C1 AntiBot-HowTo: Change Auth Server Encryption key (Network.dll)
I have got many questions like "How to change protocol version between Client and Server (LineAge2 C1)", so
there, i left solution, how to do this.
So, find any hex editor, with search by ASCII abilities (ultraedit or some).
Client side:
Open ..\LineageII\System\Network.dll go to 0x41138 or
find by ASCII string "-%&@!" (without quotes):
There we see "[;'.]94-31==-%&@!^+]", it is full, default auth key for LineAge2 C1
You can change the number 94 or may be other parts, i don’t sure, to what ever you desire. But memo this changes!
Lets change it for example to 60
Save file.
Server side - AuthServer:
Open your L2AuthD.exe in same way as Network.dll before
Go to 0x6c6b0 or find by ASCII string "-%&@!" (without quotes):
You'll see some string as before - "[;'.]94-31==-%&@!^+]"
Change 94 to 60 (or what you memo at previous step)
Save file.
Server side - L2server:
Open ..\L2Server\l2server.ini and change AcceptLowerProtocol=true to AcceptLowerProtocol=false if it not the same.
Send to all your gamers, new Network.dll file. Restart server with new AuthKey in L2AuthD.exe.
That’s all. Take a fun.
Theory:
First goal is disorient out-game bot programs, which use other server "key".
In fact, it is not "Protocol change guide", it is "Àuthkey change guide".
I think so, cause i dump traffic, with and with-out changes,
disasm dll and server (IDA-Pro, wDasm8.93) and see clearly, what changes and where.
It is not protocol num, it is probably Àuthkey.
If you familar with IDA-Pro (Greatest disassembler), so when you dissasm Network.dll you'll see that:
a_9431@ db '[;',27h,'.]94-31=^-%&@!^+]',0
that str is used in sub_10014120 proc near ; CODE XREF: UNetworkHandler::Init(int,FL2NetNotify *)+49
I am not to sure, but I think at this place we have some algorithm to encode strings that outgoing to server (name and password).
Next step, is reoptimise dll, or reencode it, so no one walkers or etc., don’t find what key you use without totally disassemble of your new dll file.
C1 AntyBot-HowTo 2: Network.dll reoptimisation.
http://forum.ragezone.com/showthread.php?t=78801
To Russians:
ß äóìàþ, ÷òî ñóäÿ ïî äàìïàì èíòåðíåò òðàôèêà ñ ñåðâåðîì, è äèçàñåìáëåðíûì êîäàì, ýòî íèêàêîé íå íîìåð ïðîòîêîëà, êàê ìíîãèå äóìàþò, à êëþ÷ êîòîðûì øèôðóþòñÿ äàííûå ïðè ïåðåñûëêå íà ñåðâåð.
Ò.î. íàäî ìåíÿòü åãî ñ 2 ñòîðîí, ïðîñòî íàéäèòå â network.dll è L2AuthD.exe ñòðîêó "[;'.]94-31==-%&@!^+]" è îäèíàêîâî èçìåíèòå öèôðû, ñêîðåå âñåãî è âñå ñîòàëüíîå ìîæíî ìåíÿòü, íî âîîáùåòî íå ñòîèò, òàê êàê ýòèì æå êëþ÷åì âîçìîæíî ðàñïàêîâûâàþòñÿ PGP ôàéëû êëèåíòà, - ñòðîêà ïîâòîðÿåòñÿ è â l2decrypt.exe
Ñëåäóþùèé øàã ýòî íàéòè õîðîøèé ðåîïòèìèçàòîð, èëè dll óïàêîâùèê, è òàê âñå ïåðìåøàòü âíóòðè áèáëèîòåêè ÷òîáû íèêòî íå ìîã èç íåå âûòàùèòü êàê èìåííî èçìåíèëñÿ êëþ÷ áåç îáðàòíîé îòëàäêè, äî÷åãî áîòû âðÿäëè áûñòðî äîáåðóòñÿ.
I have got many questions like "How to change protocol version between Client and Server (LineAge2 C1)", so
there, i left solution, how to do this.
So, find any hex editor, with search by ASCII abilities (ultraedit or some).
Client side:
Open ..\LineageII\System\Network.dll go to 0x41138 or
find by ASCII string "-%&@!" (without quotes):
There we see "[;'.]94-31==-%&@!^+]", it is full, default auth key for LineAge2 C1
You can change the number 94 or may be other parts, i don’t sure, to what ever you desire. But memo this changes!
Lets change it for example to 60
Save file.
Server side - AuthServer:
Open your L2AuthD.exe in same way as Network.dll before
Go to 0x6c6b0 or find by ASCII string "-%&@!" (without quotes):
You'll see some string as before - "[;'.]94-31==-%&@!^+]"
Change 94 to 60 (or what you memo at previous step)
Save file.
Server side - L2server:
Open ..\L2Server\l2server.ini and change AcceptLowerProtocol=true to AcceptLowerProtocol=false if it not the same.
Send to all your gamers, new Network.dll file. Restart server with new AuthKey in L2AuthD.exe.
That’s all. Take a fun.
Theory:
First goal is disorient out-game bot programs, which use other server "key".
In fact, it is not "Protocol change guide", it is "Àuthkey change guide".
I think so, cause i dump traffic, with and with-out changes,
disasm dll and server (IDA-Pro, wDasm8.93) and see clearly, what changes and where.
It is not protocol num, it is probably Àuthkey.
If you familar with IDA-Pro (Greatest disassembler), so when you dissasm Network.dll you'll see that:
a_9431@ db '[;',27h,'.]94-31=^-%&@!^+]',0
that str is used in sub_10014120 proc near ; CODE XREF: UNetworkHandler::Init(int,FL2NetNotify *)+49
I am not to sure, but I think at this place we have some algorithm to encode strings that outgoing to server (name and password).
Next step, is reoptimise dll, or reencode it, so no one walkers or etc., don’t find what key you use without totally disassemble of your new dll file.
C1 AntyBot-HowTo 2: Network.dll reoptimisation.
http://forum.ragezone.com/showthread.php?t=78801
To Russians:
ß äóìàþ, ÷òî ñóäÿ ïî äàìïàì èíòåðíåò òðàôèêà ñ ñåðâåðîì, è äèçàñåìáëåðíûì êîäàì, ýòî íèêàêîé íå íîìåð ïðîòîêîëà, êàê ìíîãèå äóìàþò, à êëþ÷ êîòîðûì øèôðóþòñÿ äàííûå ïðè ïåðåñûëêå íà ñåðâåð.
Ò.î. íàäî ìåíÿòü åãî ñ 2 ñòîðîí, ïðîñòî íàéäèòå â network.dll è L2AuthD.exe ñòðîêó "[;'.]94-31==-%&@!^+]" è îäèíàêîâî èçìåíèòå öèôðû, ñêîðåå âñåãî è âñå ñîòàëüíîå ìîæíî ìåíÿòü, íî âîîáùåòî íå ñòîèò, òàê êàê ýòèì æå êëþ÷åì âîçìîæíî ðàñïàêîâûâàþòñÿ PGP ôàéëû êëèåíòà, - ñòðîêà ïîâòîðÿåòñÿ è â l2decrypt.exe
Ñëåäóþùèé øàã ýòî íàéòè õîðîøèé ðåîïòèìèçàòîð, èëè dll óïàêîâùèê, è òàê âñå ïåðìåøàòü âíóòðè áèáëèîòåêè ÷òîáû íèêòî íå ìîã èç íåå âûòàùèòü êàê èìåííî èçìåíèëñÿ êëþ÷ áåç îáðàòíîé îòëàäêè, äî÷åãî áîòû âðÿäëè áûñòðî äîáåðóòñÿ.
Last edited: