Рейтинг темы:
  • 0 Голос(ов) - 0 в среднем
  • 1
  • 2
  • 3
  • 4
  • 5
Пакет AutchRequest(Client)
#1
делаю пакет AutchRequest
Код:
int startlen = UserName.Length * 2 + 2;
        byte[] AuthRequest = new byte[startlen + 33];
                  
        AuthRequest[0] = 0x2B;//???? это размер... не знаю правильно или нет
        AuthRequest[1] = 0x00;
        AuthRequest[2] = 0x2B;//AutchRequest(Client)
        byte[] data = System.Text.Encoding.Unicode.GetBytes(UserName);//each char becomes 2 bytes
        uint j = 3;
        for (int i = 0; i < data.Length; i++)
        {
            AuthRequest[j] = data[i];
            j++;
        }
        AuthRequest[j] = (0x00);j++;//null terminated string
        AuthRequest[j] = (0x00); j++;//null terminated string
        AuthRequest[j] = play_ok_[4]; j++;
        AuthRequest[j] = play_ok_[5]; j++;
        AuthRequest[j] = play_ok_[6]; j++;
        AuthRequest[j] = play_ok_[7]; j++;
        AuthRequest[j] = play_ok_[0]; j++;
        AuthRequest[j] = play_ok_[1]; j++;
        AuthRequest[j] = play_ok_[2]; j++;
        AuthRequest[j] = play_ok_[3]; j++;
        AuthRequest[j] = login_ok_[0]; j++;
        AuthRequest[j] = login_ok_[1]; j++;
        AuthRequest[j] = login_ok_[2]; j++;
        AuthRequest[j] = login_ok_[3]; j++;
        AuthRequest[j] = login_ok_[4]; j++;
        AuthRequest[j] = login_ok_[5]; j++;
        AuthRequest[j] = login_ok_[6]; j++;
        AuthRequest[j] = login_ok_[7]; j++;
        AuthRequest[j] = (0x01); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x3C); j++;//
        AuthRequest[j] = (0x01); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x00); j++;//
        AuthRequest[j] = (0x01);//
        crypt_.encrypt(AuthRequest, 2, j );
        connection_.send_packet(AuthRequest, startlen + 33, socket);
вот encrypt
Код:
public void setKey(byte[] key)
        {
            _key[0] = key[0];
            _key[1] = key[1];
            _key[2] = key[2];
            _key[3] = key[3];
            _key[4] = key[4];
            _key[5] = key[5];
            _key[6] = key[6];
            _key[7] = key[7];
            _key[8] = key[8];
            _key[9] = key[9];
            _key[10] = key[10];
            _key[11] = key[11];
            _key[12] = key[12];
            _key[13] = key[13];
            _key[14] = key[14];
            _key[15] = key[15];
            enabled = true;
        }

        public void encrypt(byte[] raw , int offset, uint size)
        {
            if (!enabled)
                return;

            uint temp = 0;
            for (int i = 0; i < size; i++)
            {
                uint temp2 = raw[offset+i] & (uint)0xff;
                temp = (temp2 ^ _key[i & 15] ^ temp);
                raw[offset+i] = (byte)temp;
            }

            uint old = ((uint)_key[8]) & (uint)0xff;
            old |= (uint)(((uint)_key[9]) << 8 & (uint)0xff00);
            old |= (uint)(((uint)_key[10] << 0x10) & (uint)0xff0000);
            old |= (uint)(((uint)_key[11] << 0x18) & (uint)0xff000000);

            old += (uint)size;

            _key[8] = (byte)(old & 0xff);
            _key[9] = (byte)(old >> 0x08 & 0xff);
            _key[10] = (byte)(old >> 0x10 & 0xff);
            _key[11] = (byte)(old >> 0x18 & 0xff);
        }
получается я шифрую AuthRequest со 2 позиции.. после отправки на сервер какая то тарабарщина
Код:
...
Unknown Packet: 95 on State: CONNECTED Client: [IP: 127.0.0.1]
0000: 0d 17 71 37 83 a9 63 05 89 77 f3 cc 33 bf cc b0    ..q7..c..w..3...
0010: 21 19 14 37 f0 a9 17 05 89 77 73 65 24 72 97 bf    !..7.....wse$r..
0020: 79 17 14 37 f0 a9                                  y..7..
....

....
Unknown Packet: 90 on State: CONNECTED Client: [IP: 127.0.0.1]
0000: 7d fb 9d e1 9b c1 1d 7c 53 4c 41 e5 da 57 8b d8    }......|SLA..W..
0010: 97 62 f8 e1 e8 c1 69 7c 53 4c f3 8b 03 e3 1f ba    .b....i|SL......
0020: 09 fb f8 e1 e8 c1 68 7c                            ......h|
....

...
Unknown Packet: db on State: CONNECTED Client: [IP: 127.0.0.1]
0000: 48 15 5a ff c8 3d 5b 20 e0 d5 8f ec 49 7c 4e 4e    H.Z..=[ ....I|NN
0010: 89 ea 3f ff bb 3d 2f 20 e0 d5                      ..?..=/ ..
....
логин постоянно один и тот же
Ответ
#2
Потому что там используется RSA.
[SRC="java"] var name = Account.Login;
var pw = Account.Password;
var loginInfo = new byte[128];
loginInfo[0x5B] = 0x24;
for (var i = 0; i < name.Length; i++) loginInfo[0x5E + i] = (byte) name[i];
for (var i = 0; i < pw.Length; i++) loginInfo[0x6C + i] = (byte) pw[i];
byte[] exponent = {1, 0, 1};
var rsaKeyInfo = new RSAParameters
{
Modulus = GameDataToServer.RsaKey,
Exponent = exponent
};
var poo = new RSA(); //Set RSAKeyInfo to the public key values.
poo.ImportParameters(rsaKeyInfo);
var outb = poo.EncryptValue(loginInfo);
var loginSend = new byte[176];
outb.CopyTo(loginSend, 128 - outb.Length + 1);
loginSend[129] = GameDataToServer.Session[0];
loginSend[130] = GameDataToServer.Session[1];
loginSend[131] = GameDataToServer.Session[2];
loginSend[132] = GameDataToServer.Session[3];
loginSend[133] = 0x23; //gameguard reply start
loginSend[134] = 0x01;
loginSend[135] = 0x00;
loginSend[136] = 0x00;
loginSend[137] = 0x67; //
loginSend[138] = 0x45;
loginSend[139] = 0x00;
loginSend[140] = 0x00;
loginSend[141] = 0xAB; //
loginSend[142] = 0x89;
loginSend[143] = 0x00;
loginSend[144] = 0x00;
loginSend[145] = 0xEF; //
loginSend[146] = 0xCD;
loginSend[147] = 0x00;
loginSend[148] = 0x00; //game guard reply stop
loginSend[149] = 0x08; //
loginSend[150] = 0x00;
loginSend[151] = 0x00;
loginSend[152] = 0x00;
loginSend[153] = 0x00; //
loginSend[154] = 0x00;
loginSend[155] = 0x00;
loginSend[156] = 0x00;
loginSend[157] = 0x00; //
loginSend[158] = 0x00;
loginSend[159] = 0x00;

General.CheckSum(loginSend, 160);
SendToServer(loginSend);[/SRC]
[Изображение: 4e38c909fcd08c5fcdf363b54a62.png]
Ответ
#3
Уже к гейм серверу подключаюсь
к логину вот
Код:
byte[] login_info = new byte[128];

        login_info[0x5B] = 0x24;

        for (int i = 0; i < Globals.UserName.Length; i++)
        {
            login_info[0x5E + i] = (byte)Globals.UserName[i];
        }

        for (int i = 0; i < Globals.Password.Length; i++)
        {
            login_info[0x6C + i] = (byte)Globals.Password[i];
        }

        byte[] exponent = { 1, 0, 1 };

        System.Security.Cryptography.RSAParameters RSAKeyInfo = new System.Security.Cryptography.RSAParameters();

        //Set RSAKeyInfo to the public key values.
        RSAKeyInfo.Modulus = RSA_enc_key_;
        RSAKeyInfo.Exponent = exponent;

        RSA_Managed rsa_managed = new RSA_Managed();
        rsa_managed.ImportParameters(RSAKeyInfo);

        byte[] encrypted_bytes = new byte[128];

        encrypted_bytes = rsa_managed.EncryptValue(login_info);

        byte[] login_send = new byte[176];
        byte[] prelogin_send = new byte[176];

        encrypted_bytes.CopyTo(login_send, 1);

        login_send[129] = RSA_key_[0];
        login_send[130] = RSA_key_[1];
        login_send[131] = RSA_key_[2];
        login_send[132] = RSA_key_[3];
        login_send[133] = 0x23;//GG reply start
        login_send[134] = 0x01;
        login_send[135] = 0x00;
        login_send[136] = 0x00;
        login_send[137] = 0x67;//
        login_send[138] = 0x45;
        login_send[139] = 0x00;
        login_send[140] = 0x00;
        login_send[141] = 0xAB;//
        login_send[142] = 0x89;
        login_send[143] = 0x00;
        login_send[144] = 0x00;
        login_send[145] = 0xEF;//
        login_send[146] = 0xCD;
        login_send[147] = 0x00;
        login_send[148] = 0x00;//GG reply stop
        login_send[149] = 0x08;//
        login_send[150] = 0x00;
        login_send[151] = 0x00;
        login_send[152] = 0x00;
        login_send[153] = 0x00;//
        login_send[154] = 0x00;
        login_send[155] = 0x00;
        login_send[156] = 0x00;
        login_send[157] = 0x00;//
        login_send[158] = 0x00;
        login_send[159] = 0x00;

        ulong checksum = Global.CheckSum(login_send, 160);

        login_send[160] = (byte)(checksum & 0xff);
        login_send[161] = (byte)(checksum >> 0x08 & 0xff);
        login_send[163] = (byte)(checksum >> 0x10 & 0xff);
        login_send[163] = (byte)(checksum >> 0x18 & 0xff);

        blowfish_cipher_.init(true, blowfish_key_);
        blowfish_cipher_.processBigBlock(login_send, 0, prelogin_send, 0, 176);

        byte[] login_packet = new byte[178];

        login_packet[0] = 0xB2;
        login_packet[1] = 0x00;

        prelogin_send.CopyTo(login_packet, 2);

        connection_.send_packet(login_packet, 178, socket);

Добавлено через 11 минут
нашел в место своего encrypt вот такое чудо
Код:
public static void encXORPass(byte[] raw, int offset, int size, int key)
    {
        int stop = size - 8;
        int pos = 4 + offset;
        int edx;
        int ecx = key; // Initial xor key

        while (pos < stop)
        {
            edx = (raw[pos] & 0xFF);
            edx |= (raw[pos + 1] & 0xFF) << 8;
            edx |= (raw[pos + 2] & 0xFF) << 16;
            edx |= (raw[pos + 3] & 0xFF) << 24;

           ecx += edx;

            edx ^= ecx;

            raw[pos] = (byte)(edx & 0xFF);
            raw[pos + 1] = (byte)(edx >> 8 & 0xFF);
            raw[pos + 2] = (byte)(edx >> 16 & 0xFF);
            raw[pos + 3] = (byte)(edx >> 24 & 0xFF);
            pos += 4;
        }

        raw[pos++] = (byte)(ecx & 0xFF);
        raw[pos++] = (byte)(ecx >> 8 & 0xFF);
        raw[pos++] = (byte)(ecx >> 16 & 0xFF);
        raw[pos++] = (byte)(ecx >> 24 & 0xFF);
    }

    public static void decXORPass(byte[] raw, int offset, int size, int key)
    {
        int stop = 4 + offset;
        int pos = size - 12;
        int edx;
        int ecx = key; // Initial xor key

        while (stop <= pos)
        {
            edx = (raw[pos] & 0xFF);
            edx |= (raw[pos + 1] & 0xFF) << 8;
            edx |= (raw[pos + 2] & 0xFF) << 16;
            edx |= (raw[pos + 3] & 0xFF) << 24;

            edx ^= ecx;

            ecx -= edx;
            raw[pos] = (byte)(edx & 0xFF);
            raw[pos + 1] = (byte)(edx >> 8 & 0xFF);
            raw[pos + 2] = (byte)(edx >> 16 & 0xFF);
            raw[pos + 3] = (byte)(edx >> 24 & 0xFF);
            pos -= 4;
        }

        //raw[pos++] = (byte)(ecx & 0xFF);
        //raw[pos++] = (byte)(ecx >> 8 & 0xFF);
        //raw[pos++] = (byte)(ecx >> 16 & 0xFF);
        //raw[pos++] = (byte)(ecx >> 24 & 0xFF);
    }
только не пойму, что там под int key
Ответ
#4
Ну это везде так. Вопрос то в чем? Или все нормально?)
[Изображение: 4e38c909fcd08c5fcdf363b54a62.png]
Ответ
#5
что то я не пойму
Код:
user:test
key:PlayOk: 643217812 -1530561126 LoginOk:0 0
PlayOk: 643217812 -1530561126 LoginOk:0 0
[C]
0000: 03 74 00 65 00 73 00 74 00 00 00 01 03 07 00 10    .t.e.s.t........

Login accepted player test waited(0ms)

а в ответ пришел пакет с опкодом 0x09 такого в исходниках нету что то должно было прийти CharacterSelectInfo
Ответ
#6
если я правильно понял дальше идет
Код:
private void characterselect(Socket socket,byte[] data)
    {
        byte[] characterselect = new byte[21];
        characterselect[0] = 0x15;
        characterselect[1] = 0x00;
        characterselect[2] = 0x12;
        characterselect[3] = 0x00;
        characterselect[4] = 0x00;
        characterselect[5] = 0x00;
        characterselect[6] = 0x00;
        characterselect[7] = 0x00;
        characterselect[8] = 0x00;
        characterselect[9] = 0x00;
        characterselect[10] = 0x00;
        characterselect[11] = 0x00;
        characterselect[12] = 0x00;
        characterselect[13] = 0x00;
        characterselect[14] = 0x00;
        characterselect[15] = 0x00;
        characterselect[16] = 0x00;
        characterselect[17] = 0x00;
        characterselect[18] = 0x00;
        characterselect[19] = 0x00;
        characterselect[20] = 0x00;
        connection_.send_packet(characterselect, 21, socket);
    }
выбор персонажа
затем
Код:
private void RequestExManorList(Socket socket)
    {
        byte[] REMList = new byte[5];
        REMList[0] = 0x03;
        REMList[1] = 0x00;
        REMList[2] = 0xd0;
        REMList[3] = 0x08;
        REMList[4] = 0x00;
        connection_.send_packet(REMList, 5, socket);
    }
    private void RequestQuestList(Socket socket)
    {
        byte[] RQList = new byte[3];
        RQList[0] = 0x03;
        RQList[1] = 0x00;
        RQList[2] = 0x63;
        connection_.send_packet(RQList, 3, socket);
    }
квест лист и монор лист затем
Код:
private void Enterworld(Socket socket)
    {
        byte[] EWorld = new byte[3];
        EWorld[0] = 0x03;
        EWorld[1] = 0x00;
        EWorld[2] = 0x03;
        connection_.send_packet(EWorld, 3, socket);
    }

но что то не то кто с опкодами подскажет
сервер на Enterworld отвечает вообще
Код:
user:test
key:PlayOk: -1869213729 -1465200675 LoginOk:0 0
PlayOk: -1869213729 -1465200675 LoginOk:0 0
[C]
0000: 03 74 00 65 00 73 00 74 00 00 00 01 03 07 00 10    .t.e.s.t........

Login accepted player test waited(0ms)
Client: [Account: test - IP: 127.0.0.1] sent a 0xd0 without the second opcode.
[color=Red]Client: [Character: test - Account: test - IP: 127.0.0.1] - Failed reading: [C] 4D RequestStartPledgewar - L2J Server Version:  - DP Revision:[/color]
опкоды не правильтно 100% беру с исходов сервака пишет нет пакета
Ответ
#7
Если кривые опкоды, то это 99% кривое шифрование. Смотри его. Так же юзай пакетхак.
[Изображение: 4e38c909fcd08c5fcdf363b54a62.png]
Ответ
#8
я вообще пока убрал на серваке шифрование Smile
Ответ


Возможно похожие темы ...
Тема Автор Ответы Просмотры Последний пост
  Пакет AuthLogin в Эпилог Tiger7th 2 1,663 04-05-2020, 05:17 AM
Последний пост: Tiger7th
  abnormal effect c4 client cienpe 0 1,126 11-15-2019, 12:37 PM
Последний пост: cienpe
  Is it possible to launch "patched" Helios client in Official server ? Syncia_Lin 0 1,105 12-05-2016, 07:01 PM
Последний пост: Syncia_Lin
  Пакет PremiumState в хрониках IL flopix 3 1,515 01-28-2016, 12:20 AM
Последний пост: flopix
  client files editor acmi 24 7,297 09-16-2013, 04:46 PM
Последний пост: ALF.
  client Lineage2 C3 SkyWard 26 5,382 07-24-2013, 10:03 PM
Последний пост: SkyWard
  Lineage 2 C3 Client Effas 12 7,018 10-21-2011, 05:07 PM
Последний пост: smeli

Перейти к форуму:


Пользователи, просматривающие эту тему: 1 Гость(ей)