Register for your free account! | Forgot your password?

Go Back   elitepvpers > Popular Games > Silkroad Online > SRO Private Server > SRO PServer Questions & Answers
How to completely remove captcha system VSRO188 How to completely remove captcha system VSRO188
You last visited: Today at 15:04

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

How to completely remove captcha system VSRO188

Discussion on How to completely remove captcha system VSRO188 within the SRO PServer Questions & Answers forum part of the SRO Private Server category.

Reply
 
Old   #1
 
iZexo's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Mar 2016
Posts: 79
Received Thanks: 33
Question How to completely remove captcha system VSRO188

I found a thread to remove it from Chernobyl but unfortunately link dead (gatewayserver modified no captcha).
Anyway, i just want to know how to modify gatewayserver and disable it.

Thanks in advance.
iZexo is offline  
Old 03/02/2021, 16:11   #2
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jan 2009
Posts: 314
Received Thanks: 685
The login process in the GatewayServer is actually quite complex because it talks with both the GlobalManager and an AgentServer before handing out a successful Login acknowledge (0xA102).

I don't know how Chernobyl did it but from what I know the cleanest way is to replace the IBUV_GENERATE_REQ in the FIND_CONTENT_USER_ACK handler with code that sends a USER_VALIDATION_SUCCESS_REQ to the GlobalManager which would originally be sent only after the IBUV has been answered correctly.

The the function that calls IBUV_GENERATE_REQ is called from 0x00405CF5.

This is what the reverse engineered code from the actual place where the USER_VALIDATION_SUCCESS_REQ is sent looks like.
(at around 0x00406BB1)

Code:
      pMsgUserValidationSuccessReq = g_NetEngine->vftbl_0->CNetEngine::NewMsg(g_NetEngine, 0);
      *pMsgUserValidationSuccessReq->m_pID = 0x6112;// USER_VALIDATION_SUCCESS_REQ
      if ( pCertParam->m_szUsername.capacity < 0x10u )
        m_szUsername.c_str() = (const CHAR *)&pCertParam->m_szUsername.field1;
      else
        m_szUsername.c_str() = (const CHAR *)pCertParam->m_szUsername.field1;
      CMsg::WriteString(dwNumberOfBytesWritten, m_szUsername.c_str(), pMsgUserValidationSuccessReq);
      if ( !CServerProcessBase::SendRelayReq(
              (CServerProcessBase *)this,
              pMsgUserValidationSuccessReq,
              g_pServerBodyOfMyself->pDivision->DivisionManagerBodyID,
              0,
              0,
              pCertParam) )
      {
        pMsgLoginAck = g_NetEngine->vftbl_0->CNetEngine::NewMsg(g_NetEngine, 0);
        *pMsgLoginAck->m_pID = 0xA102u;         // LOGIN_ACK
        HIWORD(a3a) = '\x06\x02';
        CMsg::Write(1u, pMsgLoginAck, (char *)&a3a + 2);// 0x02
        CMsg::Write(1u, pMsgLoginAck, (char *)&a3a + 3);// 0x06
        g_NetEngine->vftbl_0->CNetEngine::SendMsg(g_NetEngine, pCertParam->m_SessionID, pMsgLoginAck);
        g_NetEngine->vftbl_0->CNetEngine::FreeMsg(g_NetEngine, pMsgLoginAck);
        g_NetEngine->vftbl_0->CNetEngine::DisconnectSessionById(g_NetEngine, pCertParam->m_SessionID, 1);
        sub_414410(&a1, (int)pCertParam);       // frees pCertParam
      }
It's a lot of code to write in assembly so if you want to keep your sanity write a C++ detour hook dll thingy. If you have no idea what any of this means stick to your filter sending the default captcha code. This is by no means an easy task.
DaxterSoul is offline  
Thanks
1 User
Old 03/04/2021, 11:40   #3
 
iZexo's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Mar 2016
Posts: 79
Received Thanks: 33
Quote:
Originally Posted by DaxterSoul View Post
The login process in the GatewayServer is actually quite complex because it talks with both the GlobalManager and an AgentServer before handing out a successful Login acknowledge (0xA102).

I don't know how Chernobyl did it but from what I know the cleanest way is to replace the IBUV_GENERATE_REQ in the FIND_CONTENT_USER_ACK handler with code that sends a USER_VALIDATION_SUCCESS_REQ to the GlobalManager which would originally be sent only after the IBUV has been answered correctly.

The the function that calls IBUV_GENERATE_REQ is called from 0x00405CF5.

This is what the reverse engineered code from the actual place where the USER_VALIDATION_SUCCESS_REQ is sent looks like.
(at around 0x00406BB1)

Code:
      pMsgUserValidationSuccessReq = g_NetEngine->vftbl_0->CNetEngine::NewMsg(g_NetEngine, 0);
      *pMsgUserValidationSuccessReq->m_pID = 0x6112;// USER_VALIDATION_SUCCESS_REQ
      if ( pCertParam->m_szUsername.capacity < 0x10u )
        m_szUsername.c_str() = (const CHAR *)&pCertParam->m_szUsername.field1;
      else
        m_szUsername.c_str() = (const CHAR *)pCertParam->m_szUsername.field1;
      CMsg::WriteString(dwNumberOfBytesWritten, m_szUsername.c_str(), pMsgUserValidationSuccessReq);
      if ( !CServerProcessBase::SendRelayReq(
              (CServerProcessBase *)this,
              pMsgUserValidationSuccessReq,
              g_pServerBodyOfMyself->pDivision->DivisionManagerBodyID,
              0,
              0,
              pCertParam) )
      {
        pMsgLoginAck = g_NetEngine->vftbl_0->CNetEngine::NewMsg(g_NetEngine, 0);
        *pMsgLoginAck->m_pID = 0xA102u;         // LOGIN_ACK
        HIWORD(a3a) = '\x06\x02';
        CMsg::Write(1u, pMsgLoginAck, (char *)&a3a + 2);// 0x02
        CMsg::Write(1u, pMsgLoginAck, (char *)&a3a + 3);// 0x06
        g_NetEngine->vftbl_0->CNetEngine::SendMsg(g_NetEngine, pCertParam->m_SessionID, pMsgLoginAck);
        g_NetEngine->vftbl_0->CNetEngine::FreeMsg(g_NetEngine, pMsgLoginAck);
        g_NetEngine->vftbl_0->CNetEngine::DisconnectSessionById(g_NetEngine, pCertParam->m_SessionID, 1);
        sub_414410(&a1, (int)pCertParam);       // frees pCertParam
      }
It's a lot of code to write in assembly so if you want to keep your sanity write a C++ detour hook dll thingy. If you have no idea what any of this means stick to your filter sending the default captcha code. This is by no means an easy task.
Thanks for replying I appreciate it.
I understand its hard to do (for beginners) with assembly,
So C++ packet filter is the easiest way.
iZexo is offline  
Old 03/04/2021, 17:11   #4

 
Otakanikaru's Avatar
 
elite*gold: 133
The Black Market: 1/0/0
Join Date: Nov 2013
Posts: 454
Received Thanks: 455
I do It like this on
Code:
async function AutoCaptcha({ stream, config }, packet) {
    const { writer } = stream;

    const write = new writer();
    write.string(config.CAPTCHA);

    return {
        packet: {
            ...packet,
            encrypted: false,
            opcode: 0x6323,
            data: write.toData()
        },
        target: 'remote'
    };
}

export default AutoCaptcha;
then just import it in gatewayserver config context like in this file:

0x2322: 'AutoCaptcha',
Otakanikaru is offline  
Old 03/09/2021, 12:58   #5
 
amrsmooth's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Feb 2012
Posts: 59
Received Thanks: 4
Quote:
Originally Posted by iZexo View Post
I found a thread to remove it from Chernobyl but unfortunately link dead (gatewayserver modified no captcha).
Anyway, i just want to know how to modify gatewayserver and disable it.

Thanks in advance.
I think that you can use filter to remove the captcha from login vsro proxy does support that if I'm not mistaken
amrsmooth is offline  
Old 01/28/2023, 12:18   #6
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Apr 2021
Posts: 87
Received Thanks: 75
No need for filter at all




// VSRO 188 / 274(208) IBUV Bypass
GatewayServer.exe

*(int*)(0x0040509C + 1) = 0x00406E30;
torachiyo is offline  
Thanks
1 User
Old 01/15/2024, 13:05   #7
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jun 2022
Posts: 23
Received Thanks: 5
Quote:
Originally Posted by torachiyo View Post
No need for filter at all




// VSRO 188 / 274(208) IBUV Bypass
GatewayServer.exe

*(int*)(0x0040509C + 1) = 0x00406E30;
Thanks, worked. Changed those bytes with IDA.
YuBeDev is offline  
Reply

« help in quest script | Damage Unique »

Similar Threads Similar Threads
Dark Heaven || Completely Redone || 110Cap | Wanted System | New Jobbing System
07/13/2014 - SRO PServer Advertising - 268 Replies
http://i.epvpimg.com/VP6dd.png Prologue Here we go guys. A completely re-imagined server. We are here to announce the launch of Dark Heaven Online. We on the Dark Heaven team wanted to bring to those that remember the original SRO and the feeling of community, yet add spice to the game and focus on the major things that made Silkroad, the game that we all loved. - Our goal of creating such game server is to establish a decent, stable, fun and self sufficient server for those who are...
How to remove captcha completely
05/21/2014 - SRO Private Server - 2 Replies
Hello, Is anyone know how to remove captcha from login? Thank you
[Request Help] Remove mobs / remove eur items / remove npc
02/15/2013 - SRO Private Server - 0 Replies
Iam sure all now saies this guy is mad :D why not remove the db i want to know how i can remove mobs from samrkand and add alex mobs there and remove eur item from npc and drobs and remove some npcs ty guys _________________________ I see that there is too much help here it's my topic no.2 without any answer



All times are GMT +1. The time now is 15:05.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2025 elitepvpers All Rights Reserved.