Boter+

Can someone explain me wtf does this script do? If it is client side is not really useful, or for testing purposes.

I don't really like these kind of scripts, I don't see them useful. But it is always good to have people coding scripts and sharing. Someday, I will realease one of my BIG scripts (when I get bored of L2), its for WP. It has almost the same features as L2control (or maybe more xD), but ingame.

Ok, I answer myself! xDDDD The default token for CT1.5 is 6B60CB5B82CE90B1CC2B6C556C6C6C6C, but it is NOT for the first packet. So, what is the token for that packet? Also, I have 1 packet that is unknown.... The login pck from the client. But it is just after a GGAuth request and an answer, so I suposed the token is OK just it is codec with RSA or smt similar.

Hello! It has been long time since I used to enter this forums and help people :P Now I need some help to start over with new L2 versions. I'm using CT1.5 with WP6.60, and I cannot get it to decode the LS packets. Just some sort of BlowFish coded data :SSS Can someone give me some info about how WP works with hellbound (CT1.5) tokens? I know that the new tokens are "variable", some part is static (33313D3D2D...) and some part is sent by the server in the LS first packet. But I don't know want part is the variable token or how to mix it with the static one. Any info is apreciated. Thanks.

So, if i understood correctly, the loader hacks the core.dll calls and it adds a new encryption right? This new encryption, replaces blowfish, or just is an addon? That could be a problem. It could be posible to follow the code and analyse it. Then, it will only need a little bit of codding of a FS script. But anyway I am not playing L2 atm, so i can't help.

I removed the hide. There is no reason to hide this.

ATM there are no servers with token protection (or maybe there are, but I don't know xD), anyway, here is a guide to extract the interlude token directly from memory. 1 - Download this files: --------------->http://rapidshare.com/files/104921796/NWindow.rar.html (Nwindow GG cracked) --------------->http://rapidshare.com/files/104921709/CProcess.exe.html (CurProcess) 2 - Copy NWindow.dll to your system, so you will disable GG. 3 - Start the game (L2) form the loader of your server, or directly form l2.exe 4 - Start CProcess.exe and find L2.exe in the upper list, and after that, select Engine.dll in the bottom list. 5 - Press Right Click over Engine.dll and click "Dump Memory", select a file name and as file format (Binary File). Then press "dump memory". 6 - Open the resulting file with any Hex editor (HexProbe, HexComparison, XVI32, etc) and look for the adress: 0x7F8BC0 there will be the token. The default token for interlude is: 33313D3D2D252640215E2B5D5B3B272E5D39342D PD: For more information, the PUSH instruction that reads the token is in adress: 0x165E80 in engine.dll

I don't know if this is good or bad, but this "crack" only changed the line in memory: Why this: So, it does not hack the walker, just redirects the auth to a new server....

Ammm, seems easy. But i would have it done in another way. I usually put the loops outside, you put the loop inside(in the index of the string). :)

Good script. Good job. I don't play there, but its great to see people still helping in the l2 forums. To made the script is the easy part, but, how did you get that the secuence of XOR was "XorString[((i-4) and 7)+1]"??? Thats complicated :P

I know it was you, I was just informing the people in these forums :P

Saurons WP suports Interlude and RSA. In the last version: A quote from the user guide:

Dinamic token for every conection?, wow thats new. I've got to do some test, I never used C6 before.

I still can conect with my OOG. I don't know yet what did they "patched"....

Ii was only a test version of the bot. When the token changed it stopped working.