[RELEASE] Rappelz Packet Bridge

[mongreldogg]

Long time short, didnt release something here for about 2 or 3 years or so...

...

Since i have returned to Rappelz development and mostly spend my free time for some networking, it was really required for me to create a tool which dumps all Rappelz packets to see its contents. So, after i made this tool, i decided to release it.

Rappelz Packet Bridge usage guide

Configuration

There are 3 configuration files loaded by tool as default.

Packet Descriptor configration
It contains string identifiers for common packet IDs in a transfer.

 Spoiler

TYPE:<type_id>

Used to define current type of packets transfer.In a file provided in tool archive you can see packets of types TS_AG, TS_GA, but they are not actually used by a tool.
Common types for tool are TS_AC=3, TS_CA=4, TS_CS=5, TS_SC=6 and MISC=7.

<id>:<description>

Defines int:string pair to describe a packet with defined ID with its description string

Auth bridge configuration

This file provides common config for client->auth and auth->client packets bridge.

 Spoiler

listener.ip:<ip_address>

Defines an address on which a bridge tool will listen for clients.

listener.port:<port>

Defines a port on which a bridge will listen for clients.

ep.ip:<ip_address>

Defines a target server IP address which will recieve packets passed through bridge.

ep.port:<port>

Defines a target server port which is binded to recieve connection requests and packets from clients and will recieve it from a bridge.

transfer.type: AUTH

Defines a transfer type for a connection instance created when connected to a bridge on a current port. AUTH for auth server bridge, GAME for game server bridge. If not defined, packets will never be described when dumped.

Game bridge configuration

This file provides common config for client->GS and GS->client packets bridge.

 Spoiler

listener.ip:<ip_address>

Defines an address on which a bridge tool will listen for clients.

listener.port:<port>

Defines a port on which a bridge will listen for clients.

ep.ip:<ip_address>

Defines a target server IP address which will recieve packets passed through bridge.

ep.port:<port>

Defines a target server port which is binded to recieve connection requests and packets from clients and will recieve it from a bridge.

transfer.type: GAME .. you already know

Installation

The bridge is a standalone application which recieves Rappelz packets from both client and server, decodes it using RC4Cipher, shows it in log window and passes through.

To make bridge dumping packets, you should open it on same port your auth/game server binds. Also you have to open a game server on addressort accessible only for a bridge. Its possible using a domain defined in Hosts file or a virtual machine.

Examples:

 Spoiler

Hosts file configuration:

127.0.0.1 rztest.com

Bridge configuration

auth.config.opt:
listener.ip: 127.0.0.1
listener.port: 4500
ep.ip: <auth_external_ip>
ep.port: 4500
transfer.type: AUTH

game.config.opt:
listener.ip: 127.0.0.1
listener.port: 4514
ep.ip: <game_external_ip>
ep.port: 4514
transfer.type: GAME

Server instance configuration:

According to a config described here, auth server should be open to bind port 4500, when game server should be open to bind port 4514 on address rztest.com.

Tips

This tool only shows raw data of packets which are decoded themselves by RC4Cipher. That means the actual packets content you see in logs is different from one that is passed through network, as well as all packets are encoded with this cipher.

This tool also shows packets content including header which describes ther IDs and length (see TS_MESSAGE packet structure).

Credits

I am really proud of working with Glandu2 last time, again, discussing ideas and taking tons of helpful information, as always. So, credits on this tool are shared with him.

Development and support

Most likely, this tool will never meet a world as naked open source, so, for now its only a tool which allows to dump packets and observe its contents in an easy and comfortable way.

Same, i think it will not have a development support in the future. The program is basically developed as a tool for own purposes, but anyways, released as might be helpful for someone.

Download

With a shame, i can only say that VirusTotal recognized the actual tool as malicious using a bunch of weird algorhytms i have never even seen before.

So, its 4/60 but i have no time to google a description of those types of malwares it found and fix code parts which could be a cause of such analysis.

Simply saying: no trust - no DL.

[MohcenMaher]

thanks

[[ProGramer]sFa7]

Good work but what useful this tool

[mongreldogg]

Quote:

Originally Posted by [ProGramer]sFa7

Good work but what useful this tool

this tool is useful for dumping packets to see which packets are sent by client and server on any action, see contents of packets and compare with values given in game. this data can be usefuul to collect for creating game server or game client emulation software

[gr4ph0s]

I wanted to poke around on some servers, and realized they used a GameServer port bigger than an Int16, making the app crashing.

So I changed in private void AcceptClients() from Convert.ToInt16 to Convert.ToInt32 and it all works like a charm!

If someone is interested find bellow the edited executable