What is patch seed

[vitalka]

Can someone explain me what patch seed is?

[bootdisk]

Hmm...
When I first started with my mini loader, I didn't care about bots but later on, people started asking for redirection.
From my tests some of the bots were in the need of it...
Gotta take a look... brb.

Edit: can't compile it, but perhaps it's related to security, that might be why some of those bots were failing without it (I guess it patch the seed so it gets the same result). I think only pushedx would answer this or someone else that has made a loader.

[Schickl]

As far as I know it sets the blowfish key to 0xFF(every 8 bytes ofc)

[bheaven]

it sets the initial blowfish seed.
usually it is patched to "0x33" since this is what drew used when he released his first loader / proxy framework SR33. the value isnt actually "patched". however the call to the function that would usually return a pseudo-random number is overwritten with a "MOV SOMEREGISTER, 0x33" statement.

knowing the seed in advance enables you to decrypt and re-encrypt packets that are encrypted.

[pushedx]

To expand on what bheaven said, back before I wrote a full Silkroad Security API, you could only emulate the C->S security state, but not the S->C state. To get around that, I changed the client's pseudo random value of the DH Key Exchange (secret 'a' of Alice in their table) so my server could decrypt the packets. The whole point of the key exchange is that a is unknown, so by making it known, the middleman app could break into the streams (since secret 'b' was known on the server since we coded that.)

All this is unnecessary nowadays because my SecurityAPI fully supports client and server sides, but a lot of people were using sr33/edx33 based code which relied upon it, so the loader kept it for legacy reasons.