You can just RABCDASM and Grep it.
I am going to leave the steps that I took to get to this point here to help anyone else. For anyone that would like to help me, skip to the edit at the bottom.
I am currently trying to follow the process that the user Pepsi Cola went through in this thread: https://www.mpgh.net/forum/showthread.php?t=837542
but I am running into the "waiting for hello packet" error which he had solved by someone posting the answer, which doesn't help much because it is outdated now. I would like to figure out how to do this myself and if I can get this working hopefully post a detailed tutorial for others.
First off I'll explain what I have done so far. I'll post links so that if this get's solved others can follow my steps and they may be useful for solving the problem:
I have downloaded Realm Relay from ****** and loaded it into eclipse.
https://******.com/DeVoidCoder/Realm-Relay
I then decompiled the client and got the RC4 keys from there.
After that updated the HelloPacket with this pastebin:Code:key1=311f80691451c71d09a13a2a6e key0=72c5583cafb6818995cdd74b80
https://pastebin.com/V2u4adgd
And updated the AccountListPacket with this pastebin:
https://pastebin.com/vBgvswYU
I then get this in the console:
So I believe the problem is that my HelloPacket/AccountList class is out of date but I can't seem to figure out how to update it. I have been searching the forums and found this thread where someone was updating the files but I cannot for the life of me find out where he managed to get all these nice java files from the decompiled client:Code:05:36:47 Mapping: ACCEPTTRADE -> 45 05:36:47 Mapping: ACCOUNTLIST -> 1 05:36:47 Mapping: ALLYSHOOT -> 97 05:36:47 Mapping: AOEACK -> 69 05:36:47 Mapping: AOE -> 33 05:36:47 Mapping: BUY -> 60 05:36:47 Mapping: BUYRESULT -> 4 05:36:47 Mapping: CANCELTRADE -> 78 05:36:47 Mapping: CHANGEGUILDRANK -> 31 05:36:47 Mapping: CHANGETRADE -> 76 05:36:47 Mapping: CHECKCREDITS -> 6 05:36:47 Mapping: CHOOSENAME -> 44 05:36:47 Mapping: CLIENTSTAT -> 91 05:36:47 Mapping: CREATE_SUCCESS -> 27 05:36:47 Mapping: CREATEGUILD -> 80 05:36:47 Mapping: CREATEGUILDRESULT -> 13 05:36:47 Mapping: CREATE -> 35 05:36:47 Mapping: DAMAGE -> 59 05:36:47 Mapping: DEATH -> 62 05:36:47 Mapping: EDITACCOUNTLIST -> 18 05:36:47 Mapping: ENEMYHIT -> 22 05:36:47 Mapping: ESCAPE -> 65 05:36:47 Mapping: FAILURE -> 0 05:36:47 Mapping: FILE -> 68 05:36:47 Mapping: GLOBAL_NOTIFICATION -> 30 05:36:47 Mapping: GOTOACK -> 47 05:36:47 Mapping: GOTO -> 51 05:36:47 Mapping: GROUNDDAMAGE -> 75 05:36:47 Mapping: GUILDINVITE -> 66 05:36:47 Mapping: GUILDREMOVE -> 3 05:36:47 Mapping: HELLO -> 53 05:36:47 Mapping: INVDROP -> 5 05:36:47 Mapping: INVITEDTOGUILD -> 55 05:36:47 Mapping: INVRESULT -> 25 05:36:47 Mapping: INVSWAP -> 37 05:36:47 Mapping: JOINGUILD -> 98 05:36:47 Mapping: LOAD -> 58 05:36:47 Mapping: MAPINFO -> 41 05:36:47 Mapping: MOVE -> 92 05:36:47 Mapping: NAMERESULT -> 12 05:36:47 Mapping: NEW_TICK -> 56 05:36:47 Mapping: NOTIFICATION -> 40 05:36:47 Mapping: OTHERHIT -> 26 05:36:47 Mapping: PIC -> 87 05:36:47 Mapping: PING -> 74 05:36:47 Mapping: PLAYERHIT -> 20 05:36:47 Mapping: PLAYERSHOOT -> 84 05:36:47 Mapping: PLAYERTEXT -> 42 05:36:47 Mapping: PLAYSOUND -> 7 05:36:47 Mapping: PONG -> 95 05:36:47 Mapping: QUESTOBJID -> 14 05:36:47 Mapping: RECONNECT -> 36 05:36:47 Mapping: REQUESTTRADE -> 28 05:36:47 Mapping: RESKIN -> 85 05:36:47 Mapping: SETCONDITION -> 96 05:36:47 Mapping: SHOOT2 -> 79 05:36:47 Mapping: SHOOTACK -> 57 05:36:47 Mapping: SHOOT -> 90 05:36:47 Mapping: SHOW_EFFECT -> 21 05:36:47 Mapping: SQUAREHIT -> 77 05:36:47 Mapping: TELEPORT -> 11 05:36:47 Mapping: TEXT -> 89 05:36:47 Mapping: TRADEACCEPTED -> 49 05:36:47 Mapping: TRADECHANGED -> 94 05:36:47 Mapping: TRADEDONE -> 34 05:36:47 Mapping: TRADEREQUESTED -> 88 05:36:47 Mapping: TRADESTART -> 52 05:36:47 Mapping: UPDATEACK -> 93 05:36:47 Mapping: UPDATE -> 83 05:36:47 Mapping: USEITEM -> 10 05:36:47 Mapping: USEPORTAL -> 16 05:36:47 Not mapped: _-0Z0 -> 19 05:36:47 Not mapped: _-01K -> 82 05:36:47 Not mapped: _-EK -> 8 05:36:47 Not mapped: _-SA -> 17 05:36:47 Not mapped: _-1HD -> 24 05:36:47 Not mapped: _-1UV -> 48 05:36:47 Not mapped: _-16N -> 86 05:36:47 Not mapped: _-0LF -> 46 05:36:47 Not mapped: _-YR -> 38 05:36:47 Not mapped: _-0VN -> 50 05:36:47 Not mapped: _-0OA -> 39 05:36:47 Not mapped: _-FC -> 9 05:36:47 Not mapped: _-R2 -> 15 05:36:47 Not mapped: _-O3 -> 61 05:36:47 Not mapped: _-XX -> 81 05:36:47 Not mapped: ENTER_ARENA -> 67 05:36:47 Not mapped: _-1IJ -> 23 05:36:47 Not mapped: _-A1 -> 63 05:36:47 Not mapped: _-HU -> 64 05:36:47 Realm Relay listener started 05:37:06 Connected Socket[addr=/127.0.0.1,port=65012,localport=2050] 05:37:06 Waiting for HELLO from client... 05:37:16 Disconnected Socket[addr=/127.0.0.1,port=65012,localport=2050]
https://www.mpgh.net/forum/showthread.php?t=830866
All the files I see are very cryptic and not nearly as informative as the ones he is apparently looking at. Is there some decryption step I am missing?
I have spent so much time on this, any time would be greatly appreciated!
Edit: Just found out about AS3 Sorcerer that will let me view the decrypted files! I found the packet classes but how do I update the java classes from the ones found in the client? I can't post the class I found in AS3 because I'm only using the trial...
Last edited by Diericx; 12-19-2014 at 12:01 AM.
You can just RABCDASM and Grep it.
10-15 chars Multibox-squad, custom sync.
Where did you get the values like randomInt1 and randomInt2?
Edit: Nevermind I found those, but I'm still unclear on what all I need to edit. From the example I have from an older version it looks like the person added a lot of code that I don't really understand what is doing. Do you think you could post your HelloPacket so I could compare them? This is what I have so far:
Code:package realmrelay.packets.client; import java****.DataInput; import java****.DataOutput; import java********Exception; import realmrelay.packets.Packet; public class HelloPacket extends Packet { public String buildVersion; public int gameId; public String guid; public int randomInt1; public String password; public int randomInt2; public String secret; public int keyTime; public byte[] key = new byte[0]; public byte[] obf1 = new byte[0]; public String obf2; public String obf3; public String obf4; public String obf5; public String obf6; @override public void parseFromInput(DataInput in) throws IOException { this.buildVersion = in.readUTF(); this.gameId = in.readInt(); this.guid = in.readUTF(); this.randomInt1 = in.readInt(); this.password = in.readUTF(); this.randomInt2 = in.readInt(); this.secret = in.readUTF(); this.keyTime = in.readInt(); this.key = new byte[in.readShort()]; in.readFully(this.key); this.obf1 = new byte[in.readShort()]; in.readFully(this.obf1); this.obf2 = in.readUTF(); this.obf3 = in.readUTF(); this.obf4 = in.readUTF(); this.obf5 = in.readUTF(); this.obf6 = in.readUTF(); } @override public void writeToOutput(DataOutput out) throws IOException { out.writeUTF(this.buildVersion); out.writeInt(this.gameId); out.writeUTF(this.guid); out.writeInt(this.randomInt1); out.writeUTF(this.password); out.writeInt(this.randomInt2); out.writeUTF(this.secret); out.writeInt(this.keyTime); out.writeShort(this.key.length); out.write(this.key); out.writeShort(this.obf1.length); out.write(this.obf1); out.writeUTF(this.obf2); out.writeUTF(this.obf3); out.writeUTF(this.obf4); out.writeUTF(this.obf5); out.writeUTF(this.obf6); } }
Last edited by Diericx; 12-19-2014 at 12:21 AM.
Also, make sure your xmls are for 27.2.1. xml/packet.xml
Alde is Alde is
@Alde. Your Realm Relay on ****** is not up-to-date
Alde. (12-19-2014)
@kola95 I have gotten that far and I am looking at the HelloPacket in the client but my problem is knowing how to update the class in Realm Relay by looking at the one in the client. I'm just not sure what is supposed to be copied over.
Last edited by Diericx; 12-19-2014 at 10:32 AM.
String = readUtf, Integrer = readInt, i think its easy to understand, and when you scroll down you see after guid and after password some math calcualtions, so you need add it inside RR as well (aka RandomInt). My RR copy have auto-updater i dont care if HELLO changes, its will be correct all the time when build change (i dont say how its done, but the implementation is very simple ).
10-15 chars Multibox-squad, custom sync.
I have done all of that and my HelloPacket seems to be up to date but I still get the error:
What am I doing wrong here? Sorry for being so difficult :/ I really appreciate the responses though!Code:00:22:10 Connected Socket[addr=/127.0.0.1,port=55964,localport=2050] 00:22:10 Waiting for HELLO from client... 00:22:20 Disconnected Socket[addr=/127.0.0.1,port=55964,localport=2050]
Code:package realmrelay.packets.client; import java****.DataInput; import java****.DataOutput; import java********Exception; import realmrelay.packets.Packet; public class HelloPacket extends Packet { public String buildVersion; public int gameId; public String guid; public int randomInt1; public String password; public int randomInt2; public String secret; public int keyTime; public byte[] key = new byte[0]; public byte[] obf1 = new byte[0]; public String obf2; public String obf3; public String obf4; public String obf5; public String obf6; @override public void parseFromInput(DataInput in) throws IOException { this.buildVersion = in.readUTF(); this.gameId = in.readInt(); this.guid = in.readUTF(); this.randomInt1 = in.readInt(); this.password = in.readUTF(); this.randomInt2 = in.readInt(); this.secret = in.readUTF(); this.keyTime = in.readInt(); this.key = new byte[in.readShort()]; in.readFully(this.key); this.obf1 = new byte[in.readShort()]; in.readFully(this.obf1); this.obf2 = in.readUTF(); this.obf3 = in.readUTF(); this.obf4 = in.readUTF(); this.obf5 = in.readUTF(); this.obf6 = in.readUTF(); } @override public void writeToOutput(DataOutput out) throws IOException { out.writeUTF(this.buildVersion); out.writeInt(this.gameId); out.writeUTF(this.guid); out.writeInt(this.randomInt1); out.writeUTF(this.password); out.writeInt(this.randomInt2); out.writeUTF(this.secret); out.writeInt(this.keyTime); out.writeShort(this.key.length); out.write(this.key); out.writeShort(this.obf1.length); out.write(this.obf1); out.writeUTF(this.obf2); out.writeUTF(this.obf3); out.writeUTF(this.obf4); out.writeUTF(this.obf5); out.writeUTF(this.obf6); } }
Last edited by Diericx; 12-19-2014 at 06:14 PM.
If you have socket bla bla error in client you must run it as admin and I prefer use exe files so i dont run into problems, somewhere here by nilly was explained how to add SWF in trusted locations, it will allow of proxy usage in SWF, else you get socket error.
try change obf 1 from array to single string
if it still will not work, but say packet length *numbers* is something *numbers* will be close like 398\400 add next string obf7 at the end to make the packet process as 400\400 and when you will be able to connect property, its why i have 7 obf when client give me only 6 of classes.
10-15 chars Multibox-squad, custom sync.
Shoot, I totally forgot about the whole thing where you have to run in the browser to connect to sockets, woops. So now I am getting the error you talked about:
I know you just explained how to fix it but I'm not too sure what you mean. Wouldn't I have to add another string and then check the current packet size and add a certain amount of characters to the string in order to make it 400 bytes? Or am I over thinking it...Here is my current HelloPacket (just for reference):Code:CREATE_SUCCESS byte length is 8 after parsing, but was 400 before parsing. Try updating your packets.xml
Code:package realmrelay.packets.client; import java****.DataInput; import java****.DataOutput; import java********Exception; import realmrelay.packets.Packet; public class HelloPacket extends Packet { public String buildVersion; public int gameId; public String guid; public int randomInt1; public String password; public int randomInt2; public String secret; public int keyTime; public byte[] key = new byte[0]; public String obf1; public String obf2; public String obf3; public String obf4; public String obf5; public String obf6; @override public void parseFromInput(DataInput in) throws IOException { this.buildVersion = in.readUTF(); this.gameId = in.readInt(); this.guid = in.readUTF(); this.randomInt1 = in.readInt(); this.password = in.readUTF(); this.randomInt2 = in.readInt(); this.secret = in.readUTF(); this.keyTime = in.readInt(); this.key = new byte[in.readShort()]; in.readFully(this.key); this.obf1 = in.readUTF(); this.obf2 = in.readUTF(); this.obf3 = in.readUTF(); this.obf4 = in.readUTF(); this.obf5 = in.readUTF(); this.obf6 = in.readUTF(); } @override public void writeToOutput(DataOutput out) throws IOException { out.writeUTF(this.buildVersion); out.writeInt(this.gameId); out.writeUTF(this.guid); out.writeUTF(this.password); out.writeUTF(this.secret); out.writeInt(this.keyTime); out.writeShort(this.key.length); out.write(this.key); out.writeUTF(this.obf1); out.writeUTF(this.obf2); out.writeUTF(this.obf3); out.writeUTF(this.obf4); out.writeUTF(this.obf5); out.writeUTF(this.obf6); } }
Last edited by Diericx; 12-20-2014 at 12:51 PM.
This is valid class, i just entered nexus with it.
Create_Sucsess must not show error what i explained before, your IDs are outdated.
Try compile and launch, you enter nexus, when compile without obf7, you will get error 398\400, its why i have 7 instead of client 6.
10-15 chars Multibox-squad, custom sync.
It works now! I accidentally forgot to update the packets. Stupid mistake. But thank you for providing your HelloPacket, I understand what you were saying now. That was what I guessed the implementation would be but I wasn't sure. Thank you so much for all the help! I'm thinking of writing a detailed tutorial about all of this to teach a group of my friends. Do you think posting it in the forums would be helpful?
Last edited by Diericx; 12-20-2014 at 03:54 PM.