Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Release[Aura Kingdom HK patched server+client]

Initiate Mage
Joined
Nov 26, 2015
Messages
12
Reaction score
3
thanks for the release. but i think this one is older or the client is older from Eperty123's cos on the first one i can see Eidolons have the 3th evolve stage On Eidolons Area, but cant evolve.
but this one don't have it at all.
so if the server files are new i will try with the First Client of Eperty123.
 
Initiate Mage
Joined
May 21, 2016
Messages
22
Reaction score
2
any has maybe server ver.
[h=1]3.0007.001.01.08 as vmware image for me? =) i cant just drag and drop new files to my old server. pm me pls^^[/h]
 
Initiate Mage
Joined
Feb 2, 2014
Messages
13
Reaction score
1
emm guess what not a honey pot anymore reds latest done and also the latest from A-G tested on win 10 cracked that is.

but im not going to make public link for it so it can be abused by 0 day members.

but @Hycker if you need them and @Epery123 or other members that have contributed to the main AK releases give me a pm.

this way the final progress can be released when a updated stable version is completed and i know you guys work extremely hard on projects like this as i do.

cheers evestu

Agree, just wanted to thanks for the effort you guys put in the section!
 
Last edited:
Initiate Mage
Joined
Dec 23, 2014
Messages
17
Reaction score
2
i need tutorial installing this server and setting client???
any one help me?:8:
 

ksm

Initiate Mage
Joined
Feb 18, 2017
Messages
1
Reaction score
0
pass of this link pls
 
Initiate Mage
Joined
Jul 31, 2017
Messages
6
Reaction score
9
should be. With Eperty's released client i cannot join. with client in that thread you can join BUT ONLY IN LAN (since there is no version check).
i have more versions, newer then released ones, but need aeriagames client to be cracked since looks IP is hardcoded into any binary.

Actually, I found a way to patch harcoded IP even in themida packed clients like AK.to and FFT AK.

Here I'm only going to talk about the FFT client, but I believe they are the same.
Basically you do a global search after the client fully unpacked in memory. something like "xxx.xxx.xxx.xxx" for their hard coded ip address as string. Once you got it, you can trace back until you found something like game.bin + 0x12212122. which is the fixed offset from base memory.

To crack themida is too painful so why don't we just write a memory patcher? After it loads and before login to server, execute your memory patcher, in my case it was something like
jump->game.bin+0x122222-> read value+0xC->read value->read value-> +4 for ip and +70 for port

I'm pretty sure it would be way easier than cracking the themida. I have successfully using the client from FFT to login into my own server.

(They are both 2.0 version but with v90 map)

:cool:I hope this can also work on your unreleased server files.


EDIT1: just tried ak.to

a quick test using ce, global search for "149.202.201.194" and replace with your own ip.

tried to connect with 2.0 server, get a deserialize error at server side.
tried with hk 3.0 server, again deserialize error.

using official hk 3.0 client you get a different error after passing the login server (while ak.to doesn't get pass login server)

ak.to probably made some changes to the game.bin file to change to login ticket structure.
the only thing we can do is to patch the server binaries to ignore this error(which is problematic)

Mean while in China, tons of v95 private servers are popping up. I'm really curious where did they get the server files.
 
Last edited:
Skilled Illusionist
Joined
Dec 21, 2013
Messages
392
Reaction score
181
Actually, I found a way to patch harcoded IP even in themida packed clients like AK.to and FFT AK.

Here I'm only going to talk about the FFT client, but I believe they are the same.
Basically you do a global search after the client fully unpacked in memory. something like "xxx.xxx.xxx.xxx" for their hard coded ip address as string. Once you got it, you can trace back until you found something like game.bin + 0x12212122. which is the fixed offset from base memory.

To crack themida is too painful so why don't we just write a memory patcher? After it loads and before login to server, execute your memory patcher, in my case it was something like
jump->game.bin+0x122222-> read value+0xC->read value->read value-> +4 for ip and +70 for port

I'm pretty sure it would be way easier than cracking the themida. I have successfully using the client from FFT to login into my own server.

(They are both 2.0 version but with v90 map)

:cool:I hope this can also work on your unreleased server files.


EDIT1: just tried ak.to

a quick test using ce, global search for "149.202.201.194" and replace with your own ip.

tried to connect with 2.0 server, get a deserialize error at server side.
tried with hk 3.0 server, again deserialize error.

using official hk 3.0 client you get a different error after passing the login server (while ak.to doesn't get pass login server)

ak.to probably made some changes to the game.bin file to change to login ticket structure.
the only thing we can do is to patch the server binaries to ignore this error(which is problematic)

Mean while in China, tons of v95 private servers are popping up. I'm really curious where did they get the server files.
Now this is interesting. Saw another user talking about the generated ticket and according to him, you need to find the ticket checking function via IDA and invalidate it, and that should hopefully make newer clients work.

I believe that the newer server bins are released somewhere. Just gotta search for them in the chinese forums.
 
Initiate Mage
Joined
Jul 31, 2017
Messages
6
Reaction score
9
Now this is interesting. Saw another user talking about the generated ticket and according to him, you need to find the ticket checking function via IDA and invalidate it, and that should hopefully make newer clients work.

I believe that the newer server bins are released somewhere. Just gotta search for them in the chinese forums.
I did a bit of digging into ak.to client and found this.

CJ7RUU4@MELDC6A5}V}5P(5 - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums

And from another debug string their Launcher is compiled from the same source folder.
Now I'm pretty sure they have the complete source code for it.

When it comes to the Ticket, I guess you are talking about this method, I have renamed it a bit in IDA so it's more clear.

[U6$WHX(Y{~2~2~50U}B2YY - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums
Here are part of the ticket checking part for zone server.
H4Y``[40@GFR{PS4U@_2POG - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums
Here is when it returns valid.

But I think the problem is beyond that.

I tried to capture the packets. A 3.0 client ( the one with new class and everything) seems not responding to the 2.0 server after selecting the world. I compared it with packets captured from official HK server login and found it's different. Although you can pass login, but there's already an error thrown within the client ( found using x64dbg).

For all games developed by xlengeds they share the same structure for client and server. The first packet is always the RSA public key encrypted RC4 key, after the server received the packet it will decrypt it using their RSA private key and use that RC4 key for the following communications.
)KOGYBCJU_XHP6AP]M_E8DT - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums 3WQ}}E27YT9HZVNFRZYHLDX - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums
It's possible they changed their keys, since on server side they only verify the key length but not the content, the client might be expecting something encrypted with different RC4 key.

If that's case, we need to patch the client RSA public key.

It's also possible that the login procedure changed they might added a few more packets for verification.

Still need more studies.

I don't know if it worth the efforts to fix it. I was thinking maybe it's better to write a whole new server emulator using all the source we have from IDA, since it will work on all xlegends games.
Eternal Eden
Twin Sage
7th Darkness ( currently JP only)

We could unpack the client to update the server database since they are the same. It might take more time but with all games supported it's absolutely worth it.
 

Attachments

You must be registered for see attachments list
Last edited:
Initiate Mage
Joined
Apr 14, 2014
Messages
31
Reaction score
1
Guys I found this on chinese forum
Link: Password: yjy8

Source:
[New(August)]
[Old(February)]
Client went up to 5.42G while server is 2.05G from his old post with 5.41G and 1.85G

PS:It doesn't have the latest class and haven't tested it. Hope someone makes a mirror at mega
 
Last edited:
Elite Diviner
Joined
Feb 5, 2016
Messages
413
Reaction score
25
sorry for late :
 
Initiate Mage
Joined
Dec 15, 2009
Messages
36
Reaction score
22
hi,
Pls reup to mega or google driver for Client

Thx
 
Initiate Mage
Joined
Apr 14, 2014
Messages
31
Reaction score
1
Hello guys I stumbled another chinese files



Anyone knows what is this about?
Google Translate shows about handsword weapon i guess that is holy sword? v90? But I can't download it cause it need forum currency :(

XAKxvDb - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums
 

Attachments

You must be registered for see attachments list
Last edited:
Skilled Illusionist
Joined
Dec 21, 2013
Messages
392
Reaction score
181
Hello guys I stumbled another chinese files



Anyone knows what is this about?
Google Translate shows about handsword weapon i guess that is holy sword? v90? But I can't download it cause it need forum currency :(

XAKxvDb - Release[Aura Kingdom HK patched server+client] - RaGEZONE Forums

Interesting. Good job on finding this!
 

Attachments

You must be registered for see attachments list
Back
Top