(FOR PRO'S) BAKE ICE MAKER!!!!¿?¿? :( - GOOD LUCK ;)

[ADAL13]

Wow, they don't even encrypt the server packets.  Amateurs.

Are you stup*d? ALL the packets are encripted -.- S>C and C>S i can prove it.

See the screen:

And next time if you don't know keep your mouth shut and don't make me lose time to prove that you don't know. >.<

[blurcode]

It is true they are not encrypted.

ADAL13, can you check now if you see the same packets? :p Btw when you break it tell me so i can release a new update :)

[ADAL13]

See, i proxificate with Proxifier 2.6 and WPC of Sauron the conection of the loader InterludeClient.exe of server FrienxL2 (www.frienzl2.com) and when u press I Agree bottom the loader sends 21 packets to 213.189.27.71:9999

And i the packets are encripted because it says undefined type, and i can't see the strings and integrates.... here's the logs Download-Link #1: http://rapidshare.com/files/86882764/autolog.dat.html

pm me if u want to help and if i was wrong with mccrabben7 i'll sorry.

[Batedor3D]

According to what i understood, the bake launchers sends in an ecrypted message (unkwon number of bites) to the auth server, to let ur ip connect to it.

 

I used the outgame bot + l2authserv + bake ice bypasser and everything works fine,  connection to the login server is established but when the bot tries to log in a message appears on the bake ice bypasser saying the token is not fit with the server token.

 

so my guess is that all we might need is to get the token for each server and place it on a list so that anyone can use them.

[sltbnjr]

See, i proxificate with Proxifier 2.6 and WPC of Sauron the conection of the loader InterludeClient.exe of server FrienxL2 (www.frienzl2.com) and when u press I Agree bottom the loader sends 21 packets to 213.189.27.71:9999

And i the packets are encripted because it says undefined type, and i can't see the strings and integrates.... here's the logs Download-Link #1: http://rapidshare.com/files/86882764/autolog.dat.html

pm me if u want to help and if i was wrong with mccrabben7 i'll sorry.

I'm afraid you're completely wrong on this one Adal, WPC will say undefined type because it is, infact, not the packets WPC expects(L2 packets or that other game WPC supports).

 

The reason you do see parsed strings, integers and whatnot with L2 packets is only because they always have the same fixed structure.

 

Mcrabben is right, those packets are not even encrypted. It could be interesting to intercept the application blacklist and modify the names

 

I haven't changed my mind tho, I'm still never gonna run bakeice.

[mcrabben7]

ADAL13, if you can see the text WITHOUT changing the packet (ignoring the default L2 encryption) then it's not encrypted.

 

I haven't taken the time to study BakeIce at all, but from what I know, it's does an Auth procedure to let you login, perhaps requests and sends a new auth token, scans your computer for bad programs, and then patches the client Auth connection to let you communicate with the login server.

 

It'd be interesting to see TurkSauron's BakeIce code :P

 

 

Maybe one of these days I will examine BakeIce under a debugger when I have time ;)  It would be an interesting adventure.

 

 

[sltbnjr]

It'd be interesting to see TurkSauron's BakeIce code :P

I think it was pointed out the server turksauron's app worked on wasn't actually bakeice

[ADAL13]

Okey okey, i apologize to mcrabben then.

So we need some tool to see the packets directly no?

mmm maybe wpe pro?

I'll try.

[ADAL13]

Well okey, in other order of things anyone can tell me if this are the token of the server: Here's it in the init packet:

 

[1]            S>c            0ms.            16:29:06

-------------------------------------------------------------------------------

TType: LA2    Server: LS1    ParseType: 2 (auto)    EnCode: T2 K2 (auto)

------- 0  1  2  3  4  5  6  7 -  8  9  A  B  C  D  E  F    -------------------

000000 AB 00 00 D1 5D AE 17 5A | 78 00 00 E2 DF 11 D8 FA    «..Ñ]®.Zx..âß.Øú

000010 F8 CF 69 33 D4 96 96 D3 | E4 3B CB 0D 08 89 0A 23    øÏi3Ô––Óä;Ë..‰.#

000020 00 4F 04 5B 3B A6 A6 37 | 33 07 77 E6 56 FE F7 F2    .O.[;¦¦73.wæVþ÷ò

000030 64 73 2D 6F DB CC 4D 06 | 04 F5 3E B0 14 6D 8F E3    ds-oÛÌM..õ>°.mã

000040 4C 7B 36 AC A8 E6 10 5D | 18 8C D0 78 EA D7 90 41    L{6¬¨æ.].ŒÐxê×A

000050 C8 9E 9A 2D ED 11 FA DE | 4F 52 70 16 B2 E5 5F 40    Èžš-í.úÞORp.²å_@

000060 E5 61 FD 51 11 A0 B8 F2 | A1 FC 05 A2 DC AD D3 54    åaýQ. ¸ò¡ü.¢Ü­ÓT

000070 84 E3 22 DA F8 D2 15 B6 | 8D 0D 25 6B 0F 6F 68 EF    „ã"ÚøÒ.¶.%k.ohï

000080 80 0B D8 A2 15 F7 84 D6 | 4D BF E5 00 00 00 00 00    €.Ø¢.÷„ÖM¿å.....

000090 00 00 00 00 00 00 00 00 | 00 00 00 30 30 30 30 30    ...........00000

0000A0 30 30 30 30 30 30 30 30 | 30 30 30                    00000000000

-------------------------------------------------------------------------------

LA2:      "Init"                            size: 171    prot: 30810  $785A

Addr:  Size:    Type:        Description:    Value:

0000    2  word          psize            171        | $00AB                           

0002    1  byte          ID                0          | $00                             

0003    4  integer      LoginSessionID    397303249  | $17AE5DD1                       

0007    4  integer      LoginProtocolRev  30810      | $0000785A                       

000B  128  array[const]  RSApubKey        (âß.ØúøÏi3Ô––Óä;Ë..‰.#.O.[;¦¦73.wæVþ÷ò

008B    16  -            null              (................)

 

Thanks ;) ;)

[tioronner]

i working :D

[VirG0]

and what is for this bake ice? what it do?

[ADAL13]

any answer?

[absolution]

as what i see (i`m not a pro) the bake ice create a new login proces, and when the bake ice cliente side secure the process of the PC it`s patch the client so u can login.

anyway still is very invasive, i don`t like it. but i can get the way to make it work :(

adal13 los paketes no estan encriptados, pero el Bi del lciente hace un request para que el Bi serverside le mande un "token".

el Bi del cliente asegura que ningun proceso malo este corriendo y despues pachea el lciente con ese token para que loguee.

lo q todavia no entendii es si ese token es dinamico y se genera cada login o es el mismo para cada server. cuando tenga tiempo lo miro

[mexican24]

as what i see (i`m not a pro) the bake ice create a new login proces, and when the bake ice cliente side secure the process of the PC it`s patch the client so u can login.

anyway still is very invasive, i don`t like it. but i can get the way to make it work :(

adal13 los paketes no estan encriptados, pero el Bi del lciente hace un request para que el Bi serverside le mande un "token".

el Bi del cliente asegura que ningun proceso malo este corriendo y despues pachea el lciente con ese token para que loguee.

lo q todavia no entendii es si ese token es dinamico y se genera cada login o es el mismo para cada server. cuando tenga tiempo lo miro

 

i can understand u absolution but next time talk english, maxcheaters is not a spanish forum, if u want speak spanish, try pm him.

 

a poor translation(im sleepy ^^): the packets arent encrypted, but the bake ice from the client make a request to bake ice system on the server side for a token, client side answers that theres no bad process like walker,l2phx etc.. running and it patchs the client with the token sent by the server to be able to log.

 

gn boys

[ADAL13]

as what i see (i`m not a pro) the bake ice create a new login proces, and when the bake ice cliente side secure the process of the PC it`s patch the client so u can login.

anyway still is very invasive, i don`t like it. but i can get the way to make it work :(

adal13 los paketes no estan encriptados, pero el Bi del lciente hace un request para que el Bi serverside le mande un "token".

el Bi del cliente asegura que ningun proceso malo este corriendo y despues pachea el lciente con ese token para que loguee.

lo q todavia no entendii es si ese token es dinamico y se genera cada login o es el mismo para cada server. cuando tenga tiempo lo miro

Okey thanks u very much, but the token is in the init no? because everybody says. if u want, send me ur msn with pm and we can talk more fluently ;)