Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Help with v186+ encryption, ida code inside

(O_o(o_O(O_O)o_O)O_o)
Loyal Member
Joined
Apr 9, 2009
Messages
1,088
Reaction score
322
Funny, I looked into this yesterday but in the client I had all references to a5 set it to 1 so I didn't bother checking it. I'm going to take a look now but no guarantees :p



so like i looked at it and saw this:

hRoqLSz - Help with v186+ encryption, ida code inside - RaGEZONE Forums


So it's clearly not such a complex encryption. I renamed the vars in notepad based on kmst, the vars passed to this crypt are identical to the ones passed to the CAESCipher::Encrypt giving me this:

mtoRig6 - Help with v186+ encryption, ida code inside - RaGEZONE Forums


And translating that to java will give you this:
PHP:
int nLen;
int dwKey = bUseKey ? dwKey : 0;
int nRes = dwKey;
byte[] pDest;
byte[] pSrc;

for (int i = 0; i < nLen; ++i) {
    pDest[i] = dwKey + pSrc[i];
    nRes = i + 1;
}

return nRes;

And that should do the trick ;)

Credits to sunnyboy for checking my IDA translation since i'm a noob that likes to have his work checked by a master.
 

Attachments

You must be registered for see attachments list
Last edited:
Upvote 0
Newbie Spellweaver
Joined
Aug 17, 2017
Messages
5
Reaction score
0
how to use in mapleshark??



Funny, I looked into this yesterday but in the client I had all references to a5 set it to 1 so I didn't bother checking it. I'm going to take a look now but no guarantees :p



so like i looked at it and saw this:

hRoqLSz - Help with v186+ encryption, ida code inside - RaGEZONE Forums


So it's clearly not such a complex encryption. I renamed the vars in notepad based on kmst, the vars passed to this crypt are identical to the ones passed to the CAESCipher::Encrypt giving me this:

mtoRig6 - Help with v186+ encryption, ida code inside - RaGEZONE Forums


And translating that to java will give you this:
PHP:
int nLen;
int dwKey = bUseKey ? dwKey : 0;
int nRes = dwKey;
byte[] pDest;
byte[] pSrc;

for (int i = 0; i < nLen; ++i) {
    pDest[i] = dwKey + pSrc[i];
    nRes = i + 1;
}

return nRes;

And that should do the trick ;)

Credits to @sunnyboy for checking my IDA translation since i'm a noob that likes to have his work checked by a master.
 

Attachments

You must be registered for see attachments list
Last edited:
Upvote 0
(O_o(o_O(O_O)o_O)O_o)
Loyal Member
Joined
Apr 9, 2009
Messages
1,088
Reaction score
322
Help ~~


How to use this for mapleshark :(

tried this.. no work
PHP:
public void TransformAES(byte[] pBuffer)        {                   for (int i = 0; i < pBuffer.Length; i++) {                pBuffer[i] = (byte)(mIV[0] + pBuffer[i]);                       }                      }

You are using mIV[0], so the addition would never be correct. IV's in the client are integer numbers, a lot of src's incorrectly (but for convenience prolly cuz it was annoying to add) use 4 byte array's for IV's instead. If you want this crypto to work you're gonna have to cast the byte array IV into an Integer. Keep in mind that the client uses an unsigned integer btw.

On a side note, InnoHash also changed (the function that generates a new IV). But it seems to yield the exact same results for IV's as before so don't worry about it too much.
 
Upvote 0
Newbie Spellweaver
Joined
Aug 17, 2017
Messages
5
Reaction score
0
You are using mIV[0], so the addition would never be correct. IV's in the client are integer numbers, a lot of src's incorrectly (but for convenience prolly cuz it was annoying to add) use 4 byte array's for IV's instead. If you want this crypto to work you're gonna have to cast the byte array IV into an Integer. Keep in mind that the client uses an unsigned integer btw.



On a side note, InnoHash also changed (the function that generates a new IV). But it seems to yield the exact same results for IV's as before so don't worry about it too much.


thx. i can see inbound packet now... but why cant i see outbound??

inbound:
RUIXt7N - Help with v186+ encryption, ida code inside - RaGEZONE Forums


outbound:
XouMZXx - Help with v186+ encryption, ida code inside - RaGEZONE Forums


is there some other encryption for outbound...?
 

Attachments

You must be registered for see attachments list
Upvote 0
(O_o(o_O(O_O)o_O)O_o)
Loyal Member
Joined
Apr 9, 2009
Messages
1,088
Reaction score
322
thx. i can see inbound packet now... but why cant i see outbound??

inbound:
RUIXt7N - Help with v186+ encryption, ida code inside - RaGEZONE Forums


outbound:
XouMZXx - Help with v186+ encryption, ida code inside - RaGEZONE Forums


is there some other encryption for outbound...?

The outbound encryption shouldn't be different. Substract the added key (make sure it stays in sync for this to work) and the data should be proper again.
 

Attachments

You must be registered for see attachments list
Upvote 0
(O_o(o_O(O_O)o_O)O_o)
Loyal Member
Joined
Apr 9, 2009
Messages
1,088
Reaction score
322
yo someone hit me up and told me that I couldn't be more wrong, OutBound for most of it uses old encryption until a bit further down the game where you receive some big packet that triggers a clientside encryption change or someshit. Idk, i have to check it at some point but I don't really have the time / will to give it a proper look lol.
 
Upvote 0
Back
Top