K.a. obs noch akutell ist aber:
Packet decryption:
Code:
BYTE *DecryptPacket(BYTE *Packet, DWORD len) {
BYTE KeyIndex, curKey, lastByte;
DWORD i;
KeyIndex = *(CryptInfo + 0x115);
lastByte = 0;
for(i = 0; i < len; i++) { //return the key to the initial state
KeyIndex--;
if(KeyIndex == 0xFF) //-1, bytes are unsigned
KeyIndex = 39;
}
for(i = 0; i < len; i++) {
curKey = *(*(BYTE **)(CryptInfo + 0x11C) + KeyIndex);
tmp = *(Packet + i);
*(Packet + i) = (*(Packet + i ) - lastByte)) ^ curKey;
lastByte = tmp;
}
return Packet;
}
Crypt Info
Code:
typedef struct WoWKeyIndex {
BYTE Index;
BYTE LastByte;
BYTE CryptLen;
} WoWKeyIndex;
typedef struct WoWCryptInfo {
BYTE IsCrypted;
WoWKeyIndex SendKey;
WoWKeyIndex RecvKey;
BYTE KeyLen;
char *Key;
} WoWCryptInfo;
typedef struct WoWClientOP {
WORD Size;
DWORD Code;
BYTE Data[MAX_PACKET_LEN];
} WoWClientOP;
typedef struct WoWServerOP {
WORD Size;
WORD Code;
BYTE Data[MAX_PACKET_LEN];
} WoWServerOP;
Ansonsten kannst du dich mit WoW Emulatoren befassen.
Quote:
Originally Posted by AlexM
And yes, you can "sniff" the encryption in the packets. That's basically how emulated servers are able to encrypt/decrypt packets. Someone went through with a disassembler and/or debugger, figured out the encryption in ASM, and finally converted it to C/C++/etc.
|