Well, here's the deal. I am looking for a method to decrypt the packets you receive from the 2moons server, filter out specific packets and then edit them, encrypt them and then let the client receive them (or if possible, skip the encrypting part). I suppose this is do-able by a program, yes? Probably the blokes at UnderGround have something close to this, but I doubt it's ever gonna be released. Now I also read in nebulars CRC thread, that the same values of tables used in the CRC calculation are also used to encrypt/decrypt packets, but I have no idea where to start
Halp ?
I was looking for the same thing.. I use exproxy/exanalyze i did analyze some packets when i pick/drop an argate, but i didn't have the program to decrypt/encrypt and resend... I will try to find some info too.. it would be great XD
I'll try it later, thanks. I am trying to do an upgrading hack, I've found out exactly which packet is the packet that determines the failure/success of an item, but every time it changes because of the encryption so there is not much I can do.
Edit: Oh I have nsauditor already, but how exactly do I decrypt the packets with nsauditor? If it requires some kind of key, I suppose I can manage to solve that problem but yeah, I couldn't find the part where you decrypt with nsauditor.
I have used Nsauditor for some months now. It's a nice piece of network analyzing software. Sometimes it however makes a huge lag to the computer when intercepting packets.
Well theres 1 way to find the table of decryption and encryption. U must reverse with olly at begining of wsa_recv32 then there u gonna have to reverse the process to find the correct call from table. Good luck!
Well, since I don't almost know ANYTHING about olly and even less about executables and modifying them so if anyone could point me to a quick-learn olly tutorial or something similar? I did get to WSARecv, WSARecvDisconnect, WSARecvFrom but I don't know what the heck should I do with it. Also, does this CryptEncrypt at 0083E288 :: 00C3E288 have something to do with encrypting/decrypting packets? I'm using furious420 unpacked executable btw. Other things I have questions about are those: CryptCreateHash [Name] :: 0083E140 :: 00C3E140
The reference is above.
CryptDeriveKey [Name] :: 0083E152 :: 00C3E152
The reference is above.
CryptHashData [Name] :: 0083E2C0 :: 00C3E2C0
The reference is above.
Anything to do with decrypting the packets?
Sorry if this seems dumb to any coding experts here, I'm a complete novice.
What I would like is somebody to tell me if I'm atleast at the right track, and maybe point me to a useful olly tutorial. I haven't tried attaching olly to the running game yet though, should I do that and see if I can find anything even though I can't do anything with it?
Thanks.
Edit. Is there a later version of dekaron packet sniffer out which could filter specific packets and modify them if the server sends the specific packet?
Well, since I don't almost know ANYTHING about olly and even less about executables and modifying them so if anyone could point me to a quick-learn olly tutorial or something similar? I did get to WSARecv, WSARecvDisconnect, WSARecvFrom but I don't know what the heck should I do with it.
Somehow data has to be sent to the server.
This is done by using (data)packets.
Lets say you have build the packet, how shall it get transported to the server?
The transportation(communication) is done by using winsockets(2)[ ]
and WS2_32.dll is the library used to program such a communication between client and server.
Well the functions in WS2_32.dll are well documented go to this site to get more information about its functions: .
The functions used to send and receive data to/from server are:
WSASend(),WSARecv(), recv() and send().
In some low-protected games the communication is done like this;
Client form data at location x -> data gets send to winsock library to send it to the server.
Server sends packets to the winsock library-> Client reads information given.
In 2moons we have a encryption this means the communication will look like this:
Client form data at location x->data get encrypted->data get sent.
Server send data to client-> data get decrypted->data get read
Note: Decryption does not have to be the same like encryption. (I dunno about 2moons) So this means making a packet editor requires to decrypt packets properly and making a packet sender requires to encrypt the packets properly so the server accepts them.
What andrew wanted to tell you is that you have to start at the functions of the winsock library and then backtrace from where it is called (encryption/decryption routine) until you get the packet in plain text.
Backtracing the chat packets is the easiest since you know what you wrote(how the packet should look like) and what the final values(how the packet looks now) are.
Im wondering how to bind this encryption function into a program...
Is it possible to write a program which read some data and then just copy&paste the assembler code of the decryption routine by using _asm{assembler decryption code}?
Well, if thats so then for the sake of pure curiosity and learning, I'd like it. I think I'm giving up on this for now and start learning more about reverse engineering, olly and such. I'm sure the earlier I start, the better
Thanks, although yet again I have no idea what to do with the code Shame on me, lol
Tried compiling, attaching to the dekaron executable but without any results.
Packet Decryption help 04/07/2009 - Lineage 2 - 4 Replies Hi!
I'm working on a little prog. that decrypts the L2 packages.
The decryption algorithm is (I think) good, because the first packet seems to be decrypted successfully, the problem is probably in the key update, which is made after every packet.
http://img183.imagevenue.com/loc33/th_55248_l2p1_ 122_33lo.JPG
You can see on this image that the decryption is good, and it doesn't screws up long strings (will be described below).
I noticed the error when I tried to decrypt Message...
CO Packet decryption. 12/07/2008 - CO2 Programming - 11 Replies Hi, i recently made a Java proxy, I'm wondering if anyone would like to share with me the CO packet encryption/decryption packet structure.
I wouldn't mind it for testing purposes, thanks.
packet decryption? 08/21/2007 - World of Warcraft - 1 Replies soo, ich wuerde gerne bissl mit den wow-packets rumspielen.
allerdings hab ich keine ahnung, wie ich die decrypten soll. weiss da wer was?
Ping
t4c packet decryption 09/29/2005 - General Coding - 0 Replies Hey I was wondering if anyone could help me with packet decrypting of a game. Its called The 4th Coming. its a 2d game, and speed hacks work on it, so you know the game is kinda crap. I have a server for it and the client, but now I need someone to try and figure out he packets.
Here is the Outpu of the Database, I was wondering if someone could use this info so they can either decrypt packets or change the data on another real server. The information is sotred on a Microsoft MDB. here the...
?
