about people "upgreading" sources (trinity base)

[go for it]

i heard people here and on another forums releasing sources saying
"EXCLUSIVE FIRST SOURCE EVER 5622 PLA PLA PLA"
and i gave it a try and all i found is it's trinity base 5530 and they trying to edit some packets to make it work on a higher client version
well fixed REAL **** TON of bugs and stuff but was aware of something
which is
YOU MAY LOGIN WITH ANY PASSWORD
by playing around i found that they ignore the password check
trying to play around and found that you don't even get the password on the packet which is not possible
so i thought it's cuz of the auth crypto
but the weird thing is that it can still decryp the server name and account
account in the following picture is "1" 00x31
server rising stars
here

but i still need someone to tell me what is the real problem to figure out if im working on the wrong path or what
umm and here is another question
since 5530 till the current tq version
what tq did change ?

packet structures of some packets ?
login squence ?
password seed and encryption ?
encryption key ?

yes i got some information but at some point im lost cuz i still can't write my own base
i want to upgreat this source in the first place then start writing my own base

any information is appreciated , enlighten me
pm(s) appreciated too ^__^

[Spirited]

In patch 5509, NetDragon changed the game cipher. I released that to the community, you can find the thread in my signature about that. In patch 5528, a new game exchange addition was added (that most people know now as the MD5 hash addition). That was leaked in a public bot. In patch 5532, NetDragon completely ripped out their password cipher algorithm (which was very shocking) and implemented something else (that only a very select 4(?) have their hands on). I don't recommend you explore what it is publicly. The more of a secret it is, the better. I don't want more clientless bots or crappy servers getting their way.

[go for it]

okay , so now i need to decrype this packet on my own then write a valid password cipher
well thanks fang ^^

[Spirited]

The packet isn't encrypted by anything other than NetDragon's asymmetric authentication cipher. It really does just contain the account name and server name. I recommend you look at the bypass Roy (InfamousNoone) created in his public project. It hooks the client and puts the old, RC5 encrypted password back in there. He did that so private server owners such as yourself can still develop while bot owners cannot.

[CptSky]

Quote:

Originally Posted by Fаng

The packet isn't encrypted by anything other than NetDragon's asymmetric authentication cipher. It really does just contain the account name and server name. I recommend you look at the bypass Roy (InfamousNoone) created in his public project. It hooks the client and puts the old, RC5 encrypted password back in there. He did that so private server owners such as yourself can still develop while bot owners cannot.

Bot owner could do such as a proxy intercept the first sequence, and then, the client got closed and the clientless part go on. But, it requires to log-in through the client first.

[Spirited]

Quote:

Originally Posted by CptSky

Bot owner could do such as a proxy intercept the first sequence, and then, the client got closed and the clientless part go on. But, it requires to log-in through the client first.

That's true. My packet logger did that, though I don't know how many programmers would do that now (or have an interest in doing that).

[go for it]

im really thankful for such information i was completely lost , thanks folks that really inspire me

[Korvacs]

Quote:

Originally Posted by Fаng

That's true. My packet logger did that, though I don't know how many programmers would do that now (or have an interest in doing that).

CoGenius actively uses that method to claim its clientless lol