New type of detection for Eathena
Moderators: Moderators, Documentation Writers
-
- Noob
- Posts: 5
- Joined: 10 May 2008, 20:55
- Noob?: Yes
New type of detection for Eathena
Well is my fisrt post, and i am not speak english, just a little.
Today my favorite private server update his client, but now i CANT connect with Openkore full updated.
ok, i sniff my connection and catch this (CONNECT):
00000000 04 02 eb b5 fd da b0 04 01 6e 45 97 10 e0 39 be ........ .nE...9.
00000010 af 44 64 00 14 00 00 00 75 73 65 72 31 32 33 34 .Dd..... user1234
00000020 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5....... ........
00000030 70 61 73 73 31 32 33 34 35 00 00 00 00 00 00 00 pass1234 5.......
00000040 00 00 00 00 00 00 00 00 0e ........ .
well i modify the client with a hex editor (real items) and i catch this (NOT CONNECT):
00000000 04 02 fa 09 bd d2 8d fb 1b a9 2c 11 84 a4 06 15 ........ ..,.....
00000010 49 78 64 00 14 00 00 00 75 73 65 72 31 32 33 34 Ixd..... user1234
00000020 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5....... ........
00000030 70 61 73 73 31 32 33 34 35 00 00 00 00 00 00 00 pass1234 5.......
00000040 00 00 00 00 00 00 00 00 0e ........ .
ok, is easy to see that the master and server version dont have change.. but the client add a strange string in the begin:
04 02 eb b5 fd da b0 04 01 6e 45 97 10 e0 39 be af 44
and in the modified client:
04 02 fa 09 bd d2 8d fb 1b a9 2c 11 84 a4 06 15 49 78
So.. i think that THIS string is the problem that my openkore cant connect..
Openkore say that master and server version are incorrects when i try to connect.
I read in this forum a korean player that have problems with a "new kro implementation, client modified warnings".
I think that this string is a Client Hash.. but i dont know HOW i can put this string in my openkore loging.
I think that developers can tellme how i can put this string in my openkore logon thread.
Maybe this can cause problems in many other privates servers..
Really thanks in advance, and i dont have problem to read english.. just my writed english is bad.
Today my favorite private server update his client, but now i CANT connect with Openkore full updated.
ok, i sniff my connection and catch this (CONNECT):
00000000 04 02 eb b5 fd da b0 04 01 6e 45 97 10 e0 39 be ........ .nE...9.
00000010 af 44 64 00 14 00 00 00 75 73 65 72 31 32 33 34 .Dd..... user1234
00000020 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5....... ........
00000030 70 61 73 73 31 32 33 34 35 00 00 00 00 00 00 00 pass1234 5.......
00000040 00 00 00 00 00 00 00 00 0e ........ .
well i modify the client with a hex editor (real items) and i catch this (NOT CONNECT):
00000000 04 02 fa 09 bd d2 8d fb 1b a9 2c 11 84 a4 06 15 ........ ..,.....
00000010 49 78 64 00 14 00 00 00 75 73 65 72 31 32 33 34 Ixd..... user1234
00000020 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5....... ........
00000030 70 61 73 73 31 32 33 34 35 00 00 00 00 00 00 00 pass1234 5.......
00000040 00 00 00 00 00 00 00 00 0e ........ .
ok, is easy to see that the master and server version dont have change.. but the client add a strange string in the begin:
04 02 eb b5 fd da b0 04 01 6e 45 97 10 e0 39 be af 44
and in the modified client:
04 02 fa 09 bd d2 8d fb 1b a9 2c 11 84 a4 06 15 49 78
So.. i think that THIS string is the problem that my openkore cant connect..
Openkore say that master and server version are incorrects when i try to connect.
I read in this forum a korean player that have problems with a "new kro implementation, client modified warnings".
I think that this string is a Client Hash.. but i dont know HOW i can put this string in my openkore loging.
I think that developers can tellme how i can put this string in my openkore logon thread.
Maybe this can cause problems in many other privates servers..
Really thanks in advance, and i dont have problem to read english.. just my writed english is bad.
Last edited by ChileanBoter on 11 May 2008, 17:51, edited 2 times in total.
Re: New type of detection for Eathena
I believe this is a client side thing isn't it?
If its serverside, im not sure if eA already supports this
If its serverside, im not sure if eA already supports this
-
- Noob
- Posts: 5
- Joined: 10 May 2008, 20:55
- Noob?: Yes
Re: New type of detection for Eathena
Is a client implementaton, but Ea adapted his emulator to this thing.
Ea is supporting this, i actually play in atlantisRO(ea)
So i sniffed the connection and discover this thing
I established a manually connection whith the server, with a C++ socket.
I put the strings like my client do, and i CAN connect.
So i think that if is possible ADD this string, in my openkore.. will be possible connect to the server.
Thanks in advance
Ea is supporting this, i actually play in atlantisRO(ea)
So i sniffed the connection and discover this thing
I established a manually connection whith the server, with a C++ socket.
I put the strings like my client do, and i CAN connect.
So i think that if is possible ADD this string, in my openkore.. will be possible connect to the server.
Thanks in advance
Re: New type of detection for Eathena
ok so if a client wants to connect it has to send the HASH (or whatever you call it), username and password?
If you could issolate the packets switche(s) used and lengths and post more info that'd be great.
And if you can, a way to send these packets properly
None of our devs play on these servers that utilize this, so its gonna be hard for us to fix this
If you could issolate the packets switche(s) used and lengths and post more info that'd be great.
And if you can, a way to send these packets properly
None of our devs play on these servers that utilize this, so its gonna be hard for us to fix this
-
- Noob
- Posts: 5
- Joined: 10 May 2008, 20:55
- Noob?: Yes
Re: New type of detection for Eathena
But, ¿exist a method to add THIS string in the begin of the connection?
¿it's only possible by changing the source and recompile them?
The first packet that normally Kore send is (in Blue):
00000000 04 02 eb b5 fd da b0 04 01 6e 45 97 10 e0 39 be ........ .nE...9.
00000010 af 44 64 00 14 00 00 00 75 73 65 72 31 32 33 34 .Dd..... user1234
00000020 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5....... ........
00000030 70 61 73 73 31 32 33 34 35 00 00 00 00 00 00 00 pass1234 5.......
00000040 00 00 00 00 00 00 00 00 0e ........ .
This is the only "abnormal" packet (just the red string) that my client send.. just the first packet, so I know that if I modified this packet, Kore can connect without problems.
I say it's a Client Hash, because if I did a HEx modify in the client, the abnormal string (HASH) change inmediately in the Wireshark/sniifer logs.
So my question is, ¿exist a method to add THIS string in the begin of the connection, without modify the source of openkore and recompile them?
or , in the soruce, ¿what is the most easy way to ADD them?
Thanks in advance
¿it's only possible by changing the source and recompile them?
The first packet that normally Kore send is (in Blue):
00000000 04 02 eb b5 fd da b0 04 01 6e 45 97 10 e0 39 be ........ .nE...9.
00000010 af 44 64 00 14 00 00 00 75 73 65 72 31 32 33 34 .Dd..... user1234
00000020 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5....... ........
00000030 70 61 73 73 31 32 33 34 35 00 00 00 00 00 00 00 pass1234 5.......
00000040 00 00 00 00 00 00 00 00 0e ........ .
This is the only "abnormal" packet (just the red string) that my client send.. just the first packet, so I know that if I modified this packet, Kore can connect without problems.
I say it's a Client Hash, because if I did a HEx modify in the client, the abnormal string (HASH) change inmediately in the Wireshark/sniifer logs.
So my question is, ¿exist a method to add THIS string in the begin of the connection, without modify the source of openkore and recompile them?
or , in the soruce, ¿what is the most easy way to ADD them?
Thanks in advance
Re: New type of detection for Eathena
Theoretically the hash shouldn't change unless they update the client itself (as in sakexe). Modifying the source is a quick fix.
cs : ee : realist
-
- Noob
- Posts: 5
- Joined: 10 May 2008, 20:55
- Noob?: Yes
Re: New type of detection for Eathena
exactly, that's the point.sli wrote:Theoretically the hash shouldn't change unless they update the client itself (as in sakexe). Modifying the source is a quick fix.
-
- Noob
- Posts: 5
- Joined: 10 May 2008, 20:55
- Noob?: Yes
Re: New type of detection for Eathena
sli wrote:So uh... there ya go. Problem solved.
But.. did you read my question or what man?..So my question is, ¿exist a method to add THIS string in the begin of the connection, without modify the source of openkore and recompile them?
or , in the soruce, ¿what is the most easy way to ADD them?
if you dont want help, just say it.. dont problem, but my problem is not solved.
any help is welcome
Re: New type of detection for Eathena
The problem IS solved, we're just not handholding your way through it. It's not like we've memorized the source.
You just need to pack() that data and stick it in the login packet. Chances are the login stuff is handled in whatever servertype you're using (which is in /src/Network/Send/). These are things we need to know when dealing with network stuff, otherwise we can't really help outside of simply telling you the solution.
You just need to pack() that data and stick it in the login packet. Chances are the login stuff is handled in whatever servertype you're using (which is in /src/Network/Send/). These are things we need to know when dealing with network stuff, otherwise we can't really help outside of simply telling you the solution.
cs : ee : realist