Mir3 Encryption

[shorty606]

That is some SEXY piece of code, if I do say so myself hehe.
Yoink - That is getting used :P.
I'm also gonna look into the movement packets when I'm back. Would anyone be interested in the full delphi source to a text client?
People could then mod it and maybe make some interesting things...or would this be a bad idea i.e. bot numbers will jump through the roof lol. Maybe a release just for members posting on this thread with help?
I had some ideas but it's so annoying I didn't have time to load delphi onto my laptop before I left. Back in a week - maybe it's a blessing in disguise hehe, I can enjoy my holiday.
I'm off to visit CN tower in Toronto next.

 

[NickAKAVexus]

Theres already a couple chinese text clients, as well as leo's chat program which is basicly a bot. I don't think it would have much use.

However if you feel like writing a bot for euro mir go right ahead..

I can't be assed at the moment.. its really easy thought because I can identify each object and its x,y currently.

Would just need a walking routine, so it wouldn't walk into objects (I can draw and read the map as well) and for it to select a mob and send hit packet when its close to the mob. :P

 

[shorty606]

When you say you can draw and read a map? you mean from the map files? nice!. You could write a very basic movement routine, just get current pos of bot, and the position of the object you want to move to. Then you calculate if you need to walk up, down, left or rightto the object. If you recieve a FAIL when you try to walk, then you can simply send a left and right command to move out of its way.
I am going to pick your brains again. How often do the packets of objects like mobs and players get sent?
I thought that it was impossible to read the euro packets due to encryption or were the values posted on here accurate for decoding them?

 

[NickAKAVexus]

I can read true,false on x,y as well as draw a black and white map.

Mob/Human objects are sent once, then if they walk you compare their stored ids to update their coords.

Me and damian cracked the euro 2.3 encryption month ago(?) by looking at the ASM code from the euro client.

 

[shorty606]

So when they walk new data is sent which direction they walked and you compare this to their old x,y values to get new coords?
Did you use the encryption/decryption values for 2.4 posted on page 6 of this thread by damian for euro? Btw I really appreciate all the help from everyone. I can program but I'm hopeless at reading asm and alot of this project depends on it.

 

[NickAKAVexus]

So when they walk new data is sent which direction they walked and you compare this to their old x,y values to get new coords?
Did you use the encryption/decryption values for 2.4 posted on page 6 of this thread by damian for euro? Btw I really appreciate all the help from everyone. I can program but I'm hopeless at reading asm and alot of this project depends on it.

I'll rephrase my previous answer:
Me and damian cracked the euro 2.3 encryption month ago(?) by looking at the ASM code from the euro client.

Has nothing to do with anything on this thread.

By the way I'm talking about mir2 encryption not mir3. :P

Each monster/human has a id 395839583 for example. You can match them up and just update the coords.

 

[shorty606]

By the way I'm talking about mir2 encryption not mir3. :P

Stop confusing me :P (it's easily done lol). I thought you were talking about the mir3 euro protocol which someone looked through the asm and posted some values for decoding it. Not sure if the values work though.
Also, when a mob moves does a packet get sent to client containing id and new coords then?

 

[NickAKAVexus]

yes..........................................

 

[shorty606]

lol...just making sure and testing your patience at the same time :P

 

[NickAKAVexus]

I have little patients soooo errrrrrrrrr

 

[shorty606]

delphi Code:

if BufferStr <> '' then begin
while Length(BufferStr) >= 2 do begin
if Pos('!', BufferStr) <= 0 then break;
BufferStr := ArrestStringEx (BufferStr, '#', '!', data);
if data = '' then break;
ProcessPacket(data);
if Pos('!', BufferStr) <= 0 then break;
end;
end;
​

Could I be cheeky and ask for the ArrestStringEx procedure? :P

 

[NickAKAVexus]

[delphi]
function ArrestStringEx (Source, SearchAfter, ArrestBefore: string; var ArrestStr: string): string;
var
BufCount, SrcCount, SrcLen: integer;
GoodData, Fin: Boolean;
i, n: integer;
begin
ArrestStr := ''; {result string}
if Source = '' then begin
Result := '';
exit;
end;

try
SrcLen := Length (Source);
GoodData := FALSE;
if SrcLen >= 2 then
if Source[1] = SearchAfter then begin
Source := Copy (Source, 2, SrcLen-1);
SrcLen := Length (Source);
GoodData := TRUE;
end else begin
n := Pos (SearchAfter, Source);
if n > 0 then begin
Source := Copy (Source, n+1, SrcLen-);
SrcLen := Length(Source);
GoodData := TRUE;
end;
end;
Fin := FALSE;
if GoodData then begin
n := Pos (ArrestBefore, Source);
if n > 0 then begin
ArrestStr := Copy (Source, 1, n-1);
Result := Copy (Source, n+1, SrcLen-n);
end else begin
Result := SearchAfter + Source;
end;
end else begin
for i:=1 to SrcLen do begin
if Source = SearchAfter then begin
Result := Copy (Source, i, SrcLen-i+1);
break;
end;
end;
end;
except
ArrestStr := '';
Result := '';
end;
end;
[/delphi]

 

[shorty606]

Thanks for that Nick - amazing work.
Now I know it seems like I just ask you all for things rather than working them out for myself - I do feel like I am leeching off your hard work and I do prefer working things out for myself as it gives me satisfaction. Basically I want you to know I have worked for a couple of days trying to discover the following and so any guidance (no matter how small) that could put me on the right track would greatly be appreciated. So here goes:
1) Do headers for packets that contain names of NPCs contain their locations also (I pretty much guessed they do).
2) By decoding the header id does this tell you tangeable coords on a map that npcs are placed at.
3) Do the header ids that come with player names ALSO act as an id by which that player is referenced e.g. when the player moves.
Here are some packets:
#WLdG=@Yj<KP<D\DS=L<N<<<<<<<<<<<<<<<<<<FAYeZbAnU@YqVRm`FQyOVBAHURPkH_Pq!
That is for an NPC. Does the WLdG=@Yj<KP<D\DS=L<N<<<<<<<<<<<<<<<<<< part contain coords - if so how do you extract them?
Sorry for my continual harrasment lol.

 

[NickAKAVexus]

Heres my process packet code:
DEFBLOCKSIZE = 16
[delphi]
var
Msg:TDefaultMessage;


Msg := DecodeMessage(Copy (BufferStr, 1, DEFBLOCKSIZE));
Body := DecodeString(Copy (BufferStr, DEFBLOCKSIZE+1, length(bufferstr)-DEFBLOCKSIZE));
RawBody:=Copy (BufferStr, DEFBLOCKSIZE+1, length(bufferstr)-DEFBLOCKSIZE);
[/delphi]

I have a case, after decoding the header into msg:
[delphi]
case msg.Ident of
[/delphi]

Heres how I store new players/npcs/mobs:
[delphi]
PlayObjects:Array[0..200] of string;
PlayObjectsX,PlayObjectsY:Array[0..200] of integer;
PlayObjectsID:Array[0..200] of LongWord;
[/delphi]

[delphi]
SM_TURN: begin
if Length(str) > 23 then begin
Body2 := Copy (bufferstr, 28, Length(bufferstr));
data := decodestring(body2);
tmp:=GetValidStr3(Data, Data2, ['/','\']);
if length(data2) <= 2 then exit;
for i := 0 to High(PlayObjects)-1 do begin
if Msg.Recog = PlayObjectsID then begin
PlayObjectsID:=0;
PlayObjects:=''; //delete duplicate players
PlayObjectsX:=0;
PlayObjectsY:=0;
end;
end;
for i := 0 to High(PlayObjects) do begin
if PlayObjects = '' then begin
PlayObjects:=Data2; //Name
PlayObjectsID:=msg.Recog;//unique id
PlayObjectsX:=msg.Param; //x
PlayObjectsY:=msg.Tag; //y
exit;
end;
end;
end;
end;
[/delphi]

Now say a player/mob/npc walks:
[delphi]
SM_WALK: begin
if Msg.Recog = myID then begin
mX := msg.Param;
mY := msg.tag;
exit;
end;
for i := 0 to High(PlayObjectsID) do begin
if msg.Recog = PlayObjectsID then begin
PlayObjectsX:=Msg.Param;//x
PlayObjectsY:=Msg.Tag;//y
end;
end;
end;
[/delphi]

Just come on msn and i'll help you there, nooby.

 

[shorty606]

Nick what do you get when you decode this header:
>vYf=A[H<Vh=_\Da<<l?<L
from
#>vYf=A[H<Vh=_\Da<<l?<L<<<<<<<<<<<<`G><<=ct=QH<LbAhWCQiGoDqIL!
its giving me garbage so I thought my header decode string was wrong, but I checked it and the NPC click ident is 1010 which is correct. Any help is appreciated.

 

[NickAKAVexus]

Whats that packet? Tbh it could be that part is a buffer that needs to be decoded into a record.

 

[shorty606]

its a packet for a person, shud contain id, x and y but it doesnt and msg.ident keeps changing

 

[NickAKAVexus]

its a packet for a person, shud contain id, x and y but it doesnt and msg.ident keeps changing

Ah I see person has a feature buffer thats why.. If you don't decode that buffer into the appropriate feature buffer it will no worky. :P

To be honest you should only get their x,y from SM_TURN and when they walk. SM_TURN is how server displays new objects.

That shouldnt be sm_turn...

 

[shorty606]

I see! I got it wrong, I thought that packet was sm_turn as it contained the name at the end.
However, when I do a simple test which makes a message saying 'Turn Recieved' appear eeery time I get a sm_turn packet - no messages appear. Do you think the headers have changed? Or the mir3 1.4 protocol different?
I'm a bit lost with the headers as you can tell lol. I'll pop on msn too if I can't resolve it lol.

 

[NickAKAVexus]

I see! I got it wrong, I thought that packet was sm_turn as it contained the name at the end.
However, when I do a simple test which makes a message saying 'Turn Recieved' appear eeery time I get a sm_turn packet - no messages appear. Do you think the headers have changed? Or the mir3 1.4 protocol different?
I'm a bit lost with the headers as you can tell lol. I'll pop on msn too if I can't resolve it lol.

I bet you they have changed.