The Sword Initiative

[Phantom*]

The Sword Initiative is my vision of a community effort to develop an open foundation of knowledge to expand and better the end-user experience.

This transcends with the expansion onto the current international language support offered by providing translation services to client data. Designer services to provide end-users with the ability to create or modify scenery data such as, textures, models, and maps. Finally, emulated services through the development of an integrated open server project for the current client version and possibly open mobile clients to play on the go.

To many of you this may seem impossible especially due to the recent tactics employed to prevent viewing and modification of such data. I am here as a testament that it is not impossible but very easily acquired and with my vision it shall remain that way.

In the following days I will continue to post various sources of information and custom open-source tools to begin the transition to a promising future for the community as a whole.

As a teaser here is the SHA-1 hash of the desirable zip password B29344BA53A2058F307701B13D114CA3028D42DB. Please, don’t bother to try to decipher it. If you remain patient, this knowledge will become publically available. In the mean time, if you believe you can contribute to the Sword Initiative, please post your qualifications. The most notable are translators, testers, and programmers who believe in the open knowledge movement. Don’t be discouraged if you don’t possess any of those skills. Everyone is welcome to contribute as long as their efforts remain open.

Just to elaborate a little more on what I plan to accomplish. Although all of the introductory information that will be posted is my own personal work. Everyday I will post an exert of it to fuels ones own creativity and see what he or she can contribute onto it and build a single large picture. For example the first objective is to expand on the Korean, English, Chinese data files and have others translate them into their own native language as I lack such capabilities. But I do bring forth the knowledge and open-source tools for others to accomplish such a task.

 

[cristy_abaddon]

phanton you are form RST?
kw[e]rnel?

 

[Phantom*]

Sorry, no I'm not. I'm not exactly sure what RST is and I'm not good with acronyms, wish to explain? This is all my independent work and my own vision.

 

[cristy_abaddon]

oo ok,rst is Romanian Security Team,i'm a member there.
welcome to forum,we hope that you will help us,not like others,that have something and don't share.
bakabug is excluded,he relased a kal server,without skills,items,and saving,but he relased something.

 

[Phantom*]

I did not expect this much lack of enthusiasm. I thought within the first few hours many of you would open your arms to such an opportunity. I am not despaired and because of your lack of enthusiasm I am releasing an early rendition of my crypto tool source code. This tool although in its infancy will be the focal point of the Sword Initiative as to the reason almost all data is encrypted.

For those curious developers, all tools created will be distrusted as open-source either licensed by GPL, LGPL, and/or BSD under my pseudonym. All tools will only contain the source code and license details.

Sword uses a stream cipher and two look-up tables for encryption and decryption each 100 clusters of 256 bytes for a total 25600 bytes. There is an interesting mistake in the client where they wrongfully defined the maximum number of clusters by forgetting to denote it as hex. So instead of 63 hex which is 99 dec they have it as 3F hex which is 63 dec. Therefore, the bottom 36 clusters are not in use at this time. This mistake is not surprising do to the relevant sloppy code used throughout Sword.

Swordcrypt as the name applies is an encryption and decryption tool for various sword data files. There are currently only two keys in use for the data files which are 4 and 47. The following describes the command line switches.

swordcrypt [/d] [/key:<value>] [/offset:<value>] [/length:<value>] <file>

/d – specify that the file is to be decrypted (default action is encryption)
/key – specify the cluster to be used 0-63 (default is 4)
/offset – beginning position of file (default is 0)
/length – size of section (default is the file size)

I will begin by showing you how to use swordcrypt to decrypt the texture files which end with a gtx extension. These files are actually

You must be registered to see links

files and with the help of the

You must be registered to see links

and its accompanying tools you can view and modify textures with ease after we perform some initial operations.

So how do you make the gtx texture files accessible? It is simple as following these next instructions.

1. Alter the file signature or the first three bytes from the ascii string 'KAL' to 'DDS' and create a dds file. This may be accomplished using
   You must be registered to see links
   in a single step with the following switches: gsar.exe -sKAL -rDDS <file_name>.gtx <file_name>.dds
2. The dds texture headers have been encrypted from the eighth (8th) offset spanning down sixty-four (64) bytes. To decrypt the header, run it through swordcrypt with the following switches: swordcrypt.exe /d /offset:8 /length:64 <file_name>.dds * Please note that the current source-code does not explicitly state if an error has occurred. You will need to run it in a batch file and test the ERRORLEVEL for 1 – failure or 0 – success.
3. If you have installed the
   You must be registered to see links
   you will now be able to access the textures through the use of the
   You must be registered to see links
   . They include a
   You must be registered to see links
   (Explorer extension),
   You must be registered to see links
   (Explorer extension),
   You must be registered to see links
   , and
   You must be registered to see links
   .
4. Modify and save your texture and repeat the reverse process to view your master piece in-game.

Below are two batch scripts to automate the steps and traverse the Sword directory. You will require a compiled version of swordcrypt and

You must be registered to see links

to successfully run the scripts. * Please note these scripts are intended for use with multiple files. If you plan to work with single files use the above steps instead. Also, the scripts have not been thoroughly tested and may corrupt your game files where you may be required to re-install. Use at your own risk.

Copy, paste, and save the .bat files into any directory and edit the SWORDPATH and PATH variables in GTXtoDDS.bat and DDStoGTX.bat. For example:

SET SWORDPATH=C:\Program Files\KalOnline
SET PATH=C:\SwordCrypt\bin; C:\Program Files\GnuWin32\bin;%PATH%

GTXtoDDS.bat

@ECHO OFF
   
SET SWORDPATH=<SWORD_DIR>
SET PATH=<SWORDCRYPT_DIR>;<GSAR_DIR>;%PATH%
   
CLS
ECHO Starting GTX to DDS conversions

:: Search current and all sub directories for gtx files.
FOR /R "%SWORDPATH%" %%f IN (*.gtx) DO CALL _GTXtoDDS "%%f"
   
ECHO Completed GTX to DDS conversions
PAUSE

_GTXtoDDS.bat

:: Create a dds file with a DDS signature
START /B /WAIT gsar.exe -sKAL -rDDS %1 "%~1.dds"
IF ERRORLEVEL 1 GOTO GSARERROR

:: Decrypt the dds file header
START /B /WAIT swordcrypt.exe /d /offset:8 /length:64 "%~1.dds"
IF ERRORLEVEL 1 GOTO CRYPTERROR
GOTO END

:GSARERROR

ECHO gsar failed, %1 >GTXtoDDS.log
GOTO END

:CRYPTERROR

ECHO swordcrypt failed, "%~1.dds" >GTXtoDDS.log
:: Delete the dds file
DEL "%~1.dds"

:END

DDStoGTX.bat

@ECHO OFF
   
SET SWORDPATH=<SWORD_DIR>
SET PATH=<SWORDCRYPT_DIR>;<GSAR_DIR>;%PATH%
   
CLS
ECHO Starting DDS to GTX conversions

:: Search parent and all sub directories for dds files
FOR /R "%SWORDPATH%" %%f IN (*.dds) DO CALL _DDStoGTX "%%f"
   
ECHO Completed DDS to GTX conversions
PAUSE

_DDStoGTX.bat

:: Backup the original gtx file.
RENAME "%~dpn1" "%~n1.bak"

:: Create a new gtx file from the dds file with a KAL signature
START /B /WAIT gsar.exe -sDDS -rKAL %1 "%~dpn1"
IF ERRORLEVEL 1 GOTO GSARERROR

:: Encrypt the new gtx file
START /B /WAIT swordcrypt.exe /offset:8 /length:64 "%~dpn1"
IF ERRORLEVEL 1 GOTO CRYPTERROR
GOTO END

:GSARERROR

ECHO gsar failed, %1 >DDStoGTX.log
GOTO RESTORE

:CRYPTERROR

ECHO swordcrypt failed, "%~dpn1" >DDStoGTX.log
:: Delete the new gtx file
DEL "%~dpn1"

:RESTORE

:: Restore the original gtx file
RENAME "%~dpn1.bak" "%~n1"

:END

Download:

You must be registered to see links

I apologize for swordcrypt's current state (Pre-Alpha) with lack of comments, makefile, and readme. For those who wish to compile the c source files and do not know how, download and install your free version of

You must be registered to see links

and Google from that point on.

Until next time, happy editing.

 

[gauzzastrip]

I was a CS major, currently work for a programming company and play kal on the official servers and am interested in helping out. I was curious if you think it would be possible if we wrote our own server almost completely make a new mmo (new storyline, different skills, different map, pretty much incorporate our own creativity/originality to bring a whole new experience) based off the kal engine? Since all the graphics and modeling is already there.

 

[Radyzt]

yeah tnx but file is not found on rapid share...maybe u could upload it somewhere else

 

[Phantom*]

I was a CS major, currently work for a programming company and play kal on the official servers and am interested in helping out. I was curious if you think it would be possible if we wrote our own server almost completely make a new mmo (new storyline, different skills, different map, pretty much incorporate our own creativity/originality to bring a whole new experience) based off the kal engine? Since all the graphics and modeling is already there.

I am glad you are interested in helping and I looking forward to it. Two minds are greater than one. As to answer your question yes it would be possible and that will be a task we shall strive to achieve. Just remember nothing is impossible, we just need to find a way around the obstacles.

yeah tnx but file is not found on rapid share...maybe u could upload it somewhere else

I had double checked the link and the file seems to be present with 5 downloads. Try a refresh and if it does continue I will look into alternative hosting.

 

[Phantom*]

Before I begin with explaining how to unpack the pk archives I would like to mention that I had modified my previous post on texture accessibility to clear up a few details. If you are interested please reread.

As most of you already know the

You must be registered to see links

files are encrypted with a plaintext password for what I believe are for sanctity reasons. This is evident do to the albeit small obstacle of ciphering the password. Oddly enough they opted to use a

You must be registered to see links

rather than that exposed in my previous post. The following is the ciphertext and key.

Ciphertext (Hex): B0 B1 A9 A3 BF B2 BB B8 D9 C3 CA CF C8
Key (Hex): FA

Solution: JKSYEHAB#9052

So you thought I was going to just reveal the ascii plaintext password than you thought wrong. I like to impose a little mystery and get others involved in the thought process. The First person to post the plaintext password after performing a

You must be registered to see links

wins a phantom pat on the back.

Once you have the password, it is as easy as passing it into your favorite unzip application. For best results use either winzip or pkzip.

To decipher the dat files you will need to download and compile swordcrypt from my previous post. The key values are different depending on which pk archive the dat file came from. The offset and length are default.

config.pk (cluster or key value = 47)

Decryption: swordcrypt /d /key:47 <file_name>.dat
Encryption: swordcrypt /key:47 <file_name>.dat

c,e,k.pk (cluster or key value = 4 [default])

Decryption: swordcrypt /d <file_name>.dat
Encryption: swordcrypt <file_name>.dat

* Please note that these files only reflect the visual representation for what you the user see on your screen and will only be visible to you. They will not affect the outcome on a properly configured server. Also note that modification of any files is a violation of the EULA. Use at your own risk.

If you play on private servers you will not need third party loaders to connect. Server details are contained in config\xlate-e,c,k.dat depending on your client settings. Adding a new server entry is as trivial as copying and pasting an existing entry and modifying the destination IP and port. If you wish you can also add in config switches ("", "test", "test2", "debug") depending on how you want to load the client. Create a shortcut to engine.exe and add /load /config <switch> to the end of the target property to act as your loader.

Getting back to the Sword Initiative. I would appreciate if some people can translate various dat files (dic, eventscript, guidebook, jobsystem, message, task) into their native languages so those who are not fluent in either Korean, Chinese, or broken English will have the ability to play without a translator by their side. Lets give back to the community and support our diverse Sword comrades.

Until next time.

 

[albator]

Great work, keep up the effort.

I'm new to this game but if i have spare time i want to see packet encryption.

 

[gunneh2]

From the cipher and the key, i make the pw JKSYEHAB#9052

... whether thats right or not i dno for sure

EDIT: Allowed me to open xlate-e.dat so i guess i got it right

 

[dragonfire]

just unziped the config.pk with your pw ^^ could any1 of u upload the swordcrypt plz? i dont have c++ to compile it -.-

gunneh2 did u unpack the xlate-e.dat with swordcrypt?


o.0 forget to say thx to Phantom*
i like the way you explain stuff!
so thank you for your good work and works in future!

 

[gunneh2]

ive tried compiling swordcrypt with my c/c++ compiler but it fails, otherwise id have looked into xlate-e.dat myself and posted some info from it.

Am trying VS2005 express to open/compile it now

 

[x-pecta]

This is what i get by trying to compile

/out:swordcrypt.exe
swordcrypt.obj
swordcrypt.obj : error LNK2019: unresolved external symbol _crypto_decode refere
nced in function _main
swordcrypt.obj : error LNK2019: unresolved external symbol _crypto_encode refere
nced in function _main
swordcrypt.obj : error LNK2019: unresolved external symbol _argv_get_value_int r
eferenced in function _main
swordcrypt.obj : error LNK2019: unresolved external symbol __argv_get_key refere
nced in function _main
swordcrypt.exe : fatal error LNK1120: 4 unresolved externals

 

[gunneh2]

@x-pecta - i get the same result with my other compiler, ill post here if i get the same with VS2005

 

[sspoke]

--------------------Configuration: swordcrypt - Win32 Debug--------------------
Compiling...
swordcrypt.c
crypto.c
Linking...

swordcrypt.exe - 0 error(s), 0 warning(s)

:\

 

[gauzzastrip]

i got the same errors as x-pecta
or else i would have had the password awhile ago

i'm using VS2005

 

[gunneh2]

you dont need to be able to open the .dats to find the password for config.pk or e.pk, just need to use the crypto pw given in hex and the key using the XOR fucntion to find the pw.

JKSYEHAB#9052 for config.pk if u cant be bothered with that.

 

[Nuklear]

My laptop cannot download the VC++ and has Windows Xp SP2, but my main computer can download but needs SP2 to install, but I do not like SP2 at all so can someone post a compiled version of this program?

 

[Sung]

hm, i dont know how.. but i tried alot of time to decrypt or encrypt files from config.pk... dont seems to work..

how to encrypt files back to the .dat file?