idRO Not Working after 27-01-2010 | All Version
Moderators: Moderators, Developers
Re: idRO Not Working after 27-01-2010 | All Version
Where does the key originate?
If the client is in charge of making its own keys, then a randomized key should work.
If the client is in charge of making its own keys, then a randomized key should work.
Got your topic trashed by a mod?
Trashing topics is one click, and moving a topic to its proper forum is a lot harder. You expend the least effort in deciding where to post, mods expend the least effort by trashing.
Have a nice day.
Trashing topics is one click, and moving a topic to its proper forum is a lot harder. You expend the least effort in deciding where to post, mods expend the least effort by trashing.
Have a nice day.
Re: idRO Not Working after 27-01-2010 | All Version
well. the thing is:kali wrote:Where does the key originate?
If the client is in charge of making its own keys, then a randomized key should work.
1) the xyz.cfg hold a SECRET
2) SECRET used to HANDSHAKE with Server (timeout 5 sec. 3 tries).
3) If first time HANDSHAKE, the Secret do not change
4) the Permutation table is generated out of SECRET
5) go to (2).
Re: idRO Not Working after 27-01-2010 | All Version
the xyz.cfg also holds off a binary check key of the client, to check whether the client being hex or not.
-
- Human
- Posts: 27
- Joined: 29 Jun 2009, 10:45
- Noob?: No
- Location: IdRO, FnC, Payon, -AutoWarper- Headquarters
Re: idRO Not Working after 27-01-2010 | All Version
@ToXCiL the table you gave us really works, thank you.
This 17-3-2010 still uses the 10-3-2010 version of xyz and ragexe
This 17-3-2010 still uses the 10-3-2010 version of xyz and ragexe
Re: idRO Not Working after 27-01-2010 | All Version
Update
Patch March 19, 2010
then,
Patch March 19, 2010
Code: Select all
http://www.4shared.com/file/244220399/1746eda0/dph.html
http://www.4shared.com/file/244224120/188cff6/dcfg.html
Re: idRO Not Working after 27-01-2010 | All Version
Ragexe.exe (dph.ldr hooked up, intead of xyz.dll) = http://www.enterupload.com/mgz66rxhiu5h/Ragexe.exe.html
dcfg folder (it seems some of the protection didn't get packed again) = http://www.enterupload.com/ou8jvujcp9z5/dcfg.rar.html
dph.ldr = http://www.enterupload.com/wkbxkgssy30x/dph.ldr.html
dcfg folder (it seems some of the protection didn't get packed again) = http://www.enterupload.com/ou8jvujcp9z5/dcfg.rar.html
dph.ldr = http://www.enterupload.com/wkbxkgssy30x/dph.ldr.html
Re: idRO Not Working after 27-01-2010 | All Version
i can't use WPE for capture regexe, and also Sniff
what should i do to have a new idro_enckey?
what should i do to have a new idro_enckey?
Re: idRO Not Working after 27-01-2010 | All Version
First of all i want to ask in Toxcil thread, what is the different between Socket Snifer and WPE ?
Because i found some IP tracer then when i used combined with mapper.pl it says "Ada Data Yang Salah 00 A8". In my tools, there are many IP Address Len there are three of them Len 40, 60 and 63 which one i should have to structure the table ?
Because i found some IP tracer then when i used combined with mapper.pl it says "Ada Data Yang Salah 00 A8". In my tools, there are many IP Address Len there are three of them Len 40, 60 and 63 which one i should have to structure the table ?
-
- Human
- Posts: 27
- Joined: 29 Jun 2009, 10:45
- Noob?: No
- Location: IdRO, FnC, Payon, -AutoWarper- Headquarters
Re: idRO Not Working after 27-01-2010 | All Version
oh one more, the also hid the ragexe process from the sniffer, but the process still visible in task manager
and now, idRO have to be run as administrator or else the delphine says could not initialize module : access denied
and now, idRO have to be run as administrator or else the delphine says could not initialize module : access denied
-
- Human
- Posts: 27
- Joined: 29 Jun 2009, 10:45
- Noob?: No
- Location: IdRO, FnC, Payon, -AutoWarper- Headquarters
Re: idRO Not Working after 27-01-2010 | All Version
Ax3l wrote:First of all i want to ask in Toxcil thread, what is the different between Socket Snifer and WPE ?
Because i found some IP tracer then when i used combined with mapper.pl it says "Ada Data Yang Salah 00 A8". In my tools, there are many IP Address Len there are three of them Len 40, 60 and 63 which one i should have to structure the table ?
The difference is :
WPE : Capture the clean packet received by the client itself (after decoded by Delphine) (DC 01 xx xx xx )
Sniffer : Capture the raw packet before received by the client (before decoded by Delphine) (AA BB DD xx xx xx / 91 7F xx xx xx, etc.)
the mapper function itself is to find the pattern between the same WPE capture and the sniffer
but now, LYTO had hid the ragexe.exe process from the other program and also deploys a "Scanner" in the new version of Delphine