API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 10th, 2018
132
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.96 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python
  2. # -*- coding: utf-8 -*-
  3. import socket
  4. import string
  5. import random
  6. import hashlib
  7. import time
  8. import sys
  9.  
  10. """
  11. def encryptworld(buf, session, is_session_packet):
  12. packet_length = len(buf)
  13. packet_mask = transform(buf)
  14. output = []
  15. sequences = 0
  16. sequence_counter = 0
  17. last_position = 0
  18. current_position = 0
  19. length = 0
  20. current_byte = 0
  21. while current_position <= packet_length:
  22. last_position = current_position
  23. while (current_position < packet_length) and (packet_mask[current_position] == '0'):
  24. current_position += 1
  25.  
  26. if (current_position):
  27. length = (current_position - last_position)
  28. sequences = (length / 0x7E)
  29. for i in range (length):
  30. if (i == (sequence_counter * 0x7E)) :
  31. if not(sequences):
  32. output.append(length - i)
  33. else:
  34. output.append(0x7E)
  35. sequences-=1
  36. sequence_counter+=1
  37.  
  38.  
  39. output.append(ord(buf[last_position]) ^ 0xFF)
  40.  
  41. last_position += 1
  42. if(current_position >= packet_length):
  43. break
  44. last_position = current_position
  45. while(current_position < packet_length) and (packet_mask[current_position] == '1'):
  46. current_position+=1
  47.  
  48. if(current_position):
  49. length = (current_position - last_position)
  50. sequences = (length / 0x7E)
  51. for i in range(length):
  52.  
  53. if(i == (sequence_counter * 0x7E)):
  54.  
  55. if(not(sequences)):
  56.  
  57. output.append((length - i) | 0x80)
  58. else:
  59.  
  60. output.append(0x7E | 0x80)
  61. sequences-=1
  62. sequence_counter+=1
  63.  
  64. current_byte = buf[last_position]
  65. if (current_byte == 0x20):
  66. current_byte=1
  67. elif (current_byte == 0x2D):
  68. current_byte = 2
  69. elif (current_byte== 0x2E):
  70. current_byte = 3
  71. elif (current_byte== 0xFF):
  72. current_byte = 0xE
  73. else:
  74. current_byte-= 0x2C
  75.  
  76. if(current_byte != 0x00):
  77.  
  78. if(i % 2 == 0):
  79. output.append(current_byte << 4)
  80. print(current_byte)
  81. else:
  82. output[len(output)-1] = output[len(output)-1] | current_byte
  83. #output.back() |= current_byte;
  84.  
  85.  
  86. last_position +=1
  87. output.append(0xff)
  88. completeGamePacketEncrypt(output,session,is_session_packet)
  89. output = [x % 256 for x in output]
  90. return bytearray(output)
  91. """
  92. def completeGamePacketEncrypt(buf,session,is_session_packet):
  93. session_number = (((session >> 6) & 0xFF) & 0x80000003)
  94.  
  95. if(session_number < 0):
  96. session_number = (((session_number - 1) | 0xFFFFFFFC) + 1)
  97. session_key = (session & 0xFF)
  98.  
  99. if(is_session_packet):
  100. session_number = -1
  101. if (session_number == 0):
  102. for i in range(len(buf)):
  103. buf[i] = (buf[i] + (session_key + 0x40))
  104.  
  105. elif(session_number == 1):
  106. for i in range(len(buf)):
  107. buf[i] = (buf[i] - (session_key + 0x40))
  108. elif(session_number == 2):
  109. for i in range(len(buf)):
  110. buf[i] = (buf[i] ^ 0xC3) + (session_key + 0x40)
  111. elif(session_number == 3):
  112. for i in range(len(buf)):
  113. buf[i] = (buf[i] ^ 0xC3) - (session_key + 0x40)
  114. else:
  115. for i in range(len(buf)):
  116. buf[i] = buf[i] + 0x0F
  117.  
  118.  
  119. def transform(chaine):
  120. final = ""
  121. for i in range (len(chaine)):
  122. c = chaine[i]
  123. if (c == '#'):
  124. final += '0'
  125. else:
  126. n = ord(c)
  127. #!(n-= 0x20)
  128. if(not(n - 0x20) or (n + 0xF1) < 0 or (n - 0xB) < 0 or not(n - 0xC5)):
  129. final += '1'
  130. else:
  131. final += '0'
  132. return final
  133.  
  134. def encryptworld(identifier, session):
  135. table = [83, 84, 85, 86, 87, 88, 89, 90, 91, 92,
  136. 99, 100, 101, 102, 103, 104, 105, 106, 107, 108,
  137. 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
  138. 131, 132, 133, 134, 135, 136, 137, 138, 139, 140,
  139. 147, 148, 149, 150, 151, 152, 153, 154, 155, 156,
  140. 163, 164, 165, 166, 167, 168, 169, 170, 171, 172,
  141. 179, 180, 181, 182, 183, 184, 185, 186, 187, 188,
  142. 195, 196, 197, 198, 199, 200, 201, 202, 203, 204,
  143. 211, 212, 213, 214, 215, 216, 217, 218, 219, 220,
  144. 227, 228, 229, 230, 231, 232, 233, 234, 235, 236 ]
  145.  
  146. str_enc = chr(154) # 0x9A
  147.  
  148. temp = str(identifier[0])+str(identifier[1])
  149. str_enc += str(chr(table[int(temp)])); # example --> 0xA6
  150. temp = str(identifier[2])+str(identifier[3])
  151. str_enc += str(chr(table[int(temp)]));# example --> 0x84
  152.  
  153. switcher = {
  154. 0 :chr(80),
  155. 1 :chr(96),
  156. 2 :chr(112),
  157. 3 :chr(128),
  158. 4 :chr(144),
  159. 5 :chr(160),
  160. 6 :chr(176),
  161. 7 :chr(192),
  162. 8 :chr(208),
  163. 9 :chr(224)
  164. }
  165. str_enc+=str(switcher.get(int(identifier[4]), ""))
  166.  
  167. temp = str(session[0])+str(session[1])
  168. str_enc += str(chr(table[int(temp)])); # example --> 0x64
  169. temp = str(session[2])+str(session[3])
  170. str_enc += str(chr(table[int(temp)]));# example --> 0x86
  171.  
  172. switcher = {
  173. 0 :chr(79),
  174. 1 :chr(95),
  175. 2 :chr(111),
  176. 3 :chr(127),
  177. 4 :chr(143),
  178. 5 :chr(159),
  179. 6 :chr(175),
  180. 7 :chr(191),
  181. 8 :chr(207),
  182. 9 :chr(223)
  183. }
  184. str_enc+=str(switcher.get(int(session[4]), ""))
  185. str_enc+=str(chr(14))
  186. return str_enc
  187. table = [3, 84, 85, 86, 87, 88, 89, 90, 91, 92,
  188. 99, 100, 101, 102, 103, 104, 105, 106, 107, 108,
  189. 115, 116, 117, 118, 119, 120, 121, 122, 123, 124,
  190. 131, 132, 133, 134, 135, 136, 137, 138, 139, 140,
  191. 147, 148, 149, 150, 151, 152, 153, 154, 155, 156,
  192. 163, 164, 165, 166, 167, 168, 169, 170, 171, 172,
  193. 179, 180, 181, 182, 183, 184, 185, 186, 187, 188,
  194. 195, 196, 197, 198, 199, 200, 201, 202, 203, 204,
  195. 211, 212, 213, 214, 215, 216, 217, 218, 219, 220,
  196. 227, 228, 229, 230, 231, 232, 233, 234, 235, 236 ]
  197.  
  198. str_enc = chr(154) # 0x9A
  199.  
  200. temp = str(identifier[0])+str(identifier[1])
  201. str_enc += str(chr(table[int(temp)])); # example --> 0xA6
  202. temp = str(identifier[2])+str(identifier[3])
  203. str_enc += str(chr(table[int(temp)]));# example --> 0x84
  204.  
  205. switcher = {
  206. 0 :chr(80),
  207. 1 :chr(96),
  208. 2 :chr(112),
  209. 3 :chr(128),
  210. 4 :chr(144),
  211. 5 :chr(160),
  212. 6 :chr(176),
  213. 7 :chr(192),
  214. 8 :chr(208),
  215. 9 :chr(224)
  216. }
  217. str_enc+=str(switcher.get(identifier[4], ""))
  218.  
  219. temp = str(session[0])+str(session[1])
  220. str_enc += str(chr(table[int(temp)])); # example --> 0x64
  221. temp = str(session[2])+str(session[3])
  222. str_enc += str(chr(table[int(temp)]));# example --> 0x86
  223.  
  224. switcher = {
  225. 0 :chr(79),
  226. 1 :chr(95),
  227. 2 :chr(111),
  228. 3 :chr(127),
  229. 4 :chr(143),
  230. 5 :chr(159),
  231. 6 :chr(175),
  232. 7 :chr(191),
  233. 8 :chr(207),
  234. 9 :chr(223)
  235. }
  236. str_enc+=str(switcher.get(session[4], ""))
  237. str_enc+=str(chr(14))
  238. res = bytearray(str_enc)
  239.  
  240. print("AAAAAAAAAAAAA")
  241. for i in len(res):
  242. res[i] = ord(res)
  243. print("AAAAAAAAAAAAA")
  244. print(list(res))
  245. return res
  246.  
  247. def decryptLoginPacket(buf):
  248. tmp = ""
  249. for i in range(len(buf)):
  250. tmp += chr(ord(buf[i]) - 0xF)
  251. return tmp[:-1]
  252.  
  253. def encryptLoginPacket(buf):
  254.  
  255. return bytearray([((ord(x) ^ 0xC3) + 0xF) % 256 for x in buf + '\n'])
  256.  
  257. def genLoginPacket(username, password, game_version, game_hash):
  258. res = 'NoS0575 '
  259. res += str(random.randrange(10000, 8888888))
  260. res += ' '
  261. res += username
  262. res += ' '
  263. res += hashlib.sha512(password.encode('utf-8')).hexdigest().upper()
  264. res += ' 000'
  265. res += '027AF'
  266. res += '\x0b'
  267. res += game_version
  268. res += ' 0 '
  269. res += hashlib.md5((game_hash+username).encode('utf-8')).hexdigest().upper()
  270. return res
  271.  
  272. #NoS0575 665638 ssss 092BCBA17FDEE6FF9C3CE4262CD48BB3D9BFB042D8D14E2DC7B35A0EE3F92D0C040EA49A1820D6EA3F86EA159B8C2D3590ED7DF4FB4AC20BB0CE35BE6D80E1AB 009027AF 0.9.3.3088 0 5E242D4D5C6EBFB9176C887078084537
  273.  
  274.  
  275.  
  276.  
  277. def send(nb,s,session,user,passwd):
  278.  
  279. packet = encryptworld(session,session)
  280.  
  281. #print(list(packet))
  282. """s.send(packet)
  283. packet = encryptworld(user,session)
  284. #print(str(nb+1) + " : " + str(list(packet)))
  285. s.send(packet)
  286. packet = encryptworld(passwd,session)
  287. #print(str(nb+2) + " : " + str(list(packet)))
  288. s.send(packet)
  289. time.sleep(0.1)"""
  290.  
  291.  
  292. TCP_IP = 'login.nostale.gfsrv.net'
  293. TCP_PORT = 4002
  294. BUFFER_SIZE = 4096
  295.  
  296. USERNAME = 'socket1'
  297. PASSWORD = 'socket'
  298. GAME_VERSION = '0.9.3.3088'
  299. GAME_HASH = 'CDB86A1430332375FB8B05B1A5C45755F807636A5832DDF13143AF01CCCB1695' # md5(NostaleClientX.exe)+(NostaleClient.exe) : http://onlinemd5.com/
  300.  
  301. fpacket = genLoginPacket(USERNAME, PASSWORD, GAME_VERSION, GAME_HASH)
  302.  
  303. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  304. s.connect((TCP_IP, TCP_PORT))
  305. b = encryptLoginPacket(fpacket)
  306. #print(list(b))
  307. s.send(encryptLoginPacket(fpacket))
  308.  
  309. data = s.recv(BUFFER_SIZE)
  310. s.close()
  311.  
  312.  
  313. login = decryptLoginPacket(data)
  314. #print("\nReceived Data: %s" % login)
  315. server3info =login.split(' ')[6] #failc4 = deja loggé
  316. debug = int(sys.argv[1])
  317. #print(debug)
  318. if debug == 0:
  319. ip3=server3info.split(':')[0]
  320. session = int(login.split(' ')[2])
  321. port3=server3info.split(':')[1]
  322. print("IP: " + ip3 +"\n" + "PORT : " + port3 + "\nSession ID: " + str(session))
  323. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  324. s.connect((ip3, int(port3)))
  325. s.send(encryptworld(str(session),session,True))
  326. s.send(encryptworld(USERNAME,session,False))
  327. s.send(encryptworld(PASSWORD,session,False))
  328. print("Result :"+ s.recv(1024))
  329.  
  330. elif debug == 1:
  331. ip3="192.168.1.27"
  332. port3=4033
  333. session = "35878"
  334.  
  335. send("1",s,session,USERNAME,PASSWORD)
  336.  
  337. """
  338. print("IP: " + ip3 +"\n" + "PORT : " + str(port3) + "\nSession ID: " + str(session))
  339. s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  340. s.connect((ip3, int(port3)))
  341. send(1,s,session,USERNAME,PASSWORD)
  342. print ("TEST : " + s.recv(1024))"""
  343. #data = s.recv() AFTER...
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!