Packet Extractor Fix

[sli]

All I did was include Motivus's fix. Which is basically useless already. Point is, however, that it was fairly simple.

[pranavrules2008]

All I did was include Motivus's fix. Which is basically useless already. Point is, however, that it was fairly simple.

Crap.. This new exe is a pain in the behind.. It's annoying enough in-game already with the new fancy skill tree which is quite pathetic too..

[Motivus]

What exes use the new format? If I update kRO, will the exe use the new format?

[pranavrules2008]

download any server's exe. Private ones to be precise... Try DuskRO.. They've got the perfect example of an updated exe file
Download Link: http://patch.rto-server.net/DuskPatch.zip

Download that, extract the exe and try to use a packet extractor on the DuskRO.exe file.. It DOES NOT work..

The Packet extractor needs an update REAL FAST.. It's getting impossible to bot with the unknown packets occuring all the damn time

[Motivus]

the latest kRO exe is still using the old signature

Code: Select all

 c7 45 f8 87 01 00 00    mov dword [ebp-0x8],0x187

I patched to verify, and I even checked the renewal client because I've been poking around there.

download any server's exe. Private ones to be precise... Try DuskRO.. They've got the perfect example of an updated exe file
Download Link: http://patch.rto-server.net/DuskPatch.zip

Download that, extract the exe and try to use a packet extractor on the DuskRO.exe file.. It DOES NOT work..

The Packet extractor needs an update REAL FAST.. It's getting impossible to bot with the unknown packets occuring all the damn time

Openkore packet extractor dumped recv packets for that exe. here

I'm surprised. It was easy to compile. Here's the modified version (supports both old and new style clients) and source.

I meant Openkore's packet extractor, not JCV's. My python install is messed up and that's why I was unable to compile it.

[sli]

Download that, extract the exe and try to use a packet extractor on the DuskRO.exe file.. It DOES NOT work..

We still don't believe these lies.

[Motivus]

Updated JCV's tools to work with all existing official exes. Sli's compile left unicode compilation checked, and as a result no exes could have their packets extracted. I also fixed EBP-12 to EBP-C, my notation in the original post assumed decimal notation because that's what most disassemblers use (or they use 0xC to note hex), but JCV uses olly to disasm and it just writes hexadecimal numbers with nothing distinguishing them from decimals.

Source changes:

Code: Select all

    ; MOV DWORD PTR [EBP-C],187
    ; MOV DWORD PTR [EBP-8],187
    ; MOV DWORD PTR [EBP-8],64
    ; MOV DWORD PTR [EBP-C],64
    ; Find a unique identifier of packet length function
    If FindString(asmArray(total), "MOV DWORD PTR [EBP-C],187", 1) > 0 Or FindString(asmArray(total), "MOV DWORD PTR [EBP-8],187", 1) > 0  Or FindString(asmArray(total), "MOV DWORD PTR [EBP-8],64", 1) > 0 Or FindString(asmArray(total), "MOV DWORD PTR [EBP-C],64", 1) > 0

I wish I had more time and motivation to get the official packet extractor to compile, but I don't. JCV's works great and is more or less the same as official one but much easier to modify.

[pranavrules2008]

Download that, extract the exe and try to use a packet extractor on the DuskRO.exe file.. It DOES NOT work..

We still don't believe these lies.

Why would I lie??? What in GOD's name will i benefit from that??? Here.. Have a look at this screenshot:

http://img508.imageshack.us/my.php?imag ... 269ix2.jpg

That's what i get when i use Openkore's packet extractor.. :O

the latest kRO exe is still using the old signature

Code: Select all

 c7 45 f8 87 01 00 00    mov dword [ebp-0x8],0x187

I patched to verify, and I even checked the renewal client because I've been poking around there.

download any server's exe. Private ones to be precise... Try DuskRO.. They've got the perfect example of an updated exe file
Download Link: http://patch.rto-server.net/DuskPatch.zip

Download that, extract the exe and try to use a packet extractor on the DuskRO.exe file.. It DOES NOT work..

The Packet extractor needs an update REAL FAST.. It's getting impossible to bot with the unknown packets occuring all the damn time

Openkore packet extractor dumped recv packets for that exe. here

I'm surprised. It was easy to compile. Here's the modified version (supports both old and new style clients) and source.

I meant Openkore's packet extractor, not JCV's. My python install is messed up and that's why I was unable to compile it.

Hello there, I just used the JCV tool as well [the one from your post] and i got the following result:

Code: Select all

Loading executable file... DuskRO.exe
Executive code beginning at Virtual Address: 401000
Size Of Executive code: 2D3000
Entry Point At: 6B47BA
Extraction started...
Disassembly started...
Found packet length function start
Done disassembling in (125ms)
Packet length extraction started...
Found start of function in offset: 000421
 0
 0
 0
 0
Total Time Spent: (0ms)
Done saving recvpackets in: 
C:\Documents and Settings\Somain\Desktop\recvpackets.txt

There was NOTHING inside the recvpackets.txt generated by the JCV..

Code: Select all

#Generated using JCV's RO Tools v1.0.2
#Packets Extracted last [09\25\2008] - 07:03:39
 0
 0
 0
 0

Please advise what to do in this case..

[Motivus]

words

Your exe is different from the one in the posted zip. Is there a chance the exe is packed? Try the recvpackets I attatched, it is from a september kRO exe.

Edit: The JCV I posted was tested with

Latest kRO Sakray
Latest kRO main
Latest kRO Renewal Server
Latest iRO Exe

It worked with all 4. It also worked with all private server exes that I had laying around.

[sli]

Download that, extract the exe and try to use a packet extractor on the DuskRO.exe file.. It DOES NOT work..

We still don't believe these lies.

Why would I lie??? What in GOD's name will i benefit from that??? Here.. Have a look at this screenshot:

http://img508.imageshack.us/my.php?imag ... 269ix2.jpg

That's what i get when i use Openkore's packet extractor.. :O

We've know for months that newer client didn't work.