• Advertisement

ASH_07

Member
  • Content count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About ASH_07

  • Rank
    Newbie

Personal Information

  • Interests
    Art
    Audio
    Design
    Programming
  1. /// Call sendto (UDP obviously) /// \param[in] s the socket /// \param[in] data The byte buffer to send /// \param[in] length The length of the \a data in bytes /// \param[in] ip The address of the remote host in dotted notation. /// \param[in] port The port number to send to. /// \return 0 on success, nonzero on failure. int SendTo( SOCKET s, const char *data, int length, const char ip[ 16 ], unsigned short port ); This is the function the server library uses to send the UDP data. Since i'm reverse engineering this, couldn't I save the "const char *data" to a file and see exactly what the server is sending to the client, before it "encrypts" it? Also I looked at the assembly code for the server and client as far as the sendto() and recvfrom() functions go but i couldn't figure out how exactly I could decode the UDP packet data when being captured live across the server and client. I've looked at where the data values are stored such as "exi' and "esi" etc., how how their moved around/calculated, but I can't see how that would tell me how it encrypts the data. There was a "__security_cookie" function that was called, however just like the other functions, I could't find out how it encrypts the data other then maybe generating a number (Checksum possibly??) that is used to encrypt the data every time it's sent. I've looked at several videos explaining the packets and assembly language and while i am learning how they function it doesn't help me find out how to decode the information i want. I guess, in a reworded version of my overall question, is it possible to decode the series of packets I captured above (in the links) to 'human readable'? Here's a link to the website with documentation of the information i'm trying to collect (even though it's already documented I'd like to learn how to do it myself). http://lu-docs.readthedocs.io/en/latest/packets.html Here's a sample format of what I'd like to find. (It's the exact data being sent in the captured packets I have [although mine are still encrypted] however i'm not sure where they found the "53-01-00-00", and what that means as far as the packet itself, and how they categorized the other data being sent into the sections they have [such as "L:512" and the "u32" or "u16") Thanks for the help. Understand most likely it's stuff I still have to dive into myself but if you know anything more based the information I have that'd be great. Either way I got a point in the right direction
  2. Sweet, found the calls (sendto() and recvfrom()) going to dig into them a bit more. If I hit a roadblock I'll let you know, Thanks for the help!
  3. I have the program dissembled however out of the 95,000 lines of sub .text files i'm not sure how to narrow it down to finding the one that deals with the encryption of the packets. I can send you snapshots of what I have if you want.
  4. I do have the server files which are NOT encrypted. They are fully readable in c++. I know which files are responsible for making/sending the packets however being I am only knowledgeable in java I don't quite understand what's going on with it (also being I'm just learning networking). My goal is to be able to read what the client is sending to the sever, not necessarily what the server is sending to the client. Again I don't know much about it but Since I already have the code for the server to send and 'encrypt' the packets to the client, couldn't I use that to read the client packets, being the server has to read the packets and send a response back?
  5. Hi, I have just joined this community, and wanted to see how many of you out there know anything about UDP packets. I've been working with an MMOG game for the last couple days (Lego Universe which closed back in 2012). I have the Client and Server running on my local IP and have captured the UDP data Packets being sent between them, however I'm not too sure what each packet is saying and why it takes ~50 individual packets to communicate a message, for instance Player Profile Authentication. My problem is reading the 'Payload' data being sent with each packet. I captured the login session (After the player enters in the correct Username and Password) from the client to the server, there's about 80 UDP packets there that were sent. Some of which I can kinda tell the just of what the packet was communicating, such as computer graphics info. others however are completely unreadable. Any information or point in the right direction will be helpful, thanks in advance P.S. Also any information about how Checksums work will be great, I've noticed each packet being sent has one but not too sure how those work either. I'm completely new to networking but have some programming experience. Snapshot of Capture Session/UDP Packets: https://ibb.co/j1EmmS https://ibb.co/knqsRS https://ibb.co/imXHt7 Text I would like to translate/read: https://pastebin.com/59NF0jiB https://pastebin.com/BQGfdQuc I also have the .cap file attached but Wireshark won't load it which is why I provided links to the text and snapshots. I captured the data using Microsoft Message Analyzer. Log-in-Authentication(LUNI).cap
  • Advertisement