Jump to content

Recommended Posts

Posted (edited)

Hello again ,

 

I am looking for some help in decoding packets send by server and received by my client..

I have read in an old topic  someth about injecting .dll right after the buffer U_U .. don't have a clue what this means 😛

 

But i don't think it has to be this hard.. If anyone has a nice decoding program (NOT FOR .INI's) .. PLEASE SHARE!

 

Regards

Edited by Vision
Posted

Well..

 

There are many programs wich allows u to sniff packets traffic.

I am looking for someth to know more about the packets between client and server(L2).

 

In this guide from CAHEK about Hlapex u can find some information.

http://www.elitepvpers.de/forum/lin2-exploits-hacks-bots-tools-macros/63949-hlapex-hint.html

 

This guide shows u how to edit packets to obtain certain Requests..

But ! with any other sniffer program u won't find the same packet.. u will find a coded one ..

So i was looking for someth to De - code these packets ..

 

Regards

 

Posted

Hence that when you open L2phx or hlapex, it must be opened before you login into your account. Why? Because it'll capture the keys for the cryptography. You can check those packets when you login using either of them. After that it'll use that key to decrypt the traffic. If you're thinking about using any other sniffer (such as ethereal, wpe pro, network chemistry packetyzer etc)... it may be a little hard to do it. Maybe in WPE PRO you can make a filter to do that auto, not sure.

Of course you can auto it by injecting a DLL, which is what L2phx and hlapex does. Don't know if you can get a generic dll injector (just google for one, there's 2137821390 out there) and inject the DLL they made for this and then use any generic sniffer...

 

Why not just use L2phx? Easier... :P

Posted

I know what you mean. Use WP. You can decode the packets with some functions like gsys.BFdec(key), the only problem is that you won't be able to log the decoded packets.

 

You can log them with something like Log(_gOutBuff).

 

PD: Maybe the sintax or the funcions are not OK, I am writing without looking at the WP xD

Posted

Well..

 

There are many programs wich allows u to sniff packets traffic.

I am looking for someth to know more about the packets between client and server(L2).

 

In this guide from CAHEK about Hlapex u can find some information.

http://www.elitepvpers.de/forum/lin2-exploits-hacks-bots-tools-macros/63949-hlapex-hint.html

 

This guide shows u how to edit packets to obtain certain Requests..

But ! with any other sniffer program u won't find the same packet.. u will find a coded one ..

So i was looking for someth to De - code these packets ..

 

Regards

 

 

I wants supose that hlapex or l2phx are not working in that server, because if the answer is yes, is working, there is no sense in find other sniffer.

But, if is not working, you can find in google a sniffer with decoders included.

I was proving one a time ago (i don´t remember the name) that had a decoder to be used in the l2 packets.

Google is the light in the tunel.-

Posted

yi,

 

Thanx for ur reactions ...

I can't open hlapex or lphx when my client is opend. GameGuard protection .. (client disconnects).

When i put the data string in hlapex or lphx i still can't see what the request or whatsoever is..

 

Will google it later today (@school)

 

Regards

Posted

Then you need a GG killer/bypasser... then you may try those. GG will block anything you try... try to get rid of it, instead of trying other sniffers. It'll probably detect them all and you probably won't be able to inject any DLL into the game if GG is active.

Your problem is not the sniffer you're using, it's GG.

  • 1 month later...
Posted

 

Why not just use L2phx? Easier... :P

 

Actually, in my private test server, when i sent packets to the server (L2J), my character freeze on floor. L2phx isn´t dead like hlapex?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...