Main Menu

[QUESTION] Cryptography

Started by matias9, December 02, 2011, 07:42:39 AM

Previous topic - Next topic

matias9

does the client encrypt packet before sending them?

or just encrypt info when you try to log in your account?

cause i dont see any encrypt/decrypt algorithm in source project =/

just ssl.

Phanamine

 As of D3 I believe they are encrypted upon sending them.
I can see what you see not,
Vision milky then eyes rot.
When you turn they will be gone,
Whispering their hidden song.
Then you see what cannot be,
Shadows move where light should be.
Out of darkness, out of mind,
Cast down into the halls of the blind

matias9

#2
ok so... lets think a bit

if i write "hello" in chat bar and press enter, then, after that, the client encrypt it and send "@#%$#@" to the server right?

so, the server emulator needs to DECRYPT IT, i mean, decode that "@#%$#@" into "hello" and then reply that hello to all users near the char that said hello in the first place.

but i can not find the algorithm to decode "@#%$#@" into "hello"

it should be in the source of mooege but i guess it is not so... there could be that the client does NOT encrypt packets or

emu server does not implement decryption so far... or...

it is implemented and i cant find it :P

btw, thx for reply. : )

Phanamine

 Even if the Client encrypts upon send. It does not mean the Emulation Server decrypts upon send. They could use there own method to encrypt/decrypt if need be. So if you sent "Hello" and it was Encrypted "^&*@&@" that does not mean the emulation server decrypts it the same way. What I would do.. Go back a couple languages.. Go back to Assembly.. Use OllyDBG to debug the code.. Then loook for your string .. I bet you find it as well as the packet used to send it.  :-\ Kinda think of it as the Old Diablo 1 days.. Trust be.. Assembly and OllyDBG.. U should find your address..
I can see what you see not,
Vision milky then eyes rot.
When you turn they will be gone,
Whispering their hidden song.
Then you see what cannot be,
Shadows move where light should be.
Out of darkness, out of mind,
Cast down into the halls of the blind

raistlinthewiz

D3 client uses TLS to encrypt & decrypt stuff with following ciphers;

// * Cipher Suite: TLS_PSK_WITH_AES_256_CBC_SHA (0x008d)
// * Cipher Suite: TLS_PSK_WITH_3DES_EDE_CBC_SHA (0x008b)
// * Cipher Suite: TLS_PSK_WITH_AES_128_CBC_SHA (0x008c)
// * Cipher Suite: TLS_PSK_WITH_RC4_128_SHA (0x008a)
// * Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)

We're using openssl to handle the stuff, check https://github.com/mooege/mooege/blob/master/src/Mooege/Net/MooNet/MooNetClient.cs -  "#region TLS support" to get more info.