Any suggestion to solve this problem
Hello,
Good Day, currently I am having a problem where few player like to impose as GM and scam a lot of people (They change their IGN to [GM]xxxxxx) even I already block the usage of %[GM]% string.
This is possible to be done with CE and tested myself.
Even this is client side, this rule can be broken if they PM the target in game. The client will send the false IGN (change with CE) to the target.
Currently my client is protected with :
1. Xtrap
Still can be bypassed if the user using cabalmain without xtrap. Hence, the use of CE is possible.
2. TDP.dll
If they are using their own cabalmain, the client will not be protected with TDP.dll
3. Packer (pack my language.enc together with cabalmain)
They still able to get the server ip/port via netstat and set the information in their internal.txt which running cabalmain without xtrap.
4. XOR changed
This will only encrypt your enc file. If they are using their own cabalmain, they dont need to use our encrypted enc file.
5. Magic Key
This will only protect the player from hitting mob in game. Login server will not block the user if using different magic key (only will block user with different client version).
Is there any solution or suggestion to solve this problem?
Please support.
Thank you.
BR
Re: Any suggestion to solve this problem
LOL Just Change The XORS... if you Change the XORS (In Allocen CabalMain Maybe) And add a Launcher They Wont Be Able to Use Any Other CabalMain To Log Ingame ! Change the XORS in CabalMain and All Enc's... This Will Protect It From Nubs With CE Etc... But Strong People From Here Can Easly Get Your XOR's ... But i am not sure anyone here would like to heart other memebers ... So Just Change Your XOR's ;)! (Only 2 XORS Max not ALL)
Re: Any suggestion to solve this problem
Quote:
Originally Posted by
LocaSimon
LOL Just Change The XORS... if you Change the XORS (In Allocen CabalMain Maybe) And add a Launcher They Wont Be Able to Use Any Other CabalMain To Log Ingame ! Change the XORS in CabalMain and All Enc's... This Will Protect It From Nubs With CE Etc... But Strong People From Here Can Easly Get Your XOR's ... But i am not sure anyone here would like to heart other memebers ... So Just Change Your XOR's ;)! (Only 2 XORS Max not ALL)
Do you have any Idea what your telling, do not keep answering peoples question if you dont know what exactly their point.
check his post he already have the modified XOR's. and changing xor's is not totally your secured cause a theres a lot of way. just find the main version and use your own CabalMain and client, and for ports and IP's its easy to netsat that and simply put into internal.txt.
Now do you think your modified xor will be used then?
and about the magic key, yes hes right, it only prevent players from hitting the mobs and result all to miss, but they can still enter into your server using their CabalMain.
the best thing to do is to have a md5 checker from server to client or wright a modified log-in procedure. but i dont know how.
Re: Any suggestion to solve this problem
As I have suggested multiple times to people, you can prevent a lot of hackers by changing the XOR key used to encrypt the header of packets sent from the server. Look in Ostara's source if you need to know more.
Re: Any suggestion to solve this problem
Quote:
Originally Posted by
Yamachi
As I have suggested multiple times to people, you can prevent a lot of hackers by changing the XOR key used to encrypt the header of packets sent from the server. Look in Ostara's source if you need to know more.
Dear Yamachi,
Thank you for your feedback.
Is it the changes must be made at the server side?
Thank you.
Re: Any suggestion to solve this problem
In all server bins and the client.
Re: Any suggestion to solve this problem
Yamachi, would it be a security threat for servers if you lead us the way how this is properly done? sorry for asking if that is the case or if the answer is already right under my nose - maybe i need glasses :)
Re: Any suggestion to solve this problem
The information you need is in Ostara.
Ostara - /PacketLogger/Cryption/Server.cs - The Divinity Project Redmine
You can see here that the first 4 bytes of packets sent from the server are XOR'd with a static key. All you need to do is find and change that key in your client and server bins.
Re: Any suggestion to solve this problem
**nose bleed**
can't find it in cabalmain.exe or maybe i found the wrong key or i might be looking the wrong way :(
Re: Any suggestion to solve this problem
Try flipping the bytes around when you search.
Re: Any suggestion to solve this problem
aha! i found 2 results from the search not sure if i got the right key though.
---------- Post added at 02:57 PM ---------- Previous post was at 02:50 PM ----------
holy cow! i think i was right with the key - WELL I HOPE.
you're right Yama every bin has the same key EXCEPT GlobalDBAgent (no match found), now i will try to change this key in the cabalmain.exe and to all the bins and see if it works.
Re: Any suggestion to solve this problem
There are 2 instances in cabalmain.exe, yes. First, CABAL XOR's only the first 4 bytes and compares the packet size to the size value in the header bytes (the 4 bytes that were just XOR'd). If the values match, it then XOR's the original bytes again (I know, redundant, right?), and uses that to decrypt the rest of the packet.
Re: Any suggestion to solve this problem
hmmm thanks Yama but howcome i found no match of the key in the GlobalDBAgent bin?
Re: Any suggestion to solve this problem
CashDBAgent, GlobalDBAgent, and DBAgent_XX are all symlinks to /usr/bin/DBAgent
Re: Any suggestion to solve this problem
so that's it, makes sense, only thing left now is to test.
thankeeeeyouuuu!
EDIT: confirmed working! Yamachi you're the man! you saved us as usual THANK YOU :)
