Menu
What's new
RunUO Community

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Encrypted Clients.

E

Enroq

Sorceror
I just put up a test server last night, had about five people try to connect and every single one got disconnected for having an "Encrypted" client. I'm assuming since it happened to everyone, it's me.

My assumption was that my ClientVerification.cs was out of day, but upon investigating it doesn't contain the string "Encrypted client detected, disconnecting" so I'm assuming what I'm looking for is in the core.

I was wondering if anyone could point me in the right direction.
 
HellRazor

HellRazor

Knight
It's not you, it's them. They need to use something like Razor and choose the remove client encryption option to connect to the server.
 
E

Enroq

Sorceror
Thanks Guys, I'll look into it.

++ Upon investigation, the links in that thread 404

+++ So, for future reference what we're looking for is MessagePump.cs in the core, the block:

Code: 
                    if( !ns.SentFirstPacket && packetID != 0xF0 && packetID != 0xF1 && packetID != 0xCF && packetID != 0x80
                      && packetID != 0x91 && packetID != 0xA4 && packetID != 0xEF && packetID != 0x52 )
                    {
                        Console.WriteLine( "Client: {0}: Encrypted client detected, disconnecting", ns );
                        ns.Dispose();
                        break;
                    }


Also, I checked this against RunUO 2.3's MessagePump.cs and it actually contains one less packet ID.. So I feel like HellRazor must be correct.
 
Dian

Dian

Sorceror
Of course he is correct ;)

There has always, since the beginning, a need for a tool to decrypt the UO client in order to log in to a UO server. Started with UO Rice.. Razor is a good choice. There are other ways and tools too. But in the end, your UO clients must be decrypted to login to RunUO or any other UO EMU.
 
E

Enroq

Sorceror
Arrr, Are you suggesting I put these .cs files in to my core? And for what purpose, it seems the consensus is it's client-side?

Dian - Yeah man, my only concern is that the packet ID coming in for each one is always the same, which makes me feel like it's an encryption I (or we) should be supporting. It's PacketID 104, I'm not sure what the hexes to, I'll find out. I've literally had like nine failed connections with this ID.
 
A

Arrrr

Wanderer
I have those files as scripts and working. I dont have to use runUO nor SteamUO to connect to my server.
 
E

Enroq

Sorceror
Do you mean Razor? I'm confused, are you saying that I do not need to decrypt my client if I'm using that package?

Also, according to google, 104 is 0x68
 
E

Enroq

Sorceror
You can tell me all you'd like, it doesn't mean I'm going to take your word for it. I have two gentlemen, whose opinion I do not take as lightly as yours, telling me otherwise. Which means, you'd need to actually make an argument or reason for using this, especially when it comes to something like networking. I do appreciate your feed back, just not being given orders.

++ So, I looked over the encryption code, it looks pretty legit, and at least from what I can see doesn't contain any backdoors. Does anyone else have any experience with this? Is it actually possible to connect to a RunUO server without decryption? I feel like it's more likely that Arr just has players with decrypted clients connecting.

++ I added the files to a test server, they compiled. However, I still can't connect without a decrypted client.
 
Dian

Dian

Sorceror
I have not looked at the files Arrrr posted, but there has been a couple scripts that handle the client encryption, allowing people to log in directly with the UO client, bypassing the need for a tool such as Razor. That is what I meant in my above post, that there are other tools and ways besides Razor.
Most the Decryption scripts out there require a constant update to the cryption key's as EA Games updates their patch's, and the fact that the one who developed the code falls off the face of the earth, and leave's the community hanging. So that is something to consider, as to how this script Arrrr posted handles future client versions, and decrypting the log in key.
 
HellRazor

HellRazor

Knight
Most people just have their clients connect with Razor or UOSteam. The positive side to this: 1) most people use this method so 2) it is widely supported, making it likely that if OSI changes the encryption someone will update the tools that allow people to log in to player run servers. As Dian said, there are also other tools out there available to remove the client encryption and some of these may even still function even if OSI changes the encryption later as some of them have methods to automatically detect the encryption routines in memory and remove them.

The positive side to using the sever encryption mod posted by Arrrgh (which essentially adds OSI encryption to your server) is that its easy for users. But the downside is that these scripts are far less likely to be updated immediately, if at all, if/when OSI changes their encryption again.

My recommendation is, you're better off posting instructions for the use of Razor/UOSteam to your users. A lot of your users will want to use one of these tools anyways.
 
E

Enroq

Sorceror
For future reference the TwoFish decryption doesn't seem to be helping any, the same IPs are failing to log-in. The only difference is it says they timed out instead of that they were encrypted..
 
E

Enroq

Sorceror
Alright, so I finally got a reproduction of the effect and currently players using the same version of razor and same client version 6.0.1, get stuck on verifying account saying it's an encrypted client. This is after I replaced my core network folder with runuo 2.3's - so I'm not sure what's going on.

Any ideas?

++ Also, I just downloaded the stock runUO test server and it's producing the same issues.
 
You must log in or register to reply here.
Top