Looking Into The Runescape Packets!

Off the record: I've been around for that long too . Wizards, adventurers, archers (rangers), and warriors or whatever.

But anyways, amateurs only can become experts by experimentation and knowledge obtained from making mistakes. I understand the fact that recreating an autorune type of program is a difficult task, but it is by no means insurmountable.

When push comes to shove, we can all sit around and leech off all the crappy programs floating around or we can create our own and start something good.

 

everyone who says its impossible to hack rs.... STFU AND GTFO his thread... ANYTHING is hackable.. if the fbi and cia is able to be hacked into.... a little game is nothing...the only reason there isnt a autorune anymore is becuase the packets are encrypted... if we decrypt it we would bring rs to its knees... and YES we would becuase we could make any item and as many as we want... as long as its decrypted.... and as for the random.dat file.. DELETE it after your done ....

i personally would love to help you in any way i can... i can help you decrypt possibly

 

interesting topic

 

indeed...

 

Thank you and Nullware I thougth "non" - Newbs are supposed to help by all means within their control and rigth know I think your bringing nuthing to the table besides the fact of making your self the Forum low life so i would suggest you just get a better attitude or quit posting thank you.

I dont want this to turn into FLAME! so unless you have something to say that involves some thinking dont post here

Plus nullware i can take some corrective crititism but i think your taking this a little to far?

thats all I'm gonna say about this Thank you add my MSN: [email protected] to join DEV group! Programmers needed...

 

core would you like me to help decrypt?

 

I have had lots of experience in packet manipulation with games . Now i can tell you, when encryption was brought in on on one game there was lot and lots of threads exactly like this one. The community worked together to understand exactly how the encryption was working, we thought it was impossible at first. The only difference is that we had samples of unencrypted packets which helped us in certain ways.

First thing you need to do is find what form of encryption they are using is it RC4, RC5 or something else, perhaps they have developed their own? Next your going to have to find some way to trace the encryption key, now on runescape they have what is called DUEL encryption, so your going to have to find "encryption key 1" to decrypt the "encryption key 2" to decrypt the packets

Next your going to have to learn a programming language (VB6 is an example of one) and create a socket connection which i have no idea how to do with runescape, use the trace method to get the key as every time with each session (login) it will be different so you program will have to calculate this. If that doesn't sound hard enough, a game without duel encryption had 500+ lines of code in a module just to begin the decryption process, it took one guy more than a month of solid work just to find out how.

Now i don't fully understand how encryption works but i know what i said is a good explanation and 100% as to what your going to have to go through. Cya.

 

go to www.hackthissite.org and do realistic 7 or somthing like that ... it deals with encryption....its EFFING HARD

 

Excellent work Asda123 great information and you seem to want to be on the DEV team? or am I wrong lol thanks for this I will greatly look into this as will the Members of the DEV team MSN : [email protected] for DEV team!!

Thank you once again

 

Ok, so I was thinking of wierd ways to get wierd things to happen.. maybe... so here is my first thinking..

What if the server is sending you a packet says that your connected to the server, so what if you replicate that and send it to the client somehow? wouldn't you be logged in as a "null" or such? but I wouldnt know what you would be able to do after that?

 

What do you mean by that, it's not really clear for me.

 

Thank you for being more understanding Nullware we can all be friends here

now I'll try to be a little more clear..

Ok so the server has to send your client a packet to say that your connected to the server right? so what if you find that packet and resend that to your client?

I'll make a example with paint later if this doesnt help?

 

What would you gain from sending a fake packet to your client saying that you are connected to the server when you aren't?

 

Yeah I'm with null on that. It wouldn't do anything at all. You wouldn't be connected to the server so it wouldn't matter lol.

We could always do what SBoT did to get their O.C.R.

Raise mills, sell them, higher a professional to help us <3. Use your resources.

 

So what u guys are saying is you can hack accounts but you cant actually change the stats/items/names/etc of anything in runescape because its server sided. am i right? also i had another idea. what if you sent a packet to the server saying theres a blue p-hat on the ground. would it create the p-hat? if it did what would happen when you try to pick it up?

 

No one has hacked account yet, period. Server sided is things that actually are saved in the game (on the server) while changing things client sided would be things that only you see.

When you tried to pick it up, the server would check it's own data, see that there is no phat on the ground and it would disappear because your client replaced it's fake value with the real one from the server.

 

Let me try to make this as simple as possible.

RuneScape stores EVERY value on THEIR servers.

Your client simply RETRIEVES it from THEIR servers.

Anytime you see something like the packet being sent to the server about your iron axe is only to verify it is there. IT IS NOT TELLING THE SERVER WHAT IS THERE it is merely in a sense, asking the server, do I really have a iron axe in my hand. Then the server would send a response back either saying yes or no.

You cannot send a packet to the server and make a partyhat appear, it simply won't work.

The only values you might actually be changing are CLIENT SIDE, period.

I suggest you read more on packets and how they work, more or less on how RuneScape works.

 

hmm I believe I know how runescape works were not trying to hack for items were trying to simply decrypt the packets for now and maybe see how the password check is done througth the server and how it verifies with the server from the client or vis vesrsa...

 

Why does this matter? You can't make it accept your request unless the password is correct and since it is stored on the server you can't get it. It's not like the server will respond with packets saying something like "no the password isn't 'dragon41', it is 'dude68' "... and you will be able to decrypt the correct password. The correct password does not leave the server.

Saying things like this just show me you've either failed to read what we've been trying to tell you or simply can't grasp these concepts. There is NO VICE-VERSA.

This is what happens
Client [Sends Packets] ----> Server [Verifies and Corrects Packets] -----> Client [Receives Corrected Info from Server]


THIS DOESN'T HAPPEN EVER
Server [Sends Packets] ---> Client [Verifies Server Data]
THIS DOESN'T HAPPEN EVER

 

well then ok you've got me I'm officialy stoping until furthur information might be gathered thank you for all helping me and Null thanks for you opinions hope this helped some people? it helped me thank you!