• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

C++ Tibia 11 packets

masteuszx

masteuszx

OtsList.eu
Joined
Aug 3, 2008
Messages
784
Reaction score
45
Hello,

I am encountering currently problem with decrypting RL Tibia 11 packets.

What I have done successfuly?
- Dumped traffic with wireshark
- Decoded xtea keys from Tibia 11 client
- Xtea decoded packets
- Check if packet is compressed

And for client->server packets this is enough. Unfortunately, for packets server->client, which are more useful, we need to take one more step: decompress with zlib.

Not every packet is compressed though. This is why I am sure I have succeeded in decryption: I have spotted correct ping packets.

Do anyone have proper function with example input preferably which will decompress xtea-decoded buffer?

Best Regards.
 
Sort by date Sort by votes
Code: 
 if(this.m_IsCompressed)
         {
            _loc1_ = new ByteArray();
            _loc2_ = new ByteArray();
            _loc3_ = this.m_InputBuffer.position;
            this.m_InputBuffer.readBytes(_loc1_,0,this.m_PayloadLength);
            this.m_InputBuffer.position = this.m_PacketEof;
            this.m_InputBuffer.readBytes(_loc2_,0,0);
            _loc1_.inflate();
            this.m_InputBuffer.position = _loc3_;
            this.m_InputBuffer.writeBytes(_loc1_,0);
            this.m_InputBuffer.writeBytes(_loc2_,0);
            this.m_InputBuffer.length = this.m_InputBuffer.position;
            this.m_PayloadLength = _loc1_.length;
            this.m_PayloadEof = _loc3_ + this.m_PayloadLength;
            this.m_PacketEof = this.m_PayloadEof;
            this.m_InputBuffer.position = _loc3_;
         }

I assume you mean this.
I will check it for sure... still flash is different a bit from c++
 
Upvote 0 Downvote
@masteuszx Have you had any luck? In my attempt to decompress these DEFLATE-compressed packets, the first compressed packet (which is the one that contains the initial map data) always decompresses correctly. However, subsequent compressed packets are always wrong: sometimes the first byte is correct, but the rest of the data is filled with 0s, or it's all 0s, or a few bytes are 0 that shouldn't be, but they never decompress correctly. My assembly knowledge isn't that good, but, from stepping through the Tibia 10 client in a disassembler, I noticed that they are using zlib 1.2.11 from zlib.net. They use inflateInit2() to pass a windowBits value of -15, and inflateReset(), but that's as much as I can deduce.
 
Upvote 0 Downvote
My code already assumes these things, but I always get: invalid distance too far back or something like this. Join discord server at erpegia.net and add me (erpegia nick). Maybe we can figure it out together
 
Upvote 0 Downvote

Similar threads

kor
Feature Cam system
Replies
11
Views
2K
MikaelJohannese
M
Back
Top