|
You last visited: Today at 22:37
Advertisement
Can't login to client patched with blowfish or w/e
Discussion on Can't login to client patched with blowfish or w/e within the CO2 Private Server forum part of the Conquer Online 2 category.
05/12/2012, 02:57
|
#1
|
elite*gold: 0 
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
Can't login to client patched with blowfish or w/e
I dunno why.... i get this when i go to handshake part...
being more specific here, using CoEmu code:
Code:
try
{
Key = new CryptoClient(buffer).PublicKey;
}
catch (Exception ex) { Console.WriteLine(ex.ToString()); }
Console.WriteLine("Client replying to handshake.");
m_encServer = m_cptServer.HandleClientKeyPacket(Key, m_encServer);
Take a look:
Dunno why this is happening.... even if i try a "plug&play" source this happen :S
Dll problem maybe??
tkx in advance
|
|
|
|
05/12/2012, 03:44
|
#2
|
elite*gold: 20
Join Date: Mar 2006
Posts: 1,491
Received Thanks: 536
|
And what is wrong with those lines of code? Line 43 of ClientSocket.cs. Param "count" appears to be negative. Have it break on there and find out why.
|
|
|
|
|
05/12/2012, 05:00
|
#3
|
elite*gold: 0
Join Date: May 2008
Posts: 1,769
Received Thanks: 1,143
|
Obviously in his packet "handler", and it looks like it's most likely where he decrypts the packet. I'm wondering why there's a BinaryReader, though. If you're using that to handle the packets somehow... well, you should know it's not the best idea. Anyway, more information would be nice. Post the file in code tags?
|
|
|
|
|
05/12/2012, 11:36
|
#4
|
elite*gold: 0
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
i'm using coemu codes to login...
since mine's were not working... but stay the same... and give the same error...
here goes the code:
ServerKeyExchange:
Code:
OpenSSL.DH _keyExchange;
byte[] _serverIv;
byte[] _clientIv;
public byte[] CreateServerKeyPacket()
{
_clientIv = new byte[8];
_serverIv = new byte[8];
string P = "E7A69EBDF105F2A6BBDEAD7E798F76A209AD73FB466431E2E7352ED262F8C558F10BEFEA977DE9E21DCEE9B04D245F300ECCBBA03E72630556D011023F9E857F";
string G = "05";
_keyExchange = new OpenSSL.DH(OpenSSL.BigNumber.FromHexString(P), OpenSSL.BigNumber.FromHexString(G));
_keyExchange.GenerateKeys();
// Console.WriteLine("P, Private Key, Public Key: " + P + ", " + _keyExchange.PublicKey.ToHexString() + ", " + _keyExchange.PrivateKey.ToHexString());
return GeneratePacket(_serverIv, _clientIv, P, G, _keyExchange.PublicKey.ToHexString());
}
public EncryptServer HandleClientKeyPacket(string PublicKey, EncryptServer cryptographer)
{
byte[] key = _keyExchange.ComputeKey(OpenSSL.BigNumber.FromHexString(PublicKey));
//Console.WriteLine("Client's public key: " + PublicKey);
/*string DatatoOutput = "";
foreach (byte D in key)
DatatoOutput += Convert.ToString(D, 16).PadLeft(2, '0') + " ";*/
//DataHolder.ConsoleWriteQueue.Enqueue("\n{<White>}[Finalized Key] {Length: " + key.Length + "} {<Yellow>}" + DatatoOutput);
// cryptographer.Blowfish.SetKey(_keyExchange.ComputeKey(OpenSSL.BigNumber.FromHexString(PublicKey)));
cryptographer.SetKey(key);
cryptographer.SetIvs(_clientIv, _serverIv);
/* cryptographer.Blowfish.EncryptIV = _clientIv;
cryptographer.Blowfish.DecryptIV = _serverIv;*/
return cryptographer;
}
public byte[] GeneratePacket(byte[] ServerIV1, byte[] ServerIV2, string P, string G, string ServerPublicKey)
{
int PAD_LEN = 11;
int _junk_len = 12;
string tqs = "TQServer";
MemoryStream ms = new MemoryStream();
byte[] pad = new byte[PAD_LEN];
ConquerServer.Rand.NextBytes(pad);
byte[] junk = new byte[_junk_len];
ConquerServer.Rand.NextBytes(junk);
int size = 47 + P.Length + G.Length + ServerPublicKey.Length + 12 + 8 + 8;
BinaryWriter bw = new BinaryWriter(ms);
bw.Write(pad);
bw.Write(size - PAD_LEN);
bw.Write((UInt32)_junk_len);
bw.Write(junk);
bw.Write((UInt32)ServerIV2.Length);
bw.Write(ServerIV2);
bw.Write((UInt32)ServerIV1.Length);
bw.Write(ServerIV1);
bw.Write((UInt32)P.ToCharArray().Length);
foreach (char fP in P.ToCharArray())
{
bw.BaseStream.WriteByte((byte)fP);
}
bw.Write((UInt32)G.ToCharArray().Length);
foreach (char fG in G.ToCharArray())
{
bw.BaseStream.WriteByte((byte)fG);
}
bw.Write((UInt32)ServerPublicKey.ToCharArray().Length);
foreach (char SPK in ServerPublicKey.ToCharArray())
{
bw.BaseStream.WriteByte((byte)SPK);
}
//Console.WriteLine("Size : " + size);
foreach (char tq in tqs.ToCharArray())
{
bw.BaseStream.WriteByte((byte)tq);
}
byte[] Packet = new byte[ms.Length];
Packet = ms.ToArray();
ms.Close();
return Packet;
}
}
GameEncryption:
Code:
Blowfish _blowfish;
string _key;
public EncryptServer(string key)
{
_blowfish = new Blowfish(BlowfishAlgorithm.CFB64);
_blowfish.SetKey(Encoding.ASCII.GetBytes(key));
_key = key;
}
public byte[] Decrypt(byte[] packet)
{
byte[] buffer = _blowfish.Decrypt(packet);
return buffer;
}
public byte[] Encrypt(byte[] packet)
{
byte[] buffer = _blowfish.Encrypt(packet);
return buffer;
}
public Blowfish Blowfish { get { return _blowfish; } }
public void SetKey(byte[] k) { _blowfish.SetKey(k); }
public void SetIvs(byte[] i1, byte[] i2) { _blowfish.EncryptIV = i1; _blowfish.DecryptIV = i2; }
public string Key { get { return _key; } }
}
ClientKey
Code:
private static int PAD_LEN = 7;
private uint _junk_len;
string _publicKey;
public CryptoClient(byte[] buffer)
{
//_buffer = buffer;
MemoryStream ms = new MemoryStream(buffer);
BinaryReader br = new BinaryReader(ms);
br.BaseStream.Seek(PAD_LEN, SeekOrigin.Begin); //ignore padding
uint len = br.ReadUInt32(); //read packet length. ignore
_junk_len = br.ReadUInt32();
//br.BaseStream.Seek(_junk_len, SeekOrigin.Current); //ignore junk but grab size
//Console.WriteLine("junk len " + _junk_len);
byte[] junk = br.ReadBytes((int)_junk_len);
_publicKey = Encoding.ASCII.GetString(br.ReadBytes(br.ReadInt32()));
}
public string PublicKey
{
get { return _publicKey; }
}
and then here... where i have the error:
Code:
try
{
Key = new CryptoClient(buffer).PublicKey;
}
catch (Exception ex) { Console.WriteLine(ex.ToString()); }
Console.WriteLine("Client replying to handshake.");
m_encServer = m_cptServer.HandleClientKeyPacket(Key, m_encServer);
also i do send the servery key packet when i create the client socket....
dunno what's going on... even if i use albertros source (original one) i have the same error.... i'm guessing that's a dll problem :/
|
|
|
|
|
05/12/2012, 12:06
|
#5
|
elite*gold: 20
Join Date: Jun 2006
Posts: 3,296
Received Thanks: 925
|
A simple question but which client version are you trying to use?
|
|
|
|
|
05/12/2012, 17:40
|
#6
|
elite*gold: 0
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
5095... but this happen to any client ... 5530, 5509, 5390 and so on... did not tested with lower versions .... but any version after 5095 and 5095 i have the same problem....
Witch ANY source ....
|
|
|
|
|
05/13/2012, 02:39
|
#7
|
elite*gold: 0
Join Date: May 2008
Posts: 1,769
Received Thanks: 1,143
|
Assuming this line is what it's referring to:
Code:
byte[] junk = br.ReadBytes((int)_junk_len);
After
Code:
uint len = br.ReadUInt32(); //read packet length. ignore
_junk_len = br.ReadUInt32();
Put
Code:
Console.WriteLine("len: {0} - _junk_len: {1}", len, _junk_len);
I'm curious as to what the second value ends up being. The way you're reading the packets is... very odd.
|
|
|
|
|
05/13/2012, 03:45
|
#8
|
elite*gold: 0
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
Code:
len: 2634161525 - _junk_len: 2275965716
But...... i want to know why... even using abetros or impulse or any source ... i'm getting the same error at the same line without changing ANYTHING....
i'm assuming that's a DLL problem.... but wich one o.O
|
|
|
|
|
05/13/2012, 04:28
|
#9
|
elite*gold: 0
Join Date: May 2008
Posts: 1,769
Received Thanks: 1,143
|
Both lengths are invalid.
Which confirms my uneasiness about you using a binary reader/writer to handle packets... Just write a packet parser using BitConverter or Pointers.
EDIT: Meant to post these earlier, but ePvP likes timing out on me. These are something I wrote maybe four or five years ago, but they still work. It's not the version that uses Pointers (Hence Unsafe.cs) since your lengths are not absolute, but see if it helps you:
Packet.cs (  )
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace CC_CO.Classes
{
public class Packet
{
private byte[] buffer;
private ushort type = 0;
private ushort length = 0;
private int Position = 0;
public Packet(byte[] Data)
{
Unsafe.CopyBuffer(Data, buffer);
}
public Packet(ushort PacketLength, ushort PacketType)
{
buffer = new byte[PacketLength];
Length = PacketLength;
Type = PacketType;
}
public Packet(int PacketLength, int PacketType)
{
buffer = new byte[PacketLength];
Length = (ushort)PacketLength;
Type = (ushort)PacketType;
}
public byte[] Buffer
{
get
{
return buffer;
}
}
public ushort Type
{
get
{
return type;
}
set
{
type = value;
Short(type, 2);
}
}
public ushort Length
{
get
{
return length;
}
set
{
length = value;
Short(length, 0);
}
}
public void Byte(byte Value, int Offset = 0)
{
if (Offset > 0)
{
Position = Offset;
}
buffer[Position] = Value;
Position++;
}
public void Byte(int Value, int Offset = 0) { Byte((byte)Value, Offset); }
public void Byte(ushort Value, int Offset = 0) { Byte((byte)Value, Offset); }
public void Byte(ulong Value, int Offset = 0) { Byte((byte)Value, Offset); }
public void Short(ushort Value, int Offset = 0)
{
if (Offset > 0)
{
Position = Offset;
}
buffer[Position] = (byte)Value;
buffer[Position + 1] = (byte)(Value >> 8);
Position += 2;
}
public void Short(int Value, int Offset = 0) { Short((ushort)Value, Offset); }
public void Int(int Value, int Offset = 0)
{
if (Offset > 0)
{
Position = Offset;
}
buffer[Position] = (byte)Value;
buffer[Position + 1] = (byte)(Value >> 8);
buffer[Position + 2] = (byte)(Value >> 16);
buffer[Position + 3] = (byte)(Value >> 24);
Position += 4;
}
public void Long(ulong Value, int Offset = 0)
{
if (Offset > 0)
{
Position = Offset;
}
buffer[Position] = (byte)Value;
buffer[Position + 1] = (byte)(Value >> 8);
buffer[Position + 2] = (byte)(Value >> 16);
buffer[Position + 3] = (byte)(Value >> 24);
buffer[Position + 4] = (byte)(Value >> 32);
buffer[Position + 5] = (byte)(Value >> 40);
buffer[Position + 6] = (byte)(Value >> 48);
buffer[Position + 7] = (byte)(Value >> 56);
Position += 8;
}
public void Long(int Value, int Offset = 0) { Long((ulong)Value, Offset); }
public void String(string Value, int Offset = 0, bool WithLength = false)
{
if (Offset > 0)
{
Position = Offset;
}
if (WithLength)
{
Byte((byte)Value.Length, Position);
}
byte[] Bytes = Encoding.ASCII.GetBytes(Value);
Array.Copy(Bytes, 0, buffer, Position, Bytes.Length);
Position += Bytes.Length;
}
}
public unsafe class PacketParser
{
public static string ReadString(byte[] Data, int Offset, int Length)
{
return Encoding.ASCII.GetString(Data, Offset, Length).TrimEnd('\0');
}
public static byte ReadByte(byte[] Data, int Offset)
{
return Data[Offset];
}
public static short ReadShort(byte[] Data, int Offset)
{
return (short)((Data[Offset + 1] << 8) + (Data[Offset]));
}
public static int ReadInt(byte[] Data, int Offset)
{
return (int)((Data[Offset + 3] << 24) + (Data[Offset + 2] << 16) +
(Data[Offset + 1] << 8) + (Data[Offset]));
}
public static long ReadLong(byte[] Data, int Offset)
{
return (long)((Data[Offset + 7] << 56) + (Data[Offset + 6] << 48) +
(Data[Offset + 5] << 40) + (Data[Offset + 4] << 32) +
(Data[Offset + 3] << 24) + (Data[Offset + 2] << 16) +
(Data[Offset + 1] << 8) + (Data[Offset]));
}
}
}
Unsafe.cs ( )
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace CC_CO.Classes
{
unsafe class Unsafe
{
public static void CopyBuffer(byte[] Destination, byte[] Source)
{
for (int b = 0; b < Destination.Length; b++)
{
Destination[b] = Source[b];
}
}
}
}
You need to change the namespace, and can probably get rid of the "unsafe" context, since I didn't include the functions that used pointers.
|
|
|
|
|
05/13/2012, 10:49
|
#10
|
elite*gold: 0
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
hmmmmmm
not sure of what the f*** is wrong...
it's just insane o.O
I can't login even using another sources.... i get to the same fuc****error...
i tried to download albetros source and client for it... just set up... and ERROR...
lol...
|
|
|
|
|
05/13/2012, 10:57
|
#11
|
elite*gold: 20
Join Date: Jun 2006
Posts: 3,296
Received Thanks: 925
|
Could it not simply be a problem with your OS? You might have screwed up something.
|
|
|
|
|
05/13/2012, 11:36
|
#12
|
elite*gold: 0
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
no....
the OS is running perfectly....
no errors or anything like....
other applications work just fine....
EDIT: At least i've never heard something like it...
|
|
|
|
|
05/13/2012, 12:05
|
#13
|
elite*gold: 0
Join Date: May 2008
Posts: 1,769
Received Thanks: 1,143
|
If you downloaded different sources, and they all give the same error, something's modifying your packets third-party. If you have anything like a firewall/netnanny/etc running, might want to disable them. Also, some networks can be encrypted, check that aswell (Although it's odd for the encryption to reach the loopback level..)
|
|
|
|
|
05/13/2012, 12:32
|
#14
|
elite*gold: 0
Join Date: Apr 2009
Posts: 782
Received Thanks: 458
|
yeah... i'm checking it right now.... btw as local it shouldn't be any problem... so i rlly don't get it...
|
|
|
|
|
05/13/2012, 12:36
|
#15
|
elite*gold: 0
Join Date: May 2008
Posts: 1,769
Received Thanks: 1,143
|
And you're sure that every source does this? It could also be memory corruption, but I slightly doubt that.
|
|
|
|
 |
|
Similar Threads
|
[Release] blowFisher [get blowfish key of ANY client]
02/11/2024 - SRO PServer Guides & Releases - 77 Replies
So, here is a really simple, modified gfxfilemanager dll, which will print blowfish key which is passed to it's functions by silkroad launcher. Just copy this modified dll file (GFXFileManager.dll) into client folder from which you wanna get BF key, and launch silkroad.exe.
Ver: 1.0, will be updated if needed.
blowFishFek.rar
Should work with all clients known so far (till release date) - no matter packed/not.
Credits: Chernobyl
|
[Release] Patched Client
02/23/2015 - Shaiya Hacks, Bots, Cheats & Exploits - 6 Replies
Hi,
hier mein kleiner patched Client(game.exe | Deutsch).
Was ist patched?
Direktes Starten(Doppelklick auf game.exe kein Updater benötigt zum starten)
Multiclient
Alle Buchstaben in Namen erlaubt
Kein Freeze
|
Alter Client with Patched Exe
05/24/2011 - Last Chaos - 6 Replies
Guten Tag
Da ich versuchen wollte den ersten Client von Lc Usa durch eine Patched Exe zu starten aber da der Patcher von Deluxe Dose net mehr kompatibel ist bekomme ich die Meldung ,This programme is already running'
Hat jemand ne Idee will mir den alten Item Shop back holen :)
(Sry für schreibfehlehr ist mit Iphone gschrieben)
Ich denke einer der Älteste Patcher oder einer der Extra angefertigt wäre würde gehen....
Liebe Grüsse
|
Patched Client + Some Information.
08/01/2010 - Metin2 Hacks, Bots, Cheats, Exploits & Macros - 5 Replies
Habe mal aus Spass ein bisschen Mit odbg rumgespielt und ein par interessante Sachen herausgefunden.
Also erstmal sind die Dateien metin2client.bin und devil.dll mit upx gepackt.
(UPX 0.89.6 - 1.02 / 1.05 - 2.90 -> Markus & Laszlo) (PEID)
Die Unpacked Versionen findet ihr im Anhang.
Um zu verhindern das der Client diese gleich wieder aufs Orginal zurück patcht müssen wir den Client selbst etwas modifizieren.
|
All times are GMT +1. The time now is 22:39.
|
|
