How did it get started?

[pwjones]

When MANGOS first started, how did they go about determining certain things? First, how did they determine what/how the login server worked and what encryption it used?

I ask because when LEGO Universe (LU) closed the first thing I thought about was doing something for LU like MANGOS for WOW. I think it would be a great learning experience. My programming skills are more on line with changing existing code to meet my needs. I have done a few projects at work that I did start from scratch but nothing on this level. And it would have the added benefit of being able to play LU again

I do know that LU used RakNet but do not know to what extent. I have that source code to look through and I also am perusing the realmd source code for starters. I have looked through the message board and have seen a few things about encryption, login, etc. but nothing that showed how they got started.

If anyone knows of a good website about these things, that would also be appreciated.

Thanks,

Patrick

[Unkle Nuke]

Without knowing how the official game server interacts with the client, such as actual real-time network data, creating your own emulator would be a shot in the dark, at best. Once their servers go down down the drain, your idea of a private LU server goes with it.

The best place to start would be to do a search for "server emulation", using Google or some other search engine. There are sites out there that do cover the general concepts and techniques for creating a server emulator. Some basics you'll need are some type of network monitoring/packet capture utility, a hex editor, a disassembler/debugger, knowledge of packet structures and common encryption methods, assembly programming, and the usual programming tools you prefer for creating a project, like C++ or Ruby.

Keep in mind that not all legal jurisdictions allow for capture of network data not originating from your own machine or reverse-engineering of any data or software where you are not the legal author or owner of said software or data. Unless things have radically changed in the last few years, U.S. Federal laws do allow for this so long as such data gathered or reverse-engineered software is used solely for the purpose of cyber-security or creating original works derived from understanding the algorithms and mechanics.

Assuming you do have some success, keep in mind that you may bring an avalanche of tortious vengeance by the game publisher down upon your head, regardless of the product's commercial status. People have been sued over games that were published twenty years ago and long considered abandonware. Tread carefully in how you approach this.

Before going public with anything, it would probably be best to ask a lawyer or at least consult an official body versed in such matters, rather than to take the word of an anonymous schmuck that hangs out in an internet forum. 8o

[pwjones]

Thanks for the response. I got some wireshark captures before it closed. Foolishly, I just thought it was a single encryption key. For some reason I did not even consider anything else. I did get some captures from the login so I can look at those and see. Since I thought there was a single encryption key all my other captures are worthless. Maybe I got a few during the same time I got the login capture.

If I can get the login to work and have LU actually start, I am hoping I can "make up" the rest. That would be another learning experience and I could make LU my way That may keep them from suing me since it would not actually be LU. I did see an email from LEGO to another person about making their own LU and LEGO said they could do it as long as they did not include the red LEGO logo. There may have been something else too. I will have to see if I can find that, or email LEGO myself.

Thanks for all the advice. I will definitely search for "server emulation." This may all be moot and I may not get anywhere with it. Hopefully I will learn something along the way.

Although, I now have another question. Does it not add more "stress" to the server to have to keep track of all the different encryption? I guess I should look through the MANGOS source code and see what it does before I start asking. I am guessing it stores them in the database. Sorry, I will quit typing and go look it up.

Once again, thanks for the reply.

Thanks,

Patrick

[Unkle Nuke]

Although the MaNGOS sources can give you a general indication of how handshaking and validation is handled between a client and server, the exact methods used here may not apply to an LU server. It all really depends on the type of encryption used, the validation algorithm, how often it is invoked, and how many layers of security are embedded in the client-server interaction.

I am nowhere near as expert in the inner workings of the encryption and its implementation for MaNGOS as someone like Vladimir or TheLuda. What I have gleaned from past information is the encryption is used mainly with initial connection to validate the authenticity of the client. Once decrypted, the key resides in client system memory to minimize the necessity of constantly running the encryption protocol. The method is simplified because MaNGOS does not implement Warden, which has its own layers of validation to prevent cheats that use packet editing and memory injection exploits. Depending on your intended use, the anti-cheat portion of the LU client-server may be dropped entirely, leaving you with only requiring a successful handshake and validation of the client upon connection to the server.

I would most certainly keep every last packet you have, simply because you never know when your development will unlock some useful information from what appear to be "useless" packets at this time. A similar thing happened early in the WoW server scene. Nobody worried about Warden, so packet capture data that might have revealed its functions was never gathered. As a result, MaNGOS does not have Warden supported for the server that is used with the WoW 1.12 client.

You may also wish to have a look at the Game Deception forums. They deal specifically with reverse-engineering games, including for the purpose of creating servers. It is very likely others have the same idea of creating an LU server, so you may be fortunate enough to find a great many more resources to help your studies.

Keep in mind you are undertaking an enormous project that could literally eat up years of your life before you have a satisfactory result. However, nothing worth having is ever easy and you will learn so much more than you ever dreamed by getting your hands dirty and sticking with it. You will be pioneering techniques and code that will be used by others for years to come as they work upon their own Lego game servers. I envy you as you begin this journey.

I wish you the best of luck!

[pwjones]

Thank you. Your answers have been more than helpful. I am studying the website you mentioned (gamedeception.net). That is definitely going to test my focus on this project I have already strayed off track with all the Assembly videos on there. I have always wanted to learn Assembly beyond the simple commands.

One thing I have learned by studying the source code is that I don't know as much as I thought. It reminds me of when someone made a request on the MAME32 project. I quickly threw a hack together to get it to work. It was not pretty but it worked. Then one of the developers started to work on it and they made a much better solution in less time. So I need to learn a lot more. It is a good thing I love to learn. :lol:

As I said, any help or suggestion is greatly appreciated. You have given me a lot of information to chew on.

Thanks,

Patrick