bsidebg
-
Posts
7 -
Joined
-
Last visited
Never -
Donations
0.00 GBP
Content Type
Profiles
Bug Tracker
Wiki
Release Notes
Forums
Downloads
Blogs
Events
Posts posted by bsidebg
-
-
That would probably help, I can patch something together to properly handle the modules. Don't like .net but to damn lazy to write my own logger.
I know it uses a module specific MD5 function when generating the new keys and building the response, the best way I've figured to handle that is to actually load the module up and let it deal with 0x05 itself.
If you could figure out where the data is stored in memory you could simply extract the new keys after you send out 0x04.
When you receive the 1st 0x00, scan the game's memory for the RC4 state struts:
byte[0x100] key
word position
Search for the out key directly followed by the in key. Once you find it, wait till after 0x04 is sent, then snag the values from those positions, and wala! you have the new keys! This would break if 0x05 actually used something in the game's memory to calculate the new keys. But doubt they will change it now.
uint32_t warden_handle_raw(warden_instance *ctx, uint8_t *data, uint32_t length){ /****************************************************************************** *Raw, This will attempt to have the module itself handle the packet. * *Currently this is needed for 0x05 as it uses module specific MD5 functions. * ******************************************************************************/ uint32_t handled = 0; if(ctx->init_data == 0) return WARDEN_RAW_FAILURE; memcpy(&ctx->init_data.out_key, ctx->out_key, RC4_LENGTH); //Copy our current encryption key to the module, it is used in building 0x04 handled = module_handle_packet((uint8_t*)ctx->init_data, data, length); //Tell the module to handle the packet if(handled == length){ //Did it work? memcpy(ctx->out_key, &ctx->init_data.out_key, RC4_LENGTH); //Lets get the new keys memcpy(ctx->in_key, &ctx->init_data.in_key, RC4_LENGTH); return WARDEN_SUCCESS; }else{ return WARDEN_RAW_FAILURE; } }
Once I get some (A LOT) of free time i'll poke around in the modules see if I can find a way to pragmatically extract the differences in the MD5 function. Would make my life a lot easier. And would make sniffing easier.
Haven't had much free time to do anything with this latly, my laptop is on it's last leg -.- randomly shutting down for no decernable reason. Also, can't find my backup of my dll->mod converter i'll re-write it again eventually.
I'm 70% sure that this is PSU problems, just buy a new PSU and you are ready
-
I like the idea. The whole realize of the idea will take some time but the results will be very blizzlike. I think that this will make MaNGOS very very very close to offy :0
-
UPDATE quest_template SET Method=0 WHERE entry=
entry should be the ID of the Q
-
I hope that this patch will be accepted
-
The 3D you want is called vmaps. You can find it in the directory where you have downloaded MaNGOS with GIT. Example.... C:\\MaNGOS GIT\\, so vmaps extractor should be in C:\\MaNGOS GIT\\contrib\\vmap_extract_assembler_bin
-
Man... you are great
Where do I get MaNGOS
in OldGeneral discussion
Posted
MaNGOS -> GIT
UDB -> SVN
omg read the topics :mellow: