Emulator basics

[Mortaro]

Hi, (as a [STRIKE]useless[/STRIKE] effort to revive the community) i've been sniffing some kal packets, in order to try creating an open source server emulator written in node.js (which sounds more appropriate for nowadays, please do not mistake with simple javascript as happened on epvpers :D) but i need help understanding the basics and figure some patterns

i altered config.pk to add my own localhost on the list of server selection and when i click on server selection on the latest int engine, i always get a welcome packet like these:

<Buffer 19 00 3e d2 c9 9f 91 82 a8 a6 cd 73 14 20 d1 87 db 40 ff c9 ee 3c 50 91 8d>

<Buffer 19 00 3e 10 e7 15 91 82 a8 a6 cd 73 14 20 d1 87 db 40 ff c9 ee 3c 50 91 b9>

which i reply with [0x1f, 0x00, 0x85, 0x2a, 0x92, 0xae, 0xd3, 0xdd, 0xc6, 0xff, 0xb7, 0xea, 0x86, 0x9f, 0xb7, 0xea, 0xc5, 0x8d, 0x24, 0x68, 0x91, 0xd9, 0x91, 0x91, 0x91, 0xee, 0x91, 0x91, 0xe1, 0x48, 0xe1]

and it works allowing me to fill in my login info, but i still cant quite figure how this first handshake allows me to manipulate the future packets.

Some things i noticed:

1. it always starts with 19 00 3e changes a hex and then repeat some patterns (which would be lovely if someone could explain me what information it contains)
2. the first hex of the buffer is the total number of hexes it contains

if i keep imitating the packets i sniffed it allows me to go on to character selection and joining the world itself, but only with "pre-recorded" packets, not allowing me to edit those packets because they aren't decrypted.

so my questions are:

whats the logic behind that initial handshake? does it affect on the crypt itself?

anyone knows how do i decrypt the future packets like for example the login info that the client sends once you hit "log in"? i noticed it always has a separator hex between login and password on same buffer, but even the number of the hex used to separate changes on each iteration, probally because the cryptography being decided before that, but how?

This might be a out of my league since i have no previous knowledge with kalonline packets, but the curiosity on how the logic behind them is killing me

If you wanna discuss logic and help me understand the packets formation, thanks in advance!
if you just want to rage at a first time poster, hf with it, message will be ignored.

[MentaL]

[Bloodx]

u also should disable decrypt / encrypt function in the Client so u dont need to handle atm with the Cryption and also you can add your own later.

I dont know what are the up 2 date Packets at int atm, I can give help with Private Server Packets also.

After Login u get LoadCharacterList Packet also.

[Kealy]

u also should disable decrypt / encrypt function in the Client so u dont need to handle atm with the Cryption and also you can add your own later.

Yeah man, you're gonna need to explain to this guy how to do it with JavaScript.

[Mortaro]

Thanks for the reply Bloodx!

which would be the best way to disable the decryption? my first tough would be to detour recv/send to communicate directly with my socket, but is that the best way possible? sounds like id be doing an overkill re-coding the connection functions and there's probably a shorter way which a person more experienced with kal would know
@Kealy Dude programming is less than 10% the language u choose, don't be stuck with that idea, logic is what matters and it can be translated into any language, node.js is one of the best server languages imho since its multithreaded/async nature, and its NOT browser js sorry if i mislead you there. i'm a newcomer to this community but i can already notice that ppl being to eager to shut others ideas down is the reason its abandoned, if you aren't willing to contribute please simply avoid replying, attention is not the coin i work for.

[TranX1337]

Can I ask why you want to do it on that way while the whole source is open source(nwk)..? And doin everything from 0 on another language which won't be stable ofc (do ur own experience with ...)?
Its just an question please do t feel attacked

[Mortaro]

don't worry, i didn't feel attacked at all :D

short answer: i just like solving puzzles, and this sounds fun! i currently play international server, and its slowly dieing, so basically nothing to do there even at level 92.

long answer: i think things could be way better than they currently are, things could be much more transparent, and up to date. the current community uses "centralized knowledge" in which a couple people controls the knowledge and have the skills to actually do things, and even these people are simply 'patching up holes' . imagine a scenario in which people could actually customize deeper behaviors with almost zero knowledge of coding itself, so people could actually focus on having ideas instead of "go read a book and come back in 6 months, if you haven't given up yet".

Don't get me wrong, as a fat nerd myself, i do enjoy going deeper and deeper into books and languages, but at some point you do realize that coding isn't all, but what knowing how to do it unlocks: the ability to execute what your imagination craves for!

My ideal scenario would be a framework in which a newcomer could write things like this gist (this is a completely unorganized gist, just some example on how things could be, notice that i haven't added any comment, because i believe that written in this way, anyone could intuitively know what every line does).

As you can see here in the inix developers blog, even the inix developers are stuck at some point because of how outdated things are, so what chance a new programmer would have in a community in which the first reply to anyone seeking new knowledge is a bitchslap in the face

Besides all that, a new energy to this community wouldn't hurt, nobody is forced to join the project but everyone would be free to help, even people with low or zero knowledge could poke around it after the minimal bones are there.

[Bloodx]

the old Client got in SendPacket function ( 0x004F2010 ) a Encrypt Call -> 0x004F208D

and a Decrypt call in ProcessPacket Function ( 0x004F20D0 ) at 0x004F2113 u just need to nop both.

[Mortaro]

i looked into those hexes with HxD but apparently they aren't there on the new engine. maybe i did something wrong since i'm new to it, or maybe it actually isn't there.

You have any pointers on how to find the new decrypt function? i would prefer if someone could explain me how to find it instead of sending me the hex, so i can learn a new thing.

if you prefer to use skype instead hit me a private message (aparently the messages i'm sending aren't being delivered, at least they aren't in my box)

Thanks for your patience with a noob like me

[Kealy]

Sigh.

node.js is one of the best server languages imho since its multithreaded/async nature, and its NOT browser js

I know what node.js is. Its core language remains javascript.
But let's say javascript actually is a decent language and you somehow managed to make a production version of this emulator of yours.
What do you think will happen when 600 unique players roam throughout the game simultaneously?
This includes anti-hacking features (like constantly checking for underground/flying or speed manipulation), monster, npc, skill, damage handling and what not.

You may say or think whatever you want, javascript remains an interpreted language, this is a fact. IT'S SLOW.
It might not be slow on a development scale, but on a full production scale, it will never keep up.

Node.js is intended for small-to-medium sized scripts, not for large scale projects and even less for game servers.
That being said, no interpreted language is intended for this purpose.

logic is what matters

No.
Back to reality, JavaScript at its core is bad. Bad to the point that even the original developers regret having designed it that way.
The language's design introduces flawed logic and bad practices which will cause headaches and/or bad programming habits, which in most cases will have horrid repercussions on future languages.

More on this : JavaScript sucks because..

short answer: i just like solving puzzles, and this sounds fun! i currently play international server, and its slowly dieing, so basically nothing to do there even at level 92.

This isn't a puzzle, this is a maze.
That put aside, the constant 2-second delay on the "international" servers (located in south korea) makes it absolutely unplayable.
Inixsoft is stupid for not renting servers in EU/NA zones and so is anyone still playing on the original servers.
This is not an offense to anyone in particular, this is a true statement.

i looked into those hexes with HxD but apparently they aren't there on the new engine. maybe i did something wrong since i'm new to it, or maybe it actually isn't there.

Wait, what?
You actually tried to find something with a hex editor.. using memory addresses ?
Do you have an idea what these numbers represent anyway ? Most likely not.

You have any pointers on how to find the new decrypt function? i would prefer if someone could explain me how to find it instead of sending me the hex, so i can learn a new thing.

Let me be clear.
You will absolutely NOT get anywhere without very good RE knowledge.

Sure, your idea is refreshing.
But no one is going to put effort into teaching you software tampering , which is even harder (if not impossible) to do with js/node.js, nor is anyone going to contribute to your project, given its questionable nature, especially because those who actually can don't give a shit.
All you might get from this community are short, vague answers like the ones above this post, that's it.

I am not saying this to belittle you or degrade you, but you need to get slapped back to reality.
As sad as it may sound, you are not going to get anything truly good out of this community.

[Mortaro]

Long text, you can skip:

I am not saying this to belittle you or degrade you, but you need to get slapped back to reality.
As sad as it may sound, you are not going to get anything truly good out of this community.

I actually wanna thank you there, don't worry i still have some faith on humanity to believe people wouldn't simply lose time on such a long reply only to troll.

as i kept saying

imho

node.js is a good long term scalable solution, interpreted has its long term advantages over compiled, and i think google and their v8 project would back up my point...BUT this is completely out of the topic (and i would prefer this discussion to end here so we go back to the point), as you see i posted it under the tag 'HELP', simply because i need help.

As sad as it may sound, you are not going to get anything truly good out of this community.

You are so right with this, and here is why:

Wait, what?
You actually tried to find something with a hex editor.. using memory addresses ?
Do you have an idea what these numbers represent anyway ? Most likely not.

As i said i'm a newcomer and i have no idea about this, but i assume explaining about how it works and giving me a real answer (at least pointing to any link you find useful) would take less time and benefit more the community than mocking me for it.

the current community uses "centralized knowledge" in which a couple people controls the knowledge and have the skills to actually do things

Is anyone willing to give me a complete answer on how to solve the problem based on what @Bloodx kindly said? unless of course, it would hurt the 'big shots' to have more people with knowledge, in any case, thanks anyway.



besides that i had some nice encouraging pms from some real nice people which gives me a little hope about this community.

TL;DR;

i need some explanation about this:

the old Client got in SendPacket function ( 0x004F2010 ) a Encrypt Call -> 0x004F208D
and a Decrypt call in ProcessPacket Function ( 0x004F20D0 ) at 0x004F2113 u just need to nop both.

Preferably as public message so more people can benefit from this information! thanks :D

[ToF]

I believe that Bloodx is holding back a bit, he was working on an open source C# emulator a few years back, and here is the result from that.
https://code.google.com/p/kalsharp/s...unk%2FKalSharp

[Bloodx]

actually KalSharp is DeathArt's Project.

I got some C++ Projects also. but never had enough ppl here to contribute ..

[Justei]

Alright, so it's time again for another emulator. Awesome.

Ok, so let me agree with a couple of things Kealy has said.

1. Node.js is a bad choice. Sorry, it's a fact.

To explain to you why Node.js is a bad choice (aside from JS being horrible to use), I will give you an explanation on where Node.js WOULD work in a game scenario.

Here's 2 examples of where Node.js actually works OK in games:

1. A login server
2. A Database Server

As you can tell, I did not include a game server in there. Because Node.js would be horrible for doing logic such as navigation for monsters, players, etc.

Keeping many threads going, having AI in those threads, etc. Would work horribly with Node.js (don't even mention loading files such as KSM's etc to work with safezones, etc).

2. You will need a lot of RE experience.
This is just a simple fact. It takes a lot of experience to do something such as this. And trust me, if there's anyone in this community that's qualified to tell you so, it's Kealy.

To make this emulator, you will need to RE a lot to figure out how to best emulate the game.

3. Finally, why the hell a new emulator?
There's really no reason to do it. There are sources out there for NWK that got leaked, and those sources basically let you do anything you wish!.

It's like a emulator, but 99% of the work is done for you, all you need to do is add new features if you put some effort into it!

The restrictions put on us at this point aren't server sided, they're client sided. And unless you plan on making a new client, writing an emulator for Kal won't help anything to add new stuff.

We were able to add a new class, new skills, new systems, everything by reverse engineering the server files and adding on top of them on NWK. That's not the problem anymore, the client is if anything.

Just my 2 cents.