for those who know.
DJSketch is offline  
Old   #19
 
elite*gold: 0
Join Date: Jan 2006
Posts: 29
Received Thanks: 38
Quote:
Originally Posted by ExerlosMyst View Post
I am pretty sure it was sarcasm.....

here are some headsup.

For thoes who understand

a0y3e7lbWzrrwKP7NUHrVNlSs5Ur6ew9 <- package


If you are premium you can abuse the Premium Shop as wel as the currency exchange. (Got banned after 1 day doing that so it is not save but feel free to try)

If you know IDEA you can use the above "package" and have fun.
Nope. Don't understand


atsay714 is offline  
Old   #20
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 274
yea thats not just vague its beyond vague. it looks like a key, but those change.
Izeliae is offline  
Old   #21
 
elite*gold: 0
Join Date: Mar 2014
Posts: 111
Received Thanks: 6
Quote:
Originally Posted by ExerlosMyst View Post
I am pretty sure it was sarcasm.....

here are some headsup.

For thoes who understand

a0y3e7lbWzrrwKP7NUHrVNlSs5Ur6ew9 <- package


If you are premium you can abuse the Premium Shop as wel as the currency exchange. (Got banned after 1 day doing that so it is not save but feel free to try)

If you know IDEA you can use the above "package" and have fun.
i know Izeliae anti ban successful
cabal3 is offline  
Old   #22
 
elite*gold: 0
Join Date: Oct 2015
Posts: 40
Received Thanks: 0
Link broken on CCProxy 7.2
I tried looking for it on the internet but i mostly find 8.0, would it not work?

Edit: Nvm found. (was a link from Brothersoft, just google it)
Brynjar94 is offline  
Old   #23
 
elite*gold: 0
Join Date: Mar 2006
Posts: 1,564
Received Thanks: 314
No one still answered me though. Are BnS packets not time-stamped?
killzone is offline  
Old   #24
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 274
Quote:
Originally Posted by killzone View Post
No one still answered me though. Are BnS packets not time-stamped?
no they are not. im not sure ive seen timestamped packets before on any game though tbh. most games use a rotating key which updates every time a packet is sent, which means you cant resend old packets, but timestamped? thats new.
you will get a new key when you restart the game though, so session to session your same packet probably wont work.
Izeliae is offline  
Old   #25
 
elite*gold: 0
Join Date: Sep 2014
Posts: 544
Received Thanks: 582
Quote:
Originally Posted by Izeliae View Post
no they are not. im not sure ive seen timestamped packets before on any game though tbh. most games use a rotating key which updates every time a packet is sent, which means you cant resend old packets, but timestamped? thats new.
you will get a new key when you restart the game though, so session to session your same packet probably wont work.
By any chance, since you already unencrypted the packets. What does the packet format look like?
For example, in the game I used to play Mabinogi the packet format looked like

[OPCODE][CharID][Parameter1][Parameter2]..etcetc

what does it look like in blade and soul?
This is just to give me an idea when I'm reverse engineering the game.
[P2933]Step29 is offline  
Old   #26
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 274
Quote:
Originally Posted by [P2933]Step29 View Post
By any chance, since you already unencrypted the packets. What does the packet format look like?
For example, in the game I used to play Mabinogi the packet format looked like

[OPCODE][CharID][Parameter1][Parameter2]..etcetc

what does it look like in blade and soul?
This is just to give me an idea when I'm reverse engineering the game.
Code:
class PacketBase
{
public:
     unsigned short length;
     unsigned short opcode;
};
then extend it
Code:
class MyPacket : public PacketBase
{
public:
char data[1];
};
Izeliae is offline  
Old   #27
 
elite*gold: 0
Join Date: Jan 2006
Posts: 29
Received Thanks: 38
Quote:
Originally Posted by Izeliae View Post
Code:
class PacketBase
{
public:
     unsigned short length;
     unsigned short opcode;
};
then extend it
Code:
class MyPacket : public PacketBase
{
public:
char data[1];
};
What am I looking at right now? How did hex packets turn into C++ classes?
atsay714 is offline  
Old   #28
 
elite*gold: 0
Join Date: Feb 2008
Posts: 761
Received Thanks: 274
Quote:
Originally Posted by atsay714 View Post
What am I looking at right now? How did hex packets turn into C++ classes?
what did you expect them to be?
Izeliae is offline  
Old   #29
 
elite*gold: 0
Join Date: Jan 2016
Posts: 5
Received Thanks: 0
Anybody knows how to get again and again the reward of a dynamic quest in a dungeon with wpe pro..? It would be the best way to earn gold selling those items
ZeroPor7 is offline  
Old   #30
 
elite*gold: 0
Join Date: Oct 2015
Posts: 11
Received Thanks: 0
This is what I have so far, I don't consider myself an expert on reversing so hopefully someone can help.

Packets are sent from another thread and there is a loop repeatedly calling WSASend. I haven't been able to locate the place where it is grabbing the uncrypted packets yet.

struct NetworkObject {
+16 = socket
+32 = pUnknown1
+44 = pWSAObject
+56 = bytes sent?
}

struct WSAObject {
+4 = LPWSAOVERLAPPED
+20 = unk1
+24 = LPWSABUF
}

Code:
C26A90
char __thiscall SendPacket2(int this, int AnotherObject)
{
  int that; // [email protected]
  int v3; // [email protected]
  void *v4; // [email protected]
  int v5; // [email protected]
  int size3; // [email protected]
  int size2; // [email protected]
  char result; // [email protected]
  int v9; // [email protected]
  void *v10; // [email protected]
  int unknownFunc; // [email protected]
  int size1; // [email protected]
  int v13; // [email protected]
  DWORD BytesSent; // [email protected]
  int buffer; // [sp+0h] [bp-24h]@1
  int integer; // [sp+10h] [bp-14h]@9
  int pBuffer; // [sp+14h] [bp-10h]@8
  int integer2; // [sp+18h] [bp-Ch]@1
  int size4; // [sp+1Ch] [bp-8h]@1

  that = this;
  v3 = *(_DWORD *)(this + 88);
  v4 = alloca(*(_DWORD *)(this + 88));
  v5 = *(_DWORD *)(this + 4);
  LOBYTE(integer2) = 0;
  size3 = (*(int (__stdcall **)(int, int *, int))(*(_DWORD *)v5 + 72))(AnotherObject, &buffer, buffer_size_4096);// write unecrypted? LoadPacket c2b630
  size2 = size3;
  size4 = size3;
  if ( size3 <= 0 )
    return 0;
  *(_DWORD *)(that + 72) += size3;
  if ( *(_DWORD *)(that + 80) )
  {
    if ( *(_BYTE *)(that + 84) )
    {
      v9 = *(_DWORD *)(that + 4);
      if ( v9 )
      {
        (*(void (**)(void))(*(_DWORD *)v9 + 4))();// not called
        size2 = size4;
      }
    }
  }
  if ( *(_DWORD *)(that + 64) )
  {
    v10 = alloca(*(_DWORD *)(that + 88));
    unknownFunc = *(_DWORD *)(that + 68);
    pBuffer = (int)&buffer;
    if ( unknownFunc )
    {
      integer = 0;
      (**(void (__stdcall ***)(int *, int *, int *, int *))unknownFunc)(&integer, &integer2, &buffer, &size4);// not called
      size2 = size4;
    }
    size1 = (*(int (__stdcall **)(int *, int, int, _DWORD, int))(**(_DWORD **)(that + 64) + 24))(// c58a20, this calls AES
              &buffer,
              size2,
              pBuffer,
              *(_DWORD *)(that + 88),
              integer2);
    if ( size1 < 0 || !size1 )
      return 0;
    v13 = WritePacket(*(_DWORD *)(that + 44), pBuffer, size1);
  }
  else
  {
    v13 = WritePacket(*(_DWORD *)(that + 44), (int)&buffer, size2);
  }
  if ( v13 <= 0 )
  {
    result = 1;
  }
  else if ( (unsigned __int8)(*(int (**)(void))(*(_DWORD *)AnotherObject + 8))() )
  {
    result = 1;
    ++*(_DWORD *)(that + 56);
  }
  else
  {
    result = SendPacket(BytesSent, (unsigned int)&buffer, that); // calls wsasend
  }
  return result;
}

int __thiscall LoadPacket(void *this, int AnotherObject, int buffer, int maybelength)
{
  int that; // [email protected]
  __int16 v5; // [email protected]
  int result; // [email protected]

  that = (int)this;
  if ( (signed __int16)(*(int (__thiscall **)(int))(*(_DWORD *)AnotherObject + 12))(AnotherObject) >= 0
    && (signed int)(signed __int16)(*(int (__thiscall **)(_DWORD))(*(_DWORD *)AnotherObject + 12))(AnotherObject) < *(_DWORD *)(that + 44)
    && *(_DWORD *)(that + 48) )
  {
    v5 = (*(int (__thiscall **)(int))(*(_DWORD *)AnotherObject + 12))(AnotherObject);
    result = TouchesPacket(maybelength, *(_DWORD *)(that + 48) + 20 * v5, AnotherObject, buffer, that);
  }
  else
  {
    result = sub_C2B720(buffer, AnotherObject, maybelength);// not called
  }
  return result;
}
Code:
struct OpenStoragePacket {
  unsigned short length = 0xC; // length of entire struct
  unsigned short opcode = 0x036C
  int id1 // NPC id or Area id
  int id2 // NPC id or Area id
}


temp32 is offline  
Reply



« Previous Thread | Next Thread »

Similar Threads
Understanding the Packet System - Basics of a Packet explained
Read the advice first... *****************UPDATED 12/11/2011********************************* **** ADDED VB6 PROXY BOT SOURCE-CODE, WORKING...
30 Replies - Cabal Main - Discussions / Questions
[Question] Packet data , packet editing ??
I would like to know : What is packet data? How do i get the address for hacking a item in game? How to use it ??
2 Replies - 9Dragons
What happened CO packet editing guide?
i cant find it so what happened to it :o
1 Replies - CO2 Main - Discussions / Questions



All times are GMT +1. The time now is 07:19.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Abuse
Copyright ©2017 elitepvpers All Rights Reserved.