Someone can confirm that rappelz use rc4 encryption between client and server ?
At least, upload server use the same XOR key to encrypt jpg files (I haven't tested if the key change when the client is restarted), but don't know if the gameserver use the same encryption
The key used by the upload server isn't redundant, seems to be rc4 (and there is a class named xrc4cipher or so in uploadserver.exe)
So if someone knows if gameserver uses rc4 or if the upload server uses the same protocol encryption as the gameserver, his answer would be great
there is debugging info with all servers. All is in files, data structure, constants, source (in asm but it doen't matter ) everything, database columns name, procedure, parameters, [...]
For an emu, mmmmh, i think an emu of the upload server would be possible xD
auth & upload shouldn't be complicated to do, but the gameserver has a LOT of things to do (10k lines of interesting structure & enums, that's a lot)
As the gameserver is really a big thing, i don't plan to do it. maybe i will make an upload server to begin, but i think i will explore all that information before, the disassembler is on captainserver.exe, it started ~1 hour ago ....... don't know if it will finish to analyse the file. Also, an emu (of the gameserver) wouldn't be a real interesting thing as everyone already know how the galanet serv works so i would make it only for fun.
Also if someone knows that: why servers are with debug symbols ? don't tell me that officials servers are also running in debug mode ? :x (or debug information is only in .pdb files ? there a lot of information in .exe, i don't use ms vc++ to know how it manage debugging symbols)
I have also 2 another projects: foobar for linux and a sort of generic game engine (for the moment there is only collision detection & opengl rendering of 3d object, modular architecture and support of all possible hardware is a must)
rappelz comes with some tricky parts, specially when u watch the packet parsers.. If you are intending to do it , i suggest you learn more about packet parsers ^^
the source that i have, is assembler source, it like having the source of a text file :x, using a disassembler you can get the asm source of anything ^^ (except packed/encrypted programs like sframe but that's not the case for servers)
there are also decompilers that can decompile a program, but the output is far away from original sources
it's the same as cracking other programs, disassembler help to understand how it works and after you can modify it to bypass something or else. There is also debugging symbols in pdb files so the disassembler should be able to give more information about the program
the source that i have, is assembler source, it like having the source of a text file :x, using a disassembler you can get the asm source of anything ^^ (except packed/encrypted programs like sframe but that's not the case for servers)
there are also decompilers that can decompile a program, but the output is far away from original sources
Yea i tried some, but those are rather for .Net programmes.
decompiler for .net give you almost compilable source like java decompiler. but here you will have an ugly version of the source code providing your decompiler can decompile your code (that was not always the case for me)
else you will have assembler code like this:
Code:
mov ax,81h ;charge dans ax l'offset du debut de la ligne de cmd
mov di,ax ;di=ax
mov ax,' ' ;caractere a chercher : un espace
xor ch,ch ;cx=cl
mov cl,byte ptr ds:[80h] ;cl=cx=taille de la ligne de cmd
add di,cx ;ajoute cx a di pour ce placer a la fin de la ligne de cmd
mov bx,di ;sauvegarde di dans bx
std ;mode de recherche a l'envers df=1
repne scasb ;cherche un espace sinon s'arrete quand cx = 0 cad quand toute la ligne de cmd est parcourue
inc di ;incremente di pour se replacer sur l'espace
push di ; sauve di pour comparaison et savoir si chemin dest ok ---------------->-+
mov ax,'\' ;recherche un slash symbole de separation de nom de dossier I
mov di,bx ;recherche dans l'arg du fichier de dest I
mov cx,080h ;cx=128 -> la recherche ne s'arrete jamais sauf si on deppasse la ligne de cmd I
repne scasb ;recherche I
add di,2 ;di=di+2 pour se placer just apres le '\' I
; I
pop cx ;rapelle l'emplacement du dernier arg I
(part of a msdos program to copy files with progress indicator, not optimized at all for intel 80186 using TASM)
as you see, many comments are needed to understand the program because plain assembler is not very easily understandable, that's why i take more than one day to understand the rc4 algorithm of rappelz ...
Darkorbit Client Protocol 02/11/2012 - DarkOrbit - 0 Replies Since the protocol has changed, I thought we could work it out together. I think that new developers can then create new tools easier (which will help the community)! It would bring in more competition, meaning better tools, meaning a better game-play for everyone!
Is anyone willing to help?
[BOT] For Russia Server (95 Protocol) 12/18/2009 - PW Hacks, Bots, Cheats, Exploits - 0 Replies Бот под 95 протоко& #1083; -
KidOraclfhe.rar
Зеркало :
Dump.Ru - KidOraclfhe.rar
Как его юзать :
1. Запуска& #1077;м указыва& #1077;м путь к игре
2. В следующ& #1077;м окне жмем "register"
Protocol server 06/03/2006 - Lineage 2 - 0 Replies Hmmm, hello guys, i need some help ...
I play in private server and i used l2w but the admin of server changed the protocol so now, i can't log with l2w.
I think, he use the c5 protocol ... or other shit but i dunno.
Someone can help me ?
Sry for my bad english :o
) everything, database columns name, procedure, parameters, [...]
)
