Register for your free account! | Forgot your password?

Go Back   elitepvpers > MMORPGs > Rappelz > Rappelz Private Server
You last visited: Today at 09:59

  • Please register to post and access all features, it's quick, easy and FREE!

 

Client-Server Protocol

Reply
 
Old   #1
 
elite*gold: 0
Join Date: Apr 2012
Posts: 448
Received Thanks: 766
Client-Server Protocol

Someone can confirm that rappelz use rc4 encryption between client and server ?
At least, upload server use the same XOR key to encrypt jpg files (I haven't tested if the key change when the client is restarted), but don't know if the gameserver use the same encryption

The key used by the upload server isn't redundant, seems to be rc4 (and there is a class named xrc4cipher or so in uploadserver.exe)

So if someone knows if gameserver uses rc4 or if the upload server uses the same protocol encryption as the gameserver, his answer would be great



glandu2 is offline  
Thanks
1 User
Old   #2


 
elite*gold: 30
Join Date: May 2011
Posts: 4,795
Received Thanks: 3,179
Gameserver, Authserver, Uploadserver & SFrame, all of them using the same Protocol and the same encryption.


Xijezu is offline  
Thanks
4 Users
Old   #3
 
elite*gold: 0
Join Date: Apr 2012
Posts: 448
Received Thanks: 766
rc4 confirmed, i can now decrypt rappelz protocol, the key is the same since the old 6.1 private server at least, so maybe they will never change it
glandu2 is offline  
Thanks
1 User
Old   #4
 
elite*gold: 0
Join Date: Jan 2010
Posts: 390
Received Thanks: 392
First tip for have emulator? if you have the project to do it connect you into skype i have to speak with you


ptifou78 is offline  
Old   #5
 
elite*gold: 0
Join Date: Apr 2012
Posts: 448
Received Thanks: 766
there is debugging info with all servers. All is in files, data structure, constants, source (in asm but it doen't matter ) everything, database columns name, procedure, parameters, [...]

For an emu, mmmmh, i think an emu of the upload server would be possible xD
auth & upload shouldn't be complicated to do, but the gameserver has a LOT of things to do (10k lines of interesting structure & enums, that's a lot)

As the gameserver is really a big thing, i don't plan to do it. maybe i will make an upload server to begin, but i think i will explore all that information before, the disassembler is on captainserver.exe, it started ~1 hour ago ....... don't know if it will finish to analyse the file. Also, an emu (of the gameserver) wouldn't be a real interesting thing as everyone already know how the galanet serv works so i would make it only for fun.


Also if someone knows that: why servers are with debug symbols ? don't tell me that officials servers are also running in debug mode ? :x (or debug information is only in .pdb files ? there a lot of information in .exe, i don't use ms vc++ to know how it manage debugging symbols)

I have also 2 another projects: foobar for linux and a sort of generic game engine (for the moment there is only collision detection & opengl rendering of 3d object, modular architecture and support of all possible hardware is a must)
glandu2 is offline  
Thanks
3 Users
Old   #6
 
elite*gold: 0
Join Date: Mar 2009
Posts: 236
Received Thanks: 129
rappelz comes with some tricky parts, specially when u watch the packet parsers..
If you are intending to do it , i suggest you learn more about packet parsers ^^
misterd is offline  
Old   #7
 
elite*gold: 0
Join Date: Apr 2012
Posts: 448
Received Thanks: 766
i need nothing more to understand the protocol of rappelz, i have all needed tools/data (if not i make the needed tool )

And the protocol used between servers is the same as between the client and server, but not encrypted
glandu2 is offline  
Old   #8
 
elite*gold: 0
Join Date: Jun 2010
Posts: 573
Received Thanks: 161
i would really appreciate any tips to get the source of the gs. the auth source is floating around somewhere but it looks like its rather incomplete.
haxti is offline  
Thanks
1 User
Old   #9
 
elite*gold: 0
Join Date: Apr 2012
Posts: 448
Received Thanks: 766
the source that i have, is assembler source, it like having the source of a text file :x, using a disassembler you can get the asm source of anything ^^ (except packed/encrypted programs like sframe but that's not the case for servers)

there are also decompilers that can decompile a program, but the output is far away from original sources

it's the same as cracking other programs, disassembler help to understand how it works and after you can modify it to bypass something or else. There is also debugging symbols in pdb files so the disassembler should be able to give more information about the program
glandu2 is offline  
Old   #10
 
elite*gold: 0
Join Date: Jun 2010
Posts: 573
Received Thanks: 161
Quote:
Originally Posted by glandu2 View Post
the source that i have, is assembler source, it like having the source of a text file :x, using a disassembler you can get the asm source of anything ^^ (except packed/encrypted programs like sframe but that's not the case for servers)

there are also decompilers that can decompile a program, but the output is far away from original sources
Yea i tried some, but those are rather for .Net programmes.
haxti is offline  
Thanks
1 User
Old   #11
 
elite*gold: 0
Join Date: Apr 2012
Posts: 448
Received Thanks: 766
decompiler for .net give you almost compilable source like java decompiler. but here you will have an ugly version of the source code providing your decompiler can decompile your code (that was not always the case for me)

else you will have assembler code like this:
Code:
mov ax,81h                              ;charge dans ax l'offset du debut de la ligne de cmd
mov di,ax                               ;di=ax
mov ax,' '                              ;caractere a chercher : un espace
xor ch,ch                               ;cx=cl
mov cl,byte ptr ds:[80h]        ;cl=cx=taille de la ligne de cmd
add di,cx                               ;ajoute cx a di pour ce placer a la fin de la ligne de cmd
mov bx,di                               ;sauvegarde di dans bx
std                                     ;mode de recherche a l'envers df=1
repne scasb                             ;cherche un espace sinon s'arrete quand cx = 0 cad quand toute la ligne de cmd est parcourue
inc di                          ;incremente di pour se replacer sur l'espace
push di                         ; sauve di pour comparaison et savoir si chemin dest ok                 ---------------->-+
mov ax,'\'                              ;recherche un slash symbole de separation de nom de dossier                                     I
mov di,bx                               ;recherche dans l'arg du fichier de dest                                                                I
mov cx,080h                             ;cx=128 -> la recherche ne s'arrete jamais sauf si on deppasse la ligne de cmd  I
repne scasb                             ;recherche                                                                                                      I
add di,2                                ;di=di+2 pour se placer just apres le '\'                                                               I
                                                ;                                                                                                               I
pop cx                          ;rapelle l'emplacement du dernier arg                                                           I
(part of a msdos program to copy files with progress indicator, not optimized at all for intel 80186 using TASM)

as you see, many comments are needed to understand the program because plain assembler is not very easily understandable, that's why i take more than one day to understand the rc4 algorithm of rappelz ...
glandu2 is offline  
Old   #12
 
elite*gold: 0
Join Date: Sep 2008
Posts: 1,570
Received Thanks: 1,154
Quote:
Originally Posted by haxti View Post
Yea i tried some, but those are rather for .Net programmes.
You can use IDA do disassemble the gameserver.



If you don't have a license you can write me a pm.


c1ph3r is offline  
Thanks
1 User
Reply

Tags
protocol rc4



« Previous Thread | Next Thread »

Similar Threads
Darkorbit Client Protocol
Since the protocol has changed, I thought we could work it out together. I think that new developers can then create new tools easier (which will...
0 Replies - DarkOrbit
[BOT] For Russia Server (95 Protocol)
Бот под 95 протокол - KidOraclfhe.rar Зеркало : Dump.Ru - KidOraclfhe.rar Как его юзать : 1. Запускаем указываем путь к игре 2. В...
0 Replies - PW Hacks, Bots, Cheats, Exploits
Protocol and information for server L2j c5
waht is the protocol for c5 l2j anny can post walker for servers l2j?
1 Replies - Lineage 2
Protocol server
Hmmm, hello guys, i need some help ... I play in private server and i used l2w but the admin of server changed the protocol so now, i can't log with...
0 Replies - Lineage 2



All times are GMT +2. The time now is 09:59.


Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.

Support | Contact Us | FAQ | Advertising | Privacy Policy
Copyright ©2017 elitepvpers All Rights Reserved.