• Unfortunately, we have experienced significant hard drive damage that requires urgent maintenance and rebuilding. The forum will be a state of read only until we install our new drives and rebuild all the configurations needed. Please follow our Facebook page for updates, we will be back up shortly! (The forum could go offline at any given time due to the nature of the failed drives whilst awaiting the upgrades.) When you see an Incapsula error, you know we are in the process of migration.

I have several questions.

T

TaxBeauty

Junior Spellweaver
Joined
Sep 2, 2016
Messages
102
Reaction score
2
1. I tried to sniff the official Korean server using Shark Sniffer.
However, you cannot capture packets after selecting a character.
What should I modify? (I only modified sSecretKey.)

2. I unpacked the client of KMS 1.2.320 and loaded it through IDA.
I ran Diamondo's idc script, but most of the Functions Names, such as CField, did not change.
 
Last edited:
Sort by date Sort by votes
The Best DDoS Protected Servers
Eric

Eric

Custom Title Activated
Loyal Member
1000 Posts Got A Reaction 10 Happy Years
Joined
Jan 18, 2010
Messages
3,109
Reaction score
1,139
1. I guess you're not aware of crypto changes? All client packets from BEGIN_USER and onward contain Triple DES opcode encryption. On top of that, additional crypto changes were probably never updated/maintained in public MapleShark sources. However, if you did update the crypto (or found a copy with it), try updating your port range. Use Process Hacker (or Task Manager) and find out what remote port it's connecting to, then make sure MapleShark has that port within its scan range.
2. This should be obvious. Applications differ, compilers will differ, and thus the bytecode will differ. The AoBs provided in the script won't always work for every client region, let alone every version.. You'll need to update your AoBs every now and then, or find a different method of searching for the function (e.g string search, xref, etc).
 
Upvote 0
T

TaxBeauty

Junior Spellweaver
Joined
Sep 2, 2016
Messages
102
Reaction score
2
Eric said:
1. I guess you're not aware of crypto changes? All client packets from BEGIN_USER and onward contain Triple DES opcode encryption. On top of that, additional crypto changes were probably never updated/maintained in public MapleShark sources. However, if you did update the crypto (or found a copy with it), try updating your port range. Use Process Hacker (or Task Manager) and find out what remote port it's connecting to, then make sure MapleShark has that port within its scan range.
2. This should be obvious. Applications differ, compilers will differ, and thus the bytecode will differ. The AoBs provided in the script won't always work for every client region, let alone every version.. You'll need to update your AoBs every now and then, or find a different method of searching for the function (e.g string search, xref, etc).
Click to expand...

Thank you for your kind response.
 
Upvote 0
You must log in or register to reply here.

About Us

RaGEZONE® is a website dedicated to the development of massively multiplayer online role-playing games (MMORPGs).

Online statistics

Members online
186
Guests online
11,413
Total visitors
11,599
Totals may include hidden visitors.

Forum statistics

Threads
429,198
Messages
4,590,912
Members
281,304
Latest member
ismodev
Most visitors online was 12720 , on 2 May 2024

RaGEZONE Sponsor

    HyperFilter
Back
Top