Memory Address of Post Encrypted Send Packet

[xmen01235]

Currently I am working on memory based proxy but I have a problem in finding the address of the pre-encrypted send packet data. I think i found out the address of the receive packet(from server), as per attached, but I'm not sure it that was really the address.

Anyone please help me how to locate the address of pre-encrypted send packet.

The title is misleading but I mean Post-decryption of receive packet buffer and pre-encryption of send packet buffer.

[gabrola]

Well if you need post-encryption packets just hook the winsock send methods. Unless you mean pre-encryption/post-decryption, well I don't have much info, but from your screenshot, that seems to be the packet buffer address.

[xmen01235]

Quote:

Originally Posted by gabrola

Well if you need post-encryption packets just hook the winsock send methods. Unless you mean pre-encryption/post-decryption, well I don't have much info, but from your screenshot, that seems to be the packet buffer address.

I need the pre-encryption and post-decryption buffer data bro.

[IAmHawtness]

You need to find some place in Conquer.exe where the un-encrypted packet is accessed from. The smartest thing is to find the function that encrypts and sends packets to the server, hook the function (using whatever method you feel like using), and read/edit the parameters of the function (the parameters are most likely something like packet address and packet size)

[KraHen]

Can`t you decrypt it? o.0

[Ian*]

Quote:

Originally Posted by KraHen

Can`t you decrypt it? o.0

There's no need to decrypt it when you can make the client encrypt and decrypt it for you

[xmen01235]

Quote:

Originally Posted by IAmHawtness

You need to find some place in Conquer.exe where the un-encrypted packet is accessed from. The smartest thing is to find the function that encrypts and sends packets to the server, hook the function (using whatever method you feel like using), and read/edit the parameters of the function (the parameters are most likely something like packet address and packet size)

Yah I tried searching it bro but it is like I am searching a single sand in the beach, I mean I am so noob in this memory thingy. I read some basic on hooking and I think I need to study assembly 101 first.

But while checking back my screenshot, I can really conclude that it is the buffer address and I think this is where SV had been develop. I am developing one application now to use that information to create my own bot similar to SV. I am using the PostMessage of mouse and keyboard to automate my client while I am updating the client information via that receive buffer. But one thing i am worried is the mouse background checker of the conquer client or at least someone give me an idea how to defeat the background checker of conquer client without editing the client itself.

So my plan right now will be like this as follows:
1. I will read the receive buffer and since I have already a packet based proxy then I have also the structure of most of the important packet so it will be easier for me to map the several packet into my application.
2. Find a best method to use Postmessage mouseclick while defeating the client background checker.
3. I will implement a Postmessage mouseclick in my application, in automating the action from my client(e.g. attacking monster,jumping, fbing and etc.)

And planning to implement it in VB dot net.

Quote:

Originally Posted by KraHen

Can`t you decrypt it? o.0

Actually I can but I just want to get rid with the en/de things since anytime TQ can change their en/de. Just making my bot live like forever :P.(I also have my own customized packet based proxy, but I'm not planning to release it yet).

Quote:

Originally Posted by Ian*

There's no need to decrypt it when you can make the client encrypt and decrypt it for you

Yah exactly bro. Hope you will share your knowledge to us :P...

[IAmHawtness]

Quote:

Originally Posted by xmen01235

Yah I tried searching it bro but it is like I am searching a single sand in the beach, I mean I am so noob in this memory thingy. I read some basic on hooking and I think I need to study assembly 101 first.

But while checking back my screenshot, I can really conclude that it is the buffer address and I think this is where SV had been develop. I am developing one application now to use that information to create my own bot similar to SV. I am using the PostMessage of mouse and keyboard to automate my client while I am updating the client information via that receive buffer. But one thing i am worried is the mouse background checker of the conquer client or at least someone give me an idea how to defeat the background checker of conquer client without editing the client itself.

So my plan right now will be like this as follows:
1. I will read the receive buffer and since I have already a packet based proxy then I have also the structure of most of the important packet so it will be easier for me to map the several packet into my application.
2. Find a best method to use Postmessage mouseclick while defeating the client background checker.
3. I will implement a Postmessage mouseclick in my application, in automating the action from my client(e.g. attacking monster,jumping, fbing and etc.)

And planning to implement it in VB dot net.


Actually I can but I just want to get rid with the en/de things since anytime TQ can change their en/de. Just making my bot live like forever :P.(I also have my own customized packet based proxy, but I'm not planning to release it yet).



Yah exactly bro. Hope you will share your knowledge to us :P...

I would recommend that you use functions from inside Conquer.exe instead of sending mouse-click messages to the Conquer window using PostMessage. Unless you know how to convert in-game coordinates to mouse coordinates, it's really not a good idea.

[Korvacs]

Why would you want or even need to send mouse/keyboard messages to the client when you have complete control over send and receive. Just use the client to decrypt/encrypt and have your bot do all the work.

[xmen01235]

Quote:

Originally Posted by Korvacs

Why would you want or even need to send mouse/keyboard messages to the client when you have complete control over send and receive. Just use the client to decrypt/encrypt and have your bot do all the work.

If I am very good in hooking then I will really do that way bro but I'm still studying this method. I am looking for some basic example in the net right now and hopefully I can make one for this purpose. Assembly is very painful for my eyes and how I wish I can learn it in quickest time lol.

Btw, thanks a lot for your encryption wiki it really helps a lot on my packet structuring .