Page 1 of 2

How do we hide the work of ench.pl?

Posted: 17 Apr 2017, 06:34
by sctnightcore
How do we hide the work of ench.pl?


Image

Code: Select all

package xorHeader;

use Network::Send;
use Log qw (warning message debug error);
use Globals qw(%config $encryptVal $bytesSent $conState %packetDescriptions $enc_val1 $enc_val2 $char $masterServer $syncSync $accountID %timeout %talk);
Plugins::register("Encryption private", "Encrypt header", \&unencryptedMessageID2);

sub unencryptedMessageID2 {warning "UnencryptedMessageID2ing\n";}

sub loadKeys2 {
my ($self, $input, $tmp1, @keys);
my $self = shift;
$tmp1 = 0;   #initialize
open $input, "<plugins/xh.txt" or warnuser();
   while (<$input>) {
      if ($_ =~ /(1|2|3) = 0x(.{8})/ig) {
      $tmp += 1;
         $self->{encryption}->{crypt_key_1} = sprintf("08d", $2) if ($tmp eq 1);
         $self->{encryption}->{crypt_key_3} = sprintf("08d", $2) if ($tmp eq 2);
         $self->{encryption}->{crypt_key_2} = sprintf("08d", $2) if ($tmp eq 3);
      }
      next;
   }
close ($input);
$self->cryptKeys(@keys) if (exists $self->{encryption}->{crypt_key_3});
warning "Ench plugin requires keys to work..." if (exists $self->{encryption}->{crypt_key_3});
}

sub warnuser {
system("cls");
warning ("******Hello*******\n");
warning ("You need to create a file called \'xh.txt\' inside your plugins folder\n");
warning ("Please, insert the keys as the PEEK shown for you :\n");
warning ("[Packet Keys]\n");
warning ("1 = 0x11111111\n");
warning ("2 = 0x11111111\n");
warning ("3 = 0x11111111\n");
warning ("Then, create the file containing this last 3 lines above.\n");
warning ("Please Any question ask in openkore forum !\n");
error("Bye\n")
}

sub encryptedMessageID2 {
my ($self, $r_message) = @_;
loadKeys2($self);
if ($scenario eq "s1"|| $self eq "s1") {
   my $messageID = unpack("v", $$r_message);
      if ($self->{encryption}->{crypt_key_3}) {
        if (sprintf("%04X",$messageID) eq $self->{packet_lut}{map_login}) {
          $self->{encryption}->{crypt_key} = $self->{encryption}->{crypt_key_1};
        } elsif ($self->{net}->getState() != Network::IN_GAME) {
          # Turn off keys
          $self->{encryption}->{crypt_key} = 0; return;
        }
          
        # Checking if Encryption is Activated
        if ($self->{encryption}->{crypt_key} > 0) {
          # Saving Last Informations for Debug Log
          my $oldMID = $messageID;
          my $oldKey = ($self->{encryption}->{crypt_key} >> 16) & 0x7FFF;
          
          # Calculating the Encryption Key
          $self->{encryption}->{crypt_key} = ($self->{encryption}->{crypt_key} * $self->{encryption}->{crypt_key_3} + $self->{encryption}->{crypt_key_2}) & 0xFFFFFFFF;
        
          # Xoring the Message ID
          $messageID = ($messageID ^ (($self->{encryption}->{crypt_key} >> 16) & 0x7FFF)) & 0xFFFF;
          $$r_message = pack("v", $messageID) . substr($$r_message, 2);

          # Debug Log   
          debug (sprintf("Encrypted MID : [%04X]->[%04X] / KEY : [0x%04X]->[0x%04X]\n", $oldMID, $messageID, $oldKey, ($self->{encryption}->{crypt_key} >> 16) & 0x7FFF), "sendPacket", 0) if $config{debugPacket_sent};
        }
      } else {
        use bytes;
        if ($self->{net}->getState() != Network::IN_GAME) {
          $enc_val1 = 0;
          $enc_val2 = 0;
          return;
        }

        my $messageID = unpack("v", $$r_message);
        if ($enc_val1 != 0 && $enc_val2 != 0) {
          # Prepare encryption
          $enc_val1 = ((0x000343FD * $enc_val1) + $enc_val2)& 0xFFFFFFFF;
          debug (sprintf("enc_val1 = %x", $enc_val1) . "\n", "sendPacket", 2);
          # Encrypt message ID
          $messageID = ($messageID ^ (($enc_val1 >> 16) & 0x7FFF)) & 0xFFFF;
          $$r_message = pack("v", $messageID) . substr($$r_message, 2);
         }
      }
   }
}

*Network::Send::encryptMessageID = *encryptedMessageID2;
1;

Re: How do we hide the work of ench.pl?

Posted: 17 Apr 2017, 22:53
by SkylorD
Redownload my plugin again.
Return with feedbacks !

Re: How do we hide the work of ench.pl?

Posted: 03 Jun 2017, 17:33
by sctnightcore
SkylorD wrote:Redownload my plugin again.
Return with feedbacks !
pls updata
link is dead

Re: How do we hide the work of ench.pl?

Posted: 03 Jun 2017, 17:43
by sctnightcore

Re: How do we hide the work of ench.pl?

Posted: 08 Jun 2017, 19:25
by SkylorD
Oh yeah i've deleted since my plugin was'nt working . ;x

Re: How do we hide the work of ench.pl?

Posted: 08 Jun 2017, 19:30
by sctnightcore
SkylorD wrote:Oh yeah i've deleted since my plugin was'nt working . ;x
Encrypted MID : [0360]->[564C] / KEY : [0x4C17]->[0x552C]
Sent packet : 0360 [19 bytes]
The server has denied your connection.
//2015-11-04aRagexe
packet_ver: 55
packet_keys: 0x4C17382A,0x7ED174C9,0x29961E4F // [Winnie]
$self->cryptKeys(0x4C17382A, 0x7ED174C9, 0x29961E4F); not working
$self->cryptKeys(0x4C17382A, 0x29961E4F, 0x7ED174C9); not working

Re: How do we hide the work of ench.pl?

Posted: 08 Jun 2017, 19:32
by SkylorD
Should use straightly in ServerType, and not using my plugin, 'cause maybe you won't get inside of server.

Resuming :

If you want, try to extract the correct keys using PEEK's , if it's the same, good, try reverting the order and inserting in sT.

Re: How do we hide the work of ench.pl?

Posted: 08 Jun 2017, 19:36
by sctnightcore
SkylorD wrote:Should use straightly in ServerType, and not using my plugin, 'cause maybe you won't get inside of server.

Resuming :

Anyway, this topic is not yours, and if you want, try to extract the correct keys using PEEK's , if it's the same, good, try reverting the order and inserting in sT.
[myg0t]
ip 35.185.180.75
port 6900
private 1
master_version 10
version 55
serverType kRO_RagexeRE_2015_11_04a
serverEncoding Thai
charBlockSize 147
chatLangCode 0
addTableFolders kRO
http://35.185.180.75/flux/?module=news


I try peek the key is 0x4C17382A, 0x29961E4F, 0x7ED174C9

Re: How do we hide the work of ench.pl?

Posted: 09 Jun 2017, 00:29
by SkylorD
Hi nightcore.
When u see this thing, you've tested all keys combinations, it means that your serverType is wrong.
Check if it can enter inside map using 2013 packet, but with 2015 recvpacket

Re: How do we hide the work of ench.pl?

Posted: 09 Jun 2017, 00:45
by sctnightcore
SkylorD wrote:Hi nightcore.
When u see this thing, you've tested all keys combinations, it means that your serverType is wrong.
Check if it can enter inside map using 2013 packet, but with 2015 recvpacket


my name is sctnightcore :twisted: :twisted:

i try
kRO_RagexeRE_2013_08_07a with 2015 recvpacket
not working
Describe in a bit more detail.