idRO Not Working after 27-01-2010 | All Version

Message

#51 Post by **kali** » 16 Mar 2010, 10:47

Where does the key originate?

If the client is in charge of making its own keys, then a randomized key should work.

#52 Post by **kLabMouse** » 16 Mar 2010, 10:57

kali wrote:Where does the key originate?

If the client is in charge of making its own keys, then a randomized key should work.

well. the thing is:
1) the xyz.cfg hold a SECRET
2) SECRET used to HANDSHAKE with Server (timeout 5 sec. 3 tries).
3) If first time HANDSHAKE, the Secret do not change
4) the Permutation table is generated out of SECRET
5) go to (2).

#53 Post by **h4rry84** » 16 Mar 2010, 22:17

the xyz.cfg also holds off a binary check key of the client, to check whether the client being hex or not.

michaelaw · #54 Post by **michaelaw** » 17 Mar 2010, 08:15

@ToXCiL the table you gave us really works, thank you.

This 17-3-2010 still uses the 10-3-2010 version of xyz and ragexe

xvanct · #55 Post by **xvanct** » 18 Mar 2010, 21:42

Update

Patch March 19, 2010

Code: Select all

http://www.4shared.com/file/244220399/1746eda0/dph.html
http://www.4shared.com/file/244224120/188cff6/dcfg.html

then,

#56 Post by **h4rry84** » 19 Mar 2010, 01:16

Ragexe.exe (dph.ldr hooked up, intead of xyz.dll) = http://www.enterupload.com/mgz66rxhiu5h/Ragexe.exe.html
dcfg folder (it seems some of the protection didn't get packed again) = http://www.enterupload.com/ou8jvujcp9z5/dcfg.rar.html
dph.ldr = http://www.enterupload.com/wkbxkgssy30x/dph.ldr.html

naildors · #57 Post by **naildors** » 20 Mar 2010, 00:48

i can't use WPE for capture regexe, and also Sniff
what should i do to have a new idro_enckey?

Ax3l · #58 Post by **Ax3l** » 20 Mar 2010, 18:29

First of all i want to ask in Toxcil thread, what is the different between Socket Snifer and WPE ?
Because i found some IP tracer then when i used combined with mapper.pl it says "Ada Data Yang Salah 00 A8". In my tools, there are many IP Address Len there are three of them Len 40, 60 and 63 which one i should have to structure the table ?

michaelaw · #59 Post by **michaelaw** » 21 Mar 2010, 06:54

oh one more, the also hid the ragexe process from the sniffer, but the process still visible in task manager

and now, idRO have to be run as administrator or else the delphine says could not initialize module : access denied

michaelaw · #60 Post by **michaelaw** » 21 Mar 2010, 12:47

Ax3l wrote:First of all i want to ask in Toxcil thread, what is the different between Socket Snifer and WPE ?
Because i found some IP tracer then when i used combined with mapper.pl it says "Ada Data Yang Salah 00 A8". In my tools, there are many IP Address Len there are three of them Len 40, 60 and 63 which one i should have to structure the table ?

The difference is :

WPE : Capture the clean packet received by the client itself (after decoded by Delphine) (DC 01 xx xx xx )

Sniffer : Capture the raw packet before received by the client (before decoded by Delphine) (AA BB DD xx xx xx / 91 7F xx xx xx, etc.)

the mapper function itself is to find the pattern between the same WPE capture and the sniffer

but now, LYTO had hid the ragexe.exe process from the other program and also deploys a "Scanner" in the new version of Delphine

Openkore.com

idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version

Re: idRO Not Working after 27-01-2010 | All Version