Web based Mabinogi packet editor

donglord · 10/23/2017, 23:30

just thought you guys might enjoy some video of my beautiful packet editor

this video demonstrates some of the simple features of the packet editor:
simple packet logging (client and server), a new packet builder, and simple packet sending (send and recv).

the packet editor has much more features than demonstrated though.
it also does not require modding the client at all - no memory patching, no dll proxying, no injecting, no bullshit.
much better than your traditional pake.

(before you ask: no, this is not public, and no you can't have it)

jose123456 · 10/29/2017, 04:00

Wow, that's pretty cool sounding. Mind explaining a bit about how it works? or was this meant to just be a tease? I don't play this game anymore but I work as a dev and I like learning new things.

Seren30 · 10/29/2017, 06:48

It's basically a web-version of mod_Alissa. Without the use of pake.

jose123456 · 10/29/2017, 09:15

How does a website read the memory of the game though?

donglord · 10/29/2017, 17:29

Quote:

Originally Posted by jose123456

How does a website read the memory of the game though?

It doesn't. The biggest misconception (in this community anyway) is that you are required to modify client memory in order to edit packets.

However, your thinking is correct in a sense that (usually) a website is not capable of interfering in the affairs of the computer itself outside of the browser's sand box.
That being said, this website also doesn't do that in the same sense that AlissaAnalyzer isn't responsible for hooking the client in traditional pake.
This is a front end GUI to manage a more sinister interference on the computer who's behavior is being modified.

Look at this diagram for more information:

dittdattdott · 10/30/2017, 02:10

what a pointless thread... And of course we are gonna have noobs like jose here to feed your ego.

donglord · 10/30/2017, 03:06

Quote:

Originally Posted by dittdattdott

what a pointless thread... And of course we are gonna have noobs like jose here to feed your ego.

Pointless how? The new threads from the last 2 years are nothing but noobs asking for help and absolutely no new information.
I showcased a new tool, which is better than the tools that this community has had for the last 8 years.

Very few people in the NA community have even made packet editing tools, and the ones who have did it the same way as it's been done since pake was made. The ones who have actually been packet editing are usually just skids using somebody elses ****.
I personally know a few people in this community which are exceptions to this, and they know who they are - but they are few.

There has been incredibly little progress in Mabinogi hacking since the original version of Pake was released. Look in the past threads for this forum: You see "how to get pake", "how to fix pake", "look at this pake mod", etc etc.
This thread is here to show that you don't need pake.
Pake is obsolete, inefficient, hard to update, and even harder to keep undetected.

I also actually had the decency to explain how this worked compared to standard pake (and even how standard pake worked, since barely anybody here knows that either)

If this thread is pointless to you, then this entire forum is pointless.
I'd like to see you do better.

dittdattdott · 10/30/2017, 17:52

Quote:

Originally Posted by donglord

There has been incredibly little progress in Mabinogi hacking since the original version of Pake was released. Look in the past threads for this forum: You see "how to get pake", "how to fix pake", "look at this pake mod", etc etc.
This thread is here to show that you don't need pake.

Wonderful news guys! Come here epvp haxors! Lord Dong to the rescue as he is showing off his new /*insert dope smilie with sunglasses*/ packet editor for y'all to drool over!

Quote:

Originally Posted by donglord

I showcased a new tool, which is better than the tools that this community has had for the last 8 years.
Pake is obsolete, inefficient, hard to update, and even harder to keep undetected.

Honestly, you don't look like someone who has achieved much. You just want to show off. Normally I wouldn't have much of an issue with this. But it's the way you talk. You must be really proud of yourself with this thing. Damn. You've got some audacity talking shit like this. Before you get too comfortable being a smartass. Let me give you a hit of reality. Both yours and pake's memory patching method of getting packets has its own pros and cons. But from a functional stand point, your web based packet editor is nowhere near as good or powerful as original pake. You probably never coded or seen a real private powerful mod_xxx.dll. When working with complicated and automated stuff, having full access of the client's address space and being able to call win32 api is a huge plus and I'd even say essential. Here is a simple scenario. What if I want to call a function in the client when I recv a certain packet, can you do that with your little website?

What you made is basically a man in the middle application between the client and server. A morrighan with send if you will. Or a good old WPE with mabi compatible encryption/decryption. Then on top of that you slapped on a web interface because you think UI because web is the trending and dope tech right now. But why? So that you can have multiple sessions and launch X number of clientless bots to form a nazy symbol fomation in dunbarton? Seriously at the is point of the game? I mean, with mabi as dead as it is right now, few people will see your bot brigade. And they probably won't give 2 fks about it either. What's the point. And your packet log window looks awful. Good luck scrolling thru that trying find your 5209. I think anyone who is still using pake atm would be using some sort of custom made improved alissa analyzer. Which would be way better than that web interface of yours.

It's not hard to get pake working. Plenty of people have working pake. They just don't make a scene about it like you do. I myself had pake working for years with little to no effort in updating it. Maybe you find it hard, but that doesn't make it "bullshit" or "obsolete" and wtf is this "inefficient" that you are speaking of?
LAMO on pake being "even harder to keep undetected". Just what is detecting pake? Hackshield?

Quote:

Originally Posted by donglord

I also actually had the decency to explain how this worked compared to standard pake (and even how standard pake worked, since barely anybody here knows that either)

Oh wow. I am being educated by phrases like RFNB and WTNB. Thanks bro! Seriously. That shit has been public for ages. The people who have the capacity and drive to learn those would have learned them long time ago. The ones who don't will stay noob and won't even bother to look at your diagram for more than a few sec. And now that I am looking at your diagram again, you got your OSI layers labled wrong. OSI layer 4 the transport layer is what should labled the OS network stack and routers work on layer 3, the network layer. According to your diagram and wording, your app is working at layer 3 or even lower. Heh. I challenge you to implement it like that. And your video clearly shows it is actually working locally. What does 127.0.0.1 in the address bar tell you?

Last but not least, your tutorial left out the most important piece of info. How are you encrypting and encrypting the packets? Don’t tell me you figured it out by reverse engineering the client. My guess would be that you got it from the open source aura project. If that is the case, did you give credit where credit is due?

donglord · 10/30/2017, 20:23

Quote:

Originally Posted by dittdattdott

Honestly, you don't look like someone who has achieved much.

I don't see you achieving anything. It's pretty easy to talk shit when you're on a 2 year old throwaway account with no identity.

Quote:

Originally Posted by dittdattdott

What you made is basically a man in the middle application between the client and server. A morrighan with send if you will. Or a good old WPE with mabi compatible encryption/decryption.

Wow, good job, you can read diagrams.
However, this is capable more than just manual packet editing unlike WPE; it is capable of intercepting and modifying packets on-the-fly, as well as dispatching packets without being prompted by a user for more complex scenarios just like traditional pake.

Quote:

Originally Posted by dittdattdott

When working with complicated and automated stuff, having full access of the client's address space and being able to call win32 api is a huge plus and I'd even say essential. Here is a simple scenario. What if I want to call a function in the client when I recv a certain packet, can you do that with your little website?

There's no reason to call a client function when my packet editor can handle everything a standard client can on it's own.
Give me a real scenario where it would be neccesary to call a function on the client.
Also, the win32 API isn't neccesary at all. Why would you even need to make any win32 API calls?

Quote:

Originally Posted by dittdattdott

And your packet log window looks awful. Good luck scrolling thru that trying find your 5209. I think anyone who is still using pake atm would be using some sort of custom made improved alissa analyzer. Which would be way better than that web interface of yours.

It's easy to change, that output is raw from packet parser and not really designed for packet logging. It's actually a general purpose log output window. You're right though, it's pretty awful and needs work.

Quote:

Originally Posted by dittdattdott

I think anyone who is still using pake atm would be using some sort of custom made improved alissa analyzer.

Right, skids using somebody else's shit.

Quote:

Originally Posted by dittdattdott

wtf is this "inefficient" that you are speaking of?

Your rate of packet dispatching is limited by the Mabinogi client's speed - which is rather slow due to Themida and built in packet restrictions, as well as other useless code slowing it down.

The actual method to intercept packets is not inefficient, but you're bound by the actual Mabinogi client itself which is inefficient itself.

Comparing the speed of revival with pake-based instant revive, and my packet editor's instant revive will demonstrate this quite well.
Pake-based instant revive is beaten quite easily when my network stack is more efficient than the Mabinogi client's network stack.

I also get the advantage of being able to put my proxy extremely close to Nexon's servers which is not something you can do with traditional pake without physically moving your entire client.

Quote:

Originally Posted by dittdattdott

According to your diagram and wording, your app is working at layer 3 or even lower. Heh. I challenge you to implement it like that. And your video clearly shows it is actually working locally. What does 127.0.0.1 in the address bar tell you?

In my video, it is running at layer 7, via a client-side MITM (client based destination changing), so you are right in that aspect.

However, in my diagram I demonstrate router based MITM because that is how I deploy this when I am not running it in debug mode on my desktop. It typically runs on my router's firmware and uses iptables to intercept the connection.
From the prospective of the Mabinogi client, this is at layer 4 (really the Mabinogi client can't tell it's happening at all).
From the prospective of the router, this is at layer 7.

If you read the entire diagram, you'd realize that I mentioned this alternative - I just didn't want to create a new diagram just for it.

The reason it is deployed this way for actual usage is because the client knows it's own launch arguments, and changing the server address clientside is an extremely obvious way to detect that this is being used.
If you do it at the router level, there is absolutely no way for the Mabinogi client to detect that it is happening.

Quote:

Originally Posted by dittdattdott

Last but not least, your tutorial left out the most important piece of info. How are you encrypting and encrypting the packets? Don’t tell me you figured it out by reverse engineering the client. My guess would be that you got it from the open source aura project. If that is the case, did you give credit where credit is due?

The aura project intentionally left out critical code required to send packets, so it would not be possible to get it from aura. Exec implemented the bare minimal that was required to make a server emulator function, and left the rest out.
That being said, it was figured out by reverse engineering actual server files, as opposed to client files, since the server is much easier to work with.
Aura project was not of any help really.

dittdattdott · 10/31/2017, 05:59

Quote:

Originally Posted by donglord

Your rate of packet dispatching is limited by the Mabinogi client's speed - which is rather slow due to Themida and built in packet restrictions, as well as other useless code slowing it down.

The actual method to intercept packets is not inefficient, but you're bound by the actual Mabinogi client itself which is inefficient itself.

Themida is irrelevant here. All players of mabi have a client packed with themida. Are you suggesting this is an issue and your thing solves it? While it is true that obfuscating the code will slow it down, it also depends on how the protector is used and the protection setting. Lots of MMOs have themida. I wouldn't call this an overhead. I'd say the difference between an obfuscated WTNB and a plain WTNB is less than 1ms, basically negligible. Even if there is an overhead, your thing doesn't fix this. You still have to play the game with the client.

Quote:

Originally Posted by donglord

Pake-based instant revive is beaten quite easily when my network stack is more efficient than the Mabinogi client's network stack.

Lol. Now you are just throwing random terminologies around to make a good looking sentence. Network stack..? Basically, a TCP recv packet to the client enters your recvhook in your app before it is dispatched to client.exe by the OS. Like a <1ms difference…That's if your implementation is correct and not just some hacked together code from google AND your decryption code is at least as fast as the client's. BUT OK! Let us just hypothetically say your code is perfect and takes 0ms from recvhook to sending the revive packet, and themida and the client are just horrible and take 5ms to process the recv and send packets, what difference does it make? So that your thing can insta-revive you in 45ms while pake takes 50ms? Seriously instant revival? Are we in 2010? Yoo look at me Im the l33tH@xor u kill me I get up in 45ms….

Quote:

Originally Posted by donglord

I also get the advantage of being able to put my proxy extremely close to Nexon's servers which is not something you can do with traditional pake without physically moving your entire client.

Really? This would essentially be some kind of weird proprietary proxy server. Even if you have the technical know-how on handling all the details of implementing this (which I don't believe), it would be a stupid idea. Once again, what is the point? You code this thing, rent a server in CA, so that you can auto-revive faster since your proxy can recv the packet sooner? That's true, but all you other packets have to detour and go thru sendhook and recvhook on your proxy server. That'd add a good >10ms delay to all of your packets. Now talk about efficiency. In the context of latency and MMOs, you would want your packet to go through as few hops in its trip to the destination as possible. You'd never want to add one and consider that an advantage.

Quote:

Originally Posted by donglord

In my video, it is running at layer 7, via a client-side MITM (client based destination changing), so you are right in that aspect.

However, in my diagram I demonstrate router based MITM because that is how I deploy this when I am not running it in debug mode on my desktop. It typically runs on my router's firmware and uses iptables to intercept the connection.

From the prospective of the Mabinogi client, this is at layer 4 (really the Mabinogi client can't tell it's happening at all).
From the prospective of the router, this is at layer 7.

You are not making much sense. You run what in the router's firmware? Your MITM packet server? Dude your router is an embedded system and it is orders of magnitudes slower than your PC. You designed something like this and call it a more efficient network stack? But hold on…what I am dying to know is that how you wrote this piece of software, that can run on both your x86 win32 environment and also whatever system architecture that is your router…

Quote:

Originally Posted by donglord

The aura project intentionally left out critical code required to send packets, so it would not be possible to get it from aura. Exec implemented the bare minimal that was required to make a server emulator function, and left the rest out.
That being said, it was figured out by reverse engineering actual server files, as opposed to client files, since the server is much easier to work with.
Aura project was not of any help really.

I didn't read much of aura's code. But in theory, it should have most if not all the code and algo for crypto stuff. It would at least have the code for decrypting packets sent from client and encrypting packets to be sent to client. I don't know why you would need to reverse engineer actual server files for open sourced stuff. What you might be missing are the client-side encryption and decryption(if they are different from the server). Say you want to send a packet thru your web interface, you'd need to encrypt it first. But to figure that out you'd reverse engineer the client and mimic how it does the encryption, not the server.

donglord · 10/31/2017, 11:29

Quote:

Originally Posted by dittdattdott

Let us just hypothetically say your code is perfect and takes 0ms from recvhook to sending the revive packet, and themida and the client are just horrible and take 5ms to process the recv and send packets, what difference does it make?

You already described the difference, also there's a bit more difference between Nexon's crypto implementation and my crypto implementation.
To make a long story short, my crypto implementation requires a lot less CPU in general, so I can dispatch more packets per second than a normal Mabinogi client would be able to do.

Please consider not only single packets, but chunks of packets as well.

You brought up botting earlier, and how exactly do you think I am able to control that many clients so fluidly?
Try to do that with pake and fail miserably at the latency discrepencies of the Mabinogi client at hand.

Quote:

Originally Posted by dittdattdott

Really? This would essentially be some kind of weird proprietary proxy server.

You brought up Morrighan, which does the same thing as this bit less efficiently and with less features - yet you don't even know the term for this type of proxying?

Google "reverse proxy"

Quote:

Originally Posted by dittdattdott

That'd add a good >10ms delay to all of your packets.
In the context of latency and MMOs, you would want your packet to go through as few hops in its trip to the destination as possible.

It wouldn't, the server is on-path with Nexon's datacenter and has sub 3ms ping to it.
It adds roughly 3-4ms from the extra hop.

Quote:

Originally Posted by dittdattdott

You are not making much sense. You run what in the router's firmware? Your MITM packet server? Dude your router is an embedded system and it is orders of magnitudes slower than your PC. You designed something like this and call it a more efficient network stack?

Routers are designed to have an efficient network stack. They route all of your packets.
Every single packet that flows through your network flows through your router's firmware.
My router in specific has a 475MHz single core MIPS CPU with 128MB RAM, so it's able to handle cryptography just fine which is the only CPU intense thing about this process.

Quote:

Originally Posted by dittdattdott

But hold on…what I am dying to know is that how you wrote this piece of software, that can run on both your x86 win32 environment and also whatever system architecture that is your router…

It's mips32, but have you ever heard of cross compiling?
You don't seem to know much about programming if you aren't capable of writing portable code.

Quote:

Originally Posted by dittdattdott

I didn't read much of aura's code. But in theory, it should have most if not all the code and algo for crypto stuff. It would at least have the code for decrypting packets sent from client and encrypting packets to be sent to client.

It contains half the cryptography - only enough to read the data, but not enough to forge new (valid) data.

Quote:

Originally Posted by dittdattdott

I don't know why you would need to reverse engineer actual server files for open sourced stuff.

Because it's missing half of the code, it's necessary to reverse engineer it myself.

Quote:

Originally Posted by dittdattdott

What you might be missing are the client-side encryption and decryption(if they are different from the server).
Say you want to send a packet thru your web interface, you'd need to encrypt it first. But to figure that out you'd reverse engineer the client and mimic how it does the encryption, not the server.

They are the same, client and server both share a lot of their code base.

Clearly you don't know much about networking, Mabinogi's network stack, or programming in general, so you should just quiet up since you are humiliating yourself.

Try implementing this yourself if you are "dying to know" how it's done so well. Protip: You can't, because you clearly lack a great understanding of how Mabinogi's networking works and how networking in general works...maybe even a lack of programming skills too if you can't cross compile.

EDIT:
For your entertainment, router based interception

Take note of the Wireshark packet capture destinations - it shows as Nexon's login server address, 208.85.109.35, while logging in.
This shows that my computer is totally unaware that any interception is happening - it really thinks it's talking to Nexon directly.
The client was launched from the Nexon launcher without any mods or login server destination changes. It is also not memory patched or manipulated in any way directly.

Also, my gateway is 192.168.8.1, which is of course, the router.
Notice the CPU load average graph - this is built into OpenWRT and fluctuates when I send lots of packets, proving that this is actually running on the router's firmware.

dittdattdott · 11/01/2017, 16:18

Quote:

Originally Posted by donglord

You brought up botting earlier, and how exactly do you think I am able to control that many clients so fluidly?
Try to do that with pake and fail miserably at the latency discrepencies of the Mabinogi client at hand.

I never saw your bots. I only heard about it. Of course you cannot have a bot brigade with an actual client.exe per bot unless you have the CPU of the year 2100. You gotta have a clientless method of doing it. Once you have clientless login/send and coordination between the sessions, it’s just sending packets, there is nothing magical about it.

Quote:

Originally Posted by donglord

You brought up Morrighan, which does the same thing as this bit less efficiently and with less features - yet you don't even know the term for this type of proxying?

Google "reverse proxy"

I mentioned Morrighan in the context of answering jose’s questions. You don’t need to touch the client’s memory because you are not intercepting the plain text packets. You have the enc/dec algorithm so you can work on the already encrypted packets. When you started talking about having your MITM server running remotely, then it’s a different story. So it’s called reverse proxy. I know the concept, but I admit I didn’t know the name. However regardless of what kind of proxy, it means one or more hops(depending on the network infrastructure of the server room) for all your packets to go thru and cannot be a good idea when you care about latency. Come on, you know it.

Quote:

Originally Posted by donglord

It wouldn't, the server is on-path with Nexon's datacenter and has sub 3ms ping to it.
It adds roughly 3-4ms from the extra hop.

That’s only if they are in the same datacenter. Let’s not forget your packet’s original destination is nexon’s server, not your proxy. So you have to route them to your proxy, maybe with your router. In every step you add more delay. Why go through all these over engineered mess just to view and send packets. The more complicated your system is, the more unreliable and inefficient it will be. It’s dumb.

Quote:

Originally Posted by donglord

Routers are designed to have an efficient network stack. They route all of your packets.
Every single packet that flows through your network flows through your router's firmware.
My router in specific has a 475MHz single core MIPS CPU with 128MB RAM, so it's able to handle cryptography just fine which is the only CPU intense thing about this process.

Yes, routers are designed to do network related stuff. Not general purpose application processing. And it is constantly working to handle all your network traffic. Your router manufacturer is not stupid, they would only put in a reasonably capable chip to cut down cost. If you are just doing decrypting/encrypting then yes it would be fine. But if you are claiming it to be better than pake then it gotta handle things like long sendhook and recvhook, packet processing such as parsing T_BINs in a 5209, allocating large buffers, and possibly multithreaded tasks if you actually want to make use of non-trivial exploits. On top of this it also has to handle your web interface. That’s a lot of weight to be put on your router. In your video you have a load average of around 0.5, which is meh. But I have doubts in its scalability. Pake on the other hand, has a well-defined interface that anyone can code a dll module for it. And since you are coding a program that runs natively on the OS and has fully access of the client's memory, you can do some advanced stuff without having to worry about hardware resources. It doesn’t really get any better than that.

Quote:

Originally Posted by donglord

It's mips32, but have you ever heard of cross compiling?
You don't seem to know much about programming if you aren't capable of writing portable code.

Of course I’ve cross compiled before. That’s how I know your router is gonna be orders of magnitudes slower than even a shitty 10 years old PC. A 475MHz mips? Reminds me of the psp. It’s not even a quarter as powerful as a raspberry pi or beaglebone black. It’s such a stupid idea to me that I thought you were making this shit up as you talk. Writing portable code has nothing to do with what we are talking about here. As long as you are coding C/C++ it will work on both windows and Linux. When you use something like iptables which doesn’t exist on windows or vice versa, it’s called porting. According to your video you do have the thing running on both windows and your router. You sir, have a lot of free time. I give you that. Why would you have an idea like this to begin with? Normally a man in the middle attack is used to eavesdrop the traffic. In this case your own the damn computer…All this work just to fool the client from knowing its packet is being intercepted? I am pretty sure there is a better way.

Quote:

Originally Posted by donglord

Try implementing this yourself if you are "dying to know" how it's done so well. Protip: You can't, because you clearly lack a great understanding of how Mabinogi's networking works and how networking in general works...maybe even a lack of programming skills too if you can't cross compile.

You know what, I’ve had the idea of coding this exact same thing you did 4 years ago, minus the router and proxy part. The pro would be I can have the packet interception framework working for any MMO, including ones with annoying anti-cheats such as nprotect. However the con would be it would be difficult to code a web UI as good as a desktop GUI app and you can’t figure out the server side encryption unless the server is leaked, that means no recv function. It would be cumbersome and difficult to reuse. So I never pursued that idea.
I clearly lack understand of mabi’s networking and humiliating myself? At least I didn’t claim pake sucks because it is “hard to update” and “bullshit”. There has been so much info released on that in the past and you are a noob if you think that way. Even according to yourself you had to look at the leaked actual server files in order to make your thing work. If nexon decides to change their encryption you are fucked. And wtf does cross compiling have to do with one’s programming ability? All you need is a cross compiler and tell it to compile the code to a different architecture. Are you that proud of yourself that you can cross compile?

You think I am impressed that you can send packets on your router? HA! I can send packets all along and it has always been simple and unlike your over engineered cluster fuck. You put your packet processing on a router that is slower than a 20 year old computer, add a proxy to the traffic and call it more efficient and better. Lol… I don’t know what to say.

This is the efficiency, or the lack thereof, that you were talking about? I would never code something stupid like this, call it a feature and give it a button. Sure, you might be sending more packets per second but so what? Mabi’s network buffer has limited size and you can’t just throw 100 packets at it all at once and expect them all to be sent in the next instant. This is by design and there is nothing wrong with that. So you bypassed this with your MITM server but why would you want to send 100+ packets per second unless you are trying to fuck up the server or just showing off your H@XOR status with a troll face alt? I’ve never seen someone as big of a showoff as you are. There are many people who have achieved much more than you did yet stayed humble and low profile. AND NO, your thing is NOT better than pake. So far you’ve only showed it being able to send and spam packet, with some router and proxy server nonsense to make it look cool. Only a tard would consider being able to spam packet a real advantage. After all, your thing and pake are just tools. You use them to inspect the packets, find exploits and then write code to automate/utilize it. On that regard, you’ve only showed a web interface that I’d never want to use.

donglord · 11/01/2017, 19:58

Quote:

Originally Posted by dittdattdott

I never saw your bots. I only heard about it. Of course you cannot have a bot brigade with an actual client.exe per bot unless you have the CPU of the year 2100. You gotta have a clientless method of doing it. Once you have clientless login/send and coordination between the sessions, it’s just sending packets, there is nothing magical about it.

Except for bypassing NGS, though that has nothing to do with my packet editor.

Quote:

Originally Posted by dittdattdott

it means one or more hops(depending on the network infrastructure of the server room) for all your packets to go thru and cannot be a good idea when you care about latency. Come on, you know it.

Here's the secret about those clientless bots: They run on the proxy itself.
If the proxy is located right next to California, then they have extremely low ping.
You mentioned before that all players must play with a Mabinogi client, but that simply is not true. My bots don't use Mabinogi clients as you theorized.
I can run them on my router, or on my remote server, or on my desktop; depending on the usage scenario.

Quote:

Originally Posted by dittdattdott

That’s only if they are in the same datacenter. Let’s not forget your packet’s original destination is nexon’s server, not your proxy.

My server's latency to Nexon is 3-4ms, my latency to my server is about 90ms.
My latency to Nexon is about 90ms as well.

The total latency gain? 3-4ms.
Wow math!

Quote:

Originally Posted by dittdattdott

So you have to route them to your proxy, maybe with your router. In every step you add more delay.

They end up going through the router anyways. Might as well utilize it to route them to my remote server.
That adds 0ms latency, it's just a route change.

Quote:

Originally Posted by dittdattdott

Why go through all these over engineered mess just to view and send packets. The more complicated your system is, the more unreliable and inefficient it will be. It’s dumb.

This may sound complicated to you, but it's really not that complicated at all.

Quote:

Originally Posted by dittdattdott

Yes, routers are designed to do network related stuff. Not general purpose application processing. And it is constantly working to handle all your network traffic. Your router manufacturer is not stupid, they would only put in a reasonably capable chip to cut down cost. If you are just doing decrypting/encrypting then yes it would be fine. But if you are claiming it to be better than pake then it gotta handle things like long sendhook and recvhook, packet processing such as parsing T_BINs in a 5209, allocating large buffers, and possibly multithreaded tasks if you actually want to make use of non-trivial exploits. On top of this it also has to handle your web interface. That’s a lot of weight to be put on your router.

The entire point of showing you that this runs just fine on a router is to prove that it's efficient.
If this was inefficient, there's no god damn way my shitty 475Mhz router CPU would be able to run all of that. And yet, it runs just fine.

Also, it can handle all of the stuff you mentioned just fine, even on a router. I can send massive packets, and parse massive packets just fine. Multithreading is not a problem either, all of the network functions are thread safe. It also has a built in state tracker for the particularly complicated exploits that require state tracking.

Quote:

Originally Posted by dittdattdott

In your video you have a load average of around 0.5, which is meh. But I have doubts in its scalability. Pake on the other hand, has a well-defined interface that anyone can code a dll module for it. And since you are coding a program that runs natively on the OS and has fully access of the client's memory, you can do some advanced stuff without having to worry about hardware resources. It doesn’t really get any better than that.

You forget that I can deploy to my desktop if I want to, or maybe to a remote server with even more resources than my desktop.

Quote:

Originally Posted by dittdattdott

Of course I’ve cross compiled before. That’s how I know your router is gonna be orders of magnitudes slower than even a shitty 10 years old PC. A 475MHz mips? Reminds me of the psp. It’s not even a quarter as powerful as a raspberry pi or beaglebone black.

Of course it's slower, it's a router.
I'm not sure what you expect out of a router from 2008.

Quote:

Originally Posted by dittdattdott

As long as you are coding C/C++ it will work on both windows and Linux.

It's actually written in Golang, which can compile to Mac, Linux, and Windows; as well as a multitude of architectures which includes ARM, MIPS, and X86-64.

Quote:

Originally Posted by dittdattdott

When you use something like iptables which doesn’t exist on windows or vice versa, it’s called porting.

IPTables is a Linux kernel module to control packet routing, and the iptables command is just a...command.
It doesn't require "porting", it's not some kind of library.

Quote:

Originally Posted by dittdattdott

According to your video you do have the thing running on both windows and your router. You sir, have a lot of free time. I give you that. Why would you have an idea like this to begin with? Normally a man in the middle attack is used to eavesdrop the traffic. In this case your own the damn computer…All this work just to fool the client from knowing its packet is being intercepted? I am pretty sure there is a better way.

There is a better way, running it on a remote server which is only a slightly different configuration.
If you really care about the 3-4ms extra ping, then run it on your desktop.
You have options! (well, I do, you don't)

Quote:

Originally Posted by dittdattdott

You think I am impressed that you can send packets on your router? HA! I can send packets all along and it has always been simple and unlike your over engineered cluster fuck. You put your packet processing on a router that is slower than a 20 year old computer, add a proxy to the traffic and call it more efficient and better. Lol… I don’t know what to say.

I assumed you were one of the skids who still use pake instead of designing your own packet editor, so I'm not surprised!
Do you feel special that you managed to get somebody else's shit to work?
I also have traditional pake working, but it's inferior to my packet editor so I don't need to use it.

Quote:

Originally Posted by dittdattdott

This is the efficiency, or the lack thereof, that you were talking about? I would never code something stupid like this, call it a feature and give it a button. Sure, you might be sending more packets per second but so what?

I only demonstrated item switching to put load on my router, there's nothing special about it.

Quote:

Originally Posted by dittdattdott

So far you’ve only showed it being able to send and spam packet, with some router and proxy server nonsense to make it look cool.
After all, your thing and pake are just tools. You use them to inspect the packets, find exploits and then write code to automate/utilize it. On that regard, you’ve only showed a web interface that I’d never want to use.

You're right, and I'm not keen on showing my private exploits and getting them patched - but you've really shown nothing either.

There is no exploit that pake can do that my packet editor can't do better, whether "better" means faster packet dispatching, better scalability (100+ alts doing the exploit at once anybody?), or better undetectability (don't want NGS taking those client mem dumps do you?)

[P2933]Step29 · 11/01/2017, 23:24

I have personally used this proxy before, and from what I've experienced, it is by far better than pake. The fact that it is not done by memory editing and it's all done by intercepting the connection means that you can packet edit away without getting any triggers by NGS. In addition if a client crash were to happen, NGS won't find any memory modifications related to pake.

The proxy is very powerful and it allows me to manipulate packets on the fly that can be easily use to create mischievous and unexpected behavior to the server load.

Here's an example:

and that's just me ******* around with the basic core packets of the game. I no longer play this game anymore but if I did had the time to **** around, I bet I could find time to really **** up their game servers, should I have any desire to.

Can your pake do this? I don't think so.

lol

dittdattdott · 11/02/2017, 05:00

Firstly, I will address NGS. You guys brought it up multiple times boasting your packet editor doesn’t get detected. That just shows how amateur you guys are. NGS is a pathetic anti-cheat really, and I never had to worry about it. Why? Because all it does is it scans your memory for cheat signatures much like an AV scan. That means it can only detect publicly known cheats that are in their database. So all your skids using other people’s shit get detected. I on the other hand, write everything I use by myself and they are private. Get it?

Quote:

Originally Posted by donglord

You mentioned before that all players must play with a Mabinogi client, but that simply is not true. My bots don't use Mabinogi clients as you theorized.

Wow, are you playing the game or just there to spam bots? You should gtfo mabi really. O well. The game is pretty dead anyways so I guess do whatever you want lol.

Quote:

Originally Posted by donglord

My server's latency to Nexon is 3-4ms, my latency to my server is about 90ms.
My latency to Nexon is about 90ms as well.

The total latency gain? 3-4ms.
Wow math!

Not even gonna argue with you on the numbers. But great job on gaining a few ms.

Hi step, it’s good seeing you. Now do you even have a working pake? Just throwing it out there. I am sure you would either say “I’ve had working pake all along” or “I don’t need that shit now I’ve got this”. Anyways. What are you suggesting that pake cannot do? If it is bot spamming, then yes you are right. And frankly I’d never want to do something stupid like that. If it is fucking up the game sever, then totally. I can fuck up the server with just a few packets. Of course, I wouldn’t do it unless I have a really good reason to, because I am not a fucking show off.