Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

SRO Module Sniffer

M

MeTaD

Newbie Spellweaver
Joined
Jan 2, 2012
Messages
43
Reaction score
40
I am working with Mr. Florian0 trying to spoof packets from AgentServer to Gameserver. So far, we are able to make Gameserver start listening on a different port, so we can then bind the original port with an analyzer and redirect it to the new port.

With it, we can tap into the communication between AgentServer and Gameserver, but this concept applies to any other module in Silkroad that receives its certification from another module (ehem, all of 'em).

Now, there are two big issues to attend:

1) The code is working, but messy, so, to organize it and make it easier we must refactorate it. But the "hard part" it's completed already, which was tricking the modules to bind another port

2) The second issue it's the packet parsing which I don't know if it is either malfunctioning or the packets from AS to GS are somethimes huge and repetitives.

It says VSRO, but it can be applied to any silkroad files
Due the fact that it modifies cert packet A003 on the fly to change the desired ports

7eec6063d8ecf3173bfe5b52cb15d2a8 - SRO Module Sniffer - RaGEZONE Forums


You must be registered to see links


Please, your help is needed since this is a whole new approach, we don't know yet what can we accomplish with this, but based on logic, we can be able to make the Gameserver do desired work's without needing to do a lot of ASM.
 

Attachments

You must be registered for see attachments list
Last edited:
The Best DDoS Protected Servers
KimJongUn

KimJongUn

Banned
Banned
Joined
Oct 14, 2021
Messages
46
Reaction score
18
from the client:

Code: 
004B1AF1   .  56                            push esi
004B1AF2   .  8BE9                        mov ebp,ecx
004B1AF4   .  FF15 B801D800         call dword ptr ds:[<&KERNEL32.GetTickCount>]               ; [GetTickCount
004B1AFA   .  33F6                  xor esi,esi
004B1AFC   .  39B5 50010000         cmp dword ptr ss:[ebp+0x150],esi
004B1B02   .  8985 2C010000         mov dword ptr ss:[ebp+0x12C],eax
004B1B08   .  75 0A                       jnz short sro_clie.004B1B14
004B1B0A   .  5E                            pop esi
004B1B0B   .  B8 07800000            mov eax,0x8007
004B1BE7   .  53                            push ebx
004B1BE8   .  03CA                        add ecx,edx
004B1BEA   .  51                            push ecx
004B1BEB   .  50                            push eax
004B1BEC   .  E8 1F206900             call sro_clie.00B43C10                                     ;  <<<<<<<<<<<< JMP Patch
 
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
211
Guests online
7,051
Total visitors
7,262
Totals may include hidden visitors.

Forum statistics

Threads
429,078
Messages
4,590,184
Members
280,596
Latest member
girlie
Most visitors online was 8830 , on 6 Feb 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top