|
You last visited: Today at 12:02
Advertisement
ThinClient for pserver
Discussion on ThinClient for pserver within the Nostale forum part of the MMORPGs category.
06/11/2019, 14:03
|
#1
|
elite*gold: 0 
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
ThinClient for pserver
Hi, i'm not really following news on official server but it seems like gameforge did a nice thing recently for security (the ThinClient).
I would like noscore to implement this new connexion packet.
Is there anybody who made a tool to generate a pserver thinclient (ip/port change + api adresses) ?
from what i know it use json-rpc to send those information so their is 2 way to do such a tool.
- Edit the nostale launcher
- Create a special launcher which rpc with the exe
I will certainly work on this later as i want to implement this but if anybody is already working on it or already have it i'm interested.
|
|
|
|
06/13/2019, 09:07
|
#2
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
Just a small up with some information I found:
The client is using jsonrpc via named pipe to get the token from the launcher.
from what i can see their is two main name pipes:
\\.\pipe\GameforgeClientJSONRPCMS2
\\.\pipe\GameforgeClientDaemonMS2
I'm pretty comfident the information i'm searching for is passed by the first one.
Unfortunately i haven't been able to sniff those pipe for the moment so if anybody has any idea of how i could eventually sniff it i'm interested.
|
|
|
|
|
06/13/2019, 10:00
|
#3
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
You are too late.
|
|
|
|
|
06/13/2019, 10:18
|
#4
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
Quote:
Originally Posted by Cryless~
You are too late.
|
No this is auth token generation and how to use the gameforge api.
what i'm looking for is a way to make the client able to use my own api for pserver.
|
|
|
|
|
06/13/2019, 10:39
|
#5
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
Quote:
Originally Posted by 0Lucifer0
No this is auth token generation and how to use the gameforge api.
what i'm looking for is a way to make the client able to use my own api for pserver.
|
As far as I know NosTale is not using jsonrpc for sending/receiving in-game packets but I may be wrong.
|
|
|
|
|
06/13/2019, 10:48
|
#6
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
Quote:
Originally Posted by Cryless~
As far as I know NosTale is not using jsonrpc for sending/receiving in-game packets but I may be wrong.
|
the new client is.
the client only start with GF parameter then talk with the launcher to get the token by jsonRpc.
proof just start the NostaleClientX from cmd with parameter gf (if the launcher is started it connects else you get )
this proof that the client and the launcher are talking each other. looking the asm it goes into rpc dll and their is a dll for named pipe in the launcher + a named pipe named:
\\.\pipe\GameforgeClientJSONRPCMS2
Edit i got what i wanted with IO ninja i was using
\\.\pipe\GameforgeClientJSONRPCMS2
instead of
\GameforgeClientJSONRPCMS2
|
|
|
|
|
06/13/2019, 11:31
|
#7
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
Quote:
Originally Posted by 0Lucifer0
the new client is.
the client only start with GF parameter then talk with the launcher to get the token by jsonRpc.
proof just start the NostaleClientX from cmd with parameter gf (if the launcher is started it connects else you get )
this proof that the client and the launcher are talking each other. looking the asm it goes into rpc dll and their is a dll for named pipe in the launcher + a named pipe named:
\\.\pipe\GameforgeClientJSONRPCMS2
Edit i got what i wanted with IO ninja i was using
\\.\pipe\GameforgeClientJSONRPCMS2
instead of
\GameforgeClientJSONRPCMS2 |
I think jsonrpc is only used to retrieve log-in token not in-game traffic. What you are trying to say has already been documented in the README.md of GitHub repository I sent you.
|
|
|
|
|
06/13/2019, 11:34
|
#8
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
no it hasn't. What's in the readme is the explanation on how gameforge/launcher are talking.
not how launcher/client are. We know client is converting but we didn't know how. We need to named pipe for this and i'm currently working on a proof of concept for it
|
|
|
|
|
06/13/2019, 11:43
|
#9
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
Quote:
Originally Posted by 0Lucifer0
no it hasn't. What's in the readme is the explanation on how gameforge/launcher are talking.
not how launcher/client are. We know client is converting but we didn't know how. We need to named pipe for this and i'm currently working on a proof of concept for it |
In the land of the blind the one-eyed man is king.
|
|
|
|
|
06/13/2019, 11:45
|
#10
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
Quote:
Originally Posted by Cryless~
In the land of the blind the one-eyed man is king.
|
yes this is here but not explaining anything on the json rpc pipe... do you know the format of what you receive and suppose to send on this pipe ?
this was my question.
but now i succesfully the pipe i can do what i want
|
|
|
|
|
06/13/2019, 11:49
|
#11
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
Quote:
Originally Posted by 0Lucifer0
yes this is here but not explaining anything on the json rpc pipe... do you know the format of what you receive and suppose to send on this pipe ?
this was my question.
but now i succesfully the pipe i can do what i want
|
I believe it was posted somewhere on the forum.
But it is log-in related not in-game traffic and it is not more "secure" than normal packet. I would like to read more about the NosTale json protocol.
|
|
|
|
|
06/13/2019, 11:51
|
#12
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
Quote:
Originally Posted by Cryless~
I believe it was posted somewhere on the forum.
But it is log-in related not in-game traffic and it is not more "secure" than normal packet. I would like to read more about the NosTale json protocol.
|
it is definitly more secure than sending plaintext password over tcp. Connection to the world use to send password. Now it doesn't anymore.
It can also be used to remove sha512 and use pbkdff2 or bcrypt
|
|
|
|
|
06/13/2019, 11:55
|
#13
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
Quote:
Originally Posted by 0Lucifer0
it is definitly more secure than sending plaintext password over tcp. Connection to the world use to send password. Now it doesn't anymore.
It can also be used to remove SHA512 and use pbkdff2 or bcrypt
|
I was talking about log-in packet not world server. I totally forgot it. As far as I know sha512 has never been compromised.
|
|
|
|
|
06/13/2019, 11:59
|
#14
|
elite*gold: 0
Join Date: May 2009
Posts: 1,005
Received Thanks: 1,019
|
Quote:
Originally Posted by Cryless~
I was talking about log-in packet not world server. I totally forgot it. As far as I know sha512 has never been compromised.
|
it's not compromised but in this case it's not salted so it can be reversed easily if your password is in a dictionary
|
|
|
|
|
06/13/2019, 12:50
|
#15
|
elite*gold: 0
Join Date: Sep 2015
Posts: 482
Received Thanks: 532
|
Quote:
Originally Posted by 0Lucifer0
it's not compromised but in this case it's not salted so it can be reversed easily if your password is in a dictionary
|
It can be cracked, not reversed, only if victim's password is too weak and any security measure is not enough for such people. In anyway the plaintext password (not sure if hashed) is sent to and you can easily sniff it. It does not matter how you implement it on server side.
It may be safer because sent once but still vulnerable.
|
|
|
|
 |
|
Similar Threads
|
[Release] thinClient Patcher(Multiclient)
11/03/2020 - Nostale Hacks, Bots, Cheats & Exploits - 19 Replies
Hey, i think probably there are people that will need a multiclient as gameforge made this update and why after so many years? now they finally want to change something?(my opinion) anyways.
What is this?
So i made a small tool for you guys. This should allow you to start multiple clients from the original gameforge launcher.
Note: I Did not tested it so much but should work:D.
How To Use?
1- Start the gameforge launcher.
2- Start 'NT_Multiclient Patcher.exe' as admin.
3- Wait for...
|
Thinclient per RDP (o.A) neustarten lassen
05/31/2013 - Technical Support - 9 Replies
Moin,
zur Situation:
Ich betreibe in der Firma meines Dad's unter Anderem einen Terminalserver (Win2k8 R2), auf dem ich per installierter RDP Rolle/Dienst, verschiedene ThinClients betreibe (Chip-PC ist der Hersteller).
Diese TC's machen nichts anderes als Statistiken oder Ähnliches, auf Monitoren anzeigen in vers. Räumen.
Die TC's benutzen eine abgespackte Windows Oberfläche mit einer RDP Session auf den Terminalserver, die direkt nach dem Starten des TC's automatisch aufgerufen...
|
All times are GMT +1. The time now is 12:04.
|
|
