• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Not valid packet

Andrezitta

Andrezitta

New Member
Joined
Sep 19, 2025
Messages
11
Reaction score
2
Location
Brasil
I've never had a problem with this before, but now it's happening on the server. Does anyone know what it is?
And how can it be resolved?


ddddddddd.webp
 

Attachments

Sort by date Sort by votes
Andrezitta said:
I've never had a problem with this before, but now it's happening on the server.
Click to expand...
Do you have problems with login to OTS or just see that error message in OTS console?

If login to OTS works and you just see that message, it's fine. Whenever someone connects with wrong RSA/wrong network packet to your server, it reports that error. I can go my Linux server and type telnet 91.236.131.83 7171, if server is online, I can type XX random letters, press Enter and you will get that error in OTS console. Bots (hackers) scanning random ports (ex. trying to SSH to port 7171/7172) will generate that error message.

If you cannot login to OTS (error in OTC/Tibia client), it means you are using server/client with modified RSA key, not official OTS RSA key. You have to change OTS and OTC/Tibia client RSA to official OTS RSA or generate new pair of random client-server RSA keys ( OTS RSA Generator (https://ots.me/rsa/) ) and use them in client and server.
 
Upvote 0 Downvote
Code: 
As chaves RSA não foram modificadas. Uma mensagem aparece e, em seguida, o servidor trava imediatamente. Você pode me ajudar? O que posso fazer para resolver o problema?

The RSA keys have not been modified. A message appears and then the server crashes immediately. Can you help me? What can I do to solve the problem?
 
Upvote 0 Downvote
Andrezitta said:
The RSA keys have not been modified. A message appears and then the server crashes immediately. Can you help me? What can I do to solve the problem?
Click to expand...
Freez, like nobody can move in game and nobody can login or what?
Did you install any changes related to OTClient packets in C++?
What OTS engine do you use? Can you post link, where we can download/view it?
 
Upvote 0 Downvote
I already know what it is!
Unfortunately, someone is flooding my OT server with nothing better to do. Unfortunately, I stopped at TFS 0.4 and they were going to continue making a small project for people to play around with, but some idiot is attacking the server with an account manager. I don't know how to work with websites, but I'll see if I can put one online, and I'd be grateful!
 
Upvote 0 Downvote
Andrezitta said:
I already know what it is!
Unfortunately, someone is flooding my OT server with nothing better to do. Unfortunately, I stopped at TFS 0.4 and they were going to continue making a small project for people to play around with, but some idiot is attacking the server with an account manager. I don't know how to work with websites, but I'll see if I can put one online, and I'd be grateful!
Click to expand...
I suggest to update to a more recent framework, such as TFS 1.5 or newer. The server receives a packet with an invalid RSA block size, so it rejects it before decrypting. In other words your server can't decrypt the packet sent by client.

My advice is first read the error using cmd, so you can check the log even if it crashes.
You can read the error if you start it up through cmd like this:
Code: 
cd "your_tfs_directory"
theforgottenserver.exe

Then check this guide to use a more recent framework (is a little outdated but it will help).

I know some distributions have the option autoBanishUnknownBytes = false, but, this could lead us to a few mistakes. If you're using classic tibia client, elfbot is known for sending unknown packets and that will do unjustified banishments if you're allowing elfbot. If you wish to go further, at c++ you can see this:
C++: 
bool Protocol::RSA_decrypt(NetworkMessage& msg)
{
    if ((msg.getLength() - msg.getBufferPosition()) != 128) {
        return false;
    }

    g_RSA.decrypt(reinterpret_cast<char*>(msg.getBuffer()) + msg.getBufferPosition()); //does not break strict aliasing
    return msg.getByte() == 0;
}

So the warning you attached means someone connected to the server port, but the packet they sent was not a valid Tibia/TFS login packet. At older TFS this is handled by:
C++: 
if ((msg.getLength() - msg.getBufferPosition()) != 128) {
    return false;
}

But modern TFS, if i'm not wrong, uses:
C++: 
if (msg.getRemainingBufferLength() < RSA_BUFFER_LENGTH) {
    return false;
}

tfs::rsa::decrypt(msg.getRemainingBuffer(), RSA_BUFFER_LENGTH);
return msg.getByte() == 0;
which is more flexible. I'll quote the following:
Modern TFS does not really “decrypt invalid packets better”; it rejects them earlier and more safely. It also changed the RSA size check from requiring the remaining packet to be exactly 128 bytes to requiring at least 128 bytes, then decrypting only the RSA block. This makes the login parser more compatible with newer packet structures and avoids some false invalid-size cases.
Click to expand...

Being this said, this is not a solution yet since we're going to need you to provide more information in order to move forward. Are you hosting your server using your own router? You're receiving wrong packets due server-side implementations or you got proof that is user-provoked? You can login to the server?

Regards!
 
Upvote 0 Downvote
Back
Top