Q: WPE packet decryption
I was very interested in WPE shortly after I first met WPE. Could you please help me to see what this situation is?
20 fa 2E 14 54 5d 48 4f 31 15 43 72 82 58 97
D1 7d 6a C7 E8 74 45 13 24 D9 5d B4 84 6f DB
E7 3E C2 2B EE 11 ed F8 af be 9f 6D 30 D2 65
3A Fe 4f 05 D5 40 EB 8d C1 A4 23 A2 4E C1 6b
95 56 62 FD C6 79 70 4E 46 E5 C2 dB E7 5f 3f
86 17 C2 7d 67 C9 90 1C 20 D1 9f 77 B0 6a 2f
0e FD 77 F1 0C EC 7C 39 F2 D4 84 A7 0a 4E 69
05 EC 85 EE A7 17 48 30 de da F8 4C 63 9A 5b
F6 F0 E8 85 A7 16 F5 7A 3B 3D 42 89 4C da 81
Ed D8 39 C5 9d 8A 8B 5d A2 F9 C5 2C D9 3A de
This is why I entered the number 1 in a perfect international SF chat. The 10 packets in the screenshot are not displayed in the same comparison method or different comparison method. Basically, nothing useful is available because of me. is the interception time different or is it encrypted?
I tried to replace the number 2 package with 1, but input 1 is 1 input 2 is 2 does not work.
In addition, I would like to ask if the legendary packets are not encrypted? Why can I replace it if someone else just intercepts it?
Hope you can check it out.
Answer
Many people basically know how WPE works, but they still cannot use it to modify the game or make plug-ins. Why? In fact, it is very simple, because they do not have enough analysis on the packets, they do not know that the packets can be encrypted, but do not know how to decrypt the packets.
I want to explain the several frequently used encryption methods in the game-exclusive or operation encryption and backpack operation encryption. I also want to explain how to analyze these encrypted packets and how to find their internal rules, how to make fake packets to meet its encryption rules
To the purpose of modifying the game!
In general, packets of online games can be encrypted. Simple encryption is used for general data, which does not affect the speed of Games. However, it is very useful for game security and is very important for data, A complex encryption method can be used to ensure game balance. For example:
The ranking of Characters in the game. This is a very important data. We must adopt a very good encryption method to keep confidential data and it will not be easily modified, we will start to tell you about the three common encryption methods and provide decryption methods.
Understanding, this is crucial to game modification! It cannot be decrypted, so it cannot be used as a plug-in!
Exclusive or operation encryption:
Exclusive or operation encryption is a common encryption method. For your intuitive understanding, we will analyze the image below!
This is a very simple exclusive or operation. After encryption, we can see a, B, c, d, e, f. However, it does not actually mean this, actually, it means 1, 2, 3, 4, 5, 6. When we see 1, it actually means 6. Of course, this
Exclusive or operations are relatively simple, but they do not follow certain rules during ing. If you want to crack the rule only when you know A, B, and C, that requires some experience and skills!
If you have a high school or higher education level (I think it should be OK ?), I want to use the Function Method to explain the encryption problem. This is easy for everyone to understand.
Y = f (x ),
Here, X is equivalent to abcdef in our graph, and Y is 123456, the arrow is F, F is the ing method, and the function is a ing method, from the perspective of functions and ing, encryption is very good and correct,
Why should we talk about this encryption method?
This encryption method is not very concealed, but is very easy to implement. You can call it in the entire software by establishing a ing. Therefore, when making a game, creating a ing does not require too much technology, and this ing can be modified at any time.
It is often easy to maintain and update. If the ing rule is cracked, you can also update the game to update the ing to keep it confidential. Therefore, this encryption method is often used in the game, more importantly, this encryption method has low requirements on computers and high computing speed.
Fast, does not affect the speed of the game, so it is often used. If this encryption method can be effectively cracked, we can easily modify some key data in the game.
The following uses an internet cafe management software to explain the exclusive or operation encryption, and explains how to crack this encryption method:
In a network management software, there is a member function, which is like this. Any member can register without the Internet cafe owner but directly go to the computer, enter your username and password to unlock the instance. You can start using your computer.
Everyone knows this function, right?
In fact, the software implements this function. First, the user enters the user name and password, and then sends the user name and password to the master computer (usually the computer around the Internet cafe boss ), the master computer checks whether the user name exists. If yes
Check whether the password is correct. We don't care about this. We already know that the user name and password will be sent to the master computer. Well, if the password is sent, packets will be sent to the master machine, you can intercept it in the middle. This is the expertise of WPE. Of course, you can also use other
No matter how many hacker tools we use to intercept, we must first intercept several user names and passwords. The following is the packet intercepted on a computer. The content is as follows:
Send 0000 01 00 00 00 7A 68 61 6e 67 6a 75 6e 30 30 37 00
00 02 00 64 66 6C 64 68 6a 66 64 65 6a 68 00 00
It is really troublesome to analyze this package. It's so long that we can't catch it all the time? There is a simple method here. Don't forget the method we have mentioned earlier. Our golden rule is the comparison method and the Structure Law. Here we use the comparison method and the comparison method.
Comparison and comparison are different, so it is easy to identify where the user name and password are, which is very useful for our analysis. As for how to compare them, we have explained in detail in the previous chapter, I believe everyone knows this. Well, we will not be arrogant here! Directly!
Through comparison, we know that,
Username: 7A 68 61 6e 67 6a 75 6e 30 30 37
Password: 64 66 6C 64 68 6a 66 64 65 6a 68
We will immediately use our carry experts to deal with these hexadecimal texts. The translated results are as follows:
Username: zhangjun007
Password: dfldhjfdemo-
Obviously, the password is not correct, because it is hard for ordinary people to remember, from the general situation analysis, generally does not display the password casually, it must be encrypted before it can be sent safely, otherwise, it is very dangerous. In case of interception, it is easy to be stolen.
Therefore, we have good reasons to believe that this is not a real password. How can we analyze it? Now we should use our exclusive or operation analysis to analyze this password!
Take a look at the features of the password, all of which are letters and concentrated in A to L. Without any analysis, we can assume that this is a single full ing (the characteristics and analysis methods of the single full ing are provided later). what we get is the original map.
You need to create a ing for analysis. The simple ing is from letters to see if a rule can be found. The analysis is very long, we have established a ing from A to a to A and analyzed from A to Z one by one. The results are all incorrect. Therefore, we should consider the ing from letters to numbers.
Finally, the ing is mapped from C to L to 0-9. The analysis result is as follows:
Password: 13915731275
It is estimated that it is a mobile phone number. After testing, the password is correct and can be used!
The above example does not teach you how to analyze, but shows you how exclusive or operation encryption is going on! Now let's go to the analysis of exclusive or operations. You should pay attention to the analysis methods and practice more. It will be easy to deal with encrypted packets in the future!
If you have studied encryption technology, skip the chapters you are familiar!
Encryption and decryption
For the sake of simplicity, we will not use a packet for analysis here, because the packet steps from 16 bits to 10 bits are very troublesome. Let's look at the differences or below.
From one hexadecimal to another is a single XOR operation, and it is a single full ing. The so-called single full ing means that every image has an original image, and every original image has an image, for example, our ing is from hexadecimal to decimal, like, all the numbers in hexadecimal,
In hexadecimal notation, the number is the original image. Each 10-digit number corresponds to a single 16-digit number. Therefore, all images have a unique original image, each hex system corresponds to only one decimal number. Therefore, each image has only one image,
Such a ing is a single full ing! This ing is the most efficient to use. You can know that the values returned by each function call are useful. The following is a single full shot:
However, this operation is complicated to analyze. From a simple analysis, you can think about it. If we have this correspondence, 0 corresponds to a, 1 corresponds to B, and so on, if your birthday is: July 22, February 14, 1986, If we encrypt your birthday, follow
This is the result of our ing. You can see if this result is not so easy to recognize. This is encryption. If you change the corresponding start point, what if 0 corresponds to a but 0 corresponds to E? Of course it will change. The XOR operation is simple.
Single, but it can be seen that encryption is still very effective!
So how do we know whether a packet is encrypted by exclusive or operation?
We don't know!
You may be confused about this answer, but it is completely unnecessary. Do you know what I eat in the morning? Don't you know? Of course I don't know. Who knows? But we can know that either food, water, or nothing is eaten,
It's very easy. If you eat all the food, you will always eat it. so, although we do not know whether exclusive or operations are used for packets, however, we can assume that we have already adopted this feature and continue the analysis! Exclusive or operations do not change any data
Does not affect any analysis.
So how can we analyze it? If a packet is indeed encrypted by an exclusive or operation, how can we find its encryption method? This requires the enumeration method. The so-called enumeration method is also called the exhaustive method. If you think that the number of packets you send should be a number, you can find the number.
For example, y = f (x)
Let's look for a few points, called known points, and then solve the equation. For example, we already know that a corresponds to 0, D corresponds to 3, and f corresponds to 5, then we can do this, f (a) = 0, F (d) = 3,
This exclusive or operation is linear, that is, it can be regarded as a one-dimensional operation, so there are two points that can be calculated. We can think that the ing is f (x) = ASC (x)-97. Here ASC () is a function in VB, which returns the ASCII code of the letter.
Sample: We can take F to correspond to 5 for testing. Maybe you will ask me how to come to these points. Can these determine where the points of the function come from? In fact, it is very simple. For example, you need to know the connection between the number of money in the game and the number in the package.
System, we have to find some points to determine, we can find it through some methods, for example, we threw away a dollar and looked at the number, here we find a point, if you cannot determine a point, you can take more points for determination. If you still cannot
In addition, if it is an irregular shadow, it is necessary to retrieve all the points. Of course, because the number like Qian is too wide, it is impossible to create an irregular shadow like the picture we give, otherwise, it is difficult to calculate and affect the game speed, so you can be certain: the amount of money in the game
Word encryption must be rule-based operation encryption. I don't know if it's an exclusive or operation-based encryption! But we can assume we are doing what we want to do!
Of course, the rules for exclusive or operations are self-built and can be infinitely large. It is impossible to explain all the methods for cracking to you. You need to analyze them more, this requires experience and skills. You need to think from the perspective of others, "what if I want encryption?
Simple computing, good encryption, and easy Design of encryption functions. "If you think too much, you will know that exclusive or operation encryption can be easily analyzed, of course, our brains alone are painful. Why not find some tools to help analysis? Very
Many hacker software have the ability to analyze and encrypt data. When you learn more, it will be very helpful for your packet cracking. Maybe they can provide better ideas for cracking!
Encryption and decryption
Backpack encryption is a very advanced encryption method, which is not easy to crack and is relatively easy to restore. Therefore, using this encryption method to encrypt game data is also very good, as long as you know the backpack, it is easy to calculate, so this encryption method is used in the game.
Encryption does not have a great impact on the game, it does not impose a huge burden on the server, and encryption is very secure. encryption is very reliable for some important data, after talking about this, you may ask: "What is a backpack encryption method ?"
The following is a description.
There are two types of backpacks: a backpack and a multiplication backpack! Want to talk about adding a backpack!
We know that: 1 <+ 2 <+ 2 + 2 + 4 <+ 1 + 2 + 8 <16 ,......, Then, if we choose these numbers, which are arranged from small to large, and if the sum of all the preceding numbers is smaller than the following, these numbers can constitute a backpack, let's give this
The sum of some numbers in a backpack, which is the encrypted number. This number is composed of only one combination, which is a secret, for example, a packet (, 24, 48) is composed of some numbers in this backpack:
86. Do you know how 86 came about? Of course, if you look at the content in the backpack, you can know that it was obtained from 2 + 12 + 24 + 48. If you don't have this backpack, you can directly get this 86, do you know the minimum number that makes up this 86? You cannot know, because
There are many numbers equal to 86: 85 + 1 = 86,82 + 2 = 86, etc. You can't know, so it is very hard to encrypt the backpack.
How can we use this encryption in the game? You can give an example.
If the user name and password in the game can only contain letters and numbers, then there are 36 elements in total. We use a backpack containing 36 elements, an element in the backpack corresponds to a letter or number. After the player sets the user name
Translate the name into the elements in the backpack and add the numbers converted from these users to get a number. This number is the user name. Do you know the user name? Maybe you haven't understood what I'm talking about yet. I'll give you a more specific example.
White!
The password is 511, Which is encrypted by adding a backpack. If you do not have a backpack, do you know the password? I don't know!
If I tell you the backpack is: (1, 2, 4, 8, 16, 32, 64,128,256), maybe you know more about the password!
If I tell you, this is an addition backpack and has the following correspondence relationships: 1 corresponds to a, 2 corresponds to B, 4 corresponds to C, 8 corresponds to D, 16 corresponds to E, 32 corresponds to F, 64 --> G, 128 ----> H, 256 ----> I, then you may know the password is: abcdefghi, how about, from 511
Is it hard to think of this password? Maybe you will say, what if the password is not in this order? Of course, this is entirely possible, but we did not consider it for simplicity.
How to decrypt such complicated encryption? There are two methods to crack:
1. Use isolated points to crack; 2. Use a backpack to crack.
The so-called isolated point, or the above backpack as an example, we can set the password to a to see what password is obtained? 1. if we set the password to B and the obtained password to 2, we can cite all the elements in the backpack using isolated points.
Come on, so that we can get our backpack and solve the problem below. Isn't it easy? In fact, during encryption, they may use the exclusive or operation to encrypt the data first, and then use the backpack encryption. This is even more difficult to crack. The isolation method is very effective, but not
It is omnipotent and should be used in combination with the previous method!
Using a backpack is simple. If you want to encrypt a backpack, you can encrypt it. If you want to decrypt it, you need a backpack, or the game server will have this backpack. If you find this backpack, it will not be solved.
Is there a problem? How to find it? For reference to other books, this book cannot accommodate so much content! Pay special attention to game programming. If you know how to do it, you will know where it is!
After adding a backpack, let's talk about multiplication a backpack!
Encryption and decryption
Multiplication backpack
The multiplication backpack is more complex than the addition backpack. It not only requires a large amount of computing, but more importantly, you get a larger encrypted data, generally hundreds of millions of data, in addition, in many confidential authorities, the data in the backpack does not have this unit, but uses a bit,
There are hundreds of encrypted data records. If you get this number, you will be amazed. If it is not a 10-digit number, what is a 7-digit number, 3 hexadecimal: these are not commonly used hexadecimal. It's hard to break them, but don't be afraid. It's absolutely not in the game.
There will be such a complicated encryption. If a piece of data is hundreds of digits, and it is still very in hexadecimal format, you can think about how long it will take for a computer to count and how much will it affect the speed of the game! Therefore, we have a good reason to believe that the encryption in the game is simple, and you have to pay it back.
Look at the multiplication backpack:
1 <2, 1 + 2 <3, 1*2*3 <7, 1*2*3*7 <1683, 1*2*3*7*42 <, the number is growing rapidly, the complexity is because the numbers are big!
The characteristics of a backpack are: if the data in the backpack is arranged in ascending order, then the product of all the preceding data is smaller than any other element. This is the characteristics of the backpack, isn't it very simple, but you need to know that the product number is growing very fast!
How to crack a multiplication backpack?
Like a backpack, you can use isolated points or directly obtain a backpack to crack it!
In general, the game will not use a multiplication backpack for encryption, but it is not impossible to use small data. You can also understand this encryption! :
If we already know the backpack and get encrypted data, how do we know that the number of this backpack has been in those element groups?
This is the case in the addition backpack. Find a number which is closest to this number but smaller than this number. This number A must be in it, and then subtract the encrypted number, compare the number after the subtraction and repeat the above operations, it is easy to find all the components
Su! The method of multiplication is the same. I will not introduce it here!
Backpack decryption is very complicated. You can learn a little and master it if you can master it. If you cannot master it, forget it!
Well, encryption and decryption are all about this. If you are interested, you can learn more about encryption and decryption technologies. This technology is a new technology, and many data needs to be encrypted, such as bank data, encryption is very important. If you learn this technology
Development is also useful!