Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

[S.U.N Online] Encryption Algorithm

Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
I am currently trying to figure out S.U.N's encryption algorithm, so I can decode the packets. I believe I have figured out some important information to help crack the algorithm, but I would like to have some help.

The information below is how the server and client interact up to the point of login:

1. Three-way Handshake
2. Client sends RST, ACK packet to Server
3. Three-way Handshake

4. Server to Client (hello packet)
TCP 44405 -> (client port - random #) Size: 72 bytes

5. Client to Server (ip packet)
TCP (client port) -> 44405 Size: 39 bytes (size can vary)

6. Server to Client (accept packet)
TCP 44405 -> (client port) Size: 5 bytes

7. Client to Server (login packet)
TCP (client port) -> 44405 Size: 83 bytes
I have been studying the retail server's packets. The only thing that changes is the "hello packet" (4th step) and the login packet (7th step).
Here is the five connection trials from the retail server for the "hello packet":

Test 1:

ASCII:
F 3 :.

Hex:
0x46, 0x00, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3a, 0x0f, 0x00, 0x00


Test 2:

ASCII:
F 3 <.

Hex:
0x46, 0x00, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x3c, 0x0f, 0x00, 0x00


Test 3:

ASCII:
F 3 =.

Hex:
0x46, 0x00, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x3d, 0x0f, 0x00, 0x00


Test 4:

ASCII:
F 3 >.

Hex:
0x46, 0x00, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x3e, 0x0f, 0x00, 0x00


Test 5:

ASCII:
F 3 ?.

Hex:
0x46, 0x00, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x3f, 0x0f, 0x00, 0x00
I noticed that the tail end of the "hello" packet changes very slightly every time you connect to the retail server. I believe it is a key of some sort, whether its an initialization vector, one key pair, and etc. Every time the key changes the login packets change dramatically, so instead, I made that "key" static on my server end to try and figure out the algorithm.

The information below is from my own server.

Interaction between my server and the client up to the point of login:

1. Three-way Handshake
2. Client sends RST, ACK packet to Server
3. Three-way Handshake

4. Server to Client (hello packet)
TCP 44405 -> (client port - random #) Size: 72 bytes

ASCII:
F 3 $H

Hex:
0x46, 0x00, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,0x00, 0x00, 0x00, 0x00, 0x24, 0x48, 0x00, 0x00

5. Client to Server (ip packet)
TCP (client port) -> 44405 Size: 39 bytes

6. Server to Client (accept packet)
TCP 44405 -> (client port) Size: 5 bytes

7. Client to Server (login packet)
TCP (client port) -> 44405 Size: 83 bytes
I kept the "key" on the "hello" packet to $H, so this is what the login packets look like:

Test 1:

Username: test
Password: test

ASCII:
Q 3. TEST .{. ..y .|. @.. 8.....w.......u...%@.. 8...-...ZK... .1neu...._..t

Hex:
0x51, 0x00, 0x33, 0x03, 0x00, 0x00, 0x00, 0x00,0x54, 0x45, 0x53, 0x54, 0x00, 0x00, 0xd4, 0x7b,0x19, 0x00, 0xe0, 0x8a, 0x79, 0x00, 0x04, 0x7c,0x19, 0x00, 0x40, 0x80, 0x19, 0x00, 0x38, 0xe4,0x15, 0x0a, 0xe9, 0x9c, 0xdb, 0x77, 0xfa, 0xff,0xff, 0x7f, 0x1f, 0x11, 0x8d, 0x75, 0x97, 0xe4,0xa7, 0x25, 0x40, 0x80, 0x19, 0x00, 0x38, 0xe4,0x15, 0x0a, 0x13, 0x2d, 0xc0, 0xa8, 0xd5, 0x5a,0x4b, 0x02, 0x0e, 0xf4, 0x09, 0xb4, 0x31, 0x6e,0x65, 0x75, 0x7f, 0x1d, 0x83, 0xd6, 0x5f, 0xca,0x06, 0x74, 0x0a


Test 2:

Username: test
Password: test

ASCII:
Q 3. TEST .{. ..y .|. @.. .( ....w.......u....@.. .( .2n...|.`......A....._..t

Hex:
0x51, 0x00, 0x33, 0x03, 0x00, 0x00, 0x00, 0x00,0x54, 0x45, 0x53, 0x54, 0x00, 0x00, 0xd4, 0x7b,0x19, 0x00, 0xe0, 0x8a, 0x79, 0x00, 0x04, 0x7c,0x19, 0x00, 0x40, 0x80, 0x19, 0x00, 0xd8, 0x28,0x00, 0x17, 0xe9, 0x9c, 0xdb, 0x77, 0xfa, 0xff,0xff, 0x7f, 0x1f, 0x11, 0x8d, 0x75, 0xad, 0xe6,0xfe, 0xaa, 0x40, 0x80, 0x19, 0x00, 0xd8, 0x28,0x00, 0x17, 0x32, 0x6e, 0x1f, 0xc4, 0xf8, 0x7c,0x87, 0x60, 0xc8, 0xc2, 0xbb, 0x87, 0x88, 0xc0,0x41, 0xbc, 0xf7, 0x1d, 0x83, 0xd6, 0x5f, 0xca,0x06, 0x74, 0x0a


Test 3:

Username: test
Password: test

ASCII:
Q 3. TEST .{. ..y .|. @.. .......w.......u.8..@.. .......1..~.UD.....Q,..._..t

Hex:
0x51, 0x00, 0x33, 0x03, 0x00, 0x00, 0x00, 0x00,0x54, 0x45, 0x53, 0x54, 0x00, 0x00, 0xd4, 0x7b,0x19, 0x00, 0xe0, 0x8a, 0x79, 0x00, 0x04, 0x7c,0x19, 0x00, 0x40, 0x80, 0x19, 0x00, 0x10, 0xaa,0x11, 0x16, 0xe9, 0x9c, 0xdb, 0x77, 0xfa, 0xff,0xff, 0x7f, 0x1f, 0x11, 0x8d, 0x75, 0xc5, 0x38,0xb2, 0xba, 0x40, 0x80, 0x19, 0x00, 0x10, 0xaa,0x11, 0x16, 0xab, 0x83, 0xcf, 0x31, 0xe1, 0xc3,0x7e, 0x99, 0x55, 0x44, 0x99, 0xd3, 0xc5, 0x9d,0x18, 0x51, 0x2c, 0x1d, 0x83, 0xd6, 0x5f, 0xca,0x06, 0x74, 0x0a


Test 4:
Username: test
Password: test

ASCII:
Q 3. TEST .{. ..y .|. @.. .y.....w.......uxT(.@.. .y....s.5o.Rdr...V|....._..t

Hex:
0x51, 0x00, 0x33, 0x03, 0x00, 0x00, 0x00, 0x00,0x54, 0x45, 0x53, 0x54, 0x00, 0x00, 0xd4, 0x7b,0x19, 0x00, 0xe0, 0x8a, 0x79, 0x00, 0x04, 0x7c,0x19, 0x00, 0x40, 0x80, 0x19, 0x00, 0xd8, 0x79,0x13, 0x16, 0xe9, 0x9c, 0xdb, 0x77, 0xfa, 0xff,0xff, 0x7f, 0x1f, 0x11, 0x8d, 0x75, 0x78, 0x54,0x28, 0x83, 0x40, 0x80, 0x19, 0x00, 0xd8, 0x79,0x13, 0x16, 0xae, 0x88, 0x73, 0xf8, 0x35, 0x6f,0x9e, 0x52, 0x64, 0x72, 0x08, 0xa2, 0xe6, 0x56,0x7c, 0x0f, 0xed, 0x1d, 0x83, 0xd6, 0x5f, 0xca,0x06, 0x74, 0x0a


Test 5:

Username: test
Password: test

ASCII:
Q 3. TEST .{. ..y .|. @.. ..{....w.......u...H@.. ..{.dq....i.,. .Z...f..._..t

Hex:
0x51, 0x00, 0x33, 0x03, 0x00, 0x00, 0x00, 0x00,0x54, 0x45, 0x53, 0x54, 0x00, 0x00, 0xd4, 0x7b,0x19, 0x00, 0xe0, 0x8a, 0x79, 0x00, 0x04, 0x7c,0x19, 0x00, 0x40, 0x80, 0x19, 0x00, 0xe0, 0xe6,0x7b, 0x16, 0xe9, 0x9c, 0xdb, 0x77, 0xfa, 0xff,0xff, 0x7f, 0x1f, 0x11, 0x8d, 0x75, 0xa7, 0xda,0x82, 0x48, 0x40, 0x80, 0x19, 0x00, 0xe0, 0xe6,0x7b, 0x16, 0x64, 0x71, 0xe4, 0x91, 0xda, 0xab,0x69, 0xb3, 0x2c, 0xa9, 0x00, 0xe2, 0x5a, 0xe8,0x11, 0x1a, 0x66, 0x1d, 0x83, 0xd6, 0x5f, 0xca,0x06, 0x74, 0x0a
All the older C++ S.U.N files use TEA (tiny encryption algorithm), Base64, MD5, and SHA1. I know this is not a hash algorithm because I wouldn't be able to reverse it. Then I noticed some of the other Webzen games have custom algorithms, so I am a bit confused.

Any help would be greatly appreciated.
 
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
We are at the Game Server portion of the development and GoldenHeaven gave me a document ( View attachment SunPacketStructure.doc ) a while back containing some information. The information is about the packet structure and the document mentions MU Online (Simple Modulus). I have dug around on the MU Online section of the forums and have found some files, but I'm not sure if the Simple Modulus algorithm has changed very much over the years for MU. Episode 1 for SUN was released in 2005/2006 in Korea and 2007/2008 for North/South America. I have an incomplete version of Simple Modulus for SUN that was found in the SunEmu files. SimpleModulus.zip contains SimpleModulus.cpp and SimpleModulus.h. The .cpp and .h file for SimpleModulus was inside the SunEmu source code - pathway: SUNEmu\Source\AgentServer\Server\AgentServer.
 

Attachments

You must be registered for see attachments list
Upvote 0
Joined
Aug 6, 2005
Messages
550
Reaction score
296
I didn’t look at it in detail but it looks exactly like SimpleModulus in MU Online.
If you need help in calculating encryption keys, I can help you ;)
Does the game client have some *.dat files which are as big as 54 bytes? These contain keys for the client side. Calculating the server side keys is a piece of cake, at least for mu online.
 
Upvote 0
Initiate Mage
Joined
May 9, 2019
Messages
40
Reaction score
25
Everything indicates that it is the same as in MuOnline. There are enc1.dat, enc2.dat, dec1.dat and dec2.dat files in the server sources even with the same keys as in Mu. Some time ago I started rewriting the algorithm to Java but for a moment I abandoned it :p

From my side I have now made a piece of the database and the ability to create new characters :)
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
@nevS
That's the issue, there is no .dat files on the client side. I've checked inside the Resource.wpk and there is nothing. There is documentation of SUN supposedly using SimpleModulus and all of the other servers have it. UPDATE: I did check the client and there is not Enc or Dec.dat files. The only .dat files are avcfg.dat, QN.dat, GameData.dat, and HelpInfo.dat.

The other thing is that SUN's packet structure doesn't follow the C1/C3 and C2/C4 structure as MU, but there is a double communication between the client <-> game server and client <-> unknown server. From the documentation of one server implementation of MU that I saw, there is a communication session similar to that with Login/Game/data (cant remember) -> Join Server and client with join server.
Anyway, my knowledge on MU Online is nothing to compared to many other people. I will check the MU documentation again and edit this post appropriately.


@CwaniX
Have you been able to create any characters in game or no? I am currently working with Java, so any implementation in Java is the most helpful.

@nevS and @CwaniX
Thanks for the help and the interest in SUN.
 
Last edited:
Upvote 0
Experienced Elementalist
Joined
Jan 30, 2010
Messages
267
Reaction score
129
The only enc1 & enc2.dat as well as dec1 & dec2.dat available is on the server Bins/c++ source (which seems incomplete) and those might have changed
 
Upvote 0
Initiate Mage
Joined
May 9, 2019
Messages
40
Reaction score
25
I am able to create and delete characters in game. I am also able to view the characters (also with equipment, but it still needs some work). At this stage no packet encryption is needed. All the code is on my github :cool:.
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
Overview

I am currently trying to figure out the packet encryption. I think the packet encryption is RSA. I loaded the Sungame-ClientsOriginal_NoThemida.exe from GoldenHeaven into IDA Freeware. I went digging out on it. The main hex code of the executable has RSA1 embedded. The client calls on ADVAPI32.dll, which is provides access to Microsoft's built in encryption functions. In IDA, I double clicked on CryptAcquireContextA function and double clicked on szProvider, which brings up Microsoft Base Cryptographic Provider v1.0.

If I have to guess, the client and server share a symmetric key because between the retail server w/ Zhaouc client, my game server w/ Zhaouc client, and my game server w/ The9 client - they share the same tail end on the first connection packet. On packet C2S_AskEnterServer (Category: 0x48, Protocol: 0x76), the tail end is 0x66 0xbf 0x25 0x66. The tail end doesn't match RSA's minimum key length requirement. Anyway, you can look at the attachment below. This is just an assumption. I'm going to look into figuring out the key, but any help would be nice.

Thank you!

Downloads

CH SUN v1006 Client (Zhaouc)
Download:

CH SUN v1006 Client (The9)
Download:
NOTE: This link came from CwaniX thread on page 1. You may need to fix the HackShield using what is provided by javaz97 in this thread. From what I can tell is that this client has no packet encryption.

Sungame.exe (No Themida)
Download:
NOTE: This link came from GoldenHeaven on this thread on page 2.​
 

Attachments

You must be registered for see attachments list
Last edited:
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
SUN Online Retail Packets - [C2S] / [S2C]
Google Doc:

CH SUN Retail Servers
If you download the CH SUN v1006 Client (Zhaouc) mentioned in my post above, then you can edit the START GAME.bat to:

Server #1
Code:
Sungame.exe -IP:119.90.32.34 -Port:44405
Server #2
Code:
Sungame.exe -IP:119.90.32.33 -Port:44405
Server #3
Code:
Sungame.exe -IP:119.90.32.24 -Port:44405
NOTE: You are connecting to one of the retail servers for CH SUN EP1.

Zhaouc Account
You can use this account to capture packets:
Username: ragezone
Password: ragezone
Char Delete Code: 5310814
 
Last edited:
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
There is a possibility that the encryption could be RC2 or RC4 as shown in the picture.
 

Attachments

You must be registered for see attachments list
Upvote 0
Initiate Mage
Joined
May 29, 2014
Messages
64
Reaction score
59
Just a short question, did you already check if the normal encryption is tea or xtea like the password encryption? Another method that could have been used is SEED. It was developed in Korea around the time Sun was also in development and launched.
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
Alex Mgh
No. I didn't check out Seed because I was not aware that this encryption existed. TEA doesn't work, not even with the same encryption key used prior for the passwords. IDA Freeware pulls up functions for advapi32.dll. You don't see that library being called in clients that bypass the packet encryption. I am currently not working on the game right now because the client stopped working on Windows 10 (tried on multiple computers) and the company (Zhaouc) removed the patch for gameguard.
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
@Alex Mgh

Do you know of any games that use the SEED algorithm? I am struggling to find anything online. Good news is there is a header file in the old SUN files with the SEED prototypes. I looked up seed.c and got source code .

Code:
/*******************************************************************************
*
* FILE:         seedx.h
*
* DESCRIPTION:  header file for seedx.c
*
*******************************************************************************/

#ifndef SEED_H
#define SEED_H

/********************** Include files ************************/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>


namespace Crypt
{

    /******************* Constant Definitions *********************/

    #define NoRounds         16
    #define NoRoundKeys      (NoRounds*2)
    #define SeedBlockSize    16    /* in bytes */
    #define SeedBlockLen     128   /* in bits */


    /********************** Common Macros ************************/

    #if defined(_MSC_VER)
        #define ROTL(x, n)     (_lrotl((x), (n)))
        #define ROTR(x, n)     (_lrotr((x), (n)))
    #else
        #define ROTL(x, n)     (((x) << (n)) | ((x) >> (32-(n))))
        #define ROTR(x, n)     (((x) >> (n)) | ((x) << (32-(n))))
    #endif


    /**************** Function Prototype Declarations **************/

    #ifndef PROTOTYPES
    #define PROTOTYPES  1
    #endif

    #if PROTOTYPES
    #define PROTO_LIST(list)    list
    #else
    #define PROTO_LIST(list)    ()
    #endif

    void SeedEncrypt 
        PROTO_LIST((BYTE *pbData, DWORD *pdwRoundKey));
    void SeedDecrypt
        PROTO_LIST((BYTE *pbData, DWORD *pdwRoundKey));
    void SeedEncRoundKey
        PROTO_LIST((DWORD *pdwRoundKey, BYTE *pbUserKey));
    void SeedDecRoundKey
        PROTO_LIST((DWORD *pdwRoundKey, BYTE *pbUserKey));

    /******************************************************************/
}

#endif
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
KISA has the SEED algorithm posted on their website for free. Follow the and click "KISA_SEED_ECB_CBC_CTR_CCM_GCM_CMAC.zip [332.2K]".

FYI: The code is a hot mess. lol.
 
Upvote 0
Initiate Mage
Joined
May 29, 2014
Messages
64
Reaction score
59
Well i have no idea if this is the correct seed algorythm

Sadly i also only have the header file you mentioned.
Anyway i made alot of progress on the server, see the development thread..
 
Upvote 0
Initiate Mage
Joined
May 29, 2014
Messages
64
Reaction score
59
Did you check the normal simpleModulus Algorythm that is provided in the old source code?
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
Alex Mgh
Sadly, I dont have as much time as before. The lack of time is why I dropped my project completely. I have gone through and pulled the .cpp and .h for Simple Modulus from the old project files, but I havent had the time to convert it over to Java. I havent had the chance to work on SEED. I will say that there is a 32 byte unknown in the Login Server packets S2C that could be a key or an IV and key. That might be useful to solving the mystery for the encryption. If I get some time, then I will work on these, but I cant promise too much. Sorry for the inconvenience.

Also, I saw something in the game server packet handlers for the old project that looks like a function to produce an array of bytes to verify if the packet is legit. If I find it again, then I will post it. I think that function is what produces the 6-10 bytes at the end of some of the packets.
 
Upvote 0
Initiate Mage
Joined
May 9, 2019
Messages
40
Reaction score
25
If you want to try simplemodulus in java maybe my piece of code will help. As far as I remember, it was not working 100% correctly yet but it might be useful.

Class:

Test:
 
Upvote 0
Back
Top