packet encryption menu

User Tag List

Results 1 to 8 of 8
  1. #1
    lelejau's Avatar Member
    Reputation
    2
    Join Date
    Feb 2010
    Posts
    8
    Thanks G/R
    1/1
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    packet encryption

    So I downloaded this game and I wanted to try to create an emulator for it. Found this thread about packet encryption (https://www.ownedcore.com/forums/mmo...4-packets.html (Packets)) but I can't remove the encryption to see at least the login packet. I was wondering if someone already has made any progress on this subject and could share with me.

    I'm also trying to run PoE via OllyDbg but it always crash. (already using 32bit version). Can anyone give me some light?

    I have experience with emulators (already emulated Priston Tale) so I think I know a little bit to get this going. I'm just not that good at reversing all the protocols and encryption. (priston tale has a very weak packet encryption system. not really encryption, its xor based only so it was easier.)
    Last edited by lelejau; 01-29-2019 at 03:55 PM.

    packet encryption
  2. #2
    leethobbit's Avatar Member
    Reputation
    1
    Join Date
    Feb 2019
    Posts
    6
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I haven't looked into this at all yet but I am planning to take a crack at it. Will definitely keep my eye on this thread for any updates and share any progress I make.

  3. #3
    maper's Avatar Elite User __readgsqword(0x188); CoreCoins Purchaser
    Reputation
    496
    Join Date
    Nov 2013
    Posts
    356
    Thanks G/R
    26/353
    Trade Feedback
    0 (0%)
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Here are some tips for doing analysis of the game client and network traffic:

    • The network traffic is encrypted with SALSA20.
    • You should use WinDbg instead of Ollydbg and your life will be better.
    • You should be analyzing the 64-bit version of the game because they will soon be dropping support for the 32-bit version. If they haven't already, actually.


    You should check out some quick notes I made in my maphack thread (https://www.ownedcore.com/forums/mmo...ml#post3817135 (exmap: Maphack, Packet Logger, etc.)).

  4. Thanks Sychotix (1 members gave Thanks to maper for this useful post)
  5. #4
    leethobbit's Avatar Member
    Reputation
    1
    Join Date
    Feb 2019
    Posts
    6
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by maper View Post
    Here are some tips for doing analysis of the game client and network traffic:

    • The network traffic is encrypted with SALSA20.
    • You should use WinDbg instead of Ollydbg and your life will be better.
    • You should be analyzing the 64-bit version of the game because they will soon be dropping support for the 32-bit version. If they haven't already, actually.


    You should check out some quick notes I made in my maphack thread (https://www.ownedcore.com/forums/mmo...ml#post3817135 (exmap: Maphack, Packet Logger, etc.)).
    Thank you for the reply as well as the PM!

    At this point, I think we have the traffic and decryption sorted but I think GGG is blocking VirtualQueryEx from grabbing the keys from memory. Currently investigating either a way to make sure it works or use a different method for getting the server side key from memory.

    I'm not 100% certain this is the case but I don't know of any quick way to test VirtualQueryEx since I'm still relatively new to this. Any thoughts are welcome!

  6. #5
    maper's Avatar Elite User __readgsqword(0x188); CoreCoins Purchaser
    Reputation
    496
    Join Date
    Nov 2013
    Posts
    356
    Thanks G/R
    26/353
    Trade Feedback
    0 (0%)
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by leethobbit View Post
    Thank you for the reply as well as the PM!

    At this point, I think we have the traffic and decryption sorted but I think GGG is blocking VirtualQueryEx from grabbing the keys from memory. Currently investigating either a way to make sure it works or use a different method for getting the server side key from memory.

    I'm not 100% certain this is the case but I don't know of any quick way to test VirtualQueryEx since I'm still relatively new to this. Any thoughts are welcome!
    VirtualQueryEx won't give you the memory contents, only information describing the properties of a particular memory region.

    If you're looking to read the memory from an external process, you want ReadProcessMemory.

  7. #6
    leethobbit's Avatar Member
    Reputation
    1
    Join Date
    Feb 2019
    Posts
    6
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah I thought of that as soon as I posted, whoops lol. So, I'm guessing the packet IDs just aren't lining up right as they were updated in the last major update. I still need to investigate further as I'm not sure exactly where the breakdown is occurring.

    I also started working on an older client. Does anyone here still have old wireshark capture files or logs of packets saved? I'd love to take a look at some legit server communications from older versions of the game to compare.

  8. #7
    XianPoE's Avatar Active Member
    Reputation
    27
    Join Date
    Apr 2019
    Posts
    38
    Thanks G/R
    0/23
    Trade Feedback
    0 (0%)
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    tfw people try to reverse entire cryptos when you can manipulate the clients entire network stack with a 5 byte patch

  9. #8
    tiduswar's Avatar Member
    Reputation
    1
    Join Date
    Oct 2018
    Posts
    1
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally Posted by maper View Post
    Here are some tips for doing analysis of the game client and network traffic:

    • The network traffic is encrypted with SALSA20.
    • You should use WinDbg instead of Ollydbg and your life will be better.
    • You should be analyzing the 64-bit version of the game because they will soon be dropping support for the 32-bit version. If they haven't already, actually.


    You should check out some quick notes I made in my maphack thread (https://www.ownedcore.com/forums/mmo...ml#post3817135 (exmap: Maphack, Packet Logger, etc.)).
    How did you guys find out that Path of Exile was using Salsa20?

Similar Threads

  1. ESO Packet Decrypt/Encrypt. Close, but cannot determine key
    By jarjar1 in forum Elder Scrolls Online General
    Replies: 3
    Last Post: 10-06-2013, 12:19 PM
  2. [Question] What packets are not encrypted/decrypted?
    By adapa in forum WoW Memory Editing
    Replies: 10
    Last Post: 09-28-2011, 09:03 AM
  3. Password Registration Encryption
    By italiansoda in forum World of Warcraft Emulator Servers
    Replies: 0
    Last Post: 09-20-2007, 02:37 PM
  4. Packet Injecting Items
    By yungen2003 in forum World of Warcraft General
    Replies: 7
    Last Post: 08-07-2007, 07:02 AM
  5. WoW packets.. where are they?
    By Stretch in forum World of Warcraft General
    Replies: 0
    Last Post: 01-28-2007, 01:54 PM
All times are GMT -5. The time now is 10:32 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search