bRO maintenance 03/07 update (svn patchs included)

[uPantcho]

download link:
http://upantcho.com/opk0307.rar


you can extract on your root folder (same as openkore.pl file is located) and overwrite files or apply the two SVN patches (one for openkore and other for tablepack)

changes:

updated encryption keys
updated packets
updated sync_received_ex method (no more disconnects every 10 minutes)







the svn patchs are also here:
openkore
http://pastebin.com/N5vHgUpb

tablepack
http://pastebin.com/MMsGFmEW

[uPantcho]

this situation is funny


i posted the update AND the diffs at 17:59, brazilian time (exactly 1 minute after the server went online)


my update makes the bot work 100%. also i removed the 10-min timeout disconect

then at 18:16 Fr3DBr updates the svn, making useless changes once again (probalby to break my svn patch?) and goes so far as trying to hide the keys using semi-null calculations!


i can be more exact. saturday i posted a "workaround" solution for the openkore and on the same day fred update the openkore, but this time there was something strange...

but lets do it on a timeline

openkore svn 7951

Code: Select all

$enc_val1 = Math::BigInt->new('0x737D211C');
$enc_val2 = Math::BigInt->new('0x38424E43');
$enc_val3 = Math::BigInt->new('0x456F57EF');

then i released the "work around" saturday and on the same day he released the update 7958, lets look at the code:

Code: Select all

# K
$enc_val1 = Math::BigInt->new('0x00000000BF63E862')->bxor(0xFFFFFFFF);
# M
$enc_val3 = Math::BigInt->new('0x00000000807EC6ED')->bxor(0xFFFFFFFF);
# A
$enc_val2 = Math::BigInt->new('0x00000000ABE5F430')->bxor(0xFFFFFFFF);

i m not afraid of admit that i'm a noob. but there is a LOT of zeros on that and a useless operation "->bxor(0xFFFFFFFF)".

funny enough, if you manually do that operations (windows calc, programmer mode, XOR operation) you are going to get, in order:
409C179D
7F813912
541A0BCF

now here is the unpacked ragexe of that week:
http://upantcho.com/ragexe2902unpack.rar

if you open on a disassembler (i used w32dasm) and look for "packet_cz", right above you'll find the 3 keys:



is exactly the 3 keys in the order "2 3 1"


so in the 7960 release he changed the subs name AGAIN (trying to break my patch i assume?)

also he put more random operations to "hide" the key:

Code: Select all

# K
$enc_val1 = Math::BigInt->new('0x737DDEB6BC00')->bdec()->bxor(0xFFAABBFF)->brsft(16);
# M
$enc_val3 = Math::BigInt->new('0x456FA845BC00')->bdec()->bxor(0xFFAABBFF)->brsft(16);
# A
$enc_val2 = Math::BigInt->new('0x3842B1E9BC00')->bdec()->bxor(0xFFAABBFF)->brsft(16);

if someone do all that operations the result will be the same as my code (aka EXACTLY how is on the ragnarok client)

Code: Select all

	# K
	$enc_val1 = Math::BigInt->new('0x737D211C');
	# M
	$enc_val3 = Math::BigInt->new('0x456F57EF');
	# A
	$enc_val2 = Math::BigInt->new('0x38424E43');

and finally he released the 7961 updated (to avoid the 10 minutes disconect) but has.... 80 more lines?



so, know that i know all the way to make the bot work every maintenance and i just proved that Fr3DBr was trying to hide the keys i want to ask if someone is still going to say:
"you are a leecher"
"you should study RCE"

also, i want to know if someone is BLIND enough to not see that i'm right on this!


but i have to thank you Fr3DBr!
when you tried to hide the keys using that first XOR you actually gave me a hint of what should i search for

[Fr3DBr]

No problem, seens you are Studying then ?

Good luck, see you in the next LUG Method and i will wait to see if you are capable without your friend "Illusion" to find out this stuff yourself !

More 80 Lines ? Isn't you the King of RCE ? So learn what they are for now

[Fr3DBr]

Also please remove your ragexe link from here, since warez is not allowed.

[uPantcho]

Also please remove your ragexe link from here, since warez is not allowed.

no, on the official forum they allow us to mirror the files (i.e. when people have trouble updating they do that)


also, the original file downloaded by the patch (packed and on the extension used by the patch downloader) is here:
ftp://fpatch.levelupgames.com.br/patch/ ... Ragexe.rgz



really, i had give up cause it was troublesome for me unpack the file.

when you tried to hide the keys, it was obvious that they were the answer. my main problem is the need of the stripper to be on c:, thing that i wasnt doing

after that, looking for the keys was easier. they are always on top of "packet_cz"

also, to change the packets we just need to look the changes in the recvpackets.txt

oh, you forgot to update the use skill packet. the client is sending the 0x0923 (your bot works but i think is better use the same packet as the client, right?)

[Fr3DBr]

1) You can mirror original files, but not unpacked or dumped files, this is cracking/warez so against the rules.

2) As long the packet is not deprecated, its fine, since Aegis (The serverside) is MultiProtocol.

[uPantcho]

1) You can mirror original files, but not unpacked or dumped files, this is cracking/warez so against the rules.

ok, tell them to prosecute me. i'm taking the risk

[Sugoi]

Also please remove your ragexe link from here, since warez is not allowed.

lol this is getting pathetic.

Anyway, at least now we don't need to worry about you holding the update for some reason we can't figure why.

And about the friend, like someone said on the brazillian forum, this is one community, without help we can't grow or even maintain.

Oh and no one is claming to be king on any subject here, in fact I tried to help uPantcho with what i can and I both of us are well aware that people with more knowlage on reverse engneering can do this way faster and cleaner, uPantcho did most stuff on try and error and still got the results quickly, around 1 hour and half of work, i bet you did this in a matter of minutes, probably with some script ready to get the keys and the affected packets.

And relax, like happened on every update before this one, the community can manage to fix things without you, if you feel like leaving the project you will be missed, but openkore will work again on bRO at some point.

[Sugoi]

a bird told me that Fr3dBr will commit the update after each patch only after uPantcho release some kind of fix, well, its already proved that Fr3d was holding the commits for some reason that only he knows and now he wan'ts to try to "affect" someone by lauching the "official" update only after the "workaround". What kind of think people doing things like this do for the community? He is someone skilled? For sure, but WHY do this? Its clear he has the process almost automated? He prefer to hurt the community because of something so stupid

[uPantcho]

there is one last thing i would like to add

the last change made on the sync_request_ex method was made on jan 18. (before today)

so, on the best case scenario, that method was ok until jan 25.

from jan 25 to this day, march 7, it was not working and the result was the bot disconected every 10 minutes



today i put my solution for that AND the diff patch. 40 minutes later Fr3DBr updated the sync_request_ex on a totally different way.


from that, i can see 2 options:
1. he saw how my code works and rewrote everything
(this one is hard to believe because he added more packets than what the client is using right now)

2. he already had the code done and for an unknown reason never updated until today (what a coincidence, the same day as i posted one solution)



everyone, take the blinker off please