Re: a few questions for Fr3DBr & kLabMouse
Posted: 20 Jan 2012, 10:36
Such updates do happen on their own as well, even without any client updates.kLabMouse wrote:Deprecated packets cause DC
Such updates do happen on their own as well, even without any client updates.kLabMouse wrote:Deprecated packets cause DC
It's because of The Server nature. Looks like from the last time, they started to add handlers for old and new packets.EternalHarvest wrote:Such updates do happen on their own as well, even without any client updates.kLabMouse wrote:Deprecated packets cause DC
Cool, tbh, I've always wanted to learn how to do such things but never really knew where to start.kLabMouse wrote:OK. Well this was something like this:
1) Client.exe -> Dump memory
2) Locate Networking Functions
3) Locate Encryption
4) Reverse it, see where it innit's and how it works
5) Make a little .asm file that output's key's to check against perl implementation that FR3DbR made
6) Fail again Because of Numeric Int overload
7) Make a solution using BigInt
8) Fail Again because of Deprecated packets and Packet ID randomizations
9) Diff RecvPackets to get the Randomization, Like I did back in old times, when I was working with our old Developer: heero.
10) Bingo, now it's more stable
11) Find out, that Deprecated packets cause DC and possible Ban. Damn
12) FR3DbR Implements new functions and changed packet ID's. Good to go, wait for next version
13) Make some HEX patterns to locate functions more easy.
14) On new .exe -> Goto Step (1), Repeat only necessary steps.
Oh. IC. Well I did this long time ago. Remember? thus Packets that we tried to gather their internal structures?Technology wrote: Cool, tbh, I've always wanted to learn how to do such things but never really knew where to start.
Implementation itself is no problem, the hard part is finding out what the client does, so you can mimic it.
If only some kind of indepth walktrough explained this process (as an example) with every step explained in used tools etc...
That would be awesome because it would provide some kind of "entry point" into the world of cracking the RO client's network handling.
Maybe a program can be made that extracts the encryption keys?Fr3DBr wrote:Yeah and they guarantee no possible old versions of client gonna work, by changing the encryption keys every update.
So if something, uses a 'deprecated' packet, it is detected.
Hmm, yes I remember you were doing that.kLabMouse wrote:Oh. IC. Well I did this long time ago. Remember? thus Packets that we tried to gather their internal structures?Technology wrote: Cool, tbh, I've always wanted to learn how to do such things but never really knew where to start.
Implementation itself is no problem, the hard part is finding out what the client does, so you can mimic it.
If only some kind of indepth walktrough explained this process (as an example) with every step explained in used tools etc...
That would be awesome because it would provide some kind of "entry point" into the world of cracking the RO client's network handling.
And used tools are simple: IDA + PE Editor (to just Dump the process) + MS Network Monitor
This is not too hard =P, but i do work like kLab, so my time is the main problem .Technology wrote:Maybe a program can be made that extracts the encryption keys?Fr3DBr wrote:Yeah and they guarantee no possible old versions of client gonna work, by changing the encryption keys every update.
So if something, uses a 'deprecated' packet, it is detected.
And also a plugin for kore that detects that there is a new client available? (warning kore that it is unsafe to log in)
Hey, every contribution kore can get is awesome.Fr3DBr wrote:This is not too hard =P, but i do work like kLab, so my time is the main problem .Technology wrote:Maybe a program can be made that extracts the encryption keys?Fr3DBr wrote:Yeah and they guarantee no possible old versions of client gonna work, by changing the encryption keys every update.
So if something, uses a 'deprecated' packet, it is detected.
And also a plugin for kore that detects that there is a new client available? (warning kore that it is unsafe to log in)
I know i am not doing 1% of all what you did here, but i try to do what i can in my spare time =).