[Release]IGCN.S16.GameServer Origin Full(Reupload)

[ZeCoder]

Maybe find it from rz forum,but I cant remember which thread.So re-upload it.
Folders:
1.DataServer
1. DataServer_BattleCore
2. ConnectServer
3. GameServer_Regular
4. GameServer_Arca
5. GameServer_Siege
6. GameServer_Market
7. ChatServer
8. GameServer_Instance
9. GameServer_BattleCore
Data,DB,EssentialTools,ServerInfo Generator

Download link:
https://mega.nz/file/TFQ3GSzD#StAbN_IfHYCcpsovwVRT_TSsQyQQuyFoPYkxru-ie84

Unpacked GameServer.exe
https://forum.ragezone.com/f197/release-igc-s16-gameserver-amp-1211469/

Reversed GS Some Code:
C++ Code

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 ​

void __fastcall CStreamPacketEngine_Server::ExtractPacket_Func(__int64 a1, __int64 pTar) { unsigned __int16 v2; // [rsp+20h] [rbp+0h] char v3[2368]; // [rsp+50h] [rbp+30h] BYREF char v4; // [rsp+990h] [rbp+970h] v4 = *(_BYTE *)(a1 + 10); if ( v4 == (char)0xC1 ) goto LABEL_6; if ( v4 != (char)0xC2 ) { if ( v4 != (char)0xC3 ) { if ( v4 != (char)0xC4 ) return; goto LABEL_7; } LABEL_6: v2 = *(unsigned __int8 *)(a1 + 11); goto LABEL_8; } LABEL_7: v2 = *(unsigned __int8 *)(a1 + 12) + (*(unsigned __int8 *)(a1 + 11) << 8); LABEL_8: if ( *(unsigned __int16 *)(a1 + 8) < (int)v2 ) return; if ( *(unsigned __int8 *)(a1 + 10) == 0xC1 || *(unsigned __int8 *)(a1 + 10) == 0xC3 ) { if ( !(unsigned __int8)sub_140677F96(a1, (unsigned int)v2 - 1, 2i64, 0xFFFFFFFFi64) ) return; goto LABEL_16; } if ( *(unsigned __int8 *)(a1 + 10) != 194 && *(unsigned __int8 *)(a1 + 10) != 196 || (unsigned __int8)sub_140677F96(a1, (unsigned int)v2 - 1, 3i64, 0xFFFFFFFFi64) ) { LABEL_16: std::memcpy(pTar, a1 + 10, v2); *(_WORD *)(a1 + 8) -= v2; std::memcpy(v3, a1 + v2 + 10, *(unsigned __int16 *)(a1 + 8)); std::memcpy(a1 + 10, v3, *(unsigned __int16 *)(a1 + 8)); } }

unsigned char XorFilter[32]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 ​

0000000140A7599C loc_140A7599C: ___:0000000140A7599C mov eax, 1 ___:0000000140A759A1 imul rax, 0 ___:0000000140A759A5 mov [rbp+rax+80h+XorFilter], 0ABh ___:0000000140A759AA mov eax, 1 ___:0000000140A759AF imul rax, 1 ___:0000000140A759B3 mov [rbp+rax+80h+XorFilter], 11h ___:0000000140A759B8 mov eax, 1 ___:0000000140A759BD imul rax, 2 ___:0000000140A759C1 mov [rbp+rax+80h+XorFilter], 0CDh ___:0000000140A759C6 mov eax, 1 ___:0000000140A759CB imul rax, 3 ___:0000000140A759CF mov [rbp+rax+80h+XorFilter], 0FEh ___:0000000140A759D4 mov eax, 1 ___:0000000140A759D9 imul rax, 4 ___:0000000140A759DD mov [rbp+rax+80h+XorFilter], 18h ___:0000000140A759E2 mov eax, 1 ___:0000000140A759E7 imul rax, 5 ___:0000000140A759EB mov [rbp+rax+80h+XorFilter], 23h ; '#' ___:0000000140A759F0 mov eax, 1 ___:0000000140A759F5 imul rax, 6 ___:0000000140A759F9 mov [rbp+rax+80h+XorFilter], 0C5h ___:0000000140A759FE mov eax, 1 ___:0000000140A75A03 imul rax, 7 ___:0000000140A75A07 mov [rbp+rax+80h+XorFilter], 0A3h ___:0000000140A75A0C mov eax, 1 ___:0000000140A75A11 imul rax, 8 ___:0000000140A75A15 mov [rbp+rax+80h+XorFilter], 0CAh ___:0000000140A75A1A mov eax, 1 ___:0000000140A75A1F imul rax, 9 ___:0000000140A75A23 mov [rbp+rax+80h+XorFilter], 33h ; '3' ___:0000000140A75A28 mov eax, 1 ___:0000000140A75A2D imul rax, 0Ah ___:0000000140A75A31 mov [rbp+rax+80h+XorFilter], 0C1h ___:0000000140A75A36 mov eax, 1 ___:0000000140A75A3B imul rax, 0Bh ___:0000000140A75A3F mov [rbp+rax+80h+XorFilter], 0CCh ___:0000000140A75A44 mov eax, 1 ___:0000000140A75A49 imul rax, 0Ch ___:0000000140A75A4D mov [rbp+rax+80h+XorFilter], 66h ; 'f' ___:0000000140A75A52 mov eax, 1 ___:0000000140A75A57 imul rax, 0Dh ___:0000000140A75A5B mov [rbp+rax+80h+XorFilter], 67h ; 'g' ___:0000000140A75A60 mov eax, 1 ___:0000000140A75A65 imul rax, 0Eh ___:0000000140A75A69 mov [rbp+rax+80h+XorFilter], 21h ; '!' ___:0000000140A75A6E mov eax, 1 ___:0000000140A75A73 imul rax, 0Fh ___:0000000140A75A77 mov [rbp+rax+80h+XorFilter], 0F3h ___:0000000140A75A7C mov eax, 1 ___:0000000140A75A81 imul rax, 10h ___:0000000140A75A85 mov [rbp+rax+80h+XorFilter], 32h ; '2' ___:0000000140A75A8A mov eax, 1 ___:0000000140A75A8F imul rax, 11h ___:0000000140A75A93 mov [rbp+rax+80h+XorFilter], 12h ___:0000000140A75A98 mov eax, 1 ___:0000000140A75A9D imul rax, 12h ___:0000000140A75AA1 mov [rbp+rax+80h+XorFilter], 15h ___:0000000140A75AA6 mov eax, 1 ___:0000000140A75AAB imul rax, 13h ___:0000000140A75AAF mov [rbp+rax+80h+XorFilter], 35h ; '5' ___:0000000140A75AB4 mov eax, 1 ___:0000000140A75AB9 imul rax, 14h ___:0000000140A75ABD mov [rbp+rax+80h+XorFilter], 29h ; ')' ___:0000000140A75AC2 mov eax, 1 ___:0000000140A75AC7 imul rax, 15h ___:0000000140A75ACB mov [rbp+rax+80h+XorFilter], 0FFh ___:0000000140A75AD0 mov eax, 1 ___:0000000140A75AD5 imul rax, 16h ___:0000000140A75AD9 mov [rbp+rax+80h+XorFilter], 0FEh ___:0000000140A75ADE mov eax, 1 ___:0000000140A75AE3 imul rax, 17h ___:0000000140A75AE7 mov [rbp+rax+80h+XorFilter], 1Dh ___:0000000140A75AEC mov eax, 1 ___:0000000140A75AF1 imul rax, 18h ___:0000000140A75AF5 mov [rbp+rax+80h+XorFilter], 44h ; 'D' ___:0000000140A75AFA mov eax, 1 ___:0000000140A75AFF imul rax, 19h ___:0000000140A75B03 mov [rbp+rax+80h+XorFilter], 0EFh ___:0000000140A75B08 mov eax, 1 ___:0000000140A75B0D imul rax, 1Ah ___:0000000140A75B11 mov [rbp+rax+80h+XorFilter], 0CDh ___:0000000140A75B16 mov eax, 1 ___:0000000140A75B1B imul rax, 1Bh ___:0000000140A75B1F mov [rbp+rax+80h+XorFilter], 41h ; 'A' ___:0000000140A75B24 mov eax, 1 ___:0000000140A75B29 imul rax, 1Ch ___:0000000140A75B2D mov [rbp+rax+80h+XorFilter], 26h ; '&' ___:0000000140A75B32 mov eax, 1 ___:0000000140A75B37 imul rax, 1Dh ___:0000000140A75B3B mov [rbp+rax+80h+XorFilter], 3Ch ; '<' ___:0000000140A75B40 mov eax, 1 ___:0000000140A75B45 imul rax, 1Eh ___:0000000140A75B49 mov [rbp+rax+80h+XorFilter], 4Eh ; 'N' ___:0000000140A75B4E mov eax, 1 ___:0000000140A75B53 imul rax, 1Fh ___:0000000140A75B57 mov [rbp+rax+80h+XorFilter], 4Dh ; 'M' ___:0000000140A75B5C mov eax, [rbp+80h+arg_8] ___:0000000140A75B62 mov [rbp+80h+var_60], eax ___:0000000140A75B65 jmp short loc_140A75B77

C++ Code

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 ​

char __fastcall CIOCP::RecvDataParse(__int64 a1, _PER_IO_CONTEXT *lpIOContext, signed int uIndex) { signed __int64 v3; // rax void *v4; // rsp __int64 v6; // [rsp+20h] [rbp-5068h] __int64 v7; // [rsp+20h] [rbp-5068h] __int64 v8; // [rsp+20h] [rbp-5068h] __int64 v9; // [rsp+28h] [rbp-5060h] __int64 v10; // [rsp+30h] [rbp-5058h] char *recvbuf; // [rsp+50h] [rbp-5038h] BYREF int lOfs; // [rsp+58h] [rbp-5030h] int size; // [rsp+5Ch] [rbp-502Ch] unsigned __int8 headcode; // [rsp+60h] [rbp-5028h] unsigned __int8 xcode_1; // [rsp+61h] [rbp-5027h] int xcode; // [rsp+64h] [rbp-5024h] int recvsize; // [rsp+68h] [rbp-5020h] unsigned __int8 byDec1; // [rsp+70h] [rbp-5018h] BYREF char byDec; // [rsp+71h] [rbp-5017h] BYREF unsigned __int8 v20; // [rsp+72h] [rbp-5016h] BYREF unsigned __int8 v21; // [rsp+73h] [rbp-5015h] BYREF PBMSG_HEAD *lphead; // [rsp+35F0h] [rbp-1A98h] unsigned __int8 *lphead1; // [rsp+35F8h] [rbp-1A90h] unsigned int ret; // [rsp+3600h] [rbp-1A88h] unsigned __int8 v25; // [rsp+3604h] [rbp-1A84h] char *v26; // [rsp+3608h] [rbp-1A80h] _BYTE PacketStream[2064]; // [rsp+3610h] [rbp-1A78h] BYREF unsigned int v28; // [rsp+3E20h] [rbp-1268h] char *v29; // [rsp+3E28h] [rbp-1260h] unsigned __int8 v30; // [rsp+3E30h] [rbp-1258h] __int16 v31; // [rsp+3E34h] [rbp-1254h] _BYTE v32[2064]; // [rsp+3E40h] [rbp-1248h] BYREF _BYTE v33[2576]; // [rsp+4650h] [rbp-A38h] BYREF char v34; // [rsp+5060h] [rbp-28h] char v35; // [rsp+5061h] [rbp-27h] char v36; // [rsp+5062h] [rbp-26h] char v37; // [rsp+5063h] [rbp-25h] char v38; // [rsp+5064h] [rbp-24h] char v39; // [rsp+5065h] [rbp-23h] char v40; // [rsp+5066h] [rbp-22h] __int64 v41; // [rsp+5068h] [rbp-20h] unsigned __int64 v42; // [rsp+5070h] [rbp-18h] v4 = alloca(v3); v41 = -2i64; v42 = (unsigned __int64)&recvbuf ^ 0x59E332C45A6i64; if ( *(int *)&lpIOContext[2].Buffer[16] < 3 ) // lpIOContext->nSentBytes return 1; lOfs = 0; size = 0; xcode_1 = 0; xcode = 0; recvbuf = lpIOContext->Buffer; recvsize = *(_DWORD *)&lpIOContext[2].Buffer[16]; while ( 1 ) { if ( (unsigned __int8)recvbuf[lOfs] == 0xC1 || (unsigned __int8)recvbuf[lOfs] == 0xC3 ) { lphead = (PBMSG_HEAD *)&recvbuf[lOfs]; size = (unsigned __int8)lphead->Size; headcode = lphead->HeadCode; xcode_1 = lphead->Header; } else { if ( (unsigned __int8)recvbuf[lOfs] != 0xC2 && (unsigned __int8)recvbuf[lOfs] != 0xC4 ) { LODWORD(v9) = *(_DWORD *)&lpIOContext[2].Buffer[16]; LODWORD(v6) = lOfs; g_Log_AddC( &off_142F705F0, "error-L1 : Header error (%s %d)lOfs:%d, size:%d", "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 531i64, v6, v9); *(_DWORD *)&lpIOContext[2].Buffer[16] = 0; return 0; } lphead1 = (unsigned __int8 *)&recvbuf[lOfs]; size = lphead1[1] << 8; size |= lphead1[2]; headcode = lphead1[3]; xcode_1 = *lphead1; } if ( size <= 0 ) { g_Log_AddC(&off_142F705F0, "error-L1 : size %d", (unsigned int)size); return 0; } if ( size > *(_DWORD *)&lpIOContext[2].Buffer[16] )// lpIOContext->nSentBytes break; if ( xcode_1 == 0xC3 ) { ret = sub_14069612B((unsigned int)qword_142EE03E0, uIndex, (unsigned int)&v20, lOfs + 2 + (int)recvbuf, size - 2); if ( (ret & 0x80000000) == 0 ) { v25 = v20; v26 = &byDec; headcode = v21; byDec = 0xC1; v20 = ret + 1; if ( (int)++*(_DWORD *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 11432i64) >= 255 )// gObj[uIndex].m_PlayerData->PacketsPerSecond >= g_ConfigRead.PacketLimit { LODWORD(v9) = 255; LODWORD(v7) = *(_DWORD *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 11432i64); g_Log_Add( &off_142F705F0, 255i64, "[Anti-Hack][IP: %s] Packets Per Second: %d / %d, [AccountID: %s], [Name: %s], [MapID: %d], [LastSkillID: %d]", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), v7, v9, (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), *(unsigned __int16 *)(4080i64 * uIndex + 0x152EA13E), *(_DWORD *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 12504i64)); IOCP_CloseClient(&byte_142EA8499, (unsigned int)uIndex); return 0; } CStreamPacketEngine_Server::ctor(PacketStream); CStreamPacketEngine_Server::Clear(PacketStream); if ( !(unsigned int)CStreamPacketEngine_Server::AddData(PacketStream, &byDec, (unsigned __int16)(ret + 1)) ) { LODWORD(v10) = headcode; g_Log_Add( &off_142F705F0, 255i64, "error-L1 : CStreamPacketEngine Adding Error : ip = %s account:%s name:%s HEAD:%x (%s,%d) State:%d", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), v10, "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 602, *(_DWORD *)(4080i64 * uIndex + 0x152EA044)); v34 = 0; sub_1406978DC(PacketStream); return v34; } if ( (unsigned int)((__int64 (__fastcall *)(_BYTE *, unsigned __int8 *))CStreamPacketEngine_Server::ExtractPacket)( PacketStream, &byDec1) ) { LODWORD(v10) = headcode; g_Log_Add( &off_142F705F0, 255i64, "error-L1 : CStreamPacketEngine ExtractPacket Error : ip = %s account:%s name:%s HEAD:%x (%s,%d) State:%d", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), v10, "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 625, *(_DWORD *)(4080i64 * uIndex + 0x152EA044)); v35 = 0; sub_1406978DC(PacketStream); return v35; } j_GameProtocol:rotocolCore((__int64)&byte_142EA8499, headcode, &byDec1, ret, uIndex, 1u, v25); sub_1406978DC(PacketStream); } else { LODWORD(v10) = (unsigned __int8)recvbuf[lOfs + 2]; LODWORD(v9) = (unsigned __int8)recvbuf[lOfs + 1]; LODWORD(v7) = (unsigned __int8)recvbuf[lOfs]; g_Log_Add( &off_142F705F0, 255i64, "[%s][Packet-Decrypt BYTE] Error: ret < 0 %x/%x/%x)", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), v7, v9, v10); } } else if ( xcode_1 == 0xC4 ) { v28 = sub_14069612B((unsigned int)qword_142EE03E0, uIndex, (unsigned int)&v21, lOfs + 3 + (int)recvbuf, size - 3); if ( (v28 & 0x80000000) == 0 ) { v29 = &byDec; v30 = v21; byDec = -62; v31 = v28 + 2; v20 = (unsigned __int16)(v28 + 2) >> 8; v21 = v28 + 2; if ( (int)++*(_DWORD *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 11432i64) >= 255 ) { LODWORD(v8) = 255; g_Log_Add( &off_142F705F0, 255i64, "[ANTI-HACK] Packets Per Second: %d / %d", *(unsigned int *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 11432i64), v8); IOCP_CloseClient(&byte_142EA8499, (unsigned int)uIndex); return 0; } CStreamPacketEngine_Server::ctor(v32); CStreamPacketEngine_Server::Clear(v32); if ( !(unsigned int)CStreamPacketEngine_Server::AddData(v32, &byDec, (unsigned __int16)(v28 + 2)) ) { LODWORD(v10) = headcode; g_Log_Add( &off_142F705F0, 255i64, "error-L1 : CStreamPacketEngine Adding Error : ip = %s account:%s name:%s HEAD:%x (%s,%d) State:%d", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), v10, "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 676, *(_DWORD *)(4080i64 * uIndex + 0x152EA044)); v36 = 0; sub_1406978DC(v32); return v36; } if ( (unsigned int)((__int64 (__fastcall *)(_BYTE *, unsigned __int8 *))CStreamPacketEngine_Server::ExtractPacket)( v32, &byDec1) ) { LODWORD(v10) = headcode; g_Log_Add( &off_142F705F0, 255i64, "error-L1 : CStreamPacketEngine ExtractPacket Error : ip = %s account:%s name:%s HEAD:%x (%s,%d) State:%d", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), v10, "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 683, *(_DWORD *)(4080i64 * uIndex + 0x152EA044)); v37 = 0; sub_1406978DC(v32); return v37; } headcode = v29[2]; j_GameProtocol:rotocolCore((__int64)&byte_142EA8499, headcode, &byDec1, v28, uIndex, 1u, v30); sub_1406978DC(v32); } else { LODWORD(v9) = (unsigned __int8)recvbuf[lOfs + 2]; LODWORD(v8) = (unsigned __int8)recvbuf[lOfs + 1]; g_Log_Add( &off_142F705F0, 255i64, "[Packet-Decrypt WORD] Error: ret < 0 %x/%x/%x)", (unsigned __int8)recvbuf[lOfs], v8, v9); } } else { CStreamPacketEngine_Server::ctor(v33); CStreamPacketEngine_Server::Clear(v33); if ( !(unsigned int)CStreamPacketEngine_Server::AddData(v33, &recvbuf[lOfs], (unsigned __int16)size) ) { LODWORD(v10) = headcode; g_Log_Add( &off_142F705F0, 255i64, "error-L1 : CStreamPacketEngine Adding Error : ip = %s account:%s name:%s HEAD:%x (%s,%d) State:%d", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), v10, "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 701, *(_DWORD *)(4080i64 * uIndex + 0x152EA044)); v38 = 0; sub_1406978DC(v33); return v38; } if ( (unsigned int)((__int64 (__fastcall *)(_BYTE *, unsigned __int8 *))CStreamPacketEngine_Server::ExtractPacket)( v33, &byDec1) ) { LODWORD(v10) = headcode; g_Log_Add( &off_142F705F0, 255i64, "error-L1 : CStreamPacketEngine ExtractPacket Error : ip = %s account:%s name:%s HEAD:%x (%s,%d) State:%d", (const char *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 8i64), (const char *)(4080i64 * uIndex + 355377315), (const char *)(4080i64 * uIndex + 355377326), v10, "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 708, *(_DWORD *)(4080i64 * uIndex + 0x152EA044)); v39 = 0; sub_1406978DC(v33); return v39; } if ( (int)++*(_DWORD *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 11432i64) >= 255 ) { LODWORD(v6) = 255; g_Log_Add( &off_142F705F0, 255i64, "[ANTI-HACK] Packets Per Second: %d / %d", *(unsigned int *)(*(_QWORD *)(4080i64 * uIndex + 0x152EAD30) + 11432i64), v6); IOCP_CloseClient(&byte_142EA8499, (unsigned int)uIndex); v40 = 0; sub_1406978DC(v33); return v40; } j_GameProtocol:rotocolCore((__int64)&byte_142EA8499, headcode, &byDec1, (unsigned int)size, uIndex, 0, -1); sub_1406978DC(v33); } lOfs += size; *(_DWORD *)&lpIOContext[2].Buffer[16] -= size; if ( *(int *)&lpIOContext[2].Buffer[16] <= 0 ) return 1; } if ( lOfs > 0 ) { if ( *(int *)&lpIOContext[2].Buffer[16] >= 1 ) { if ( *(int *)&lpIOContext[2].Buffer[16] < 0xFFFF ) { std::memcpy(recvbuf, &recvbuf[lOfs], *(int *)&lpIOContext[2].Buffer[16]); g_Log_AddC(&off_142F705F0, "Message copy %d", *(unsigned int *)&lpIOContext[2].Buffer[16]); } } else { g_Log_AddC( &off_142F705F0, "error-L1 : recvbuflen 1 %s %d", "g:\\data\\server suite\\development\\sources\\head (git)\\src-x14-p1\\source\\gameserver\\giocp.cpp", 736i64); } } return 1; }

Etc.





Interesting something.
This code from reversed IGCN.S16.GameServer.exe

Guess nSystem_cao4ni.xml what means? .
Maybe a dirty words.

 

[ZeCoder]

IGCN.S16.GameServer Critical Decrypt Function:
Maybe, this is also the original main algorithm.

C++ Code

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 ​

CSessionCryptor::CSessionCryptor()<=================Ctor=============================== { m_defaultData = "EHRZ$loJuoWzH$otY#lQ=O$fxtkPk+q5";<===================Init EncDec Key======================== } __int64 __fastcall CSessionCryptor:ecrypt(__int64 thisPtr, int index, void* lpDest, void* lpSource, unsigned int iSize) { __int64 v6; // rax int MaxRunCount; // eax char v8[8]; // [rsp+20h] [rbp+0h] BYREF __int64 v9; // [rsp+28h] [rbp+8h] unsigned int v10; // [rsp+30h] [rbp+10h] char v11[8]; // [rsp+78h] [rbp+58h] BYREF int v13; // [rsp+98h] [rbp+78h] BYREF _BYTE *m_lpDest; // [rsp+A0h] [rbp+80h] __int64 m_lpSource; // [rsp+A8h] [rbp+88h] m_lpSource = lpSource; m_lpDest = lpDest; v13 = index; if ( !lpDest ) return 0xFFFFFFFFi64; if ( (int)iSize <= 0 ) return 0xFFFFFFFFi64; sub_1406A3BAA(a1 + 8, (__int64)v8, (__int64)&v13); v6 = sub_14067A908(a1 + 8, v11); if ( (unsigned __int8)sub_14068CAEA((__int64)v8, v6) ) return 0xFFFFFFFFi64; v9 = *(_QWORD *)(sub_14069947F((__int64)v8) + 8); v10 = CCryptoModulus:ecrypt(v9 + 152, (__int64)m_lpDest, m_lpSource, iSize);<=================Critical=============================== if ( (int)v10 <= 0 ) return v10; MaxRunCount = CCryptoModulus::GetMaxRunCount(v9 + 0x98);<=================Critical=============================== if ( *(_DWORD *)(v9 + 16) == MaxRunCount ) { j_CSessionCryptor::updateData(a1, v9, m_lpDest, v10);<=================Critical=============================== CSessionCryptor::changeAlgorithm(a1, v9);<=================Critical=============================== *(_DWORD *)(v9 + 0x10) = 1; } else { j_CSessionCryptor::updateData(a1, v9, m_lpDest, v10);<=================Critical=============================== ++*(_DWORD *)(v9 + 16); } return v10; }

 

[mauka]

i dont get. what it's all about? U wanna make a cheat (Proxy with EncDec) or do a bypass for IGC... some kind of anticheat?
pseudocode u posted make no sense...

 

[ZeCoder]

i dont get. what it's all about? U wanna make a cheat (Proxy with EncDec) or do a bypass for IGC... some kind of anticheat?
pseudocode u posted make no sense...

Then,please u upload some significant pseudocode.e.g IGCN S18 C1C2C3C4 EncDec pseudocode.

 

[mauka]

its allready released, use search. default wz crypto++ funcs, without twister sdk.

if ( *(_DWORD *)(v9 + 16) == MaxRunCount )
{
j_CSessionCryptor::updateData(a1, v9, m_lpDest, v10);<=================Critical===============================
CSessionCryptor::changeAlgorithm(a1, v9);<=================Critical===============================
*(_DWORD *)(v9 + 0x10) = 1;
}
else
{
j_CSessionCryptor::updateData(a1, v9, m_lpDest, v10);<=================Critical===============================
++*(_DWORD *)(v9 + 16);
}
return v10;
}

 

[ZeCoder]

its allready released, use search. default wz crypto++ funcs, without twister sdk.

Wow,are you talking about this outdated algorithm （https://forum.ragezone.com/f508/reversing-ex700-ex700plus-protocol-crypt-888277/） And there is no key thing about the protocol decryption of Above IGCN S16 or IGCN S18. What about the keys of CSessionCryptor? What about the keys of CStreamEngine?
e.g.
CSessionCryptor::CSessionCryptor()<=================Ctor===============================
{
m_defaultData = "EHRZ$loJuoWzH$otY#lQ=O$fxtkPk+q5";<===================Init EncDec Key========================
}

u r so excellent!

 

[mauka]

Anyway, u can ask for a help drakelv or Wizi or Dudi, them (far i remeber) are IGC devs.

 

[ZeCoder]

Anyway, u can ask for a help @drakelv or Wizi or Dudi, them (far i remeber) are IGC devs.

Ha ha, if you say so, I might as well ask them for source code. Or they might as well open source. Dude, you know, this is for money.And I'm sharing their commercial product core code with reversed for free.

 

[mauka]

https://forum.ragezone.com/f197/original-encrypt-decrypt-c3-c4-1052471/
learn to use search

 

[ZeCoder]

https://forum.ragezone.com/f197/original-encrypt-decrypt-c3-c4-1052471/
learn to use search

Dude, do you think I'm reversing the original main encryption and decryption algorithm? I have extracted the original encryption and decryption code from the Kor Red Client(main.exe 1.19.99). Don't you see the obvious function identification in my code? I'm sharing keys, not locks. You didn't read what I sent carefully, and then came up to comment. I don't want to say anything more about your understanding. It may also be that I didn't express it clearly, so you mistakenly think that I lack these codes.In the private server, if you want to decrypt their customizations, you need these customized keys. I am sharing the IGCN keys and the algorithms used.

CSessionCryptor::CSessionCryptor()<====Here=====
{
m_defaultData = "EHRZ$loJuoWzH$otY#lQ=O$fxtkPk+q5";<===================Init EncDec Key========================
}

__int64__fastcall CSessionCryptor:ecrypt(__int64 thisPtr, int index, void* lpDest, void* lpSource, unsignedint iSize)
{
__int64 v6; // rax
int MaxRunCount; // eax
char v8[8]; // [rsp+20h] [rbp+0h] BYREF
__int64 v9; // [rsp+28h] [rbp+8h]
unsignedint v10; // [rsp+30h] [rbp+10h]
char v11[8]; // [rsp+78h] [rbp+58h] BYREF
int v13; // [rsp+98h] [rbp+78h] BYREF
_BYTE *m_lpDest; // [rsp+A0h] [rbp+80h]
__int64 m_lpSource; // [rsp+A8h] [rbp+88h]

m_lpSource = lpSource;
m_lpDest = lpDest;
v13 = index;
if ( !lpDest )
return 0xFFFFFFFFi64;
if ( (int)iSize <= 0 )
return 0xFFFFFFFFi64;
sub_1406A3BAA(a1 + 8, (__int64)v8, (__int64)&v13);
v6 = sub_14067A908(a1 + 8, v11);
if ( (unsigned__int8)sub_14068CAEA((__int64)v8, v6) )
return 0xFFFFFFFFi64;
v9 = *(_QWORD *)(sub_14069947F((__int64)v8) + 8);
v10 = CCryptoModulus:ecrypt(v9 + 152, (__int64)m_lpDest, m_lpSource, iSize);<=================Critical===============================
if ( (int)v10 <= 0 )
return v10;
MaxRunCount = CCryptoModulus::GetMaxRunCount(v9 + 0x98);<=================Critical===============================
if ( *(_DWORD *)(v9 + 16) == MaxRunCount )
{
j_CSessionCryptor::updateData(a1, v9, m_lpDest, v10);<=================Critical===============================
CSessionCryptor::changeAlgorithm(a1, v9);<=================Critical===============================
*(_DWORD *)(v9 + 0x10) = 1;
}
else
{
j_CSessionCryptor::updateData(a1, v9, m_lpDest, v10);<=================Critical===============================
++*(_DWORD *)(v9 + 16);
}
return v10;
}

Can't you see such an obvious function name? This is my re-identification.Sorry, I can't describe it clearly, not your understanding .

https://forum.ragezone.com/f197/original-encrypt-decrypt-c3-c4-1052471/
learn to use search

What I'm missing is IGCN.S18 GameServer source project, Kor S18 GameServer source project or pdb files, Kor S18 Main.exe source project or main.pdb. Please tell me how to search. I'm a novice and can't use search engines

Anyway, u can ask for a help @drakelv or Wizi or Dudi, them (far i remeber) are IGC devs.

It's a great idea that you let me ask IGCN for help when I'm reversing IGCN's commercial GameServer. An inappropriate analogy: it's like a thief who goes to a certain house to steal money,then you tell him to ask the help of the owner.

 

[mauka]

Nobody will help u in this forum todo a cheat, not for IGC nor for any other server. Its just a wrong forum. Rz is more like: how to block cheats.

U can wait for x-mass and ask DrakeLV for help... Never know! x-mass is miracle time!

 

[ZeCoder]

Nobody will help u in this forum todo a cheat, not for IGC nor for any other server. Its just a wrong forum. Rz is more like: how to block cheats.

U can wait for x-mass and ask DrakeLV for help... Never know! x-mass is miracle time!

Ha ha, you are really a great idea and great creativity. I didn't have any meaning or words to ask for help from the beginning to the end. I ’m always sharing what I have gained.You are so sweet^_^.

 

[coolgepds]

The provided server download address needs a password~~Can you provide a password? thank you

 

[ZeCoder]

link need password?Oh no,maybe mega default is wrong.I'll update that link.

 

[coolgepds]

链接需要密码？哦，不，也许 mega default 是错误的。我会更新那个链接。

Why not study S161.1? After all, the source code~!!

 

[ZeCoder]

Why not study S161.1? After all, the source code~!!

not enough time.