Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Genshin Impact Private Server

Initiate Mage
Joined
Oct 2, 2020
Messages
1
Reaction score
0
Hello dear community,

is there any chance that there will be a private server for the new game Genshin Imapact?It is a great single player game but the Gacha system is terrible.

Many greetings
 
Newbie Spellweaver
Joined
Oct 8, 2011
Messages
42
Reaction score
22
If you can get around the cert pining of the application (possible). Then the game sends limited information to a HTTP based API over TLS. As long as the data is not encrypted in some way after that. It is complete possible to have a private server for this.

Collection of URLs I've observed being used by game engine
genshin.mihoyo.com
webstatic.mihoyo.com
api-static.mihoyo.com
api-static.mihoyo.com.w.cdngslb.com
genshin.mihoyo.com.w.kunlunsl.com
log-upload-os.mihoyo.com
sdk-os-static.mihoyo.com
config.uca.cloud.unity3d.com
cdp.cloud.unity3d.com
oseurodispatch.yuanshen.com
dispatchosglobal.yuanshen.com
webstatic-sea.mihoyo.com
hk4e-sdk-os.mihoyo.com
 
Newbie Spellweaver
Joined
Oct 8, 2011
Messages
42
Reaction score
22
TLDR looked into it a bit. Cert Pinning on the Windows client can be ignored. As long as root CA you sign TLS traffic is in your OS Certs list all is good.

So here is the hard part. When you start the client the following happens.

Client first connects to dispatchosglobal.yuanshen.com it will then connect to one of the following.
- osusadispatch.yuanshen.com
- oseurodispatch.yuanshen.com
- osasiadispatch.yuanshen.com

The following packet is sent.

GET /query_cur_region HTTP/1.1
Host: oseurodispatch.yuanshen.com
User-Agent: UnityPlayer/2017.4.30f1 (UnityWebRequest/1.0, libcurl/7.51.0-DEV)
Accept: */*
Accept-Encoding: gzip, deflate
X-Unity-Version: 2017.4.30f1
Connection: close

If automatic version detection is not successful then the next packet will be.

GET /query_cur_region?version=OSRELWin1.0.0&lang=1&platform=3&binary=1&time=48&channel_id=1&sub_channel_id=0&account_type=1 HTTP/1.1
Connection: close
Host: oseurodispatch.yuanshen.com

From which it will receive base64 encoded data that contains an IP and URLs for the next segment of the login. and other locations.









So I've not done much more but as long as the base64 encoded data doesn't have a CRC, then it is possible to capture/intercept the next leg of information. Looking at the amount of information that is transferred suspect all info going forward remains at TLS traffic to an API.
 
Initiate Mage
Joined
Oct 9, 2020
Messages
1
Reaction score
0
Impressive stuff KuroSaru, I understood some but not all of what you explained.However, I am wondering if we could change the game in order to make it solo, wouldn't it be easier this way ?The only issue is for updates, how do we get the new content that will be (I hope) regularly delivered by mihoyo ?
 
Newbie Spellweaver
Joined
Oct 8, 2011
Messages
42
Reaction score
22
I need to spend more time to confirm if spawns, drops etc... are all client side or not. Suspect they are as can't see a reason for them not to be, apart from fact you can play in a team.
 
Newbie Spellweaver
Joined
Oct 8, 2011
Messages
42
Reaction score
22
TLDR; Will need a full private server, sadly although the game acts like single player 99% it still communicates with a server like any online game.
Game data is sent via UDP and is encrypted with a XOR encryption. All validation checks are handled client side. So Skill cooldowns are clientside etc..
 
Initiate Mage
Joined
Oct 15, 2020
Messages
4
Reaction score
1
TLDR; Will need a full private server, sadly although the game acts like single player 99% it still communicates with a server like any online game.
Game data is sent via UDP and is encrypted with a XOR encryption. All validation checks are handled client side. So Skill cooldowns are clientside etc..
Then to get the xor key i guess we need to reverse the client, i checked it and both cbt2 client and release client are protected with VMProtect
 
Newbie Spellweaver
Joined
Jun 24, 2020
Messages
13
Reaction score
0
nice to see some ppl that already looked into the game & encryption stuff.
but the idea isnt bad. private server without the bad rates of the gacha. +1
 
Initiate Mage
Joined
Oct 16, 2020
Messages
1
Reaction score
0
TLDR; Will need a full private server, sadly although the game acts like single player 99% it still communicates with a server like any online game.Game data is sent via UDP and is encrypted with a XOR encryption. All validation checks are handled client side. So Skill cooldowns are clientside etc..
Out of curiosity, how did you figure out that it was an XOR encryption?
 
Newbie Spellweaver
Joined
Oct 8, 2011
Messages
42
Reaction score
22
Updated reasoning for XOR to be provided at a later date.

_________________IGNORE BELOW________________
Reason for saying XOR is based on the gameloop that takes place when spawning (you join the world).
RbsJTCJ - Genshin Impact Private Server - RaGEZONE Forums
 

Attachments

You must be registered for see attachments list
Last edited:
Newbie Spellweaver
Joined
Jun 24, 2020
Messages
13
Reaction score
0
Reason for saying XOR is based on the gameloop that takes place when spawning (you join the world).
RbsJTCJ - Genshin Impact Private Server - RaGEZONE Forums
big brain. ty for the infomations. maybe its time to create a packetsniffer.
 

Attachments

You must be registered for see attachments list
Initiate Mage
Joined
Oct 20, 2020
Messages
1
Reaction score
0
Definitely been keeping an eye on this thread for the past week and I have to say, it's been very interesting to read all this. A lot of it I don't understand but I still am getting the gist of a few things. All in all, I don't want to lose hope and it's absolutely commendable that KuroSaru is deep diving into this and giving us a lot of insight. I hope that something good comes out of this and a private server can happen, I absolutely love this game but jfc the currency/xp scaling is absolutely horrendous! Keeping an eye for your updates KuroSaru, thank you for providing the info and data that may be useful for others as well!
 
Newbie Spellweaver
Joined
Oct 25, 2020
Messages
7
Reaction score
0
Honestly, I think the better idea would be an offline version of Genshin Impact. A private server might get shut down due to legal reasons, and the multiplayer is very limited as it stands. An offline option where I can just edit my resin, mora and primogems might be the better route. Maybe not as fun to some, but its better than spending $1000s on gacha.
 
Initiate Mage
Joined
Oct 15, 2020
Messages
4
Reaction score
1
Honestly, I think the better idea would be an offline version of Genshin Impact. A private server might get shut down due to legal reasons, and the multiplayer is very limited as it stands. An offline option where I can just edit my resin, mora and primogems might be the better route. Maybe not as fun to some, but its better than spending $1000s on gacha.

That would take way more time than just emulating the server, if is not impossible, bc it would require recode a lot of stuff in the game, there's no need to make a private server, an open source emulator can be done so everyone can host its own server on its own machine
 
Newbie Spellweaver
Joined
Jul 31, 2003
Messages
41
Reaction score
0
KuroSaru have you figured out what the server name is that is used for UDP ? I did not see any IP being transmitted in the JSON content before it connects. So I wonder where this comes from. Also I noticed that the port number is not always the same.
 
Newbie Spellweaver
Joined
Oct 25, 2020
Messages
7
Reaction score
0
That would take way more time than just emulating the server, if is not impossible, bc it would require recode a lot of stuff in the game, there's no need to make a private server, an open source emulator can be done so everyone can host its own server on its own machine
You're 100% right. I guess I should've explained myself better but that was the same concept I was thinking just poor wording. Having people emulate their own server would be the best route imo. I would hate to see someone put in a ton of work for a multiplayer private server only to be hit with DMCAs and/or potential lawsuits. Maybe a potential feature to have people connect to your server so you can do multiplayer with only people you want to join.
 
Newbie Spellweaver
Joined
Oct 8, 2011
Messages
42
Reaction score
22
So after all the data transfer via HTTPS has taken place the last transfer contains a BASE64 encoded data chunk. Within this base64 encoded data blob is the IP and port for the UDP traffic and for the game to connect to. There are other aspects that take place here after this point. Spending time looking at traffic game has support for TLS over UDP but not seen proof it is enabled yet.

Here is example of data decoded from the BASE64 packet, you can see the IP and port (hex number, not ascii)
Faw7kEN - Genshin Impact Private Server - RaGEZONE Forums


I have been off and on looking into the game, current plan is to redirect login to a simply server I control in a more sensible way, modifying windows HOSTS file feels unreasonable. I have no plan to make a private server but am interested/planning on a local simulation to allow offline playing.
 

Attachments

You must be registered for see attachments list
Back
Top