Oh P4N, how lost we would all be without you...
Haven't been active for a while, but just dropped by to say that you have my ongoing support.
Oh, and for the love of *** don't do this
#2: Working bot made with this framework that people could use. Just basic features but something people could use if they wished.
DiffieHellman is not an encryption system it is a method of deriving a secret key FOR the encryption system. In the case of CO the encryption system is Cast128 and the key exchange is DiffieHellman.
I think u dont understand me. After auth is done then client(proxy) is redicting to game server and when:
1. Server first generates a pair of DH parameters, P (a large prime number), G, (a generator base, usually is 3 or 5 or 7).
2. using this pair of DH parameters, server generates a DH key pair; this includes a public key of 128bytes long and a private key not longer than public key.
3. Up till this point, the server side DH information is complete. But TQ wants to be more efficient in sending packets. They decided to include some blowfish info as well. Blowfish cfb64 encryption requires a Initialization Vector (IV) of 8 bytes long. TQ decides to use a predefined IV for server->client encryption, and another for client->server encryption. These 2 IVs are included in the first packet as well. Note: these 2 IVs will be reserved for later use.
4. The first packet from server, and the first packet sent by client are considered DH packets. They are encrypted using Blowfish cfb64 with an initialization vector of 8 bytes of zeros.
And i think wanna say that this (4) encryption is changed !
Blowfish hasnt been used for a long time, it switched to Cast128 months ago. The first 2 packets you are talking about are the DH key exchange, they are encrypted using Cast128 and a vanilla key (BC234xs45nme7HU9). They are used to exchange DH public keys so the client and server can derive a shared secret (using their private keys and a common prime and generator) which is then applied to the cast128 encryption.
I know exactly how it works, I've written my own proxy.
Blowfish hasnt been used for a long time, it switched to Cast128 months ago. The first 2 packets you are talking about are the DH key exchange, they are encrypted using Cast128 and a vanilla key (BC234xs45nme7HU9). They are used to exchange DH public keys so the client and server can derive a shared secret (using their private keys and a common prime and generator) which is then applied to the cast128 encryption.
I know exactly how it works, I've written my own proxy.
Me too but i dont looked at it almost 4 months Thanks for clear explanation
No, I'm on Storm mostly.
My proxy isn't really a bot, it's just a proxy I use for packet sniffing and a few automatic functions. It's probably someone from CAI or COG getting theirs up again. I doubt it will/would take them long to suss it out either.
![[Teaching Units] ProxyParadise! A step by step proxy tutorial!](https://www.elitepvpers.com/forum/iconimages/co2-programming/teaching-units-proxyparadise-step-step-proxy-tutorial_ltr.gif){kind=small}
Thanks for clear explanation
