So you know... all packets for game server are decrypted/encrypted even before the exchange is complete.
Not all values are initiated yet. That could be some of the problems you are having with setting up the keys.
@ bad image exception. I'm fairly sure that had to do with the loading method of the native calls or possibly it referencing x84 vs x64 files... I forget which (usually when I've seen that error it has to do with needing to change the dllloader settings or use a different dll)
For some reason i am still having a bit of issues with server DH packet. I logged a few of my decrypted DH packets and realized an astonishing pattern ( which should not be happening) that is, all the readable spectrum of the packet are exactly the same for all packets logged. See quote
This puzzles me because after seeing the trailing stamp - TQServer, i am certain that this packet has been successfully decrypted. yet i am seeing weird headers and repeating body. The packet should theoractically include clientIV, serverIV, p, g, ServerPublicKey. At the very minimum, it makes sense for the first 4 fields to be constant, but ServerPublicKey has to be a variant.
I tried to perceive the occurrences of 05 as the g field of the packet. but when compared to tannel's source, g should be of an Int32, but 05 is only 1 byte, that leads me to wonder if the other empty bytes contributes to the weird chars around 05. Similarly, On conquerwiki, clientIV and serverIV are supposely 8 bytes, which is algorithmically true. However in tannel's source,
Code:
ServerIV = BR.ReadBytes(BR.ReadInt32());
ClientIV = BR.ReadBytes(BR.ReadInt32());
P = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32()));
G = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32()));
Server_PubKey = Encoding.ASCII.GetString(BR.ReadBytes(BR.ReadInt32()));
ServerIV and clientIv are only 4bytes? I am really confused. Well, up to this stage, everything is deduced from observations.
Am i missing something ? Are these packets really valid?
But how are you supposed to log the packets you need without a working proxy in the first place?
The proxy works just fine. It simply needs its handling of packets updated. AKA log what the server is sending and then change a few lines of code in the proxy.
p,g, clientIV, serverIV and Server Public were already on that packet. You can use binary reader to get those values. I forgot the number of junk bytes but that is where you are going to start on reading your known(p,g,etc..) data.
After you figured out that one you can start setting up your DH key exchange for both the server-proxy and proxy-client connection.
And finally you will go to korvacs wiki for packet information.
p,g, clientIV, serverIV and Server Public were already on that packet. You can use binary reader to get those values. I forgot the number of junk bytes but that is where you are going to start on reading your known(p,g,etc..) data.
After you figured out that one you can start setting up your DH key exchange for both the server-proxy and proxy-client connection.
And finally you will go to korvacs wiki for packet information.
Awesome ... This is what i need to solve my problem. On first page pro4never posted tannel's codes, which suggests 11 bytes of junk data.
Test result. packet_size - packet_data_size is always 11 -> junk size.
Also, i have correctly obtained all the information.
However just a side track, why is it that p,g,A always the same? are we going to solely rely on the clientiv and serveriv for encryption/decryption? I have yet to verify if clientiv and serveriv is varying or constant.
Awesome ... This is what i need to solve my problem. On first page pro4never posted tannel's codes, which suggests 11 bytes of junk data.
Test result. packet_size - packet_data_size is always 11 -> junk size.
Also, i have correctly obtained all the information.
However just a side track, why is it that p,g,A always the same? are we going to solely rely on the clientiv and serveriv for encryption/decryption? I have yet to verify if clientiv and serveriv is varying or constant.
strip tanels C# proxy and when they log in, after packet gets decrypted send the whole decrypted packet to your java proxy, do what you want, then send it back to the C# proxy to get encrypted and sent.
The code snippet above is just for example purposes and you may need to debug it if you want to use it.
Goodluck...
Wow, that was comprehensive.. That actually make me wonder. did you have a similar post like this on c@deXpl0si0n? I think you even used the exact same forumname, lol. But this time it is alot more clearer.
However i do have another question. If i remembered correctly every blowfish decrypts or encrypts something, it only requires ONE initial vector.
so. in the case of Server-Client interaction ...
client initialize blowfish with serverIV to decrypt packets?
eg: Blowfish clientBlow = new BlowFish();
clientBlow.initialize(key, serverIV);
clientBlow.decrypt(packet);
client initialize blowfish with clientIB to encrypt packet?
eg: clientBlow.initialize(key, clientIV);
clientBlow.encrypt(packet);
Are above what is really happening? I have not really checked if btoh IV are the same (shouldn't be) and I thought this is sensible because there is no reason to send 2 IV to client if client doesn't need to use them both.
Wow, that was comprehensive.. That actually make me wonder. did you have a similar post like this on c@deXpl0si0n? I think you even used the exact same forumname, lol. But this time it is alot more clearer.
However i do have another question. If i remembered correctly every blowfish decrypts or encrypts something, it only requires ONE initial vector.
so. in the case of Server-Client interaction ...
client initialize blowfish with serverIV to decrypt packets?
eg: Blowfish clientBlow = new BlowFish();
clientBlow.initialize(key, serverIV);
clientBlow.decrypt(packet);
client initialize blowfish with clientIB to encrypt packet?
eg: clientBlow.initialize(key, clientIV);
clientBlow.encrypt(packet);
Are above what is really happening? I have not really checked if btoh IV are the same (shouldn't be) and I thought this is sensible because there is no reason to send 2 IV to client if client doesn't need to use them both.
Yep I am using same forum ID here in epvp and cxp. There is much more comprehensive posting there in cxp which was created by Zaad but nonetheless the posting above will just summarized as exactly same with him.
You don't need to initialize the vectors for each blowfish crypthographer in the pre-handshaking stage but you will use and update these blowfish vectors after the handshaking where you have computed already the shared key for both connections.
Ok I now have a 64bit PC and libeay32 doesn`t seem to want to get rid of the bad image thing >.< Where should I put the libeay32.dll? Or will I need a libeay64.dll o.0?
Play sound via Packet Send?? [Question String Packet] 07/14/2010 - CO2 Private Server - 5 Replies Yow im trying to figure out why i cant play music with the string packet
What im doin is;
MyChar.Client.SendPacket(Game.Packet.String(MyCha r.UID, 20, Splitter));
My Packet is:
public byte String(long CharId, byte Type, string name)
[Question] Packet data , packet editing ?? 10/13/2009 - 9Dragons - 2 Replies I would like to know :
What is packet data?
How do i get the address for hacking a item in game?
How to use it ??
Packet Logger/Proxy 11/24/2007 - CO2 Exploits, Hacks & Tools - 81 Replies After seeing many "proxy" programs abuse trust and/or disappear I decided to make my own. I figured I might as well release it. Use it if you'd like. It runs off a similar system as my Emu I'm working on so you can get a general idea for it's power :o :P
The setup is simple. The config file is filled out as such:
proxy-address = yourip
server-address = 69.59.142.13
proxy-port = 9958
;ignore-id = 1010
;special-id = 1011
ignore-id ignores certain packets (both directions) from being...
new packet structure?proxy=dead? 08/19/2007 - Conquer Online 2 - 2 Replies I'm hearing that the server.dat has been cracked,and the chat commands are not valid anymore?is it true?Is anyone planing on realeasing the server fix?even without the proxies the are still some uses for it.If some one knows hows can you tell us how to crack it.My hex skills are weak,I know java and trying to learn more on VB,but by the time i crack it the next patch will be out lol :(
![[Question] Proxy - deciphering server key packet](https://www.elitepvpers.com/forum/iconimages/co2-programming/question-proxy-deciphering-server-key-packet_ltr.gif){kind=small}
