Packets, Proxies and Power explained... 12thDec2011 Updated
Read the advice first...
Quote:
Anyone PMing requesting a Proxy will be added to my block list, No Exceptions! (* Yes this does mean YOU *)
*****************UPDATED 12/11/2011*********************************
**** ADDED VB6 PROXY BOT SOURCE-CODE, WORKING EXAMPLE OF PROXY BOT******
************************************************** ****************
The following CONSTANTS have been flagged, this means they appear in EVERY Packet exchange from client to server and server to client
Red = Packet Id - Each packet has a unique ID number, in this case AA02, Each Packet id Relates to a specific function, in this example the function is a reply to the server.
Green = Player Id - Each packet contains a unique player ID, this ID allows the server to know which Packet is from which user.
Blue = Timestamp - Each packet contains a Time stamp, this allows the server to make sure that a Packet hasnt taken to long to reach the server, If a packet is sent to server with a Timestamp older than allowed by the server the packet is refused and the player is disconnected... (* Obviouslly as ive stated before you CAN tell the server a Timestamp for a time, say,, tommorow instead of today, and the server WILL Accept the timestamp as its not considered "Old Until the time has elapsed *)
Magenta = Padding - Each Packet function has a set lenth, and a starting point in the packet, if the information in the function is smaller than the allocated size allowed for that function then the additional "Empty" bytes are filled with "Padding" values.... so that the timestamp which should start at byte 26 in this example would indeed start, at byte 26 (* Writtin in code as (4, 26), where 4 is the amount of bytes that function takes in the packet, and 26 being the start of that function *) This doesnt mean the timestamp is allways at byte 26, just that in this example packet that is the case. (* This is predetermined by the Struct of this particular Packet ID, if the Packet ID was say for the Login packet, the Timestamp and padding would be diffrent *)
****Edit** Added Packet Lenth so PunkS7le doesnt cry :'( Seeing as its absence was the only possibly "Inaccuracy" in this post ... So... "PacketLenth"... obvious really so I wont even bother to explain it!.
(* For the benefit of other "L33t" coders attempting to flame/discredit with comments of "My packets Iz R Not look lik dem".... probably not... Its common practice to put a space between each Hex Value to make it easier for beginners to understand... this isnt for you so please P-ss of and leave the learners to learning, Also, all values and the Packet above are used purely in example...*)
The way the Packet is formed for different functions is called a "Struct", Each unique Packet ID will correlate to a different Struct format.... for example, a Login Packet containing the Username and password will have the Username and password in the packet at set places, the Packet ID would let the server know that its a "Login" packet and would therefore know to read the packet in the fashion matching with its matching Struct.
The packet is in a Hex format, Timestamp at the end must correlate to a correct time... 01 4E 0C D1 for say 15.24pm and 21 seconds, 01 4E 0C D2 would be for 22 seconds, 01 4F 01 D1 would be for 16.31pm and 21 seconds... simple!
==== Note The packets are encrypted as standard and you will not be able to just "Send" a packet, it will require encrypting to the same format using the same key as Cabal ====
Quote:
================================================== ==================
====FOR ALL NEWBIES, A PROXY IS A TOOL NOT A "PROXY SERVER" TO HIDE YOUR IP, IT IS REQUIRED IF YOU WISH TO ALTER PACKETS, IF YOU DONT HAVE ONE, YOU CANNOT ALTER PACKETS! ANYONE CLAIMING OTHERWISE SHOULD BE OPENLY MOCKED FOR THERE STUPIDITY!!!! YES THIS DOES MEAN WPE WILL NOT SUFFICE AS A "PROXY" AS IT DOESNT HAVE ENCRYPTION HANDLING AND ANYONE WHO SUGGESTS USING IT SHOULD BE REPORTED FOR ENDANGERING YOUR INGAME ACCOUNT BECAUSE WPE WILL GET YOU BANNED IF YOU TRY USING IT! AND BEFORE ANYONE SUGGESTS IT, NO YOU CANNOT ALTER PACKETS WITH CHEATENGINE FOR GODS SAKE!!!!!!!!=======
Basics of a Proxy, how it works, and what it does:
In the standard environment all Data from Server to client and client to server goes as follows
Code:
Client>Server Server>Client
A Proxy changes this exchange to
Code:
Client>Proxy>Server Server>Proxy>Client
1) This means that ALL Traffic between the server and the client travels THROUGH the proxy.
2) A Proxy doesnt magically know what to do with each packet, unless its been told to deal with a packet in a specific way (* Such as "Traffic" packets which should be sent straight to client *)
3) Just cause you know theres packets there, unless you know how there encrypted you wont be able to touch them. In this isntance a working Proxy needs to be able to do the following
Code:
Recieve Server>Client Packet - De-Encrypt packet - Make Packet Alterations - Re-Encrypt packet - Send Server>Client Packet to Client
And obviouslly the other way round, I.e. Client>Server exchanges
4) The Proxy will not know how to Form "New" Packets, If you wish to send a new packet you will have to know the Struct for the packet function you wish to create
================================================== ===========ADDED VB6 Proxy-Bot Source-Code. REQUIRES VB6 TO BE INSTALLED= ================================================== =======
Just to make it clear:
Since the code is in hex, 2 numbers form one part of decimal number, right?
Like: AA would be then 170 and 02 is 2.
I guess it's then 170 2 in decimal and not 172, right? (would be strange if not)
I need the same packetid which I received again for my edited packet, right?
Like AA 02 received, then send again AA 02.
At least I guess we need here decimal, since the dual system would be very complicated.
What's the sense of the 12 A1? I guess it desribes the action which is done?
Like 0 1 = damage to player, 0 2 = damage from player, 5 F = items in inventory?
If I would catch the packet where the system shows me I have 500 HP potions lv3.
I need to catch the packet which was sent to me. [Does the packets counts seconds or just hours/minutes?]
Decrypt it.
Packet ID shouldn't be touched?
Player ID of course shouldn't be touched.
If I would catch it at 23:05 pm, it should be something like:
23 = 17 = F2 (right)?
05 = 05
pm = Do we need pm when it's aready a 24h system? oO
I get only the sense of 2 codes, but you have 4 codes for the time stamp?
edit{
Maybe for the time where I received it and till when the server will accept the packet?
Like this then:
Received on 23:05.
Packet will be fine till 23:06.
Then my proxy would receive F2 05
Proxy decrypts it to 23 05
I tell it to increase it by 3, 23 08
Proxy sends the packet with a timestamp of F2 08
}
Padding.. I guess always 01 as long as we reach 26 bits for the time stamp.
The black "E3 37" would be the information about which items and the amount?
Like 500 hp potions lv3 would be something with 1F4 01
(If Lv3 potions = 1).
Your codes were always of steps in 2, how can then there be informations with 3 hex numbers?^^
Omg I'm a nub
Actually you pretty much got it, though the Hex values for some of the functions stated in my example are incorrect Obviouslly that isnt my real player ID Shown
Yes the value would be 1702 in decimal...
The Extra value at the end of the packet by the timestamp doesnt feature on all Structs and is therefore not mentioned for that reason, though I should explain that yes, ordinarally the Timestamp will be 4 bytes not the 8 shown here, which is only for ceartain packet exchanges... i.e. 0C D1 is the "Normal" timestamp.
though you are correct to assume it is indeed the time of the packet you recieved before..... hence "in this example where using a Reply to the server".... If the reply had not reached the server within the time limit (* Server sided *) Then the account is disconnectted.
Who said player ID shouldnt be touched now that just depends on what your trying to do... (* I will not explain this one.... ADVANCED simply states all that needs to be said *)
Quote:
Your codes were always of steps in 2, how can then there be informations with 3 hex numbers?^^
Omg I'm a nub
They dont have to be in steps of 2 Its just easiar for me to show them that way than as a whole string... otherwise all a begginer would see is a line of random coloured numbers and letters I may be arrogant, but I have my "Noob-Friendly" habits
Quote:
I need the same packetid which I received again for my edited packet, right?
Like AA 02 received, then send again AA 02.
It most cases this is correct, though there are a few exceptions.... for example, If the PacketID is for a specific question, and the answer to that question requires a diffent PacketID then well Obvious is obvious, i.e. > Server>Client "Is client active" Client>Server with dif packetID "Yes"
can you explain whats that "proxy" thing and any tut available how to make it ?
a Proxy is not something that can be casuelly made, it requires alot of hardwork and patience to make a working proxy that will Correctly De-Encrypt and Re-Encrypt packets... (* not to mention the reseach required to identify the Encryption method and handshake used, then the IV thatll need to be found to make use of the Encryption, which in itself requires knowledge of ASM and Cryptography *) To make it easiar to understand just think of it like Gameguard, except it allows you to alter a packet any way that you choose, before Re-Encrypting that packet and sendning to the client/server (* also it allows you to set specific functions to set Packet IDs, I.e. you set it to automatically block the Unequip Item Packet ID and that Packet will be stopd from going through the proxy *)
The point originally of this thread was to dispell the lies that are floating about here about what can/cant be done, though ill be expanding on it as time goes on...
When you have mastered your 2nd year of programming in your chosen lanquage you may "Possibly" have sufficient knowledge to make your own proxy, unless of course you can find a person to provide you with a proxy, though that is incredibly unlikely at the most optimistic of times!.
so that means, its impossible for "normal" ppl to make this work ? :P
Not impossible, Unlikely... The Proxy method is intended for those with a basic understanding of computer programming lanquage, yet it pertains many fields within itself that would mean people of similiar yet diffrent programming ability would have to work together to construct one.
For example you would need one person who understands how the Proxy should work (* I.e. Sockets *), and how it should deal with the packets, yourll need another person who can understand how the Structs are formed, and another person who understands Cryptography, Another who understands ASM to do the required research into the Exe file to extract the information the Cryptologist will need (* InitiazationVector and so forth *)... as you see, a Proxy is no simple tool, but a Highly sophistacated one that allows the Proxy user a power that "Memory" based bots can just never have. A Memory based Bot is restricted to only able to alter things that are stored in the memory, I.e. Static Values, Where a Proxy allows you to change both Memory and Packet values and therefore is equivilant to comparing a Skateboard to a AustinMartin car in performance... the skateboard may get you round, but its slow, boring, and wont get you "As far" as the AustinMartin.... in other words you will never have the ability to do with a memory based bot what Proxy users can do.
Ahhhhhh. I'm getting things slowly.
So Nova, I've a question...
How to start "learning it" by doingyourself?
I mean, what application should I first manipulate, which doesnt have crypted packets, timestamps and so on?
Cuz trying to understand the cryptography and the ASM language is a lil to hard for the beginning.
I hope you understand what I mean x]
I guess you can just catch packets of another program for understanding it and when you feel prepared, try it on Cabal.
He would still need to have the Cryptogryhy done for him so that he could make use of the packets, being able to see the packets as they come as standard is NOT acceptable, they do NOT allow ANY manipulation of ANY amount unless you have Decrypted them first, only THEN can you Alter the packets, THEN Re-Encrypt before sending on to the next part,,,, in fact,,, ill stop here, Check the top post sometime tommorow ill have a good "Stretch" of the first post, adding all that im saving my self explaining now, there, I shouldve colour coded and explained what has to be done EXACTLY at each stage of the Proxy Data exchange shown.
*Edit - Am I being to forward to ask whats happening to my old Account here, Im sure if u follow links in the posts from my old V3n0M thread yourll see the value I held to the community, and the thread in my siggy contains numerous accounts from the other high lvl programmers that my Banning was false in its nature...
As for the Corrupt Mod before who falsely banned me:
Quotes from the thread in my signature...
Quote:
And every 1 of em was verified clean when they weren't by mods that had no idea wtf they were doin/looking for i even flagged 1 of the proxys posted as dirty and got flamed for it that i was stupid bla bla bla and weeks later it was removed...And i got no appoligys.
And proof the threads where altered and such
Quote:
Shows how much i pay attention around here lol i didn't even know you were banned i thought you "freely" left and had the VP thread closed and were producing VP over at the other place instead because of leechers ect ect.
So hows about you encourage someone to Unban my Queen-Of-Evil account, ill spare asking for an apology for someone elses sin, but to be frank, I find it distasteful to be forced to use this alt any further...... The other place is MY Forums... which where added by this same filthy scumball mod to the "Wordfilter/Sitefilter" regardless of its nature as my "Official" release site... Id also suggest a SWIFT removal of that aswell <.<
Don't post it now also in threads, I can't do more than speak with Admins, and for now I didn't got a response.
But you still aren't allowed to advetise other pages.
Don't post it now also in threads, I can't do more than speak with Admins, and for now I didn't got a response.
But you still aren't allowed to advetise other pages.
Strange how I was allowed to "Advertise" it when the members of this community where downloading my work..... Im beginning to be reminded why all the programmers of talent left here. Ill not be false about it, if my account from before isnt re-instated there is no way ill provide assistance to epvpers on anything more than an information level....
Also as for my site:
Really? CR site being advertised? I can provide a wall of "Conflicting" issues here if you wish... again I state... I will have my forums removed from the wordfilter here, or I will not be here... my site was acceptable so long as epvpers members where leeching my work, and epvpers will now honour that by continuing to allow my forums.
As I said, I can't do more than execute the rules for epvp mods.
CR was announced by Lowfyr, so I won't appeal it.
We will wait for an answer of Lowfyr or Salo.
Inform them of my comment about
Quote:
"My site was allowed to be advertised so long as epvpers members where leeching its work, now I request they honour that assistance I provided by continuing it"
I will see anything other than my request being granted as a Insult against my assistance before, and against my personal forums.
Understanding the Packet System 09/04/2009 - Cabal Online - 2 Replies can some plz explain it in german and/or exactlier (if possible cause i have some problems to understand how to this : http://www.elitepvpers.com/forum/cabal-main-discuss ions-questions/228983-understanding-packet-system- basics-packet-explained.html
... So... "PacketLenth"... obvious really so I wont even bother to explain it!. 
Well I wont pass a free invite to flame a Mod 
