Page 1 of 79

Usage: Packet Extractor v3

Posted: 07 Jan 2011, 21:28
by kLabMouse
From last time, when all known Packet Extractors failed on kRO targets... I came out with a little PoC code to make more universal way of extracting packets.
It's called 'PacketExtractor v3'. ;)

Well, As It says, it's just a Proof of Concept. So I need Reports on targets where it fails to Extract packets. :D

Usage:
1) Download and unpack Packet Extractor v3 (use "Download Snapshot")
2) Download start.exe and XSTools.dll from http://misc.openkore.com and unpack to the same folder where packet_extract.pl is placed (optional)
3) copy target .exe file to the same folder where packet_extract.pl is placed
4) run "start.exe ! packet_extract.pl your_exe_name.exe" or "perl packet_extract.pl your_exe_name.exe" to generate extractor.exe
5) run "extractor.exe > recvpackets.txt" to save extracted packets to text file.

Have a nice Testing time :D


P.S. Oh... Yeah, Forgot to say.... this Extractor out Format only compatible with latest SVN versions of OpenKore.

Upd: 16.08.2011
Uploaded a new Version to SVN.
This Time, It's fully Refactored and tested against all targets from all possible servers from 2010.08 to 2011.08
Will update to support all latest targets too.

Upd: **.06.2012 (Somewhere around that date)
After Recent changes in binaries, Extractor fails to extract packets from most binaries that support "Shadow" table.
Someone, should pick where I left, and implement support for them too.

If the file size is more than 6 MB, it is not possible to extract recvpackets! (see).
Try use Packet Extraction Evaluation Kit (PEEK)


Links of download:
Ever_Rox Extractor (ever_boy_ and ROX_Leopardo)
JCV's RO Tools v1.0.3
OpenKore Packet Length Extractor v1.1.0
Packet Extractor v3 (kLabMouse)
Packet Extraction Evaluation Kit (by Yommy and Neo)

Re: Usage: Packet Extractor v3

Posted: 10 Jan 2011, 04:02
by willieata
yep , i uesd it step by step
but i have one error line
cannot find current script 'openkore.pl' at start.pl line 130
what's the problem? i used SVN latest verison

thanks for your teaching

Re: Usage: Packet Extractor v3

Posted: 11 Jan 2011, 04:14
by maemae2k7
I'm a noob in this things but i had a background about scripting but sir can you help me.. I can't get it right in procedure #4 and 5 :( what should i run? please help me.. i want to extract old school ro packet >.< tnx sir in advance..

Re: Usage: Packet Extractor v3

Posted: 11 Jan 2011, 16:05
by kLabMouse
maemae2k7 wrote:I'm a noob in this things but i had a background about scripting but sir can you help me.. I can't get it right in procedure #4 and 5 :( what should i run? please help me.. i want to extract old school ro packet >.< tnx sir in advance..
Well. I tested on my PC only, with Perl 5.12 Installed.
Also, the syntax for step (4) and (5) where back-ported to use start.exe.

Re: Usage: Packet Extractor v3

Posted: 11 Jan 2011, 16:11
by kLabMouse
kLabMouse wrote:
maemae2k7 wrote:I'm a noob in this things but i had a background about scripting but sir can you help me.. I can't get it right in procedure #4 and 5 :( what should i run? please help me.. i want to extract old school ro packet >.< tnx sir in advance..
Well. I tested on my PC only, with Perl 5.12 Installed.
Also, the syntax for step (4) and (5) where back-ported to use start.exe.
For thus steps (If you don't have Perl Installed) you should open CMD line first, and don't forget for " ! " mark.

Re: Usage: Packet Extractor v3

Posted: 11 Jan 2011, 22:51
by willieata
Sorry, i sloved the problem by myself
thanks you :D

Re: Usage: Packet Extractor v3

Posted: 12 Jan 2011, 02:54
by maemae2k7
willieata wrote:yep , i uesd it step by step
but i have one error line
cannot find current script 'openkore.pl' at start.pl line 130
what's the problem? i used SVN latest verison

thanks for your teaching
how do you solve your problem sir? can't get it >.<

Re: Usage: Packet Extractor v3

Posted: 12 Jan 2011, 03:19
by maemae2k7
D:\Documents>perl D:\Documents\NewFolder\branches\v3\packet_extract.pl Os-RO.exe

Can't locate Disassemble/X86.pm in @INC (@INC contains: D:/strawberry/perl/site/
lib D:/strawberry/perl/vendor/lib D:/strawberry/perl/lib .) at D:\Documents\NewF
older\branches\v3\packet_extract.pl line 20.
BEGIN failed--compilation aborted at D:\Documents\NewFolder\branches\v3\packet_e
xtract.pl line 20.
i go this error if i use perl?
C:\Documents and Settings\ivan>D:\Documents\NewFolder\branches\v3\start.exe ! pa
cket_extract.pl Os-RO.exe
Cannot find current script 'packet_extract.pl' at start.pl line 130

C:\Documents and Settings\ivan>
and this one if i use "!"?

Re: Usage: Packet Extractor v3

Posted: 12 Jan 2011, 07:17
by carlojoy23
me too thats my problem

Re: Usage: Packet Extractor v3

Posted: 13 Jan 2011, 11:02
by kLabMouse
3) copy target .exe file to the same folder where packet_extract.pl is placed