OTClient Blocking clients other than the official.
- Thread starter Brhunter
- Start date
ralke
(҂ ͠❛ ෴ ͡❛)ᕤ
- Joined
- Dec 17, 2011
- Messages
- 1,713
- Solutions
- 31
- Reaction score
- 965
- Location
- Santiago - Chile
- GitHub
- ralke23
- Twitch
- ralke23
Here you go
[Tutorial] Generate RSA keys
After recent changes to tfs 1.3 by @Lordfire the rsa private key is now loaded from PEM file & it might be a bit confusing for some to generate custom rsa This tutorial requires openssl to be installed on your system. Debian & Ubuntu have it pre-installed. First generate your private key...
TFS 1.X+ - Key.pem struggling
Hi! I have some troubles linking my server and client via rsa. I use Nekiro TFS 1.4 downgrade 8.6, and trying to link to a Tibia Cipsoft 8.6 client with extended sprites. For this, first I follow this tutorial from @Sun [Tutorial] Generate RSA keys...
Tenzhiro
Fool of a Took!
- Joined
- May 4, 2010
- Messages
- 342
- Solutions
- 4
- Reaction score
- 344
- You generate the RSA by refreshing the page.
- OTS RSA Generator > N (modulus) - for OTClient > This is the RSA Code you need to put into your modules/gamelib/const
- OTS RSA Generator > key.pem - for new servers > This is the RSA Code you need to put into your Servers Root Folder, there is a file called Key.pem, open that with notepad.
Thank you very much for help. I have a problem with key.pem. I create a key.pem file in the main TFS directory but when the server starts, no information about key.pem or rsa is displayed and I can also connect to otclient with the default RSA.
By default, I didn't have key.pem anywhere in my tfs 1.3 and I created this file myself, but it didn't help. I also don't have any key.pem option in config.lua.
Is it possible that I have blocked the use of custom rsa?
Last edited:
Tenzhiro
Fool of a Took!
- Joined
- May 4, 2010
- Messages
- 342
- Solutions
- 4
- Reaction score
- 344
Isn't RSA in 1.3 a bit different as in there is no key.pem but you need to change RSA in the sources, it should be in the file configmanager.cpp
Thank you very much for your help. However, RSA is edited in otserv.cpp and I have a few questions:
1. In this case, should I change: const char* p and const char* q to
P (prime1) - for old servers: and Q (prime2) - for old servers: from OTS RSA Generator (https://ots.me/rsa/) ?
Post automatically merged:
when I put new rsa in \modules\gamelib\const.lua will it be safe? I have an updater on the website and players will be able to view this rsa and insert it into their bot client. how to do it safely?
Last edited:
ralke
(҂ ͠❛ ෴ ͡❛)ᕤ
- Joined
- Dec 17, 2011
- Messages
- 1,713
- Solutions
- 31
- Reaction score
- 965
- Location
- Santiago - Chile
- GitHub
- ralke23
- Twitch
- ralke23
use the guide to generate the rsa, not the generator. replace your public.pem, and just set the other key at const.lua. the last thing you need is to encrypt the client, if you're using mehah otclient, use the following settings to set-up the encryption
C++:
#define ENABLE_ENCRYPTION 1
#define ENABLE_ENCRYPTION_BUILDER 1
#define ENCRYPTION_PASSWORD "MYPASSWORD"if builder is active, you can use this on command prompt
Code:
otclient.exe --encryptif it's not, that's the client you need to enter the game. if you switch encryption to 1, it will need the encrypted files, if is set to 0, it will enter without encryption. that's all for hiding your rsa, for otclientv8 I don't know how it's done since I dont use it. Regards!
check
Well-Known Member
- Joined
- Jun 12, 2019
- Messages
- 110
- Solutions
- 1
- Reaction score
- 59
What's even the point of changing RSA if it can be read directly from the memory of the running client? Just use e.g. CheatEngine to search for a string with a length of 309 characters, copy it and use it in your client.
kay
Legendary OT User
- Joined
- Apr 23, 2013
- Messages
- 1,361
- Solutions
- 12
- Reaction score
- 1,883
- Location
- 32316,31942,7
- YouTube
- TibiantisOnline
The purpose of the RSA encryption is not to stop bots, but to secure the client-server communication (login data in particular) against the "man in the middle".
If you change the default keys, it can stop some of the already made bots from working - but only those that rely on taking over the communication and only those that aren't being updated. If a bot can be updated it won't serve a big obstacle, and if for example a bot relies on reading the client's memory and sending input events it won't be bothered at all.
You do not get rid of botters by any "one simple trick". It's a lot of work that has to be done day in day.
You can read the public key, but not the server's private key, meaning that you can only encrypt messages for the server but not decrypt them. That could be the point... Public-key cryptography - Wikipedia (https://en.wikipedia.org/wiki/Public-key_cryptography)
Yes, it's irrelevant for bots, but that's not the reason why it was even implemented.
check
Well-Known Member
- Joined
- Jun 12, 2019
- Messages
- 110
- Solutions
- 1
- Reaction score
- 59
Everything above is true, but I was referring to the topic of the thread - "how to block clients other than the official one" - so changing RSA alone will not block other clients. Moreover, RSA is only used to encrypt login data during the first packet to the login and game server - further encryption is done using XTEA, where the keys, just like the RSA string, can also be easily read from the client's memory.