HabBit - Habbo Hotel Client Modifier

[ovflowd]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

So what's causing the black screen on the habbo.swf loading? And how to disable it since the new habbit source doesn't include it ?

White screen, no black screen. As i think, new security methodologies that Sulake are using, like SWF expire time, etc.
Habbit already has these fixes.

 

[ppntn]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Please do comments that will do difference, no SPAM. This is spam.

Remembering: all that i said is hypothetic.

It may be hypothetic, but @Dominic is obviously stating that your posts are wrong. Obfuscation is most commonly just random name changes to voids, methods, classes and whatnot.
The header ids is automatically generated (but not by any kind of special 'key' or whatever, it is also totally random). There is nothing special to these two things you have mentioned, please do not make it more complex than it already is.

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

HabBit v1.3.240:

• Added support for cracking older client builds.
• Improved hashing process to generate more unique values.
• The "HEADERS_X.txt" file will now group the messages by hash duplicates, the messages with more duplicates will begin appearing at the bottom.

Download:

You must be registered to see links

---

Yea, I also just noticed this:

You must be registered to see links

Queer, until next update I guess.

I also suggest for you guys to open the "HEADERS_X.txt" in Notepad++, since it highlights the duplicate hashes for you, it's nice.

 

[wesley66101]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

HabBit v1.3.240:

• Added support for cracking older client builds.
• Improved hashing process to generate more unique values.
• The "HEADERS_X.txt" file will now group the messages by hash duplicates, the messages with more duplicates will begin appearing at the bottom.

Download:

You must be registered to see links

---

Yea, I also just noticed this:

You must be registered to see links

Queer, until next update I guess.

I also suggest for you guys to open the "HEADERS_X.txt" in Notepad++, since it highlights the duplicate hashes for you, it's nice.

What exactly is improved about The hasing system? How less packets are duplicated? Compared with The previous version?

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

What exactly is improved about The hasing system? How less packets are duplicated? Compared with The previous version?

Good question, here are a few things that were included in the process to create a hash for a "Class".

• Static traits(slots/methods/ctors) inside of a type.
• The base type(SuperType).
• The Class/Function traits(Delegates in a way?).
• The ClassInfo flags(sealed/final/etc).
• The values of a constant/slot, or optional parameters in a method.
• Include name of class if it ends with "Composer".

As for how many less duplicate hashes are generated, I think it would be simpler if I instead said how many unique hashes it creates, instead of the amount of duplicates.

1.3.177
Unique Outgoing Hashes: 227
Duplicate Outgoing Hashes: 237

Unique Incoming Hashes: 33
Duplicate Incoming Hashes: 435

1.3.240
Unique Outgoing Hashes: 230
Duplicate Outgoing Hashes: 234

Unique Incoming Hashes: 367
Duplicate Incoming Hashes: 101

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Just a quick update on what I'm currently doing with this, and because I'm too excited to not tell anyone. I've recently managed to generate 404(previously 230) unique Outgoing hashes out of 464. This was accomplished by scanning every method bodies' bytecode, and checking if it's creating a new instance of the message, something like(parameters do not matter): new SomeComposer(0, true);

Once this chunk of bytecode is found inside of a method body, it includes the method that houses this instruction into the hashing process. The completion time for this process is currently around 8-9 minutes, although I can significantly decrease that to about 1 minute if I cache the methods that are found to be creating instances of a message(re-scan for each message as of now..yea).

Why aren't all of them unique already?

This is because there are matching methods that create a new message instance:

Although, to combat this problem we can just include the index/rank/order of the trait itself, if these were the only methods/traits in the class these would be their trait index:

• _-33s: 0
• _-3C5: 1

I haven't added this though(about to right now).
These trait orders/indices do not change.

What's so exciting about this?

If I managed to make it spit out 100% unique hashes, we can "un-shuffle" the headers within the client by specifying a previous client build. This still means you need to get the headers for at least one client build, but after that it should be easy pz.

 

[ovflowd]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Arachis yeah, sometimes this is really annoying, when i try to update a packet sometimes i don't can find some reference for comparing, using the AHPU some packets being wrong, so need manually check, other times is only structure that changed.
Arachis i think is a good idea in your Packet Dumper, the File make log of which Packets changed structure, Example:

Packet[546747] ........ [Warning: Structure Changed]

This will be really awesome, because if i receive a crash, i can easily know if is because wrong packet id, or structure changed.
Also will be awesome your software also Log the md5 of the Structure
example:

... _5486484()
{
string
string
char
int
}
maybe has a md5 like ayhrg534534545gh (i know is invalid)

If in the Habbo.swf you're trying to crack the structure changes (different md5) he advises you.
But i think that will not be helpfull, because the md5 check will check entire void length, and the size of the variable names can also change..

Also you need compare with older Habbo.swf, so this is little useless and hard...

But i think is a good idea, when the software dump the logs (not only dump the md5, because if the md5 are duplicated we will know that is possibility of AHPU or other softwares wrong that packet)... but also say: Probability of Duplicated Packet..

Yeah also useless.. But i'm trying to think in a way to know if the structure changed..

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Arachis yeah, sometimes this is really annoying, when i try to update a packet sometimes i don't can find some reference for comparing, using the AHPU some packets being wrong, so need manually check, other times is only structure that changed.
Arachis i think is a good idea in your Packet Dumper, the File make log of which Packets changed structure, Example:

Packet[546747] ........ [Warning: Structure Changed]

This will be really awesome, because if i receive a crash, i can easily know if is because wrong packet id, or structure changed.
Also will be awesome your software also Log the md5 of the Structure
example:

... _5486484()
{
string
string
char
int
}
maybe has a md5 like ayhrg534534545gh (i know is invalid)

If in the Habbo.swf you're trying to crack the structure changes (different md5) he advises you.
But i think that will not be helpfull, because the md5 check will check entire void length, and the size of the variable names can also change..

Also you need compare with older Habbo.swf, so this is little useless and hard...

But i think is a good idea, when the software dump the logs (not only dump the md5, because if the md5 are duplicated we will know that is possibility of AHPU or other softwares wrong that packet)... but also say: Probability of Duplicated Packet..

Yeah also useless.. But i'm trying to think in a way to know if the structure changed..

Sorry, I'm not exactly 100% sure what you're saying, but I'll take a guess and try to answer.

The structure of an incoming/outgoing message currently can't be extracted, for this to be done I would need to carefully process the read/write instructions(which honestly seems tedious for the complex ones).

If a message handler of the same type has changed in another build(different traits/ctor/instructions), it will not have the same hash as it's previous version(currently). Although, as I'm writing this, why not just rely on the references? It would mean even if a message handler has changed, it would still have the same references.. hmm.

I was having trouble earlier with the whole "references" thing, since some of the packets would end up being called in the same method/class. Fortunately, we can figure out which packet was referenced first in the method, so that solved that. Here are the results:

Those 6 "non-unique" hashes, aren't even getting called in the code. I did a test earlier with another client(ended with 88 something, the one in the Habboon release), and there were 25 unclaimed hashes on both sides. This means there were 25 message handlers that are "different" from the older build, which is pretty nice.

Here are two dumps, from two different builds, both ended up spitting out the same amount of unique Outgoing hashes:

HEADERS_PRODUCTION-201601271301-33707288:

You must be registered to see links

HEADERS_PRODUCTION-201601121016-572931594:

You must be registered to see links

If a hash from one of these dumps is not in the other, it means the handler for the packet has changed in some form(or even reference changes).

Edit: Seems like there are 444 Outgoing hash matches between those two files, good enough.

 

[ovflowd]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Arachis that is exactly what i said. What you're implementing is just AWESOME.
I wish a good luck for you! If i can do something useful, call me



Observation: So we have the concern that some packet's voids receive overloading.
I saw that Habbo tried to reuse some packet's for "things that are +- equal"

A good example is the Group Forum create thread. The Packet for post in thread and create thread is the same.
But with different structure sizes, maybe he check what i'm trying to do.

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

poop, did I ever release the updated version? Also, they seemed to have removed the time stamp check thingy in the WindowContext file, or they moved it somewhere else(?).

I'll release the update in a bit, I also made it spit out the parser class names for the incoming message types. ALSO, in case some of you guys are interested, I'm prepping up a new Tanji update with some 'hash' features:

It'll spit out the header for the given hash, this version will also not support retros, so that's a plus for you guys.

---

Edit:

You must be registered to see links

You must be registered to see links

 

[ovflowd]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Just one simple beauty word: A M A Z I N G

 

[anthony93260]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

poop, did I ever release the updated version? Also, they seemed to have removed the time stamp check thingy in the WindowContext file, or they moved it somewhere else(?).

They removed the timestamp check.

 

[GoldenHabbo]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Looks neat. An updated version w/ the timestamp fixed would be great.
Thanks for the hard work put into this

 

[streamhotel]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Screwlake looks dumb. First they add it and then they probably notice it's not worthed because people can easily patch it and remove it again. Stupid developers of Sulake.

 

[GoldenHabbo]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Screwlake looks dumb. First they add it and then they probably notice it's not worthed because people can easily patch it and remove it again. Stupid developers of Sulake.

Well they can only improve by testing poop out, so it's not actually stupid.

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Local variables named 'k' will now be renamed to their 'loc#':

(AS3 Sorcerer(1.4) output after HabBit modification)

You'll finally be able to know what 'k' actually means in this scenario:

var k:int = 0;
var k:int = 1;
var k:int = 2;
var k:int = 3;
var k:int = k + k;

It's probably 10 or something.

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

I've been working on this for a good bit the past week, and it seems the days of manually updating headers are almost over, almost.

Current Revision:

You must be registered to see links

Previous Revision:

You must be registered to see links

I've been manually searching for the hash in both files to see if the same message classes are creating the same hash, so far 50 of them match. I could probably make something to compare them automatically, but I'm a scrub.

Dumped messages including a [Dead] string at the beginning of it's line means that it's not being used at all, anywhere in the code. This makes it easier to say "Who cares about that header man".

Also, if any of you guys finds a hash in one of those files that isn't in the other, I'd appreciate it if you let me know. All of the outgoing/incoming messages that are being used generate their own unique hash, it's the dead messages that sometimes contain a duplicate since it can only use their class data in the hashing thingy, and not the references(because there are none).

Now a request, does anyone have some sort of Outgoing.cs/Incoming.cs file with the headers updated to a specific release, I want to make something to auto-update them but I'm not sure what 'format' most of you guys use.

I've pushed the source to git, I tried to re-write it for others to more easily read/use, but it's kinda hard with how much is going on:

You must be registered to see links

At least I commented some stuff, so it's not so bad.

 

[wesley66101]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

I've been working on this for a good bit the past week, and it seems the days of manually updating headers are almost over, almost.

Current Revision:

You must be registered to see links

Previous Revision:

You must be registered to see links

I've been manually searching for the hash in both files to see if the same message classes are creating the same hash, so far 50 of them match. I could probably make something to compare them automatically, but I'm a scrub.

Dumped messages including a [Dead] string at the beginning of it's line means that it's not being used at all, anywhere in the code. This makes it easier to say "Who cares about that header man".

Also, if any of you guys finds a hash in one of those files that isn't in the other, I'd appreciate it if you let me know. All of the outgoing/incoming messages that are being used generate their own unique hash, it's the dead messages that sometimes contain a duplicate since it can only use their class data in the hashing thingy, and not the references(because there are none).

Now a request, does anyone have some sort of Outgoing.cs/Incoming.cs file with the headers updated to a specific release, I want to make something to auto-update them but I'm not sure what 'format' most of you guys use.

I've pushed the source to git, I tried to re-write it for others to more easily read/use, but it's kinda hard with how much is going on:

You must be registered to see links

At least I commented some stuff, so it's not so bad.

That would be nice!

This is the 'format' that i use: http://forum.ragezone.com/f353/packets-swf-production-201602082203-712976078-a-1095129/

 

[Sledmore]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Looks good, how long does it take to run? Mine takes a fair while but it's fairly accurate.

As for the 'format', don't go for the "//Updated by xx" as no one cares, no one see's it. Comment the old header next to the new one, helps us incase the new header is wrong. We then know where to look to correct it.

 

[PeanutButterHam]

Re: HabBit - Automatic Habbo Client Cracker(Source | .NET 2.0 | C# 6)

Looks good, how long does it take to run? Mine takes a fair while but it's fairly accurate.
As for the 'format', don't go for the "//Updated by xx" as no one cares, no one see's it. Comment the old header next to the new one, helps us incase the new header is wrong. We then know where to look to correct it.

Aight dawg.

Also, the completion time is around 4-6 seconds now, and this is including the message reference scan, header dumping, re-assembling, and hashing(

You must be registered to see links

).

I've extracted the headers for the current client build: PRODUCTION-201602292204-956826771
They were updated from the client build: PRODUCTION-201602082203-712976078

You must be registered to see links

You must be registered to see links

There are some headers that weren't updated, so the hashes are still there, but the previous headers were kept in the file, just commented out.