Hi, guys.
This is example for https://forum.ragezone.com/f884/runes-magic-network-protocol-1068040/ theme.
Code based on node-frida(
There are 3 files you would really need: app.js(frida connection), views/js/frida/rom.js(interaction logic) and views/js/frida/romlib.js(list of some or all, not sure, packets enums).
Interceptor.attach(ptr("0x6694E0") used for incoming packets and Interceptor.attach(ptr("0x60CCC0") - for outcoming. Client version for those addreses is 6.0.8 -
Node lib(without modules, use npm-install + build node-frida) -
There are 2 versions of packet data deserializing:
if(packetname=='EM_PG_Talk_Channel'||
val==156){
var data={
command: packetname,
channelid: readint(dataptr, 4),
msgtype: readint(dataptr, 8),
job: readint(dataptr, 12),
name: readstring(dataptr, 20, 64).replace(new RegExp('\0', 'g'), ''),
sender: {
vocation: readshort(dataptr, 84),
level: readshort(dataptr, 88)
},
contentsize: readint(dataptr, 90),
content: readstring(dataptr, 96, 512)
};
used directly from injected js script.
More readable version used in app.js(frida connection) script -
var PG_Talk_CtoL_GMCommand = StructType({
command: ref.types.int,
gitemid: ref.types.int,
contentsize: ref.types.int,
content: ArrayType('char', 512)
});
var result = new PG_Talk_CtoL_GMCommand(b);
but this version would need passing byte array between inject-hosting.
BTW, this code is example of how you can read(and write in 1st case, doesn't completed in 2nd case) packets from rom. For packets structs you can look into client or server code.
This is example for https://forum.ragezone.com/f884/runes-magic-network-protocol-1068040/ theme.
Code based on node-frida(
You must be registered to see links
).There are 3 files you would really need: app.js(frida connection), views/js/frida/rom.js(interaction logic) and views/js/frida/romlib.js(list of some or all, not sure, packets enums).
Interceptor.attach(ptr("0x6694E0") used for incoming packets and Interceptor.attach(ptr("0x60CCC0") - for outcoming. Client version for those addreses is 6.0.8 -
You must be registered to see links
Node lib(without modules, use npm-install + build node-frida) -
You must be registered to see links
There are 2 versions of packet data deserializing:
if(packetname=='EM_PG_Talk_Channel'||
val==156){
var data={
command: packetname,
channelid: readint(dataptr, 4),
msgtype: readint(dataptr, 8),
job: readint(dataptr, 12),
name: readstring(dataptr, 20, 64).replace(new RegExp('\0', 'g'), ''),
sender: {
vocation: readshort(dataptr, 84),
level: readshort(dataptr, 88)
},
contentsize: readint(dataptr, 90),
content: readstring(dataptr, 96, 512)
};
used directly from injected js script.
More readable version used in app.js(frida connection) script -
var PG_Talk_CtoL_GMCommand = StructType({
command: ref.types.int,
gitemid: ref.types.int,
contentsize: ref.types.int,
content: ArrayType('char', 512)
});
var result = new PG_Talk_CtoL_GMCommand(b);
but this version would need passing byte array between inject-hosting.
BTW, this code is example of how you can read(and write in 1st case, doesn't completed in 2nd case) packets from rom. For packets structs you can look into client or server code.