Register for your free account! | Forgot your password?

You last visited: Today at 04:36

  • Please register to post and access all features, it's quick, easy and FREE!


Spell Decrypting.

Reply
 
Old   #1
 
elite*gold: 0
Join Date: May 2005
Posts: 1,892
Received Thanks: 913
Spell Decrypting.

I have the spell decryption in my (4267-based) source, but I'm curious as to where it is found in the client, and how to translate these sorts of encryption/decryption to a higher-level language, since I'm wanting to slightly change these methods. Cryptography is where I'm majorly lacking in expertise...

My question is a little broad; but does anyone just want to work with me in understanding these things?



Lateralus is offline  
Old 03/17/2011, 21:38   #2
 
elite*gold: 20
Join Date: Jun 2006
Posts: 3,293
Received Thanks: 919
Couldn't you just ask Hybrid? He overwrote the spell encryption with his own.


Kiyono is offline  
Old 03/17/2011, 21:41   #3
 
elite*gold: 0
Join Date: May 2005
Posts: 1,892
Received Thanks: 913
Quote:
Originally Posted by Kiyono View Post
Couldn't you just ask Hybrid? He overwrote the spell encryption with his own.
Haha, I asked him at about the same time you posted this. o.o
Lateralus is offline  
Old 03/17/2011, 22:29   #4
 
elite*gold: 20
Join Date: Aug 2005
Posts: 1,734
Received Thanks: 995
The best way to starting tracking where the encryption is would probably be the packet that gets sent when you use a spell. From there you backtrace to the point in ASM that calls the method that passes the parameters to this send function and then just try and find the function that encrypts the parameters.


(Or you could take advantage of one of the XOR values that are constant and look for that in OllyDbg)


tanelipe is offline  
Old 03/17/2011, 22:42   #5
 
elite*gold: 0
Join Date: May 2005
Posts: 1,892
Received Thanks: 913
Quote:
Originally Posted by tanelipe View Post
The best way to starting tracking where the encryption is would probably be the packet that gets sent when you use a spell. From there you backtrace to the point in ASM that calls the method that passes the parameters to this send function and then just try and find the function that encrypts the parameters.


(Or you could take advantage of one of the XOR values that are constant and look for that in OllyDbg)
I found the function by backtracking the request attack packet magic subtype, just don't understand exactly how to find which values correspond to which registers, and etc...
Lateralus is offline  
Old 03/18/2011, 06:01   #6
 
elite*gold: 0
Join Date: Nov 2006
Posts: 805
Received Thanks: 464
eh removed it.
Ian* is offline  
Old 03/18/2011, 06:05   #7
 
elite*gold: 0
Join Date: May 2005
Posts: 1,892
Received Thanks: 913
Quote:
Originally Posted by Ian* View Post
eh removed it.
Removed what?
Lateralus is offline  
Old 03/18/2011, 13:47   #8
 
elite*gold: 20
Join Date: Aug 2005
Posts: 1,734
Received Thanks: 995
Aren't the parameters pushed to the encryption function? You could see how those parameters are stored into the registers inside the encrypt function since they (parameters) are passed in as plain values such as 1045 etc.
tanelipe is offline  
Old 03/18/2011, 15:05   #9
 
elite*gold: 0
Join Date: May 2005
Posts: 1,892
Received Thanks: 913
Quote:
Originally Posted by tanelipe View Post
Aren't the parameters pushed to the encryption function? You could see how those parameters are stored into the registers inside the encrypt function since they (parameters) are passed in as plain values such as 1045 etc.
Thanks man, got it.
Lateralus is offline  
Old 05/15/2011, 12:17   #10
 
elite*gold: 0
Join Date: Jun 2010
Posts: 2,192
Received Thanks: 847
Quote:
Originally Posted by tanelipe View Post
The best way to starting tracking where the encryption is would probably be the packet that gets sent when you use a spell. From there you backtrace to the point in ASM that calls the method that passes the parameters to this send function and then just try and find the function that encrypts the parameters.


(Or you could take advantage of one of the XOR values that are constant and look for that in OllyDbg)
How would one find that? o.O
_DreadNought_ is offline  
Old 05/15/2011, 21:51   #11
 
elite*gold: 0
Join Date: May 2005
Posts: 1,892
Received Thanks: 913
Quote:
Originally Posted by _DreadNought_ View Post
How would one find that? o.O
Find where packet type 1022 is constructed, find the subtype 0x15 (magic subtype), and the encryption is close.


Lateralus is offline  
Thanks
1 User
Reply



« [Release]MineBot\AccMkr\Loot\Hunt Source Code | Hallo! Ich hätte gerne . . . »

Similar Threads
Decrypting chatlogs
08/26/2007 - CO2 Main - Discussions / Questions - 3 Replies
Hi all, I've looked around the forum and have been unable to find any topics related to my question so here it is. Is it possible to decrypt chatlog files / how can this be done and would anyone be willing to make a simple tool to do so or...
Decrypting l2.ini on es-L2
10/12/2006 - Lineage 2 - 0 Replies
Hi, please help me decrypt the l2.ini file of www.ES-L2.com, i tried all your ideas of drag drop with l2decrypt or cmd with l2encdec, if u want to have the file, download the patcher on the www.es-l2.com and then ull be able to run the setting and...
Is Decrypting 412 ini Not Possible Yet?
09/06/2005 - Lineage 2 - 9 Replies
Seeing as there is no answer to my thread that has been around for days ( http://www.elitepvpers.com/forum/index.php?...&f=41&t=6844&s= ) is there just no way at this time to decrypt the 412 ini?
help with decrypting , please
06/20/2005 - Lineage 2 - 3 Replies
I want to decrypt lineage.dll's from ingame walker. Is it possible to decrypt and to edit? Lowfyr provided with the link to some decryptor (http://dstuff.luftbrandzlung.org/l2asylum/), but the question is: is this the right tool for that and what...



All times are GMT +2. The time now is 04:36.


Powered by vBulletin®
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Abuse
Copyright ©2018 elitepvpers All Rights Reserved.