Node.js NosTale Cryptography

-Nokis · 06/23/2018, 15:21

How to install:

Code:

npm i nostale-cryptography

Here's the module link on npm, you'll find the API and an example:

Here's the github repo:

For now it only has the Client crypto. I'm going to implement the Server and the Archive crypto as soon as possible.

It doesn't fully work with NosTale Vendetta (yet).

I would like to thank @

for the original

(I've basically transpiled his code into JS).

Changelogs:

Code:

1.0 - First release
1.1 - Cross platform support

Blowa · 06/23/2018, 15:55

Nice, more socket bots incoming with more flexibility.

Thanks for your work m8

!

PS : Try taking a look to TypeScript

BladeTiger12 · 06/23/2018, 16:51

Nice idea

& Thanks for that
But the C++ crypto had a little bug as far as I know.
I'm not 100% sure!

Last time I used it was 1 year ago?
And sometimes the server didn't accept my packets.

-Nokis · 06/23/2018, 17:15

Quote:

Originally Posted by BladeTiger12

Nice idea & Thanks for that
But the C++ crypto had a little bug as far as I know.
I'm not 100% sure!

Last time I used it was 1 year ago?
And sometimes the server didn't accept my packets.

I've never had a problem with this crypto. If you have, tell me.

Quote:

Originally Posted by val77

Nice, more socket bots incoming with more flexibility.

Thanks for your work m8 !

PS : Try taking a look to TypeScript

Node.js is perfect for Raspberry PI, it's pretty light.

I already know TypeScript but I'm a vanilla JavaScript fan.

DarkyZShadow · 06/24/2018, 00:00

Quote:

Originally Posted by -Nokis

Node.js is perfect for Raspberry PI, it's pretty light.

Depends on what you want to do.
Node is clearly not good at everything. It is extremely bad for CPU intensive operations for example.

-Nokis · 06/24/2018, 02:27

Quote:

Originally Posted by DarkyZShadow

Depends on what you want to do.
Node is clearly not good at everything. It is extremely bad for CPU intensive operations for example.

The are 4 good reasons to use Node.js for a NosTale clientless bot:

1) A clientless bot is basically packets handling which deals mainly with updating positions and reacting to events. The only CPU intensive tasks are the pathfinding and the crypto and it’s not a big deal because while the event loop is busy, all packets are buffered by the OS thanks to the async I/O nature of Node.js.

2) Only the first function call is slow, the following are compiled thanks to the JIT compiler. That doesn’t mean they are fast as a C++ function but only fast enough for NosTale, even if, under certain circumstances (like when a function can be optimized by the V8), the speed it’s almost the same.
For more information, here is a PoC written by the creator or mysql2 module:

3) 3 days ago the Node.js Foundation released the 10.5.0 version shipped with threads. Each thread has it’s own event loop. You can use a thread pool to perform pathfinding/encryption asynchronously.
For more information, here is the PR:

4) Easy to learn, less code and 650’000 useful open source modules, for example iconv used for encodings, pathfindingjs or telegram bot apis to connect your client to telegram.

The third reason it’s a waste of time because the first reason keeps tracks of all the packets and the second reason doesn’t block the event loop for a dangerous amount of time during a path calculation or an encryption (without taking into account that NosTale 200x200 maps, with basically no obstacles and pass through entities, are a joke for a pathfinding algorithm).

If you want to waste your time even more and you want to reach the best speed, you can always make a native pathfinding module (which, I’m honest, I did), C++ bindings using the @

crypto or child processes.

In conclusion, I ran 3 players on the same node process while logging all the packets without problems.

DarkyZShadow · 06/24/2018, 13:43

Quote:

Originally Posted by -Nokis

The are 4 good reasons to use Node.js for a NosTale clientless bot:

1) A clientless bot is basically packets handling which deals mainly with updating positions and reacting to events. The only CPU intensive tasks are the pathfinding and the crypto and it’s not a big deal because while the event loop is busy, all packets are buffered by the OS thanks to the async I/O nature of Node.js.

2) Only the first function call is slow, the following are compiled thanks to the JIT compiler. That doesn’t mean they are fast as a C++ function but only fast enough for NosTale, even if, under certain circumstances (like when a function can be optimized by the V8), the speed it’s almost the same.
For more information, here is a PoC written by the creator or mysql2 module:

3) 3 days ago the Node.js Foundation released the 10.5.0 version shipped with threads. Each thread has it’s own event loop. You can use a thread pool to perform pathfinding/encryption asynchronously.
For more information, here is the PR:

4) Easy to learn, less code and 650’000 useful open source modules, for example iconv used for encodings, pathfindingjs or telegram bot apis to connect your client to telegram.

The third reason it’s a waste of time because the first reason keeps tracks of all the packets and the second reason doesn’t block the event loop for a dangerous amount of time during a path calculation or an encryption (without taking into account that NosTale 200x200 maps, with basically no obstacles and pass through entities, are a joke for a pathfinding algorithm).

If you want to waste your time even more and you want to reach the best speed, you can always make a native pathfinding module (which, I’m honest, I did), C++ bindings using the Cryless~ crypto or child processes.

In conclusion, I ran 3 players on the same node process while logging all the packets without problems.

You remind me of a friend who was passionate about Node a little less than a year ago and who needed to justify all the things he did with technical arguments (which I usually knew) xD
You didn't need to justify yourself, I had already done clientless bots with Node long before you released this package and I know it works very well.

My previous comment was not about clientless bots in Node but more about Node applications in general. Besides, for this kind of thing (clientless bots) it's not where you're really need performance. If techno allows you to manage TCP connections, you can do it in anything you want (Python, Elixir, C#, Go, Rust, and even in P*P).

In conclusion, Javascript is broken, it has no real standard, and very few developers really know how to code in JS without breaking V8 optimizations. Go rather to develop in

which is a "real" language (certainly a little recent and not extremely known) but which is extremely powerful thanks to BEAM. If you really want to do Javascript, at least do TypeScript to have a readable, maintainable code that breaks a little less V8.

(This conclusion, although true, is of course to be taken with the second degree...).

-Nokis · 06/24/2018, 15:05

Quote:

Originally Posted by DarkyZShadow

You remind me of a friend who was passionate about Node a little less than a year ago and who needed to justify all the things he did with technical arguments (which I usually knew) xD
You didn't need to justify yourself, I had already done clientless bots with Node long before you released this package and I know it works very well.

My previous comment was not about clientless bots in Node but more about Node applications in general. Besides, for this kind of thing (clientless bots) it's not where you're really need performance. If techno allows you to manage TCP connections, you can do it in anything you want (Python, Elixir, C#, Go, Rust, and even in P*P).

In conclusion, Javascript is broken, it has no real standard, and very few developers really know how to code in JS without breaking V8 optimizations. Go rather to develop in which is a "real" language (certainly a little recent and not extremely known) but which is extremely powerful thanks to BEAM. If you really want to do Javascript, at least do TypeScript to have a readable, maintainable code that breaks a little less V8.

(This conclusion, although true, is of course to be taken with the second degree...).

Who talked about standards? Who talked about Node.js is better than others? I said that it fits well for this kind of projects because is easy to develop with and can handle them without big problems. I would never use Node.js for a production NosTale server, for example. I would rather make a PoC server like you did and I did.

Quote:

Go rather to develop in which is a "real" language (certainly a little recent and not extremely known) but which is extremely powerful thanks to BEAM.

Erlang and Elixir are extremely good at things that require fast I/O and high availability. The same argumentations you wrote to Node.js can be applied to Elixir: it's not the best language for CPU intensive tasks. The only difference is the built-in scalability and fault-tolerance. I could achieve a less optimized but similar results using load balancers and clusterizing. Go ask Blowa how to combine Docker with Kubernetes.

Quote:

My previous comment was not about clientless bots in Node but more about Node applications in general. Besides, for this kind of thing (clientless bots) it's not where you're really need performance. If techno allows you to manage TCP connections, you can do it in anything you want (Python, Elixir, C#, Go, Rust, and even in P*P).

This entire section is about NosTale, this topic is about NosTale clientless bot/cryptography. I was clearly talking about running a clientless on PI not the entire Facebook infrastructure. What was the purpose of your previous comment then?
I've always liked how you guys have to show how much things you know and how you feel superiors to others. You always make me laugh so fucking much. Like here:

Quote:

You remind me of a friend who was passionate about Node a little less than a year ago and who needed to justify all the things he did with technical arguments (which I usually knew) xD
You didn't need to justify yourself, I had already done clientless bots with Node long before you released this package and I know it works very well.

DarkyZShadow · 06/24/2018, 15:37

Spoiler

It's really funny to see how people in this community take everything badly, can't read messages to the end or just don't understand the second degree...

DarkyZShadow · 06/24/2018, 17:49

Quote:

Originally Posted by Cryless~

No. I find it amusing to read the usual 2 french idiots who until yesterday were using Node.js/JS for everything (website, launcher, even a part of their "awesome" emulator...) while today they are here to complain about a guy who shared his own work to contribute to the community progress.

I have seen dozens of cool bots written in Node.js including one interfaced with Cleverbot, another that worked as jackpot, etc...

I would really like to know how many of these you wrote. Really, @, I would like to see what you did for this community apart criticizing the few good elements that make them parts.

Where the f*ck did you see criticism in my messages?
Where did I (really) criticize Node? It would really surprise me that I did, since even if the JS is a bit broken (it's a fact), it still remains one of my favorite technology.
Where did I (really) criticize Nokis?

About the community, whether you like it or not, it clearly s*cks. Of course there are good people, of course there are strong people in programming, of course there are talented people in Game Hacking, but they are only a minority of this community.

EDIT : We are polluting a thread. If you really want to debate, come on Discord or PM.

-Nokis · 06/24/2018, 18:40

Quote:

Originally Posted by DarkyZShadow

Where the f*ck did you see criticism in my messages?
Where did I (really) criticize Node? It would really surprise me that I did, since even if the JS is a bit broken (it's a fact), it still remains one of my favorite technology.
Where did I (really) criticize Nokis?

About the community, whether you like it or not, it clearly s*cks. Of course there are good people, of course there are strong people in programming, of course there are talented people in Game Hacking, but they are only a minority of this community.

EDIT : We are polluting a thread. If you really want to debate, come on Discord or PM.

Okay, calm down everyone.
The purporse of my 4 reasons message was to explain to OTHERS why Node.js could be a good way to make a clientless bot, not you. Even though this is a conversation with you, it's public: someone could misunderstand your words.

The thing that has made me mad is this part:

Quote:

You remind me of a friend who was passionate about Node a little less than a year ago and who needed to justify all the things he did with technical arguments (which I usually knew) xD
You didn't need to justify yourself, I had already done clientless bots with Node long before you released this package and I know it works very well.

I felt attacked, but I won't argue more because I've talked to Blowa and, apparently, you didn't mean what I though.

Peace.
Friends/Strangers as before.

lika85 · 08/19/2018, 13:28

How exactly do you use encryptSession? As far as I remember it is
send(Crypto.encryptSessionPacket(packetId+" "+session),session);
but your function only encrypts the number.

PHP Code:


			
   async createVersion (nosPathOrVersion, directx = 'NostaleClientX.exe') {
    let nosPath = null
    let version = null

    if (await Utils.isDirectory(nosPathOrVersion)) {
      nosPath = nosPathOrVersion
    } else {
      if (nosPathOrVersion == null || nosPathOrVersion.split('.').length !== 4) {
        throw new Error(
          'Invalid Nostale Path/Client version. ' +
          'If you are on Windows you can either choose to provide the nostale path or a valid Client version as first argument. ' +
          'You can find the Client version by right clicking on NostaleClientX.exe > Properties > Details.'
        )
      }

      version = nosPathOrVersion
    }

also you should look at index:76

-Nokis · 09/11/2018, 10:39

Quote:

Originally Posted by lika85

How exactly do you use encryptSession? As far as I remember it is
send(Crypto.encryptSessionPacket(packetId+" "+session),session);
but your function only encrypts the number.

PHP Code:

async createVersion (nosPathOrVersion, directx = 'NostaleClientX.exe') { let nosPath = null let version = null if (await Utils.isDirectory(nosPathOrVersion)) { nosPath = nosPathOrVersion } else { if (nosPathOrVersion == null || nosPathOrVersion.split('.').length !== 4) { throw new Error( 'Invalid Nostale Path/Client version. ' + 'If you are on Windows you can either choose to provide the nostale path or a valid Client version as first argument. ' + 'You can find the Client version by right clicking on NostaleClientX.exe > Properties > Details.' ) } version = nosPathOrVersion }

also you should look at index:76

The packet id is not mandatory. I've never used it.

You should encrypt the session number with the session encryption, send it and then send username and password encrypted with the world encryption.

Apourtartt · 01/24/2019, 22:08

Quote:

Originally Posted by BladeTiger12

Nice idea & Thanks for that
But the C++ crypto had a little bug as far as I know.
I'm not 100% sure!

Last time I used it was 1 year ago?
And sometimes the server didn't accept my packets.

True : when the packet number* exceeds 65535, the encryption is wrong and the game server close the connection.

* : I mean the first word of the packet, for example in : 52341 say hello the packet number is 52341.

I don't know if someone fixed it, I am going to open a thread to try to get the solution because I have no clue. It really causes a lot of trouble knowing the packet number increases by 1 every sent packet.

bledior · 04/11/2022, 21:33

@

Hello, any updates on this? Btw Its not available on npm.