If you force a browser to use HTTP, there is no need for validation since there is no certificate.
bypass it.
The internet browser allows you to make HTTP connection, because there still are some pages that don't support HTTPS, however when you make a program that is intented to make connection only to one specific website, and you are sure that it supports HTTPS I think it's easy to refuse any HTTP stuff. You can even embed the public key into your program to compare with that one downloaded from certificate, and in case you force HTTP you won't get any
Quote:
Originally Posted by DarkyZShadow
However, from the little I' ve seen, it seems like an Electron/Electron-like application.
Don't know about the GUI, but the logic part is almost fully written in Qt5
The internet browser allows you to make HTTP connection, because there still are some pages that don't support HTTPS, however when you make a program that is intented to make connection only to one specific website, and you are sure that it supports HTTPS I think it's easy to refuse any HTTP stuff.
I've never tried to do that on anything other than browsers, so I don't know. But you're probably right.
Quote:
Originally Posted by WalrossGreat
You can even embed the public key into your program to compare with that one downloaded from certificate, and in case you force HTTP you won't get any
Verifying the authenticity of the certificate issued by the server is called "certificate pinning or public key pinning". Usually the hash of the public key is used to verify it.
Quote:
Originally Posted by WalrossGreat
Don't know about the GUI, but the logic part is almost fully written in Qt5
Quote:
Originally Posted by 0Lucifer0
It doesn’t seems like electron. More like a C++ app using chromium. It definitely use chromium
I just looked quickly into the folder and noticed several files typical of an application using Chromium/Electron. For example, you can see all the DLLs "api-ms-win-core-*" and the files "natives_blob.bin", "snapshot_blob.bin" or "icudtl.dat"
I've never tried to do that on anything other than browsers, so I don't know. But you're probably right.
Verifying the authenticity of the certificate issued by the server is called "certificate pinning or public key pinning". Usually the hash of the public key is used to verify it.
I just looked quickly into the folder and noticed several files typical of an application using Chromium/Electron. For example, you can see all the DLLs "api-ms-win-core-*" and the files "natives_blob.bin", "snapshot_blob.bin" or "icudtl.dat"
Maybe. Electron use to show a node process but maybe they don’t anymore or maybe I just haven’t seen it in the tskmgr
The files are also localed in the Google Chrome/Chromium directory, and I don't think they are based on Electron. It's rather Chromium specific.
I know, and it's the opposite: it's Electron which is based on Chromium.
Electron just allows you to make native applications in Javascript, HTML and CSS. Once "compiled", Chromium is used to render it.
There is for example the League Of Legends launcher which is made with Electron. Discord also, Slack desktop, etc...
In addition, since the design of the new launcher looks very similar to an HTML/CSS design, I figured there was a very high probability that it was either Electron for the GUI, or an equivalent
In addition, since the design of the new launcher looks very similar to an HTML/CSS design, I figured there was a very high probability that it was either Electron for the GUI, or an equivalent
In the main screen of the launcher you have something like "External software", no electron here, also as far as I see electron apps tend to use ".asar" resource packages, which aren't located in the GameforgeLoginMS2 folder, I think there is low chance that the software is based on electron, but I might be wrong
In the main screen of the launcher you have something like "External software", no electron here, also as far as I see electron apps tend to use ".asar" resource packages, which aren't located in the GameforgeLoginMS2 folder, I think there is low chance that the software is based on electron, but I might be wrong
Ok, I just looked a little deeper and I'm now sure that the launcher uses Electron or another framework that works exactly the same way.
I have the source code of the front part (after it has been built by webpack :/) and it is indeed web.
@ during your research have you seen anything special with the login packet returned in case of thinClient auth ?
returning NsTeST normal packet doesn't seems to show anything(empty list of server).
If you don't know anything about it I will obviously build a tool for it but you may already have done some tool to see this login packet ?
@ during your research have you seen anything special with the login packet returned in case of thinClient auth ?
returning NsTeST normal packet doesn't seems to show anything(empty list of server).
If you don't know anything about it I will obviously build a tool for it but you may already have done some tool to see this login packet ?
seems like the new info is 4 instead of 1 as name of the last server (splitter) and the 2 after accountName (not sure what it suppose to be) maybe the language
seems like the new info is 4 instead of 1 as name of the last server (splitter) and the 2 after accountName (not sure what it suppose to be) maybe the language
the first packet was from DE, i tried again on PL and it's still 2.
=> Not the server amount
=> Not the language
i'll try on other servers, but seems to be always 2
the first packet was from DE, i tried again on PL and it's still 2.
=> Not the server amount
=> Not the language
i'll try on other servers, but seems to be always 2
the logic is now working with my branch of noscore but i get a very strange packet sent by the client
i don't remember seing this strange thing on official i kindof remember seeing something like thisisgfmode. Any idea why my client send this when i start on private server ?
It's probably trying to send the password, but it doesn't exists. Have you opened the client in a proper way? Maybe you missed one argument or something.
the logic is now working with my branch of noscore but i get a very strange packet sent by the client
i don't remember seing this strange thing on official i kindof remember seeing something like thisisgfmode. Any idea why my client send this when i start on private server ?
[Release] thinClient Patcher(Multiclient) 11/03/2020 - Nostale Hacks, Bots, Cheats & Exploits - 19 Replies Hey, i think probably there are people that will need a multiclient as gameforge made this update and why after so many years? now they finally want to change something?(my opinion) anyways.
What is this?
So i made a small tool for you guys. This should allow you to start multiple clients from the original gameforge launcher.
Note: I Did not tested it so much but should work:D.
How To Use?
1- Start the gameforge launcher.
2- Start 'NT_Multiclient Patcher.exe' as admin.
3- Wait for...
Thinclient per RDP (o.A) neustarten lassen 05/31/2013 - Technical Support - 9 Replies Moin,
zur Situation:
Ich betreibe in der Firma meines Dad's unter Anderem einen Terminalserver (Win2k8 R2), auf dem ich per installierter RDP Rolle/Dienst, verschiedene ThinClients betreibe (Chip-PC ist der Hersteller).
Diese TC's machen nichts anderes als Statistiken oder Ähnliches, auf Monitoren anzeigen in vers. Räumen.
Die TC's benutzen eine abgespackte Windows Oberfläche mit einer RDP Session auf den Terminalserver, die direkt nach dem Starten des TC's automatisch aufgerufen...
during your research have you seen anything special with the login packet returned in case of thinClient auth ?
