Editing even one number in Wpe and get DC after a few sec

[Naniooooo]

ok so i catch Wsa Send packet i try even only 1 number to change like
4A to 41 and then it sendts like 50 packets really fAST AND you are disconect from the server

[Proxynear]

If you try to accelarate packet into your server and client thats normal it get crash , because it has a limit of packet/s

[guesswho-.-]

Quote:

Originally Posted by Proxynear

If you try to accelarate packet into your server and client thats normal it get crash , because it has a limit of packet/s

lol what


@OP
if you change the crc of the packet then it will be ignored. but since the client has incremented the packet number in the header, there will be a mismatch on the packet number side, since the server will keep waiting for the right packet with the right number.

[Naniooooo]

look i found my name
my name : 0000 lets say its 4D AD 48 08
and i try to change it
look at the picture




and then it sends my packet the edited and then 65 packets really fast and i get DC

i tried to block those 65 packets but everytime when i found the right numbers to block next time they are different

[guesswho-.-]

Packet traffic is encrypted. If you edit an encrypted packet data, the decrypted portion will be different from the original and will most likely fail. Furthermore the first 0x10 bytes is the header itself. You can find the header description somewhere in the forums. It's also encrypted.

[Naniooooo]

okay so i success decrypt the the packet ( i found old app for that on epvp)
now i can edit the packet but how to encrypt it back so i can send it
i found a code on C# and c++


but when i try to compile it it gives me error
In function 'void CryptBody(unsigned char*, int)':
72:24: error: 'byte' was not declared in this scope
77:24: error: 'byte' was not declared in this scope

maybe i have to put any packet somewhere or ?

[freez00]

The only way you can re-encrypt the packet is if you have the algorithm or cipher (hash), or key to encrypt it. then, you have to make sure to put it back in the right sequence you took it out from. I'm not sure this is possible since this is a security measure to prevent people from intercepting packets, changing them and re-sending them. You should do like guesswho and change the asm code directly instead of trying to change the transmitted data in the packets.

[guesswho-.-]

packet encryption is not static. you need the cryptkey which is delivered with 0x20082
and that func will blow itself up after 255 packets are sent afaik. you need to modify it.

[freez00]

If you increase the number of packets it can receive, wouldn't that slow down the server or cause a buffer overflow?

[Naniooooo]

isnt that the code i need ?

Code:

        public static byte[] CryptBody(byte[] PacketData, int len)
        {
            if (len <= 14 || PacketData[14] == 0x00)
            {
                return PacketData;
            }
            byte[] DecryptedData = new byte[len];
            ulong key = PacketData[14];
            for (int i = 0; i < 12; i++)
            {
                DecryptedData[i] = (byte)(PacketData[i]);
            }
            for (int i = 12; i < len; i++)
            {
                DecryptedData[i] = (byte)(PacketData[i] ^ key);
            }
            return DecryptedData;
        }

        public static byte[] DecryptData(byte[] PacketData, int len)
        {
            ulong DwordTableVal = 0xFFFFFFFF;
            ulong ByteTableVal = 0;
            ulong DecryptionFlagByte = (ulong)PacketData[4] ^ 0x19;
            ulong CurrentByte = 0;
            byte[] DecryptedData = new byte[len];
            for (int i = 0; i < len; i++)
            {
                CurrentByte = (PacketData[i] ^ DwordTableVal) & 0x0FF;
                DwordTableVal = (DwordTableVal >> 8) ^ Table[CurrentByte];
                ByteTableVal = ByteTable[(i & 0x0FF)];
                DecryptedData[i] = (byte)((ByteTableVal ^ PacketData[i]) ^ DecryptionFlagByte);
            }
            return DecryptedData;
        }

        public static void CalculateChecksum(byte[] PacketData, ulong DwordVal)
        {
            int Counter = 0;
            ulong Byte1 = 0, Byte2 = 0, Byte3 = 0, Byte4 = 0;

            DwordVal = ~DwordVal;
            Byte1 = (DwordVal & 0x000000FF);
            Byte2 = (DwordVal & 0x0000FF00) >> 8;
            Byte3 = (DwordVal & 0x00FF0000) >> 16;
            Byte4 = (DwordVal & 0xFF000000) >> 24;

            PacketData[Counter++] = (byte)Byte4;
            PacketData[Counter++] = (byte)Byte3;
            PacketData[Counter++] = (byte)Byte2;
            PacketData[Counter++] = (byte)Byte1;
        }

        public static byte[] EncryptData(byte[] PacketData, ulong FlagByte)
        {
            ulong EncryptedByte = 0;
            ulong DwordTableVal = 0;
            ulong DwordVal = 0xFFFFFFFF;
            int Counter = 4;

            byte[] EncryptedData = new byte[PacketData.Length];

            for (int i = 0; i < PacketData.Length - 4; i++)
            {
                EncryptedByte = ((ByteTable[(Counter & 0x0FF)]) ^ FlagByte) ^ PacketData[Counter];
                EncryptedData[Counter++] = (byte)EncryptedByte;
                DwordTableVal = (EncryptedByte ^ DwordVal) & 0x0FF;
                DwordVal = (DwordVal >> 8) ^ Table[DwordTableVal];
            }

            CalculateChecksum(EncryptedData, DwordVal);
            return EncryptedData;
        }
        public static byte[] EncryptData(byte[] PacketData, int len, ulong FlagByte)
        {
            ulong EncryptedByte = 0;
            ulong DwordTableVal = 0;
            ulong DwordVal = 0xFFFFFFFF;
            int Counter = 4;

            byte[] EncryptedData = new byte[len];

            for (int i = 0; i < len - 4; i++)
            {
                EncryptedByte = ((ByteTable[(Counter & 0x0FF)]) ^ FlagByte) ^ PacketData[Counter];
                EncryptedData[Counter++] = (byte)EncryptedByte;
                DwordTableVal = (EncryptedByte ^ DwordVal) & 0x0FF;
                DwordVal = (DwordVal >> 8) ^ Table[DwordTableVal];
            }

            CalculateChecksum(EncryptedData, DwordVal);
            return EncryptedData;
        }
        #region lookup tables
        private static ulong[] Table = {
                            0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F,
                            0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
                            0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2,
                            0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
                            0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9,
                            0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
                            0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C, 
                            0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, 
                            0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 
                            0xCFBA9599, 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, 
                            0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, 0x01DB7106, 
                            0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433, 
                            0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D, 
                            0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, 
                            0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, 
                            0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65, 
                            0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7, 
                            0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0, 
                            0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA, 
                            0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F, 
                            0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81, 
                            0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A, 
                            0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84, 
                            0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, 
                            0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB, 
                            0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC, 
                            0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8, 0xA1D1937E, 
                            0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B, 
                            0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 
                            0x316E8EEF, 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, 
                            0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28, 
                            0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D, 
                            0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F, 
                            0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, 
                            0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242, 
                            0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777, 
                            0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69, 
                            0x616BFFD3, 0x166CCF45, 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 
                            0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 
                            0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9, 
                            0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693,
                            0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94, 
                            0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D, 0x00000000, 0x00007325,
                            0x00A550DC, 0x0044B4E0, 0x00A55124, 0x0044B890 };

        private static ulong[] ByteTable = { 
                            0x00, 0x96, 0x2C, 0xBA, 0x19, 0x8F, 0x35, 0xA3, 0x32, 0xA4, 0x1E, 0x88,
                            0x2B, 0xBD, 0x07, 0x91, 0x64, 0xF2, 0x48, 0xDE, 0x7D, 0xEB, 0x51, 0xC7,
                            0x56, 0xC0, 0x7A, 0xEC, 0x4F, 0xD9, 0x63, 0xF5, 0xC8, 0x5E, 0xE4, 0x72,
                            0xD1, 0x47, 0xFD, 0x6B, 0xFA, 0x6C, 0xD6, 0x40, 0xE3, 0x75, 0xCF, 0x59,
                            0xAC, 0x3A, 0x80, 0x16, 0xB5, 0x23, 0x99, 0x0F, 0x9E, 0x08, 0xB2, 0x24,
                            0x87, 0x11, 0xAB, 0x3D, 0x90, 0x06, 0xBC, 0x2A, 0x89, 0x1F, 0xA5, 0x33,
                            0xA2, 0x34, 0x8E, 0x18, 0xBB, 0x2D, 0x97, 0x01, 0xF4, 0x62, 0xD8, 0x4E,
                            0xED, 0x7B, 0xC1, 0x57, 0xC6, 0x50, 0xEA, 0x7C, 0xDF, 0x49, 0xF3, 0x65,
                            0x58, 0xCE, 0x74, 0xE2, 0x41, 0xD7, 0x6D, 0xFB, 0x6A, 0xFC, 0x46, 0xD0,
                            0x73, 0xE5, 0x5F, 0xC9, 0x3C, 0xAA, 0x10, 0x86, 0x25, 0xB3, 0x09, 0x9F,
                            0x0E, 0x98, 0x22, 0xB4, 0x17, 0x81, 0x3B, 0xAD, 0x20, 0xB6, 0x0C, 0x9A,
                            0x39, 0xAF, 0x15, 0x83, 0x12, 0x84, 0x3E, 0xA8, 0x0B, 0x9D, 0x27, 0xB1,
                            0x44, 0xD2, 0x68, 0xFE, 0x5D, 0xCB, 0x71, 0xE7, 0x76, 0xE0, 0x5A, 0xCC, 
                            0x6F, 0xF9, 0x43, 0xD5, 0xE8, 0x7E, 0xC4, 0x52, 0xF1, 0x67, 0xDD, 0x4B, 
                            0xDA, 0x4C, 0xF6, 0x60, 0xC3, 0x55, 0xEF, 0x79, 0x8C, 0x1A, 0xA0, 0x36,
                            0x95, 0x03, 0xB9, 0x2F, 0xBE, 0x28, 0x92, 0x04, 0xA7, 0x31, 0x8B, 0x1D, 
                            0xB0, 0x26, 0x9C, 0x0A, 0xA9, 0x3F, 0x85, 0x13, 0x82, 0x14, 0xAE, 0x38, 
                            0x9B, 0x0D, 0xB7, 0x21, 0xD4, 0x42, 0xF8, 0x6E, 0xCD, 0x5B, 0xE1, 0x77, 
                            0xE6, 0x70, 0xCA, 0x5C, 0xFF, 0x69, 0xD3, 0x45, 0x78, 0xEE, 0x54, 0xC2, 
                            0x61, 0xF7, 0x4D, 0xDB, 0x4A, 0xDC, 0x66, 0xF0, 0x53, 0xC5, 0x7F, 0xE9,
                            0x1C, 0x8A, 0x30, 0xA6, 0x05, 0x93, 0x29, 0xBF, 0x2E, 0xB8, 0x02, 0x94, 
                            0x37, 0xA1, 0x1B, 0x8D, 0x00, 0x25, 0xDC, 0xE0, 0x24, 0x90 };
        #endregion
    }
}

C++ Version:

Code:

unsigned long Table[] = { 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, 0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172, 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, 0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, 0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433, 0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E, 0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65, 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0, 0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F, 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A, 0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, 0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC, 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1 , 0xA6BC5767, 0x3FB506DD, 0x48B2364B, 0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, 0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D, 0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38, 0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777, 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45, 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 0xA7672661 , 0xD06016F7, 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9, 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94, 0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D, 0x00000000, 0x00007325, 0x00A550DC, 0x0044B4E0, 0x00A55124 , 0x0044B890};
long ByteTable[] = {0x00, 0x96, 0x2C, 0xBA, 0x19, 0x8F, 0x35, 0xA3, 0x32, 0xA4, 0x1E, 0x88, 0x2B, 0xBD, 0x07, 0x91, 0x64, 0xF2, 0x48, 0xDE, 0x7D, 0xEB, 0x51, 0xC7, 0x56, 0xC0, 0x7A, 0xEC, 0x4F, 0xD9, 0x63, 0xF5, 0xC8, 0x5E, 0xE4, 0x72, 0xD1, 0x47, 0xFD, 0x6B, 0xFA, 0x6C, 0xD6, 0x40, 0xE3, 0x75, 0xCF, 0x59, 0xAC, 0x3A, 0x80, 0x16, 0xB5, 0x23, 0x99, 0x0F, 0x9E, 0x08, 0xB2, 0x24, 0x87, 0x11, 0xAB, 0x3D, 0x90, 0x06, 0xBC, 0x2A, 0x89, 0x1F, 0xA5, 0x33, 0xA2, 0x34, 0x8E, 0x18, 0xBB, 0x2D, 0x97, 0x01, 0xF4, 0x62, 0xD8, 0x4E, 0xED, 0x7B, 0xC1, 0x57, 0xC6, 0x50, 0xEA, 0x7C, 0xDF, 0x49, 0xF3, 0x65, 0x58, 0xCE, 0x74, 0xE2, 0x41, 0xD7, 0x6D, 0xFB, 0x6A, 0xFC, 0x46, 0xD0, 0x73, 0xE5, 0x5F, 0xC9, 0x3C, 0xAA, 0x10, 0x86, 0x25, 0xB3, 0x09, 0x9F, 0x0E, 0x98, 0x22, 0xB4, 0x17, 0x81, 0x3B, 0xAD, 0x20, 0xB6, 0x0C, 0x9A, 0x39, 0xAF, 0x15, 0x83, 0x12, 0x84, 0x3E, 0xA8, 0x0B, 0x9D, 0x27, 0xB1, 0x44, 0xD2, 0x68, 0xFE, 0x5D, 0xCB, 0x71, 0xE7, 0x76, 0xE0, 0x5A, 0xCC, 0x6F, 0xF9, 0x43, 0xD5, 0xE8, 0x7E, 0xC4, 0x52, 0xF1 , 0x67, 0xDD, 0x4B, 0xDA, 0x4C, 0xF6, 0x60, 0xC3, 0x55, 0xEF, 0x79, 0x8C, 0x1A, 0xA0, 0x36, 0x95, 0x03, 0xB9, 0x2F, 0xBE, 0x28, 0x92, 0x04, 0xA7, 0x31, 0x8B, 0x1D, 0xB0, 0x26, 0x9C, 0x0A, 0xA9, 0x3F, 0x85, 0x13, 0x82, 0x14, 0xAE, 0x38, 0x9B, 0x0D, 0xB7, 0x21, 0xD4, 0x42, 0xF8, 0x6E, 0xCD, 0x5B, 0xE1, 0x77, 0xE6, 0x70, 0xCA, 0x5C, 0xFF, 0x69, 0xD3, 0x45, 0x78, 0xEE, 0x54, 0xC2, 0x61, 0xF7, 0x4D, 0xDB, 0x4A, 0xDC, 0x66, 0xF0, 0x53, 0xC5, 0x7F, 0xE9, 0x1C, 0x8A, 0x30, 0xA6, 0x05, 0x93, 0x29, 0xBF, 0x2E, 0xB8, 0x02, 0x94, 0x37, 0xA1, 0x1B, 0x8D, 0x00, 0x25, 0xDC, 0xE0, 0x24, 0x90};
void DecryptData(unsigned char * PacketData, unsigned char * DecryptedData, int Length)
{
	unsigned long DwordTableVal = 0xFFFFFFFF; 
	long ByteTableVal = 0; 
    long DecryptionFlagByte = PacketData[4] ^ 0x19; 
    long CurrentByte = 0;
	for(int i = 0; i < Length; i++) 
	{
        CurrentByte = (PacketData[i] ^ DwordTableVal) & 0x0FF;
        DwordTableVal = (DwordTableVal >> 8) ^ Table[CurrentByte]; 
        ByteTableVal = ByteTable[(i & 0x0FF)];
        DecryptedData[i] = (ByteTableVal ^ PacketData[i]) ^ DecryptionFlagByte;
	}
}
void CalculateChecksum(unsigned char * PacketData, unsigned long DwordVal)
{
	int Counter = 0;
	long Byte1, Byte2, Byte3, Byte4; 
	Byte1 = Byte2 = Byte3 = Byte4 = 0;

	DwordVal = ~DwordVal;
	Byte1 = (DwordVal & 0x000000FF); 
	Byte2 = (DwordVal & 0x0000FF00) >> 8; 
	Byte3 = (DwordVal & 0x00FF0000) >> 16;
	Byte4 = (DwordVal & 0xFF000000) >> 24;
	
	PacketData[Counter++] = Byte4;
	PacketData[Counter++] = Byte3;
	PacketData[Counter++] = Byte2;
	PacketData[Counter++] = Byte1;
}
void EncryptData(unsigned char * PacketData, int Length, long FlagByte)
{
	long EncryptedByte = 0; 
	unsigned long DwordTableVal = 0;
	unsigned long DwordVal = 0xFFFFFFFF;
	int Counter = 4;

	for(int i = 0; i < Length; i++) 
	{
		EncryptedByte = ((ByteTable[(Counter & 0x0FF)]) ^ FlagByte) ^ PacketData[Counter]; 
		PacketData[Counter++] = EncryptedByte;
		DwordTableVal = (EncryptedByte ^ DwordVal) & 0x0FF; 
		DwordVal = (DwordVal >> 8) ^ Table[DwordTableVal];
	}
	CalculateChecksum(PacketData, DwordVal);
}
void CryptBody(unsigned char * PacketData, int len)
{
    if (len <= 14 || PacketData[14] == 0x00)
    {
    }
	else
	{
		unsigned char* DecryptedData = new unsigned char[len];
		unsigned long key = PacketData[14];
		for (int i = 0; i < 12; i++)
		{
			DecryptedData[i] = (byte)(PacketData[i]);
			PacketData[i] = DecryptedData[i];
		}
		for (int i = 12; i < len; i++)
		{
			DecryptedData[i] = (byte)(PacketData[i] ^ key);
			PacketData[i] = DecryptedData[i];
		}
	}
}

[guesswho-.-]

Quote:

Originally Posted by freez00

If you increase the number of packets it can receive, wouldn't that slow down the server or cause a buffer overflow?

the way winsock is implemented in dekaron executables no. when you log in you receive around 100 different packets (depends on how much **** you have on your chars) in a matter of seconds.

@nanio
I know what funcs you're using but I already said you need the crypt key. you cant "generate" it yourself, its determined by the server and delivered to you as 2 bytes in 0x20082 which you xor together to get the crypt key.
connection request and acknowledgement packets are also encrypted but they use the default key 0x0F

[Naniooooo]

$+00 DWORD dwServerTick 0x332C51A4
$+04 DWORD dwStartTick 0x0003B231
$+08 BYTE bCryptKeyLow 0x7B
$+0C BYTE bCryptKeyHigh 0x6C


does that mean somthing cryptkey ?

[guesswho-.-]

yes.