Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

KurtzPel (Closed Alpha) Server Emulator

Newbie Spellweaver
Joined
Nov 26, 2007
Messages
77
Reaction score
0
Hi, KurtzPel is a new game by KOG Studios, the creator of Grand Chase and Elsword.
Recently it had a NA closed alpha on Steam and the game is very far from complete.
It has good character customizations, 2v2 PVP modes (CTF/Deathmatch/capture point), and a few PVE bosses that plays like Dauntless/Monster Hunter World.



I have the Steam closed alpha client, which is made using Unreal Engine 4.
As a start, I want to emulate the bare minimum to get pass the login screen, so that I can play with the character customizations.
How do I get started? Do I sniff where the packets are being sent, change the IP address in the client using a hex editor, and trial-and-error sending a response?

I am a computer science bachelor graduate using mostly Java, C#, Python, but I have zero experience in creating server emulators/reverse engineering.
Is there anyone who can help?
Thanks!
 
Initiate Mage
Joined
Jul 13, 2014
Messages
1
Reaction score
2
Before building an emulator you want to build a proxy, that way you can analyse and dump the packets when actually playing on the real server. In other words, you can see which packet triggers which response.

This helps immensely when trying to build an emulator.
Though, all of this requires the actual server to still be up, which it's currently not.. However, I'll still lay it out for reference.

In order to do this you're gonna need to do the following:
1. Redirect the client to your proxy (same thing applies when you build the emulator). For KurtzPel, you can do this via your host file.
2. Figure out the packet encryption, so you can decrypt and encrypt the packets.
3. Start analysing the packets, in case you need to modify them in order to keep it going through your proxy.

Once you're at this stage, you can start building your emulator by "simply emulating" what you got in your packet logs.
Just getting to the character creation screen should be fairly simple though if you've managed to get a proxy working.

PS: I did actually do all of this for KurtzPel, may consider making a "character creation" emulator since it should be pretty easy with what I already got.

 
Last edited:
Upvote 0
Initiate Mage
Joined
Sep 12, 2014
Messages
1
Reaction score
0
But after that everything still needs to see what systems are in their system, I analyzed and the systems of mission, chat and character is in this server of port 11001 the rest who manages and the steam 27015 to synchronize movements of the character, now talking about what it was done, basically first tried to get the dns where he connects to get things done first he makes a request to appinfo.playkog.com to get the host of the region
appinfo.playkog.com/Service/GetOption?AppCode=kz&PublishCode=na&ZoneCode=live
in my case NA, then it returns a json
[ { "Option": "Address", "Value": "{" Domain \ ": " gs.live.northamerica.kurtzpel.playkog.com \ ", " Port \ ": 11001}" }]
with this we can control without having too much work


Now in the packet part I'm still working harder to identify some packets but I'm still a bit noob in this part, so I came to share what I could get

coffeeCRZ - KurtzPel (Closed Alpha) Server Emulator - RaGEZONE Forums


In case I used python to do mitm then make a server in C #

coffeeCRZ - KurtzPel (Closed Alpha) Server Emulator - RaGEZONE Forums


Basically stayed like that at least was what I understood from the structure

chat = 33
request mission = 22
accept mission = 4b
leaderboard = 64


My discord:
wiljafor1#8678

Sorry for the bugged English.
 
Upvote 0
E

Eltheca

Guest
Spent some days working on this game a few weeks ago, their network cryptography has some resemblance to the one they do use on lua's at Elsword.

The game is intrinsically linked into AWS, so it might be kind of difficult to create an actual emulator.
Login, channel, and world servers are just one program. Battles/Dungeons are handled in P2P (easy to hack), and a report is sent to the main server at the end of the dungeon.

I do have a working packet logger:
[RECV]:
0000 76 00 00 00 26 00 00 00 11 00 00 00 00 00 00 00 v...&...........
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030 00 00 00 00 00 00 36 00 00 00 00 00 00 00 00 00 ......6.........
0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0050 1c 00 00 00 53 00 71 00 75 00 61 00 72 00 65 00 ....S.q.u.a.r.e.
0060 5f 00 45 00 6c 00 74 00 68 00 65 00 63 00 61 00 _.E.l.t.h.e.c.a.
0070 3d 06 9e 93 c0 82 =.....

And also have dumped the entire packet OP codes:
Code:
static constchar*szPacketHeader[] = {
"HEART_BEAT",
"CL_GS_VERIFY_ACCOUNT_REQ",
"GS_CL_VERIFY_ACCOUNT_ACK",
"CL_GS_CREATE_CHARACTER_REQ",
"GS_CL_CREATE_CHARACTER_ACK",
"CL_GS_UPDATE_CHARACTER_REQ",
"GS_CL_UPDATE_CHARACTER_ACK",
"CL_GS_CHANGE_CHARACTER_NAME_REQ",
"GS_CL_CHANGE_CHARACTER_NAME_ACK",
"CL_GS_DELETE_CHARACTER_REQ",
"GS_CL_DELETE_CHARACTER_ACK",
"CL_GS_CHARACTER_LIST_REQ",
"GS_CL_CHARACTER_LIST_ACK",
"CL_GS_USE_CHARACTER_REQ",
"GS_CL_USE_CHARACTER_ACK",
"CL_GS_ENTER_SQUARE_REQ",
"GS_CL_ENTER_SQUARE_ACK",
"GS_CL_JOINABLE_SQUARE_NOT",
"CL_GS_SQUARE_LIST_REQ",
"GS_CL_SQUARE_LIST_ACK",
"CL_GS_CREATE_ROOM_REQ",
"GS_CL_CREATE_ROOM_ACK",
"CL_GS_JOIN_ROOM_REQ",
"GS_CL_JOIN_ROOM_ACK",
"GS_CL_JOINABLE_ROOM_NOT",
"CL_GS_EXIT_ROOM_REQ",
"GS_CL_EXIT_ROOM_ACK",
"GS_CL_EXIT_ROOM_USER_NOT",
"GS_CL_END_GAME_NOT",
"CL_GS_EQUIP_ITEM_REQ",
"GS_CL_EQUIP_ITEM_ACK",
"GS_CL_GAME_REWARD_NOT",
"GS_CL_REAL_TIME_MISSION_INFO_NOT",
"GS_CL_UPDATE_MISSION_INFO_NOT",
"CL_GS_REQUEST_MATCH_REQ",
"GS_CL_REQUEST_MATCH_ACK",
"CL_GS_CANCEL_MATCH_REQ",
"GS_CL_CANCEL_MATCH_ACK",
"CL_GS_PAUSE_MATCH_REQ",
"GS_CL_PAUSE_MATCH_ACK",
"CL_GS_RESTART_PAUSED_MATCH_NOT",
"GS_CL_UPDATE_REQUESTED_MATCH_NOT",
"GS_CL_COMPLETED_MATCH_NOT",
"GS_CL_PROGRESS_INFO_OF_COMPLETED_MATCH_NOT",
"GS_CL_UPDATE_CHASER_RANK_INFO_NOT",
"CL_GS_DIALOGUE_START_REQ",
"GS_CL_DIALOGUE_START_ACK",
"CL_GS_CHOICE_SELECTION_REQ",
"GS_CL_CHOICE_SELECTION_ACK",
"CL_GS_DIALOGUE_END_REQ",
"GS_CL_DIALOGUE_END_ACK",
"CL_GS_CHAT_REQ",
"GS_CL_CHAT_ACK",
"CS_GS_DUPLICATE_CONNECTION_ATTEMPT_NOT",
"GS_CL_DUPLICATE_CONNECTION_ATTEMPT_NOT",
"CL_GS_EQUIP_WEAPON_PASSIVE_SKILL_REQ",
"GS_CL_EQUIP_WEAPON_PASSIVE_SKILL_ACK",
"GS_CL_UPDATE_CP_NOT",
"CL_GS_SELL_ITEM_REQ",
"GS_CL_SELL_ITEM_ACK",
"CL_GS_INVITE_TO_PARTY_REQ",
"GS_CL_INVITE_TO_PARTY_ACK",
"GS_CL_INVITE_TO_PARTY_NOT",
"CL_GS_ANSWER_TO_INVITE_TO_PARTY_NOT",
"GS_CL_UPDATE_PARTY_INFO_NOT",
"GS_CL_DELETE_PARTY_INFO_NOT",
"CL_GS_EXIT_PARTY_NOT",
"CL_GS_CHANGE_PARTY_LEADER_REQ",
"GS_CL_CHANGE_PARTY_LEADER_ACK",
"GS_CL_FAILED_CREATING_ROOM_NOT",
"CL_GS_DISUSE_CHARACTER_REQ",
"GS_CL_DISUSE_CHARACTER_ACK",
"GS_CL_UPDATE_MATCH_GAME_RECORD_INFO_NOT",
"CL_GS_NPC_TRACING_REQ",
"GS_CL_NPC_TRACING_ACK",
"CL_GS_ANSWER_TO_COMPLETED_MATCH_NOT",
"CL_GS_UPGRADE_EQUIPMENT_ITEM_REQ",
"GS_CL_UPGRADE_EQUIPMENT_ITEM_ACK",
"CL_GS_GET_FROM_STEAM_INVENTORY_ITEM_REQ",
"GS_CL_GET_FROM_STEAM_INVENTORY_ITEM_ACK",
"CL_GS_INSERT_ITEM_INTO_STEAM_INVENTORY_REQ",
"GS_CL_INSERT_ITEN_INTO_STEAM_INVENTORY_ACK",
"GS_CL_PING_TEST_ADDRESS_LIST_NOT",
"CL_GS_STEAM_EXCHANGE_ITEM_REQ",
"GS_CL_STEAM_EXCHANGE_ITEM_ACK",
"GS_CL_UPDATE_REMAIN_REINCARNATION_COUNT_NOT",
"GS_CL_UPDATE_CHARACTER_CREATION_COUNT_NOT",
"GS_CL_UPDATE_DYEABLE_COUNT_NOT",
"CL_GS_DYE_ITEM_REQ",
"GS_CL_DYE_ITEM_ACK",
"GS_CL_NPC_ACTIVE_AREA_INFO_NOT",
"GS_CL_INVENTORY_OPERATION_NOT",
"GS_CL_DISPLAY_MISSION_LIST_NOT",
"CL_GS_CHANGE_GAME_STATE_NOT",
"GS_CL_NOTICE_LIST_NOT",
"CL_GS_SAVE_OPTION_REQ",
"GS_CL_SAVE_OPTION_ACK",
"GS_CL_SAVED_OPTION_NOT",
"CL_GS_MAKE_A_RELATIONSHIP_WITH_NPC_REQ",
"GS_CL_MAKE_A_RELATIONSHIP_WITH_NPC_ACK",
"CL_GS_GET_RANKING_BOARD_INFO_REQ",
"GS_CL_GET_RANKING_BOARD_INFO_ACK",
"GS_CL_UPDATE_MY_RANK_OF_RANKING_BOARD_NOT",
"GS_CL_EVENT_LIST_NOT",
"GS_CL_EVENT_PROGRESS_INFO_NOT",
"GS_CL_NOTIFY_RESTRICTION_NOT",
"CL_GS_GET_RANKING_BOARD_CHARACTER_INFO_REQ",
"GS_CL_GET_RANKING_BOARD_CHARACTER_INFO_ACK",
"CL_GS_GET_CUSTOM_MISSION_LIST_REQ",
"GS_CL_GET_CUSTOM_MISSION_LIST_ACK",
"CL_GS_CREATE_CUSTOM_MISSION_REQ",
"GS_CL_CREATE_CUSTOM_MISSION_ACK",
"CL_GS_JOIN_CUSTOM_MISSION_REQ",
"GS_CL_JOIN_CUSTOM_MISSION_ACK",
"GS_CL_UPDATE_CUSTOM_MISSION_INFO_NOT",
"GS_CL_UPDATE_CUSTOM_MISSION_CANDIDATE_NOT",
"CL_GS_UPDATE_PING_BY_REGION_NOT",
"GS_CL_DELETE_CUSTOM_MISSION_NOT",
"CL_GS_CANCEL_JOINING_CUSTOM_MISSION_REQ",
"GS_CL_CANCEL_JOINING_CUSTOM_MISSION_ACK",
"CL_GS_ACCEPT_CUSTOM_MISSION_CANDIDATE_R",
"GS_CL_ACCEPT_CUSTOM_MISSION_CANDIDATE_A",
"CL_GS_EXIT_CUSTOM_MISSION_NOT",
"CL_GS_CUSTOM_MISSION_COMMAND_NOT",
"CL_GS_VIEW_CUSTOM_MISSION_REQ",
"GS_CL_VIEW_CUSTOM_MISSION_ACK",
"CL_GS_CANCEL_VIEWING_CUSTOM_MISSION_NOT",
"GS_CL_CANCELED_VIEWING_CUSTOM_MISSION_NOT",
"GS_CL_READY_TO_START_CUSTOM_MISSION_NOT",
"CL_GS_ANSWER_TO_STARTING_CUSTOM_MISSION_NOT",
"GS_CL_PROGRESS_INFO_OF_STARTING_CUSTOM_NOT",
"CL_GS_QUIT_CLIENT_NOT",
"CL_GS_CHANGE_ITEM_ABILITY_REQ",
"GS_CL_CHANGE_ITEM_ABILITY_ACK",
"CL_GS_DLC_INGAME_CP_PURCHASE_REQ",
"GS_CL_DLC_INGAME_CP_PURCHASE_ACK",
"CL_GS_SQUARE_FPS_LOG_NOT",
"CL_GS_INITIAL_FLOW_STEP_NOT",
"CL_GS_GET_ONLINE_CHARACTER_INFO_REQ",
"GS_CL_GET_ONLINE_CHARACTER_INFO_ACK",
"CL_GS_COMPLETE_GUIDE_REQ",
"GS_CL_COMPLETE_GUIDE_ACK",
"GS_CL_DLC_REWARD_NOT",
"RS_DS_GAME_INFO_REQ",
"DS_RS_GAME_INFO_ACK",
"DS_RS_END_GAME_NOT",
"RS_DS_UPDATE_TEAM_INFO_NOT",
"DS_RS_UPDATE_GAME_PLAY_LOG_NOT",
"GS_GS_JOIN_ROOM_REQ",
"GS_GS_JOIN_ROOM_ACK",
"GS_GS_JOINABLE_ROOM_NOT",
"GS_GS_ROOM_INFO_NOT",
"GS_GS_JOINED_ROOM_USER_NOT",
"GS_GS_EXIT_ROOM_REQ",
"GS_GS_EXIT_ROOM_ACK",
"GS_GS_EXIT_ROOM_USER_NOT",
"GS_GS_END_GAME_NOT",
"GS_GS_INVITE_TO_PARTY_REQ",
"GS_GS_INVITE_TO_PARTY_ACK",
"GS_GS_INVITE_TO_PARTY_NOT",
"GS_GS_ANSWER_TO_INVITE_TO_PARTY_REQ",
"GS_GS_ANSWER_TO_INVITE_TO_PARTY_ACK",
"GS_GS_UPDATE_PARTY_INFO_NOT",
"GS_GS_DELETE_PARTY_INFO_NOT",
"GS_GS_EXIT_PARTY_NOT",
"GS_GS_CHANGE_PARTY_LEADER_REQ",
"GS_GS_CHANGE_PARTY_LEADER_ACK",
"GS_GS_EXIT_ROOM_NOT",
"GS_GS_ROOM_USER_JOIN_PROGRESS_INFO_NOT",
"GS_GS_JOIN_CUSTOM_MISSION_REQ",
"GS_GS_JOIN_CUSTOM_MISSION_ACK",
"GS_GS_UPDATE_CUSTOM_MISSION_INFO_NOT",
"GS_GS_UPDATE_CUSTOM_MISSION_USER_INFO_NOT",
"GS_GS_UPDATE_CUSTOM_MISSION_CANDIDATE_NOT",
"GS_GS_UPDATE_CUSTOM_MISSION_LIST_INFO_NOT",
"GS_GS_DELETE_CUSTOM_MISSION_NOT",
"GS_GS_CANCEL_JOINING_CUSTOM_MISSION_REQ",
"GS_GS_CANCEL_JOINING_CUSTOM_MISSION_ACK",
"GS_GS_ACCEPT_CUSTOM_MISSION_CANDIDATE_REQ",
"GS_GS_ACCEPT_CUSTOM_MISSION_CANDIDATE_ACK",
"GS_GS_EXIT_CUSTOM_MISSION_NOT",
"GS_GS_CUSTOM_MISSION_COMMAND_NOT",
"GS_GS_VIEW_CUSTOM_MISSION_REQ",
"GS_GS_VIEW_CUSTOM_MISSION_ACK",
"GS_GS_CANCEL_VIEWING_CUSTOM_MISSION_NOT",
"GS_GS_CANCELED_VIEWING_CUSTOM_MISSION_NOT",
"GS_GS_READY_TO_START_CUSTOM_MISSION_NOT",
"GS_GS_ANSWER_TO_STARTING_CUSTOM_MISSION_NOT",
"GS_GS_PROGRESS_INFO_OF_STARTING_CUSTOM_MISSION_NOT",
"GS_GS_GET_ONLINE_CHARACTER_INFO_REQ",
"GS_GS_GET_ONLINE_CHARACTER_INFO_ACK",
"GS_GS_MY_LOG_CHAIN_UID_NOT",
"CS_GS_REAL_TIME_MISSION_INFO_NOT",
"GS_CS_CONNECTION_USER_NOT",
"GS_CS_DISCONNECTION_USER_NOT",
"GS_CS_REQUEST_MATCH_REQ",
"CS_GS_REQUEST_MATCH_ACK",
"GS_CS_CANCEL_MATCH_REQ",
"CS_GS_CANCEL_MATCH_ACK",
"GS_CS_PAUSE_MATCH_REQ",
"CS_GS_PAUSE_MATCH_ACK",
"GS_CS_RESTART_PAUSED_MATCH_NOT",
"CS_GS_UPDATE_REQUESTED_MATCH_NOT",
"CS_GS_COMPLETED_MATCH_NOT",
"GS_CS_ANSWER_TO_COMPLETED_MATCH_NOT",
"CS_GS_PROGRESS_INFO_OF_COMPLETED_MATCH_NOT",
"CS_GS_UPDATE_CHASER_RANK_INFO_NOT",
"GS_CS_GAME_RESULT_INFO_NOT",
"CS_GS_PING_TEST_ADDRESS_LIST_NOT",
"CS_GS_NPC_ACTIVE_AREA_INFO_NOT",
"GS_CS_CCU_NOT",
"CS_GS_UPDATE_MATCH_GAME_RECORD_INFO_NOT",
"CS_GS_UPDATE_RANKING_BOARD_NOT",
"CS_GS_UPDATE_MY_RANK_OF_RANKING_BOARD_NOT",
"CS_GS_UPDATE_EVENT_LIST_NOT",
"CS_GS_UPDATE_RESTRICTION_LIST_NOT",
"GS_CS_GET_RANKING_BOARD_CHARACTER_INFO_REQ",
"CS_GS_GET_RANKING_BOARD_CHARACTER_INFO_ACK",
"CHANGE_GAME_STATE_NOT",
"GS_SS_ENTER_SQUARE_REQ",
"SS_GS_ENTER_SQUARE_ACK",
"SS_GS_EXIT_SQUARE_USER_NOT",
"SS_GS_JOINABLE_SQUARE_NOT",
"SS_GS_JOINED_SQUARE_USER_NOT",
"GS_SS_CONNECTION_USER_NOT",
"GS_SS_DISCONNECTION_USER_NOT",
"GS_SS_SQUARE_LIST_REQ",
"SS_GS_SQUARE_LIST_ACK",
"GS_SS_UPDATE_USER_PARTY_INFO_NOT",
"SS_GS_SQUARE_USER_JOIN_PROGRESS_INFO_NOT",
"GS_GS_CONNECTION_USER_NOT",
"GS_GS_DISCONNECTION_USER_NOT",
"NOTIFY_MACHINE_INFO_REQ",
"NOTIFY_MACHINE_INFO_ACK",
"DEDICATED_SERVER_INFO_NOT",
"DEDICATED_SERVER_KILL_NOT",
"UPDATE_ALLOWED_CHARACTER_LIST_REQ",
"UPDATE_ALLOWED_CHARACTER_LIST_ACK",
"UPDATE_CHARACTER_INFO_IN_GAME_ONLY_NOT",
"DELETE_CHARACTER_INFO_IN_GAME_ONLY_NOT",
"GAME_MODE_USER_JOIN_PROGRESS_INFO_NOT",
"JOINED_GAME_MODE_USER_NOT",
"EXIT_GAME_MODE_USER_NOT",
"CHAT_NOT",
"GS_GS_SYSTEM_NOTICE_NOT",
"MESSAGE_ID_END"
};

If anyone's interested into the game crypto, my suggestion is to search for the following string:
"ou1032484wehtjS*&hsdjfb38)A(efdbgrej"
It's the packet key.

I do doubt I'll write an emulator, but to be honest, it doesn't seem to hard to develop one and get in-game (1 to 2 months of work probably)
 
Upvote 0
Back
Top