Results 1 to 3 of 3
  1. 12-30-2016 #1
    Polling
    Polling is offline
    New Member
    Polling's Avatar
    Join Date
    Jun 2016
    Gender
    male
    Posts
    6
    Reputation
    10
    Thanks
    0
    Send a message via Birdie™ to Polling Australia

    Decrypted (and partially decoded) packet log

    Here are some packet logs, unfortunately heavily redacted because privacy.

    If anyone has figured out how to decode the PktGamePlayerInfo packet (with packet ID 08cb1808), I'd greatly appreciate some guidance. It's a huge mess to me.

    Additionally, if any are interested, I'd be happy to decrypt some packet dumps (Must be a contiguous stream, due to stream encryption) for people if that's a barrier of entry for some. (Bear in mind packet dumps will inevitably contain details uniquely identifying your account, including but not limited to IP address, email and account name).

     
    Code:
    > PktAuthVersionCheck(Version=STABLE-103-160)
< PktAuthVersionCheckResp(Response=True)
> PktAuthAuthenticate(Ticket=2711 chars, Signature=64 chars, field2=[PLAYER ID?])
< Pkt_0840f2e7(field0=[REDACTED 3])
< Pkt_07c670f6(field1=[REDACTED 4], field2=[PLAYER ID?])
> PktAuthClientWrapper(Inner=Pkt_0b2bff4c(field0=[PLAYER ID?], field1=[REDACTED 4], field4=1))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_010bd186(field0=3))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0a2f0061(field0=1, field1=False, field2=-1, field3=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_005be008(field2=live-us))
> PktAuthClientWrapper(Inner=Pkt_05b7e25a(field0=True))
> PktAuthClientWrapper(Inner=PktAuthSetLanguage(field0=en))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_087ed254(field0=[USERNAME], field1=[REDACTED 2]))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthLoginMessage(field0=Time to Get Crafty this Snowfest! Enjoy your daily login gifts. Tell a friend!))
> PktAuthClientWrapper(Inner=PktAuthChatJoinChannel(ChId=Global_ExperiencedPlayers#en))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0fcce279(field0=[REDACTED 5], field1=136124 bytes, field2=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0fcce279(field0=[REDACTED 1], field1=345 bytes, field2=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_00b1d821(field0=[PLAYER ID?]))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatJoinChannel(ChId=[REDACTED], ChName=[REDACTED]))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatJoinChannel(ChId=[REDACTED], ChName=[REDACTED]))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatJoinChannel(ChId=$Channel_World#[REDACTED 6], ChName=$Channel_World))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatJoinChannel(ChId=$Channel_Say#[REDACTED 6], ChName=$Channel_Say))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthWorldAddress(Address=dal-c31-b05.dal.triongames.com:REDAC, WorldId=[REDACTED 6], field3=*, field4=11, field6=-1, field7=60))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0fcce279(field0=[REDACTED 1], field1=17 bytes, field2=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0fcce279(field0=[REDACTED 5], field1=18 bytes, field2=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt0x09ce8109(300 bytes))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatMessage(field0=-65536, Message=You are now marked as online, Channel=#INFO))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0fcce279(field0=[REDACTED 1], field1=1 bytes, field2=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=Pkt_0fcce279(field0=[REDACTED 5], field1=1 bytes, field2=False))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthBlockedWordlist(field0=1129 bytes))
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatJoinChannel(ChId=Global_ExperiencedPlayers#en, ChName=$Channel_Global))
< PktAuthPing()
< PktAuthWrapper(field0=[SOME CONN ID?], Inner=PktAuthChatMessage(field0=-256, Sender=[REDACTED], Message=i almost lvl 10, Channel=Global_ExperiencedPlayers#en))
< PktAuthPing()
< PktAuthPing()
> PktAuthPingTime(field0=6827.95096)
< PktAuthPingTime(field0=6827.96453)
< PktAuthPing()
> PktAuthPingTime(field0=6829.98519)
< PktAuthPingTime(field0=6829.99943)
...


     
    Code:
    > PktGameVersionCheck(Version=STABLE-103-160)
< PktGameVersionCheckResp(Response=True)
> PktGameAuthenticate(field0=[PLAYER ID?], field1=[REDACTED 3], field2=1, field5=[REDACTED], Signature=64 chars, Ticket=2711 chars)
< Pkt_03596f29(field1=[REDACTED])
> Pkt_0f99ae77(field0=[REDACTED 6])
> Pkt_0e7f02ac(field0=192)
< PktGameServerSettings(field0=[REDACTED 6], field1=865 bytes)
< Pkt_087837a2()
< Pkt_053f56db(field0=TroveVector<TypedInt>[2860 items], field1=TroveVector<TypedInt>[2860 items])
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=1, field3=0, field4=[REDACTED 7]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=1, field3=0, field4=[REDACTED 7]), Cmd=SetRotationLocal, field4=23)
< PktGameInteractableObjects(field0=[REDACTED], field1=399 bytes, field3=-16, field4=48, field5=16)
< PktGameInteractableObjects(field0=[REDACTED], field1=347 bytes, field3=-16, field4=48, field5=16)
< PktGameInteractableObjects(field0=[REDACTED], field1=367 bytes, field3=-16, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=321 bytes, field3=-16, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=713 bytes, field3=-16, field4=48)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=1, field3=0, field4=[REDACTED 7]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=1, field3=0, field4=[REDACTED 7]), Cmd=SetRotationLocal, field4=23)
< PktGameInteractableObjects(field0=[REDACTED], field1=694 bytes, field3=-32, field4=48, field5=16)
< PktGameInteractableObjects(field0=[REDACTED], field1=548 bytes, field3=-32, field4=48, field5=16)
< PktGameInteractableObjects(field0=[REDACTED], field1=1219 bytes, field3=-32, field4=48, field5=16)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameInteractableObjects(field0=[REDACTED], field1=657 bytes, field3=-48, field4=48, field5=16)
< PktGameInteractableObjects(field0=[REDACTED], field1=661 bytes, field3=-48, field4=48, field5=16)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameInteractableObjects(field0=[REDACTED], field1=675 bytes, field3=-48, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=659 bytes, field3=-48, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=657 bytes, field3=-48, field4=48)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameUpdate(field0=[REDACTED], field1=SetRotationLocal(field0=9, field1=0, field2=0.7071064, field3=0, field4=[REDACTED 8]), Cmd=SetRotationLocal, field4=23)
< PktGameInteractableObjects(field0=[REDACTED], field1=358 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=662 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=332 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=219 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=2880 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=326 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=507 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=346 bytes, field3=-32, field4=48)
< PktGameInteractableObjects(field0=[REDACTED], field1=2340 bytes, field3=-32, field4=48)
> Pkt_01fd6115()
< PktGameInteractableObjects(field0=[REDACTED], field1=1240 bytes, field2=abilities/[REDACTED]/[REDACTED], field3=-16, field4=48, field5=16)
< PktGameInteractableObjects(field0=[REDACTED], field1=169 bytes, field2=collections/pet/[REDACTED], field3=-16, field4=48, field5=16)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetIsGod)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetIsTrophyDropDisabled)
< Pkt_0c814638(field0=[REDACTED], field1=7422 bytes)
< Pkt_0c814638(field0=[REDACTED], field1=1292 bytes)
< Pkt_0c814638(field0=[REDACTED], field1=54 bytes)
< Pkt_004dba16(field0=[REDACTED 6], field1=Pkt_008c7ce0(field0=[REDACTED], field1=480, field2=209, field3=11.[REDACTED], field4=0))
< PktGameServiceUpdate(field0=23, field1=180 bytes, field2=communitychest)
< PktGameServiceUpdate(field0=6, field1=19 bytes, field2=worldquestservice)
< PktGameServiceUpdate(field0=12, field1=18 bytes, field2=LinkedPortalService)
< PktGameServiceUpdate(field0=200059, field1=16 bytes, field2=worldlootservice)
< PktGameServiceUpdate(field0=18300001, field1=13 bytes)
< PktGameServiceUpdate(field0=24, field1=345 bytes, field2=clubchest)
< PktGameServiceUpdate(field0=17500000, field1=2568 bytes, field2=scheduledeventservice)
< PktGameServiceUpdate(field0=7, field1=18 bytes, field2=DailyLootBonusService)
< PktGameServiceUpdate(field0=13, field1=22 bytes, field2=worldhealthservice)
< PktGameServiceUpdate(field0=18300002, field1=17 bytes, field2=MTXMetadataService)
< PktGameServiceUpdate(field0=25, field1=345 bytes, field2=officerchest)
< PktGameServiceUpdate(field0=8, field1=5389 bytes, field2=StoreDealsService)
< PktGameServiceUpdate(field0=14, field1=1746 bytes, field2=leaderboardcontest)
< PktGameServiceUpdate(field0=18300003, field1=96 bytes, field2=respawn_controller)
< PktGameServiceUpdate(field0=20, field1=14 bytes, field2=npcstats)
< PktGameServiceUpdate(field0=3, field1=20 bytes, field2=cornerstoneservice)
< PktGameServiceUpdate(field0=9, field1=59 bytes, field2=challengeservice)
< PktGameServiceUpdate(field0=15, field1=14 bytes, field2=PersonalObjectiveService)
< PktGameServiceUpdate(field0=21, field1=14 bytes, field2=NpcAffixService)
< PktGameServiceUpdate(field0=18200003, field1=194 bytes, field2=ChaosChestService)
< PktGameServiceUpdate(field0=4, field1=30 bytes, field2=worldpermissions)
< PktGameServiceUpdate(field0=10, field1=13 bytes, field2=towerleaderboard)
< PktGameServiceUpdate(field0=16, field1=14 bytes, field2=BadgeService)
< PktGameServiceUpdate(field0=22, field1=84781 bytes, field2=customheadservice)
< PktGameServiceUpdate(field0=18200004, field1=17 bytes, field2=ParticipationTimerService)
< PktGameServiceUpdate(field0=5, field1=20 bytes, field2=portalservice)
< PktGameServiceUpdate(field0=11, field1=14 bytes, field2=auctionservice)
< PktGameServiceUpdate(field0=17, field1=18 bytes, field2=worldmapdungeon)
< PktGamePlayerInfo(field0=[REDACTED], field2=216121 bytes)
< Pkt_0c814638(field0=[REDACTED], field1=5 bytes)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=UpdateFeaturedProduct, field4=109)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=MovementUpdate, field4=28)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES], Cmd=OnLoginBonus, field4=109)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=HandlePaymentMethods, field4=83)
< Pkt_0c814638(field0=[REDACTED], field1=61 bytes)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=UpdateDealExpiration, field4=109)
< Pkt_0c814638(field0=[REDACTED], field1=455 bytes)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Confirm, field4=28)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=MovementUpdate, field4=28)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=FinishPing, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=FinishPing, field4=84)
< Pkt_0c814638(field0=[REDACTED], field1=21 bytes)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
< Pkt_0c814638(field0=[REDACTED], field1=0 bytes)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=FinishPing, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Confirm, field4=28)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=MovementUpdate, field4=28)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=FinishPing, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=FinishPing, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=FinishPing, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=SetInput, field4=18)
> PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Confirm, field4=28)
< PktGameUpdate(field0=[REDACTED], field1=([REDACTED BYTES]), Cmd=Ping, field4=84)
    Last edited by Polling; 12-30-2016 at 08:12 AM.
    Reply With Quote Reply With Quote
  2. 01-01-2017 #2
    kevvv1
    kevvv1 is offline
    Newbie
    MPGH Member
    kevvv1's Avatar
    Join Date
    Jul 2014
    Gender
    male
    Posts
    36
    Reputation
    10
    Thanks
    6
    Send a message via Birdie™ to kevvv1 United States
    I would be a bit interested in seeing how you were able to do this
    Reply With Quote Reply With Quote
  3. 01-01-2017 #3
    Polling
    Polling is offline
    Threadstarter
    New Member
    Polling's Avatar
    Join Date
    Jun 2016
    Gender
    male
    Posts
    6
    Reputation
    10
    Thanks
    0
    Send a message via Birdie™ to Polling Australia
    For decrypting:
    • Breakpoints on the WSARecv and family functions
    • Trace raw data to crypto functions
    • Read documentation on the crypto library used in the game
    • Finally identify the crypto key and IV used


    As for decoding a given packet, fortunately the packet ids are quite unique and as such it's trivial to search the entire binary for them and identify decoding routines.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. [Help Request] Is there a way to stop sending packets and then resend packets to server
    By thisisaaccount1234 in forum Garry's Mod Discussions & Help
    Replies: 6
    Last Post: 07-01-2015, 11:25 PM
  2. [Help Request] Need help with decrypting and editing the DLL
    By j_u_m in forum RoboCraft Discussions & Help
    Replies: 2
    Last Post: 11-04-2014, 10:43 AM
  3. [Dark Mystic 2.0 and Code's packet spammer]
    By Ako C Kurt in forum Adventure Quest Worlds (AQW) Hacks / Cheats / Trainers
    Replies: 10
    Last Post: 03-24-2013, 07:57 AM
  4. [Release] Shut up and take my packets
    By DWL in forum Adventure Quest Worlds (AQW) Hacks / Cheats / Trainers
    Replies: 15
    Last Post: 02-03-2013, 01:36 AM
  5. [Release] HiddenMaster of FSP™ and EFSP™ Presents: Zombie Log-In
    By 666HiddenMaster666 in forum Combat Arms Mods & Rez Modding
    Replies: 27
    Last Post: 03-18-2011, 09:11 AM