Read Please!

[TwistedIllusions]

Well, my first thread was completely ignored and has now died into oblivion
but the questions i asked then are not problems to me anymore.

ok, on with my question:

Co Packets, Right, i have created a little vb app, i am able now to grab the packets, and turn them into hex, now i managed to figure out about the Xor function and other things that where confusing me, and how to read the atchall hex once decoded, and i ended up with somthing like this:

Original Packet Sent:

Quote:

?eÕÄ¥ß3¥Ëuo_?°"D¾?*½µ?ËdøºÇ5©$y&Ô3v?5« ÁmY?º

Converted Into Hex:

Quote:

17 84 04 65 D5 13 C4 A5 DF 0F 33 A5 14 CB 75 6F 5F 89 B0 22 44 BE 8B A0 BD B5 8B CB 64 F8 BA C7 35 A9 24 79 26 D4 33 76 3F 05 35 AB 16 C1 7F 6D 59 87 BA 20

Decoded:

Quote:

34 00 1B 04 54 65 73 9A 00 00 00 EE 00 00 00 00 00 00 00 00 7D 8F D7 8F B6 5B 5B 96 37 C3 2C BA 36 90 B9 25 4B 79 6C 69 6E 00 00 00 00 00 00 00 00 00 00 00

Read:

Quote:

4...Tes?...î........}.×.¶[[?7Ã,º6.¹%Kylin...........

Thats Fine For The First Packet Sent To The Account Server, But I Came To A Problem When Trying To Decode The First Packet That Is Sent Server To Client.

The Packet Tutorial, Doesn't Make It Clear On How To Decode The Packet That Gives You The 3rd And 4th Keys, It Gives You

Quote:

*** RECV - size: 28
1C 00 1C 04 2E A6 44 00 F4 48 5C 20 36 34 2E 31* * ...¦D.ôH\ 64.1
35 31 2E 38 31 2E 32 30 34 00 00 00* * * * * * * * * ** 51.81.204...

which is the key in decrypted form, but it doesn't explain how this was decypted to begin with, anyone care to clear this up for me?

or at least point me where it says how to decrpyt this packet?
I get the packet as:

Quote:

?H? T?.íð3ZüªÉ'°
ÂÉsÐ&Þã*

which in hex becomes:

Quote:

84 48 9A 12 09 54 3F 2E ED F0 33 5A 1C 10 FC AA C9 27 B0

using the 2 keys i get:

Quote:

0D CC F2 73 99 11 CC CC 23 FF 00 FF 80 BD 98 4D 69 EA 00

which reads as:

Quote:

.Ìòs?.ÌÌ#ÿ.ÿ.½?Miê.

which isn't correct, so there must be anouther way to read it that i have missed,
then i thought maybe it was readable without unencytion, but that didn't come out right either:

Quote:

.H?..T?.íð3Z..üªÉ'.

the example given in the tut i can read correctly, it gives me:

Quote:

.....¦D.ôH\ 64.151.81.204...

i just can't seem to figure out the decryption for the first server to client packet, if i can get that decrypted i can get the 3rd and 4th keys and from there it should be fine *hopes*

any help will be much appreated.

[Edit]

the tutorial im on about is the packet encrytion/decryption one here:

[Edit]

Im Guessing that after each packet sent/recived you rest the counter?
or am i mistaken?

[Edit]

not reseting the counter still doesn't make a difference..

[Edit]

I see now that there are 2 counters for incomming packets and outgoing packets, and im going to take a shot in the dark and saying that the counters are Per user, so the first server -> client packet would be using the second set of counters, so they should start at 00, and 00 anyway, so i don't see why it shouldn't decrypt them -.-

[TwistedIllusions]

Bumpy Bumpy
[img]text2schild.php?smilienummer=1&text=Gah.' border='0' alt='Gah.' />

[xdante]

lol i would help you.. but you know.. im to lazy to read the whole post haha

[FAX]

lol hehe err maybe u shud try PM'ing some1 who know's this xD lol the creater of Cotobo :P lol .... but lol i dunno

[FAX]

Quote:

Originally posted by xdante@Jul 9 2006, 00:59
lol i would help you.. but you know.. im to lazy to read the whole post haha

rofl .... lol ahah this guy has a point lol ye try to shortan tht out most ppl who can actualy help u r mods an they dun have time to read through all tht :P lol

[TwistedIllusions]

Quote:

Originally posted by xdante@Jul 9 2006, 00:59
lol i would help you.. but you know.. im to lazy to read the whole post haha

-.- :?

I still can't figure it out..

[Ultima]

you decode the packet the same way as the first but you you dont start at byte one of the key set but the x th byte

ähm you know first packet is 38 byte you start at first byte and end at 38 th byte than next packet you start at 39th byte and end at the x th byte (x is 38 + x) (x is size of the second packet)

i hope that helps you if anything is unclear ask me ill help you

[TwistedIllusions]

Quote:

Originally posted by Ultima@Jul 10 2006, 02:57
you decode the packet the same way as the first but you you dont start at byte one of the key set but the x th byte

ähm you know first packet is 38 byte you start at first byte and end at 38 th byte than next packet you start at 39th byte and end at the x th byte (x is 38 + x) (x is size of the second packet)

i hope that helps you if anything is unclear ask me ill help you

So what i do, is take the first packet, using the keys, decrypt it, and after that just decrypt the next one directly afterwards?

the first packet seems to be 52 bytes, not 38, when i decode it, but it still comes out correctly, i tryed to decode the second packet directly after the first, but that still refused to decrypt it properlly.

i then tryed setting my counter to 38 in hex (28 in hex)
which would result in decoding starting from the 39th key, that came out with a lot of illegeiable stuff, then i tryed setting it to 38 in hex (in numbers 46) that didn't work either, after the first decryption my counter is usually set at 34 in hex, decoding after that is still unreadable.

i would really appreate it if you tryed to clear this up for me, +k for trying

[Ultima]

Quote:

Originally posted by TwistedIllusions+Jul 10 2006, 10:30--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (TwistedIllusions @ Jul 10 2006, 10:30)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--Ultima@Jul 10 2006, 02:57
you decode the packet the same way as the first but you you dont start at byte one of the key set but the x th byte

ähm you know first packet is 38 byte you start at first byte and end at 38 th byte than next packet you start at 39th byte and end at the x th byte (x is 38 + x) (x is size of the second packet)

i hope that helps you if anything is unclear ask me ill help you

So what i do, is take the first packet, using the keys, decrypt it, and after that just decrypt the next one directly afterwards?

the first packet seems to be 52 bytes, not 38, when i decode it, but it still comes out correctly, i tryed to decode the second packet directly after the first, but that still refused to decrypt it properlly.

i then tryed setting my counter to 38 in hex (28 in hex)
which would result in decoding starting from the 39th key, that came out with a lot of illegeiable stuff, then i tryed setting it to 38 in hex (in numbers 46) that didn't work either, after the first decryption my counter is usually set at 34 in hex, decoding after that is still unreadable.

i would really appreate it if you tryed to clear this up for me, +k for trying [/b][/quote]
^^ sorry the 38 was just an example cause i couldn`t remember the size

if the first packet is 52 bytes than you start decrypting the next packet at byte 53

you just keep decrypting byte after byte that comes in except at one point after the login server when you connect to the game server you reset the counter and start at the first byte again i think^^ i cant remember clearly it was either encrypting the send bytes or decryption of the recv bytes

[Cowface]

that looks complicated as hell

[kurogasa]

Quote:

Originally posted by Cowface@Jul 14 2006, 03:40
that looks complicated as hell

umm, yeh......

What is the point of decrypting all of these anyway?

[tester]

Quote:

Originally posted by Ultima@Jul 13 2006, 19:53
you just keep decrypting byte after byte that comes in except at one point after the login server when you connect to the game server you reset the counter and start at the first byte again i think^^ i cant remember clearly it was either encrypting the send bytes or decryption of the recv bytes

I have 4 counters 2 for sending and 2 for receiving (Actually 8, 4 for client send/recv and 4 for server send/recv) you reset them all after the client connects to the game server.