Hello, I'll show up with a quick guide of the possibilitie's for a packetbot is still in the run.
First of all
The packet's are handled as the same structure/handling/encrypting (It are just bit's, since Darkorbit has this a long time it is possible for seafight to)..
The Encryption/algorithm story is partly true, but doesn't contain's any difference as Darkorbit. And since it is possible to make bot's for Darkorbit, it should be possible for Seafight to?
Well then make my day
I've been sniffing, and disassembling the SeafightMain.swf, and found a few (funny) things..
First of all, it's really refreshing and a nice change to see someone with some decent skills in reverse engineering and packet handling here.
When they changed the protocol I also investigated a little bit (using actually the same tools like you did - a disassembler and Wireshark). I didn't spend too much time on the reverse engineering of the protocol though. Like you say, it's just byte based and with some time it should be possible to decipher the most relevant parts. The tricky part might be to actually send commands.
On a side note, I'm pretty sure that the "Red Corsar" package you show in the example actually consists of two packages. I've seen those prepended messages alot, but I'm not sure what they are actually. Maybe some kind of resync?
Btw, did you manage to actually decompile the SeafightMain.swf? Or did you only disassemble it? I'm asking because the obfuscation breaks all decompilers of my knowledge, and the disassembled code is truly painfully to read..
One more thing: Try to get the debug log of the client to work. The seachart is launched with log-parameters for flash, and in some way you can attach a logger there. This was used before, and you could even display that log in earlier versions of the client. If you can get that to work, it will be a huge help to decipher the protocol, as the log basically shows what each package means in detail.
Anyways, great to see you are investing work on the topic. If you are able to create a library for the protocol, that would be truly amazing.
I got the old Encoding files from the R63b version of Habbo.. which used the same system/structure with Reversed Byte's.. so it would work.. but I can't find the packet structures in my decompiled swf I got..
U may look at it maybe u can get something.. Program used to decompile: AS3 Sorcerer 1.40
Encoding classes I got:
GeneralSystem.cs
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace Seafight_wBot.SeafightCrypto.Willie_Wortel
{
class GeneralSystem
{
public static bool IsValidString(string inputStr)
{
if (string.IsNullOrEmpty(inputStr))
{
return false;
}
for (int i = 0; i < inputStr.Length; i++)
{
string s = inputStr[i].ToString();
if (s == "." || s == "," || s == ";" || s == ":" || s == "<" || s == ">" || s == "@" || s == @"\" || s == "/")
{
return true;
}
else if (!(IsLetter(s)))
{
return false;
}
}
return true;
}
public static bool IsValidInt(string inputStr)
{
if (string.IsNullOrEmpty(inputStr))
{
return false;
}
for (int i = 0; i < inputStr.Length; i++)
{
string s = inputStr[i].ToString();
if (!(char.IsNumber(inputStr[i])))
{
return false;
}
}
return true;
}
public static bool IsValidName(string inputStr)
{
if (string.IsNullOrEmpty(inputStr))
{
return false;
}
for (int i = 0; i < inputStr.Length; i++)
{
string s = inputStr[i].ToString();
if (s == "." || s == "," || s == ";" || s == ":" || s == "<" || s == ">" || s == "@" || s == @"\" || s == "/" || s == "#")
{
return true;
}
else if (!(IsLetter(s)) && !(char.IsNumber(inputStr[i])))
{
return false;
}
}
return true;
}
public static bool IsLetter(string s)
{
s = s.ToLower();
if (s == "a" || s == "b" || s == "c" || s == "d" || s == "e" || s == "f" || s == "g"
|| s == "h" || s == "i" || s == "j" || s == "k" || s == "l" || s == "m" || s == "n" || s == "ñ"
|| s == "o" || s == "p" || s == "q" || s == "r" || s == "s" || s == "t" || s == "u" || s == "v"
|| s == "w" || s == "x" || s == "y" || s == "z" || s == "¡" || s == "!" || s == "¿" || s == "?" || s == "á"
|| s == "é" || s == "í" || s == "ó" || s == "ú" || s == "|" || s == "#" || s == "-" || s == "_" ||
s == "[" || s == " " || s == "]")
return true;
else
return false;
}
}
}
SeafightCMessage.cs
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace Seafight_wBot.SeafightCrypto.Willie_Wortel
{
class SeafightCMessage
{
public static string cypherShort(int v) // str len, packet len, packet header -- b64
{
string t = "";
t += (char)((v >> 8) & 0xFF);
t += (char)((v >> 0) & 0xFF);
return t;
}
public static string cypherInt(int v)
{
string t = "";
t += (char)((v >> 24) & 0xFF);
t += (char)((v >> 16) & 0xFF);
t += (char)((v >> 8) & 0xFF);
t += (char)((v >> 0) & 0xFF);
return t;
}
public static int DecodeBit24(string v)
{
if ((v[0] | v[1] | v[2] | v[3]) < 0)
return -1;
return ((v[0] << 24) + (v[1] << 16) + (v[2] << 8) + (v[3] << 0));
}
public static int DecodeBit8(string v)
{
if ((v[0] | v[1]) < 0)
return -1;
return ((v[0] << 8) + (v[1] << 0));
}
}
public class SClientMessage
{
public String oString;
private String oData;
public SClientMessage(string Data)
{
oString = Data;
oData = oString.Substring(6);
}
public int Lenght()
{
return SeafightCrypto.DecodeBit8(oString.Substring(2, 4));
}
public int Header()
{
return SeafightCrypto.DecodeBit8(oString.Substring(4, 6));
}
public int GetNextInt()
{
int result = SeafightCrypto.DecodeBit24(oData.Substring(0, 4));
oData = oData.Substring(4);
return result;
}
public String GetNextString()
{
int len = SeafightCrypto.DecodeBit8(oData.Substring(0, 2));
oData = oData.Substring(2);
String Result = oData.Substring(0, len);
oData = oData.Substring(len);
return Result;
}
}
class ClientMessage
{
public String oString;
public String oData;
public ClientMessage(string Data)
{
oData = Data.Substring(4);
}
public int Header()
{
int Header = SeafightCrypto.DecodeBit8(oData.Substring(0, 2));
oData = oData.Substring(2);
return Header;
}
public bool CanGetNextString()
{
try
{
int len = SeafightCrypto.DecodeBit8(oData.Substring(0, 2));
if (len > 0)
{
String Result = oData.Substring(0, len);
if (Result != "")
return true;
else
return false;
}
else
return false;
}
catch
{
return false;
}
}
public int NewNextInt()
{
int result = SeafightCrypto.DecodeBit24(oData.Substring(1, 4));
return result;
}
public int GetNextInt()
{
int result = SeafightCrypto.DecodeBit24(oData.Substring(0, 4));
oData = oData.Substring(4);
return result;
}
public String GetNextString()
{
int len = SeafightCrypto.DecodeBit8(oData.Substring(0, 2));
oData = oData.Substring(2);
String Result = oData.Substring(0, len);
oData = oData.Substring(len);
return Result;
}
}
}
SeafightCrypto.cs
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace Seafight_wBot.SeafightCrypto.Willie_Wortel
{
public class SeafightCrypto
{
public static string EncodeBit32(string v)
{
return EncodeBit32(v.Length);
}
public static string EncodeBit32(int v) // int
{
string t = "";
t += (char)0; // 4 bytes
t += (char)((v >> 24) & 0xFF); // 3 bytes
t += (char)((v >> 16) & 0xFF); // 2 bytes
t += (char)((v >> 8) & 0xFF); // 1 byte
t += (char)((v) & 0xFF);
return t;
}
public static int DecodeBit24(string v)
{
if ((v[0] | v[1] | v[2] | v[3]) < 0)
return -1;
return ((v[0] << 24) + (v[1] << 16) + (v[2] << 8) + (v[3] << 0));
}
public static int DecodeBit8(string v)
{
if ((v[0] | v[1]) < 0)
return -1;
return ((v[0] << 8) + (v[1] << 0));
}
}
}
SeafightEncoders.cs
Code:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace Seafight_wBot.SeafightCrypto.Willie_Wortel
{
class SeafightEncoders
{
string Data;
int Header;
int Lenght;
public string[] ExtraDatas;
int e1 = 0;
int e2 = 0;
internal SeafightEncoders(string InternalData)
{
Data = InternalData;
string conn = Data.ToString();
conn = conn.Replace("{char0}", Convert.ToChar(0).ToString());
conn = conn.Replace("{char1}", Convert.ToChar(1).ToString());
conn = conn.Replace("{char2}", Convert.ToChar(2).ToString());
conn = conn.Replace("{char13}", Convert.ToChar(13).ToString());
string final = "";
foreach (char C in conn)
{
string zC = "{char" + (int)C + "}";
final += zC;
}
final = final.Replace("{char", "");
final = final.Substring(0, final.Length - 1);
final = final.Replace("}", ";");
string[] ToSepare = final.Split(';');
int sLenght = SeafightCrypto.DecodeBit8(InternalData.Substring(2, 2));
int sHeader = SeafightCrypto.DecodeBit8(InternalData.Substring(4, 2));
string Extra = "";
for (int i = 6; i != ToSepare.Length; i++)
{
string s = Convert.ToChar(int.Parse(ToSepare[i])).ToString();
string Fs = "";
if (ToSepare.Length > i + 1)
Fs = Convert.ToChar(int.Parse(ToSepare[i + 1])).ToString();
if (GeneralSystem.IsValidName(s))
{
Extra += Convert.ToChar(int.Parse(ToSepare[i]));
if (!GeneralSystem.IsValidName(Fs))
Extra += ";";
}
else
Extra += ToSepare[i] + ";";
}
Header = sHeader;
Lenght = sLenght;
ExtraDatas = Extra.Split(';');
}
internal int CharEncode_GetHeader()
{
return Header;
}
internal int CharEncode_GetLenght()
{
return Lenght;
}
internal string CharEncode_GetNextString()
{
while (true)
{
if (ExtraDatas.Length < e1)
return null;
if (GeneralSystem.IsValidString(ExtraDatas[e1]))
return ExtraDatas[e1];
else
e1++;
}
}
internal int CharEncode_GetNextInt()
{
while (true)
{
if (ExtraDatas.Length < e1)
return -1;
if (GeneralSystem.IsValidInt(ExtraDatas[e1]))
return int.Parse(ExtraDatas[e1]);
else
e1++;
}
}
}
}
hey guys what i have to say is now in darkorbit packet bots are possible but if you use them you get an instant ban and also when the encryption started darkorbit bot developers were updating they`re bots every 2-3 days because darkorbit made updates at 2-3 days so think about it lets say its possible to make a sf bot but will you spend your time 24/7 on pc to update it everytime? and then what will they introduce the same stuff like on darkorbit packets send=ban|?
hey guys what i have to say is now in darkorbit packet bots are possible but if you use them you get an instant ban and also when the encryption started darkorbit bot developers were updating they`re bots every 2-3 days because darkorbit made updates at 2-3 days so think about it lets say its possible to make a sf bot but will you spend your time 24/7 on pc to update it everytime? and then what will they introduce the same stuff like on darkorbit packets send=ban|?
Lol, again that romanian geek.. I'll sent Kpt.Terror if u won't get out here man..
Go talk trash somewhere else.. Darkorbit isn't updating ever 2-3 day's.. and instant ban is also bull***.. look the map's dude..
Not bad, it would be great to find the new encryption algorithm.
I'll make the SeaBot working again.
I decompiled the SeafightMain and this should be the function that send the packets (variables are been renamed for a better understanding):
Code:
private var sf_socket:Socket;
private var bytes:ByteArray;
public final function send(param1:SFPacket) : void {
if(!this.sf_socket || !this.sf_socket.connected)
{
return;
}
this.bytes.clear();
param1.encrypt_function(this.bytes);
this.sf_socket.writeShort(this.bytes.length);
this.sf_socket.writeBytes(this.bytes,0,this.bytes.length);
this.sf_socket.flush();
}
But if i understand well, each object has a different algorithm.
This is the main class:
Code:
package SFObjects
{
import flash.display.Stage;
import flash.events.MouseEvent;
import com.bigpoint.seafight.tools.*;
import flash.display.DisplayObject;
import flash.events.Event;
import flash.utils.IDataInput;
import flash.utils.IDataOutput;
public interface -_----__-_
{
function -__--_____---() : int;
function -----_-_-__-() : int;
function -_-_---_____-() : int;
function ---___-_---_() : int;
function decrypt_function(param1:IDataInput) : void;
function encrypt_function(param1:IDataOutput) : void;
}
}
And this is an example of a single object:
Code:
package Object
{
import ---______--_.-_----__-_;
import flash.utils.IDataInput;
import flash.utils.IDataOutput;
import flash.display.MovieClip;
import flash.geom.ColorTransform;
import flash.display.Bitmap;
import flash.geom.Point;
public final class -----__-_-__ extends Object implements -_----__-_
{
public function -----__-_-__(param1:int=0) {
super();
this.duration = param1;
}
public static const instance:-----__-_-__ = new -----__-_-__();
private var _version:int = 0;
public var duration:int = 0;
public function -__--_____---() : int {
return -7998;
}
public function -----_-_-__-() : int {
return 0;
}
public function -_-_---_____-() : int {
return this._version;
}
public function ---___-_---_() : int {
return 2;
}
public function decrypt_function(param1:IDataInput) : void {
this._version = param1.readShort();
this._version = 65535 & ((65535 & this._version) << 16 % 16 | (65535 & this._version) >>> 16 - 16 % 16);
this._version = this._version > 32767?this._version - 65536:this._version;
this.duration = param1.readShort();
this.duration = 65535 & ((65535 & this.duration) >>> 15 % 16 | (65535 & this.duration) << 16 - 15 % 16);
this.duration = this.duration > 32767?this.duration - 65536:this.duration;
}
public function encrypt_function(param1:IDataOutput) : void {
param1.writeShort(-7998);
param1.writeShort(65535 & ((65535 & 0) >>> 16 % 16 | (65535 & 0) << 16 - 16 % 16));
param1.writeShort(65535 & ((65535 & this.duration) << 15 % 16 | (65535 & this.duration) >>> 16 - 15 % 16));
}
}
}
Lol, again that romanian geek.. I'll sent Kpt.Terror if u won't get out here man..
Go talk trash somewhere else.. Darkorbit isn't updating ever 2-3 day's.. and instant ban is also bull***.. look the map's dude..
lol i am not kpt.Terror and also trust me there wont be no new packet bots
than if instantban is bullshit why kbot/ibot is offline?
@fato90 , kpt.terror is me
@willie hey mate,i see u started doing your stuff again, very nice, i really appreciate it
@ionutzel222 dont make me find your ip,we live in the same country, you can get your *** whooped really fast.stop trying to show everybody else how **** smart you are,because, guess what, you AIN'T!
you're just a wanna-be , at first u wanted to be a mod, greatfully epvp staff recognised your "qualities" and didnt inherited you with any ranks, thanks *** for that! after that you wanted to expose me in some stupid way like i'm a bad guy who steals and re-sells accounts..
you ****** dumbass have i ever uploaded anything on this site and had any bad feedback about viruses? i guess not.i'm just a reseller, sold many ships, and i still get offers for it, seems like i got charm and i can find buyers for them easyer than the owners, or i got more time for this kind of things..so keep your mouth shut, and listen, read, be observative, maybe, someday, you'll learn something...'till then..STFU
Iontzel play on server global europe 3 if you watch top 5 he's name is ...Maximus... , an idiot, really arrogant. He was admin on server global europe 2 but they catch them putting items and other things like pearl, scharpnel.. And then he starting to play at gb3 and he got the most of the admins in he's hand. And he talk alot alot of *****. I can put if you want right now here he's adress. Some time ago he did putted pearls on my acc and he wanted money so i know he's adress because i did it via wester union. I don't tell if for the moment.
ionix...you might be my new best friend in this case ))
btw, you got some fake info's about this little ***** aka ionutzel222 .
he was never an admin, he's too young and stupid for that, he's like 15 or something like that, the boat he has now, it's stolen,i know from who he stole it also.
and no, he aint got no admins in his hand, his only admin friend was a finnish mod, one of my best friends, he screwed some things up and messed up the whole thing.
if he claims to be selling pearls and stuff, he's probably re-selling dialer's items, the money get's to him first, keeps his cut,then speaks with dialer as he would buy for himself...
ionix123 add me on skype at kpt.terror , wanna speak with u a little
and trust me, this little ***** aka ionutzel222 was never an admin,on any server,doesent know admins, he's a piece of .... , who just pretends to be smart
Darkorbit Packetbot! 03/25/2012 - AutoIt - 0 Replies Hallo,
Ich habe mal eine Frage ich mache einen Packetbot für Darkorbit in Autoit
ist nicht sehr wirtschaftlich ich weiß aber darum geht es mir garnicht da der bot sowieso kostenlos wird.
Und zwar hat DO seit neustem eine Verschlüsselung womit ich leider garnicht zu recht komme deswegen brauche ich jemand der mir das Knacken kann.
Da der bot Kostenlos wird würde ich mich freuen wenn es hilfsbereite leute sich finden lassen
mfg
ev;)
Push!
Game PacketBot? 12/14/2011 - AutoIt - 3 Replies Hi Commi :>
ist es möglich bzw. hat schon einer hier einen packetbot für ein spiel gemacht ?
nehmen wir Silkroad Online . Da laufen 1000sende botter rum und der IBOT
(der kostenlose bot)
ist in der Lage clientless zu laufen und zu Farmen...
ob er mit autoit geschrieben wurde weiß ich leider nicht..
mfg. Black_Beserker
DS Packetbot 11/10/2010 - C/C++ - 46 Replies hey
ich weis jetzt wie man einen text mit c++ an einen server schickt.
aber ich weis nicht, was ich zu die-staemme senden soll, um mich z.B. einzuloggen.
soll ich einfach alles schicken, was livehttp headers ausspuckt oder wie?
Packetbot in vb 08 08/19/2010 - .NET Languages - 2 Replies Hallo,
Ich wollte mal anfangen über Winsock Packet Bots zu programmieren und habe dazu dieses Tutorial gefunden :http://www.elitepvpers.com/forum/gamehacking-tutor ials/161132-tutorial-packets-sniffing-analysis.htm l
Es ist mir auch gelungen Loginpackete für das Spiel zu finden und diese zu entschlüsseln, aber wie soll ich jetzt weiter machen? Ich weiß nicht wie man diese Packete in vb senden kann, kann mir das jemand vll erklären?
habe natürlich schon sufu benutzt und gegoogled aber ohne...
Kaufe packetbot 02/04/2009 - Kal Online - 0 Replies Hi ich bin am kauf eines packetbots für den internationalen server interessiert.
wenn jemand einen hat+verkauft wär es nett sich bei mir per privat message zu melden, danke
hh7o9ezzZ
![[PACKETBOT] Why it is still possible!](https://www.elitepvpers.com/forum/iconimages/seafight/packetbot-why-still-possible_ltr.gif){kind=small}
and also trust me there wont be no new packet bots 
By the way thanks for the packet structure base InsiDe!
))
