Reverse engineering encrypted buffer of Growtopia

[randomnon]

I tried a lot but i couldn't reverse engineer second argument (buffer) of WSASendTo of this game, so then i can view unencrypted packet data and move on my way. Apparently it uses UDP.

Growtopia :

You must be registered to see links

The links of the stuff i've tried :

You must be registered to see links

You must be registered to see links

You must be registered to see links

http://forum.ragezone.com/f860/game-hacking-server-emulation-1184222/

http://forum.ragezone.com/f860/reversing-packets-emulator-server-scratch-1136480/

i will be really apprecited )

 

[randomnon]

Still waitin' for an answer

You must be registered to see links

 

[Flipend0]

You'll want to look in the return stack to the main game in hopes of finding the algo for the encrypted buffer
It depends in most games really. It's usually like 2 or 3 proper returns to find the algo
From there, you can either try to reimplement the algo as a proxy, or completely skip it to send unencrpyted buffer instead (and if you do this, the server would need to read unencrpyted buffers)

Hopefully they didn't VM the function itself, that's usually a show stopper.

 

[randomnon]

You'll want to look in the return stack to the main game in hopes of finding the algo for the encrypted buffer
It depends in most games really. It's usually like 2 or 3 proper returns to find the algo
From there, you can either try to reimplement the algo as a proxy, or completely skip it to send unencrpyted buffer instead (and if you do this, the server would need to read unencrpyted buffers)

Hopefully they didn't VM the function itself, that's usually a show stopper.

I found a lot of stuff (functions,opcodes etc.) it returns a lot to same functions, sometimes it loops through a function but i can't really see the encryption

i also tried hooking WSASendTo with Detours but the buffer is still encrypted

Could you check the client for encryption though

 

[randomnon]

up
someone help