Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Is anyone working on MS2 decryption?

Joined
Mar 9, 2010
Messages
70
Reaction score
11
The MS2 client has been available for quite some time now. I was wondering if anyone was aware of any decryption projects. I would really like to get my hands on game assets and models if at all possible.

For those of you wondering, no, MS2 does not use the .wz format but rather a .m2d and .m2h format for their files.

jSgqq3t - Is anyone working on MS2 decryption? - RaGEZONE Forums


Sounds are stored in .fsb format. Luckily these aren't too hard to get into.
 

Attachments

You must be registered for see attachments list
Joined
Mar 9, 2010
Messages
70
Reaction score
11


Fiel had cracked it and uploaded formulas, images, etc. a while back, feel free to check it out.

This was with the alpha client. The alpha client apparently had no/less encryption. The current live client is much different.
 
Upvote 0
Custom Title Activated
Member
Joined
Nov 14, 2008
Messages
1,025
Reaction score
641
Diamondo already has a fully functional server emulator with most of the game coded and has reversed the packing algorithm for every single files. He was already able to modify textures, models, maps, sounds/musics and shaders. He already has 100% of all packets handled correctly and everything will be released within the next week.
 
Upvote 0
Everything is possible~
Member
Joined
Jan 9, 2008
Messages
818
Reaction score
847
Diamondo already has a fully functional server emulator with most of the game coded and has reversed the packing algorithm for every single files. He was already able to modify textures, models, maps, sounds/musics and shaders. He already has 100% of all packets handled correctly and everything will be released within the next week.

i w0t m8


Yes, I did work on a server. The alpha one at least. I also tried unpacking the new files. They indeed changed the logic to also support 2 kinds of encryptions (which they both use). One of it is a XOR, the other one is AES. They use Crypto++ in combination with streams to decode the data. I've worked on this on my macbook while I was on holiday. Debuggers didn't work so most of the time I was busy RE-ing the client and testing. Sounds a bit disappointing, isn't it?
 
Upvote 0
Joined
Mar 9, 2010
Messages
70
Reaction score
11
i w0t m8


Yes, I did work on a server. The alpha one at least. I also tried unpacking the new files. They indeed changed the logic to also support 2 kinds of encryptions (which they both use). One of it is a XOR, the other one is AES. They use Crypto++ in combination with streams to decode the data. I've worked on this on my macbook while I was on holiday. Debuggers didn't work so most of the time I was busy RE-ing the client and testing. Sounds a bit disappointing, isn't it?

Would it be possible for you to dump any of the data that you extracted?
 
Upvote 0
Initiate Mage
Joined
Sep 21, 2014
Messages
13
Reaction score
0
i w0t m8


Yes, I did work on a server. The alpha one at least. I also tried unpacking the new files. They indeed changed the logic to also support 2 kinds of encryptions (which they both use). One of it is a XOR, the other one is AES. They use Crypto++ in combination with streams to decode the data. I've worked on this on my macbook while I was on holiday. Debuggers didn't work so most of the time I was busy RE-ing the client and testing. Sounds a bit disappointing, isn't it?

OMG I can't wait for the release!
 
Upvote 0
Initiate Mage
Joined
Sep 21, 2014
Messages
13
Reaction score
0
Where did he say he would release something?

[h=2]Re: Is anyone working on MS2 decryption?[/h]
Diamondo already has a fully functional server emulator with most of the game coded and has reversed the packing algorithm for every single files. He was already able to modify textures, models, maps, sounds/musics and shaders. He already has 100% of all packets handled correctly and everything will be released within the next week.

Here​
 
Upvote 0
Skilled Illusionist
Joined
Apr 26, 2015
Messages
302
Reaction score
77
this may help:
Code:
___:016D4628 00000049 C Cryptographic algorithms are disabled after a power-up self test failed.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 ___:016D4678 00000054 C Cryptographic algorithms are disabled before the power-up self tests are performed.                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
___:018C6CB8 00000015 C .?AVIBufferCrypter@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
___:018C6CD8 00000012 C .?AVCXORCrypter@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
___:018C6CF4 00000014 C .?AVCTableCrypter@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
___:018C6D10 00000018 C .?AVCRearrangeCrypter@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
___:018C6D30 0000002A C .?AV?$TSingleton@VCBufferCryptManager@@@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
___:018C6D64 0000001A C .?AVCBufferCryptManager@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
___:018D0A1C 00000019 C .?AVException@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
___:018D0A40 0000001F C .?AVInvalidArgument@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D0A68 00000038 C .?AVParameterNotUsed@AlgorithmParametersBase@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
___:018D0AF8 00000027 C .?AVAlgorithmParametersBase@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
___:018D0B28 00000063 C .?AV?$StringSinkTemplate@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                       
___:018D0B94 0000002D C .?AV?$Bufferless@VSink@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
___:018D0BCC 00000014 C .?AVSink@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
___:018D0BE8 00000026 C .?AVBufferedTransformation@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
___:018D0C18 00000019 C .?AVAlgorithm@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
___:018D0C3C 00000018 C .?AVClonable@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
___:018D0C5C 00000018 C .?AVWaitable@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
___:018D0C7C 0000001E C .?AVNotImplemented@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
___:018D0D7C 0000002F C .?AV?$AlgorithmParametersTemplate@H@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D0DB4 00000030 C .?AVValueTypeMismatch@NameValuePairs@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
___:018D0DF8 00000031 C .?AV?$AlgorithmParametersTemplate@PBH@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:018D0F00 00000051 C .?AV?$AlgorithmParametersTemplate@VConstByteArrayParameter@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:018D0F5C 0000001D C .?AVBaseN_Decoder@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
___:018D0F84 00000030 C .?AV?$Unflushable@VFilter@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
___:018D0FBC 00000016 C .?AVFilter@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
___:018D0FDC 0000001B C .?AVNotCopyable@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
___:018D1000 0000001B C .?AVCannotFlush@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
___:018D1024 0000001D C .?AVBase64Decoder@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
___:018D104C 0000001B C .?AVStringStore@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
___:018D1070 00000015 C .?AVStore@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
___:018D1090 0000005F C .?AV?$AutoSignaling@V?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D10F8 00000043 C .?AV?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
___:018D1148 00000051 C .?AUInputRejected@?$InputRejecting@VBufferedTransformation@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:018D11A4 00000027 C .?AVConstByteArrayParameter@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
___:018D11D8 00000038 C .?AV?$SourceTemplate@VStringStore@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
___:018D1218 00000016 C .?AVSource@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
___:018D1238 00000033 C .?AV?$InputRejecting@VFilter@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
___:018D1278 00000041 C .?AUInputRejected@?$InputRejecting@VFilter@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:018D12C4 0000001C C .?AVStringSource@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
___:018D12E8 000000D2 C .?AV?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                        
___:018D13C8 00000086 C .?AV?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                    
___:018D1458 00000061 C .?AV?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:018D14C4 0000001E C .?AVCTR_ModePolicy@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
___:018D14F0 00000053 C .?AV?$ModePolicyCommonTemplate@UAdditiveCipherAbstractPolicy@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
___:018D154C 0000001E C .?AVCipherModeBase@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            
___:018D1574 0000001F C .?AVSymmetricCipher@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D159C 00000025 C .?AVSimpleKeyingInterface@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
___:018D15CC 00000024 C .?AVStreamTransformation@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
___:018D15F8 0000002C C .?AUAdditiveCipherAbstractPolicy@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
___:018D162C 00000025 C .?AVRandomNumberGenerator@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
___:018D165C 00000015 C .?AVEmpty@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
___:018D1680 0000003F C .?AV?$BlockCipherFinal@$0A@VEnc@Rijndael@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D16C8 0000006A C .?AV?$ClonableImpl@V?$BlockCipherFinal@$0A@VEnc@Rijndael@CryptoPP@@@CryptoPP@@VEnc@Rijndael@2@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                
___:018D173C 0000001C C .?AVEnc@Rijndael@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
___:018D1760 0000001D C .?AVBase@Rijndael@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
___:018D1788 0000004A C .?AV?$BlockCipherImpl@URijndael_Info@CryptoPP@@VBlockCipher@2@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
___:018D17E0 0000008F C .?AV?$AlgorithmImpl@V?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@V12@@CryptoPP@@V12@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D1878 0000006F C .?AV?$SimpleKeyingInterfaceImpl@V?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@V12@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:018D18F0 00000043 C .?AV?$TwoBases@VBlockCipher@CryptoPP@@URijndael_Info@2@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
___:018D193C 0000001B C .?AVBlockCipher@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               
___:018D1960 00000023 C .?AVBlockTransformation@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       
___:018D198C 0000001D C .?AURijndael_Info@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
___:018D19B4 00000026 C .?AV?$FixedBlockSize@$0BA@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
___:018D19E8 0000003D C .?AV?$VariableKeyLength@$0BA@$0BA@$0CA@$07$03$0A@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
___:018D1A58 00000138 C .?AV?$CipherModeFinalTemplate_CipherHolder@V?$BlockCipherFinal@$0A@VEnc@Rijndael@CryptoPP@@@CryptoPP@@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@2@@CryptoPP@@                                                                                                                                                                                                                                  
___:018D1B98 0000005A C .?AV?$ObjectHolder@V?$BlockCipherFinal@$0A@VEnc@Rijndael@CryptoPP@@@CryptoPP@@@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                
___:018D1C00 0000021A C .?AV?$AlgorithmImpl@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@CryptoPP@@V?$CipherModeFinalTemplate_CipherHolder@V?$BlockCipherFinal@$0A@VEnc@Rijndael@CryptoPP@@@CryptoPP@@V?$ConcretePolicyHolder@VEmpty@CryptoPP@@V?$AdditiveCipherTemplate@V?$AbstractPolicyHolder@UAdditiveCipherAbstractPolicy@CryptoPP@@VCTR_ModePolicy@2@@CryptoPP@@@2@UAdditiveCipherAbstractPolicy@2@@2@@2@@CryptoPP@@
___:01911C50 0000001F C .?AVSelfTestFailure@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           
___:01911C78 00000037 C .?AUNoChannelSupport@BufferedTransformation@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
___:01911CB8 00000020 C .?AVInvalidKeyLength@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
___:01911CE0 00000021 C .?AVInvalidCiphertext@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:01911D0C 00000021 C .?AVInvalidDataFormat@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
___:01911D38 00000022 C .?AVByteArrayParameter@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        
___:01911D68 00000039 C .?AW4BlockPaddingScheme@BlockPaddingSchemeDef@CryptoPP@@                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 
___:01911DB0 00000038 C .?AUBlockingInputOnly@BufferedTransformation@CryptoPP@@
 
Upvote 0
Skilled Illusionist
Joined
Apr 26, 2015
Messages
302
Reaction score
77
Not that I have interest and knowledge for reversing the client, but there are lot of strings in the client referencing key areas like packets, mostly, I guess were used for logging during development. Eric
 
Upvote 0
Joined
Jan 18, 2010
Messages
3,109
Reaction score
1,139
Not that I have interest and knowledge for reversing the client, but there are lot of strings in the client referencing key areas like packets, mostly, I guess were used for logging during development. Eric

yep, and actually the strings they used for packets and stuff have been updated between version to version since v1. this makes updating ms2 beyond easy! for example, opcodes are cached into maps and updated every time! lmao

in the end though, ms2 is surprisingly easier than ms1. cryptos are basic to implement and uses the same rand32 rng from maplestory, it follows the same in/outpacket handling as maplestory, and the packets are rather simple to do to get in-game. the annoying part of ms2 is having to process a lot of inherited vftable calls in IDA as well as some of the physics involved. other than that, so much is named and could be identified because of strings, and now that you can sniff the cbt you can confirm anything you don't know.

oh, and personally i always found ms2 more fun and interesting both play-wise and dev-wise.. i'm surprised people aren't more interested in it :p
 
Upvote 0
Joined
Jan 18, 2010
Messages
3,109
Reaction score
1,139
Eric Why don't you try releasing some of your stuff and see if people are interested? :p

Don't really want to risk it honestly.. Besides, I'd want to (at least get close to) finishing my MS2 emulator before I would release anything anyways. People can go memory dump the CBT client and start debugging it. Pretty sure Nexon just packed this client, I didn't find any virtualization in any of the important functions like they would be in MapleStory.
 
Upvote 0
Initiate Mage
Joined
Feb 21, 2016
Messages
30
Reaction score
3
Don't really want to risk it honestly.. Besides, I'd want to (at least get close to) finishing my MS2 emulator before I would release anything anyways. People can go memory dump the CBT client and start debugging it. Pretty sure Nexon just packed this client, I didn't find any virtualization in any of the important functions like they would be in MapleStory.

So Nexon released MS2 NA Server,
Any progress on this?:cool:
 
Upvote 0
Initiate Mage
Joined
Feb 21, 2016
Messages
30
Reaction score
3
Don't really want to risk it honestly.. Besides, I'd want to (at least get close to) finishing my MS2 emulator before I would release anything anyways. People can go memory dump the CBT client and start debugging it. Pretty sure Nexon just packed this client, I didn't find any virtualization in any of the important functions like they would be in MapleStory.
i think i just found packet encryption and packet creator
teMZLgC - Is anyone working on MS2 decryption? - RaGEZONE Forums


Do05naT - Is anyone working on MS2 decryption? - RaGEZONE Forums

but i find decryption stuffs :(
do you mind helping me or sharing some informations?
 

Attachments

You must be registered for see attachments list
Upvote 0
Back
Top