|
You last visited: Today at 18:41
Advertisement
Developer's Corner
Discussion on Developer's Corner within the DarkOrbit forum part of the Browsergames category.
02/06/2015, 22:41
|
#16
|
elite*gold: 3570 
Join Date: Dec 2012
Posts: 13,044
Received Thanks: 8,252
|
Quote:
Originally Posted by hawk799
How do you know all this information?  
Amazing.. |
It's called Reverse Engineering.
Quote:
Originally Posted by iṄk
They are doing the same method in Seafight.
At first it may seem impossible, but if you understand the context of each command you are able to get the right ordering.
For example the Login Command definitely has a sid string and an uid integer: So you are searching for a class that derives from the Command class and has these parameters -> There is just one, done.
There are a lot more parameters you can use to build a protocol updater.
I did the same thing with my "Marid" tool in Seafight and now it's just a simple "./protocol_updater main.swf > protocol.dat" and the bot is online again.
I think the biggest problem nowadays is it to make your program safe and prevent bans.
It's just not possible to check all the time in the Client if they changed a Byte or two in their protocol. (Maybe with huge effort if you write a tool that completely takes control of most aspects of their as3 protocol code)
But Bigpoint may do this and your program is unsafe from one moment to another. (Again, this is just the case for packet bots)
Just look at Merkava. IMO, their effort is just useless: BP makes use of this method to ban all of their customers and nobody wants to use their program anymore.
|
the all mighty ink has spoken ;o
|
|
|
|
02/06/2015, 23:20
|
#17
|
elite*gold: 0
Join Date: May 2014
Posts: 663
Received Thanks: 1,154
|
Quote:
Originally Posted by hawk799
How do you know all this information?
Amazing.. |
Open main.swf with a decompiler and start reading, sniff some packets and continue reading.
BTW I think that we might be focusing packet bots in the wrong way, what about if the bot just injects the AI in main.swf once the browser downloads it?
|
|
|
|
|
02/07/2015, 01:18
|
#18
|
elite*gold: 237
Join Date: Sep 2010
Posts: 1,152
Received Thanks: 4,910
|
Quote:
Originally Posted by iṄk
They are doing the same method in Seafight.
At first it may seem impossible, but if you understand the context of each command you are able to get the right ordering.
For example the Login Command definitely has a sid string and an uid integer: So you are searching for a class that derives from the Command class and has these parameters -> There is just one, done.
There are a lot more parameters you can use to build a protocol updater.
I did the same thing with my "Marid" tool in Seafight and now it's just a simple "./protocol_updater main.swf > protocol.dat" and the bot is online again.
I think the biggest problem nowadays is it to make your program safe and prevent bans.
It's just not possible to check all the time in the Client if they changed a Byte or two in their protocol. (Maybe with huge effort if you write a tool that completely takes control of most aspects of their as3 protocol code)
But Bigpoint may do this and your program is unsafe from one moment to another. (Again, this is just the case for packet bots)
Just look at Merkava. IMO, their effort is just useless: BP makes use of this method to ban all of their customers and nobody wants to use their program anymore.
|
At first it might seem that simple, but how do you handle the Hero Init command that has 3 strings, 12 integers and a few floats in it? Each time they update their client the ordering of the parameters changes. There is no way of telling which of the three strings is the username simply by looking at the class so you have to work backwards from a known location that uses the username. This takes TIME. I understand the Login command in Seafight might be simple, just like the Version command in DarkOrbit is simple, but when you have packets that have 20 or 30 parameters in them and they all have randomized names in the source, its almost impossible to "quickly" update a bot, even with a tool to help you.
For me the anti-bot code is next to trivial. I keep upto date documentation of all anti-bot code I find and it was never ever an issue with PBDO-Bot (I don't think I ever got banned using PBDO-Bot and I know no one who got banned using it, and I know a lot of people). At the moment their anti-bot code is mostly server side for packet bots with a lot of concentration of their client side code on combatting flash injection and packet bots. Their new game client does a lot of checks to make sure code isn't injected into their client, and they upped the ante on their pixel bot code. This code isn't live yet but it means they haven't given up. I wouldn't mind saying that pixel bots are more dangerous these days than packet bots, but thats just me. Clearly I know nothing ;P
-jD
|
|
|
|
|
02/07/2015, 01:33
|
#19
|
elite*gold: 0
Join Date: May 2014
Posts: 663
Received Thanks: 1,154
|
Quote:
Originally Posted by »jD«
[start ****... (nah joking, love you -jD :*)]when you have packets that have 20 or 30 parameters in them and they all have randomized names in the source[end ****... (nah joking, love you -jD :*)].
-jD
|
That remembered me that (I really don't know how) I could get the real name of a packet by playing with the bytecode, I think I have it anywhere, if I find the file I'll upload it 
See you!
|
|
|
|
|
02/07/2015, 01:59
|
#20
|
elite*gold: 237
Join Date: Sep 2010
Posts: 1,152
Received Thanks: 4,910
|
Quote:
Originally Posted by manulaiko3.0
That remembered me that (I really don't know how) I could get the real name of a packet by playing with the bytecode, I think I have it anywhere, if I find the file I'll upload it
See you! |
You can't.
-jD
|
|
|
|
|
02/07/2015, 23:07
|
#21
|
elite*gold: 0
Join Date: May 2014
Posts: 663
Received Thanks: 1,154
|
Quote:
Originally Posted by »jD«
You can't.
-jD
|
I couldn't find the screenshot I made to prove it, but in some packets you can find the name in the bytecode.
See you!
|
|
|
|
|
02/08/2015, 00:25
|
#22
|
elite*gold: 0
Join Date: May 2012
Posts: 3,053
Received Thanks: 2,658
|
Quote:
Originally Posted by »jD«
At first it might seem that simple, but how do you handle the Hero Init command that has 3 strings, 12 integers and a few floats in it? Each time they update their client the ordering of the parameters changes. There is no way of telling which of the three strings is the username simply by looking at the class so you have to work backwards from a known location that uses the username. This takes TIME. I understand the Login command in Seafight might be simple, just like the Version command in DarkOrbit is simple, but when you have packets that have 20 or 30 parameters in them and they all have randomized names in the source, its almost impossible to "quickly" update a bot, even with a tool to help you.
For me the anti-bot code is next to trivial. I keep upto date documentation of all anti-bot code I find and it was never ever an issue with PBDO-Bot (I don't think I ever got banned using PBDO-Bot and I know no one who got banned using it, and I know a lot of people). At the moment their anti-bot code is mostly server side for packet bots with a lot of concentration of their client side code on combatting flash injection and packet bots. Their new game client does a lot of checks to make sure code isn't injected into their client, and they upped the ante on their pixel bot code. This code isn't live yet but it means they haven't given up. I wouldn't mind saying that pixel bots are more dangerous these days than packet bots, but thats just me. Clearly I know nothing ;P
-jD
|
And how will they try to detect a pixel bot?. If a pixel bot is full randomized and so on, which is the difference of play and botting?, how looks they anti pixel bot code? PS: i dont know anybody banned from pbdo bot too jajajja
|
|
|
|
|
04/03/2015, 20:50
|
#23
|
elite*gold: 0
Join Date: Apr 2015
Posts: 348
Received Thanks: 1,306
|
As far as I can see, the private servers doesn't have any kind of encryption by default, right?
I have been trying to make a simple packet bot for a private server, I decompiled the main.swf and looked at the packets being sent when connecting. But even though I send the exact same packets, nothing really happens...
|
|
|
|
|
04/03/2015, 21:44
|
#24
|
elite*gold: 0
Join Date: Dec 2010
Posts: 461
Received Thanks: 65
|
Hello, I am trying to make a program in Java that will go to darkorbit.com>login>go to auction>bid on certain item.
However, I can only open up browser and go on link. I use DR. Java, about to switch to Eclipse.
import java.net.URI;
import java.io.IOException;
import java.awt.Robot;
import java.awt.event.*;
public class HelloWorld
{
static Console c;
public static void main(String []args) throws Exception {
{
c = new Console();
c.println("How much do you want to bid on xenomit every hour?");
int Credits = c.readInt();
Robot robot = new Robot();
int mask = InputEvent.BUTTON1_DOWN_MASK;
if(Credits >0)
{
String url = "http://darkorbit.com";
Desktop.getDesktop().browse(new URI(url));
robot.mouseMove(1228, 103);
robot.mousePress(mask);
robot.mouseRelease(mask);
}
}
}
}
|
|
|
|
|
04/03/2015, 22:00
|
#25
|
elite*gold: 0
Join Date: Jun 2012
Posts: 409
Received Thanks: 194
|
Quote:
Originally Posted by harman101
Hello, I am trying to make a program in Java that will go to darkorbit.com>login>go to auction>bid on certain item.
However, I can only open up browser and go on link. I use DR. Java, about to switch to Eclipse.
import java.net.URI;
import java.io.IOException;
import java.awt.Robot;
import java.awt.event.*;
public class HelloWorld
{
static Console c;
public static void main(String []args) throws Exception {
{
c = new Console();
c.println("How much do you want to bid on xenomit every hour?");
int Credits = c.readInt();
Robot robot = new Robot();
int mask = InputEvent.BUTTON1_DOWN_MASK;
if(Credits >0)
{
String url = "http://darkorbit.com";
Desktop.getDesktop().browse(new URI(url));
robot.mouseMove(1228, 103);
robot.mousePress(mask);
robot.mouseRelease(mask);
}
}
}
}
|
You should use libCurl for it, in C/C++
To do it by mouse controll as you are doing is simply a creator of a lot of problem.
Pm me if you need more help on it
|
|
|
|
|
04/03/2015, 22:54
|
#26
|
elite*gold: 0
Join Date: Dec 2010
Posts: 461
Received Thanks: 65
|
Quote:
Originally Posted by Xavierbot
You should use libCurl for it, in C/C++
To do it by mouse controll as you are doing is simply a creator of a lot of problem.
Pm me if you need more help on it
|
I only know vb and Java, I just need to know how I can navigate my Web browser through Java, like make it login?
|
|
|
|
|
04/03/2015, 22:59
|
#27
|
elite*gold: 0
Join Date: Mar 2015
Posts: 125
Received Thanks: 67
|
Quote:
Originally Posted by harman101
I only know vb and Java, I just need to know how I can navigate my Web browser through Java, like make it login?
|
Why don't you do it in VB instead?
|
|
|
|
|
04/03/2015, 23:04
|
#28
|
elite*gold: 0
Join Date: Dec 2010
Posts: 461
Received Thanks: 65
|
Quote:
Originally Posted by AiTrixx
Why don't you do it in VB instead?
|
Same problem, how can I navigate my Web browser. I get stuck on both.
|
|
|
|
|
04/03/2015, 23:16
|
#29
|
elite*gold: 0
Join Date: Jun 2012
Posts: 409
Received Thanks: 194
|
Quote:
Originally Posted by harman101
Same problem, how can I navigate my Web browser. I get stuck on both.
|
The easy way shoud be to send HTTP request.
There is probably some java's librairies who are doing it. You just have to search now
|
|
|
|
|
04/04/2015, 00:40
|
#30
|
elite*gold: 0
Join Date: Mar 2015
Posts: 24
Received Thanks: 21
|
Quote:
Originally Posted by Xavierbot
The easy way shoud be to send HTTP request.
There is probably some java's librairies who are doing it. You just have to search now |
With Apache's library is easy as **** . You only need to send right headers and act like a web browser.
-Kryptic Destro
|
|
|
|
 |
|
Similar Threads
|
GFX-CorneR | The Corner for GFXer
10/03/2012 - General Art - 4 Replies
Guten Tag ePvPers Community,
Mir kam gestern der Gedankenschuss ein Forum zu eröffnen, in dem es nur ums GFXen, etc. geht. Mir ist klar dass es schon einen Haufen, voll von solchen Foren gibt, jedoch wollte ich einfach mal ein Projekt, für ein solches starten. Falls ihr Lust und Interesse habt, registriert euch doch einfach mal. Da ich einfach nur eines der vorhandenen "PHPbb3" Themes genommen habe, und diese Buttons umgefärbt habe, ist das Forum u.U. noch ein wenig verbuggt, da ich aber,...
|
Going back to the corner, where I first saw you
12/30/2011 - RF Online - 2 Replies
Hey guys!!! Been a long time since I played RF haha.... so what are the new hacks available these days??? 2.2.3 isnt it???
|
2 Very important suggestion for web developer from experienced developer [English]]
11/21/2011 - General Coding - 0 Replies
I have been developing websites now over 3 years now. My biggest regret is i started developing web sites without knowing CSS & Jquery. Yes before starting development learn CSS 3 and Jquery. These are even more important than your programming skills :) And they are hard to fix once you developed without knowing them.
|
Geo Three Corner
06/04/2011 - Main - 1 Replies
YouTube - ‪Buddy Ogün - THE GAME - Der Deal‬‏
|
All times are GMT +1. The time now is 18:42.
|
|
