[FAQ] Proxies, packets and bots ooh my!

[creeping]

excellent guide thank you so very much... makes things clearer for us nub coders out there..

[pro4never]

Just a minor heads up for those working on proxies or attempting to use the 5200'ish proxy by tannel. Auth packet has been changed in a recent patch (post 5250 it seems because I had to change it just now when I tried with 5291)

@ openssl. Very good thing to point out. I just assumed most people would know to include it in their project thanks to coemu. I guess that's what I get for being so addicted to that source for too long lol.

[Fish*]

This is a really good job pro.
Always impressed over ur posts/threads.

[Santa]

Alright, I have decided to just create my own proxy and elaborate on it as i get time, I just had a few basic questions(fairly sure I'm correct).

Question one:
You start the Authorizing Server and the Game server at the same time just on different ports?

Question Two:
Do you also start the Proxy-Server Auth/Game 'clients' at the same time along with Servers?

Question Three:
Do I just send the data through at first then implement Blowfish after i get the basic connections?

Final Question:
Any of you have any basic tips that I should take note of or is this as simple at it sounds? By that I mean just connections and encryptions.

[fm_sparkart]

Question 1:
It really does not matter when you start them. Although most people will probably start the game server after receiving the authentication response.

Question 2:
Okay, I'll just let you know what I did. First, my proxy opens a listening port (acting as the authentication server) and waits for the client to connect. When it receives a connection from the client, it connects to TQ's authentication server and receives/sends information. When the proxy receives the 'authentication response' packet, my proxy relays it to the client (so the client knows how to connect to the game server) and then it closes the connection to TQ's authentication server and the client.
My proxy then creates a listening socket (acting as the game server) and waits for the client to connect. When it does, it tries to connect to TQ's game server.

Question 3:
There are two different encryptions:
- One for the authentication routine
- One for the game server

The authentication encryption is used until you receive the "authentication response" (which is the last packet using this encryption). Then you start using Blowfish.

EDIT:
For question 1, if you mean "connect" then you connect to the authentication server first, then the game server.

[pro4never]

Quote:

Originally Posted by StarBucks

Alright, I have decided to just create my own proxy and elaborate on it as i get time, I just had a few basic questions(fairly sure I'm correct).

Question one:
You start the Authorizing Server and the Game server at the same time just on different ports?

No: Don't connect to game server until auth response packet is received (it contains the info for connecting to the game server such as port/ip)

Question Two:
Do you also start the Proxy-Server Auth/Game 'clients' at the same time along with Servers?
No: On client connection only

Question Three:
Do I just send the data through at first then implement Blowfish after i get the basic connections?
[color=red]You implement blowfish as the required packets are being sent. That's the only time you can set it up.

Final Question:
Any of you have any basic tips that I should take note of or is this as simple at it sounds? By that I mean just connections and encryptions.
Simple... just a matter of getting it all woring

Kk so sequence of events is.


Proxy creates "auth listener" and "game listener". This listens for connections to the login server port and game server port. When the client connects to this, the proxy then should connect to the tq auth server. As soon as you connect you will receive the password seed packet (you can use it to read the password or just forward it). Client then sends the login request and then receives the auth response (if it's a valid login then this packet contains the game server ip/port and such) You edit the auth response packet to connect to proxy rather than the official servers by changing the ip.

The client will now connect to the game server port. This is when you start implementing blowfish cryption (by blocking and creating fake client/server key packets and setting up a encryption for client and a different one for server (man in the middle attack).


Once this is done you can read/modify and do whatever you want with packets.

[fm_sparkart]

I have a question regarding the DH key exchange.

Are the sizes of P, G, and the public keys dynamic or fixed? The reason I ask is because apparently the packet structure includes a length values for each of those keys, although the sizes have always been the same for me: 128, 2, 128 respectively.

Actually just checked again and even the keys are fixed: 32528, 13616, 6256

Or am I reading it wrong?

[flowerpot!]

The sizes are almost always the same - the values change roughly every maintenance.

[Santa]

Alright, made a little bit of progress(sadly school started), but this is what i got so far.



I'm a little confused on when the AuthClient receives why it doesn't has the AuthServer.Send function like AuthClient.Send.

Doesn't Sender.Send do the same thing as AuthServer.Send?

[pro4never]

Yahhh... i never really used hybrids socket system from that tutorial from that demo mostly cause it's missing a few things that you may need *cough* .


Maybe i haven't looked at it enough but i remember having some problems with sending a packet whenever i wanted to the client w/o having it first connect or send something. Again, barely used it though.

I'd suggest for your 'test' proxy to use simple ol' sync sockets so you can get a feel for how things need to work. Worry about using a more advanced system later on.

[Santa]

Quote:

Originally Posted by pro4never

Yahhh... i never really used hybrids socket system from that tutorial from that demo mostly cause it's missing a few things that you may need *cough* .


Maybe i haven't looked at it enough but i remember having some problems with sending a packet whenever i wanted to the client w/o having it first connect or send something. Again, barely used it though.

I'd suggest for your 'test' proxy to use simple ol' sync sockets so you can get a feel for how things need to work. Worry about using a more advanced system later on.

I decided to go with the Async socket for the Server and hybrids socket system for the connection to the server, i can't seem to get it to send the data from the proxy to the client. AuthServ.Send(Arg);? Everytime i try, it says I'm not connected on that socket.

[fm_sparkart]

Quote:

Originally Posted by StarBucks

i can't seem to get it to send the data from the proxy to the client. AuthServ.Send(Arg);? Everytime i try, it says I'm not connected on that socket.

And you're positive you've established a connection (most unlikely)?

[pro4never]

On authserver connect you should be connecting to authcllient... i doubt. Enable is actually connecting(you don't connect till client connects to proxy, aka on the connection code)

[gabrola]

Quote:

Originally Posted by StarBucks

Alright, made a little bit of progress(sadly school started), but this is what i got so far.



I'm a little confused on when the AuthClient receives why it doesn't has the AuthServer.Send function like AuthClient.Send.

Doesn't Sender.Send do the same thing as AuthServer.Send?

Move
AuthClient.Enable("209.172.33.201", 9957, ClientRecvBuffer);
to your AuthServer_OnClientConnect method, you shouldn't establish the connection until a client connects to your socket first.
AuthServer doesn't have a Send function because it's a listening port. Which could have more than just one connection to it, how would you send a packet to a client when there are two clients connect using just a Send? Which why you instead send the packet to the CustomWinsockClient instance which represents a single connection on your socket, I believe that is the "Sender" parameter in all three events for your AuthServer instance.
So what you need to do is, under public WinsockClient AuthClient;
you need to add, a public CustomWinsockClient ConnectedClient;
Then in your AuthServer_OnClientConnect method add ConnectedClient = Sender;
Now in your AuthClient_OnReceive method replace Sender.Send(Arg) with ConnectedClient.Send(Arg);
And i guess that should fix everything.

[_tao4229_]

The reason why you can't AuthServer.Send is because you're not connected on that socket.

Server sockets aren't connected to another, they're bound to a port and listening/accepting new connections. The socket methods take a general "socket" parameter and therefore you can pass a server socket/client socket, but in this case only a client socket will work (one you have made yourself & connect()'d or one you have gotten from accept()).