Jump to content


Blue Bird With More Than 40 Characters


  • Please log in to reply
26 replies to this topic

#1 Kurizumari

Kurizumari

    Advanced Member

  • Members
  • PipPipPip
  • 1037 posts
  • KuriMakise
  • DN, Springwood
  • Midgets

Posted 19 June 2017 - 12:52 AM

Can someone explain to me how this guy can shout 3-4 times the character limit of blue bird?

Spoiler

I tried counting the number of characters in his shouts.
Spoiler

Afaik, you can only bird 40 characters at most. So what kind of sorcery is this? (oo)

Posted Image


I tried asking the guy but he doesn't want to tell.  (:[)

#2 XxXh0lic

XxXh0lic

    Member

  • Members
  • PipPipPip
  • 1126 posts
  • OverNeko, Hikariful
  • DN, Westwood
  • ColosseumKnight

Posted 19 June 2017 - 01:15 AM

Ugh! Blue bird spammers are such attention w h o r e s.

That looks fishy especially when he does not want to tell how.

Edit: LMAO! w h o r e s was changed to angels. The censorship in this forum is too hilarious. (:D)

Edited by XxXh0lic, 19 June 2017 - 01:16 AM.


#3 xEquation

xEquation

    Advanced Member

  • Members
  • PipPipPip
  • 5827 posts
  • PepperPoke | EonKreuz
  • DN, Holywood
  • Phyrexians | Treadstone

Posted 19 June 2017 - 02:35 AM

im more interested it xX36On0Sc0p3420BL4z31t69Xx

#4 Sot

Sot

    Member

  • Members
  • PipPipPip
  • 1876 posts
  • DN, Springwood

Posted 19 June 2017 - 03:06 AM

ooo was wondering too

#5 Nvin

Nvin

    Member

  • Members
  • PipPip
  • 451 posts
  • Lorallite
  • DN, Springwood
  • QUEENS Guild

Posted 19 June 2017 - 03:29 AM

I also happened to see that in world shout while leveling (and actually sang some of them LOL before realizing something was not right). (:D) (:D) (:D)

#6 Riuga

Riuga

    Member

  • Members
  • PipPip
  • 889 posts
  • iRiuga
  • DN, Holywood
  • Programmers

Posted 19 June 2017 - 05:30 AM

I wouldn't be surprised if the server was so horribly programmed as to not validate world chat packets for length, considering my whole security thread and all. Yes, I'm hinting at the fact that this could be packet editing, but take it with a grain of salt for now until I or someone else tests it.

Edited by Riuga, 19 June 2017 - 05:32 AM.


#7 PencilNote

PencilNote

    Member

  • Members
  • PipPip
  • 321 posts
  • Grayasf
  • DN, Holywood
  • Average

Posted 19 June 2017 - 04:42 PM

View PostRiuga, on 19 June 2017 - 05:30 AM, said:

I wouldn't be surprised if the server was so horribly programmed as to not validate world chat packets for length, considering my whole security thread and all. Yes, I'm hinting at the fact that this could be packet editing, but take it with a grain of salt for now until I or someone else tests it.
If this is the case, then I commend the guy for going through the effort just to send, ugh, l y r i c s.

#8 gianne07

gianne07

    Member

  • Members
  • PipPipPip
  • 5353 posts
  • StygianVII
  • DN, Westwood
  • Lewdinity

Posted 20 June 2017 - 11:25 AM

I wanna learn how too, i can't shout Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn in one go

#9 Riuga

Riuga

    Member

  • Members
  • PipPip
  • 889 posts
  • iRiuga
  • DN, Holywood
  • Programmers

Posted 20 June 2017 - 11:36 AM

It's obviously packet editing. The server gets to approve of every world chat packet before broadcasting it to every other client, and it's obviously not checking for message length. I suspect this is because other regions of DN may need longer world chat message lengths, thus they set the server's limit (40 characters; I will test to see if it accepts more) rather high for good measure. I asked Mantou for permission to test this myself (to capture, edit, and replay zone / yellow bird chat packets), and I have received it. I know it's going to work, so this is more or less for evidence.

Before anyone says anything, no, I will not be testing this in Saint Haven, but rather in a certain obscure town in a ghost-town channel. Your chat box will not be cluttered up with my test messages.

Edited by Riuga, 20 June 2017 - 11:39 AM.


#10 Riuga

Riuga

    Member

  • Members
  • PipPip
  • 889 posts
  • iRiuga
  • DN, Holywood
  • Programmers

Posted 21 June 2017 - 12:32 AM

It seems as though Eyedentity has done something right for once. The second half of the world chat packets have what seem to be 1 ~ 3 HMACs (32, 10, and 2 bytes, in order), thus it was infeasible for me to modify and replay some of my captured packets. It seems to be a good HMAC implementation as they are entirely different even for identical world chat messages, so they're using some type of nonce as they should. Could Eyedentity have ninja-patched their security flaws? Since I have not studied world chat packets prior to this, I'll have to test this tomorrow against some of the packets I did study in the past.

What I now suspect is that he used a client-side hack (or just disassembled, edited out the 10 character limit, and reassembled the client executable) in order to allow himself to type messages beyond 10 characters and get the client to do all of the encryption / HMAC generation / send routines for him, as this would be far, far more feasible than "regular" packet editing in this case. I understand that I previously said "it's obviously packet editing", however what he's doing is just an alternative method that leads to the same end result. In some sense you can think of it as him getting the client to generate / "edit" (in a very loose sense) the packets he wants.

Needless to say, the server is the one at fault here. I have told Mantou to tell Eyedentity to patch up their server code a bit, but needless to say, this is a rather amateur mistake coming from a "professional" studio such as ED. You never blindly trust anything the client sends. Period.

Edited by Riuga, 21 June 2017 - 12:56 AM.


#11 Nvin

Nvin

    Member

  • Members
  • PipPip
  • 451 posts
  • Lorallite
  • DN, Springwood
  • QUEENS Guild

Posted 24 June 2017 - 05:52 PM

View PostDISKDISH, on 24 June 2017 - 05:34 PM, said:

are you talking to yourself? no one seems interested with your explanation and yet you still post those garbage theory, you talk too much on packet shet and based on all of your post you don't know the real deal on packets! question if your really knows dn packets, what encryption key they use? lol.....
I do not understand why you need to post this.

I, for one, was interested. It is amazing how Riu can test and provide testing information as such.

Are you a Network Engineer or something? you could have clarified what is wrong with the information, ideally on packets, he has given. Can you provide same testing as he did. Because we were really wondering how that 40 character limit was bypassed.

Packet Editing, as Riu suggested and checked, can be a possibility. Do you have other leads to such case?

Do not spread flame all over the place, if something is wrong, correct them. If you do not know what is being said, perhaps better not post or reply.

#12 DISKDISH

DISKDISH

    Member

  • Members
  • PipPip
  • 261 posts
  • Basher's of Basher

Posted 24 June 2017 - 05:59 PM

View PostRiuga, on 21 June 2017 - 12:32 AM, said:

It seems as though Eyedentity has done something right for once. The second half of the world chat packets have what seem to be 1 ~ 3 HMACs (32, 10, and 2 bytes, in order), thus it was infeasible for me to modify and replay some of my captured packets. It seems to be a good HMAC implementation as they are entirely different even for identical world chat messages, so they're using some type of nonce as they should. Could Eyedentity have ninja-patched their security flaws? Since I have not studied world chat packets prior to this, I'll have to test this tomorrow against some of the packets I did study in the past.

What I now suspect is that he used a client-side hack (or just disassembled, edited out the 10 character limit, and reassembled the client executable) in order to allow himself to type messages beyond 10 characters and get the client to do all of the encryption / HMAC generation / send routines for him, as this would be far, far more feasible than "regular" packet editing in this case. I understand that I previously said "it's obviously packet editing", however what he's doing is just an alternative method that leads to the same end result. In some sense you can think of it as him getting the client to generate / "edit" (in a very loose sense) the packets he wants.

Needless to say, the server is the one at fault here. I have told Mantou to tell Eyedentity to patch up their server code a bit, but needless to say, this is a rather amateur mistake coming from a "professional" studio such as ED. You never blindly trust anything the client sends. Period.

Have you watched hunterxhunter? when gon and killua learned how to use nen? their master said "im afraid that i awaken those monster!" based on your post you have the knowledge and i bet u tried also to do dirty things on dn! but posting those info about tools u use like wireshark, wpe, makes other or those sleeping smart player awaken their true talents? all of your post with this, with that, with packet, with dis-amble, did you find anything? none? you said packet is the way, then later on u take it back now it is a dis-ambling thing? pls stop it your making your self idiot, if you they could edit things just using client based code and affect the server maybe they are godly insane inside game now...... is this a show off that your a genius? lol!

#13 DISKDISH

DISKDISH

    Member

  • Members
  • PipPip
  • 261 posts
  • Basher's of Basher

Posted 24 June 2017 - 06:02 PM

View PostNvin, on 24 June 2017 - 05:52 PM, said:

I do not understand why you need to post this.

I, for one, was interested. It is amazing how Riu can test and provide testing information as such.

Are you a Network Engineer or something? you could have clarified what is wrong with the information, ideally on packets, he has given. Can you provide same testing as he did. Because we were really wondering how that 40 character limit was bypassed.

Packet Editing, as Riu suggested and checked, can be a possibility. Do you have other leads to such case?

Do not spread flame all over the place, if something is wrong, correct them. If you do not know what is being said, perhaps better not post or reply.

to stop him posting vital details, if he really know a thing, he should directly contact cc, not posting those info, im not network engineer, but! wahahaah secret!

if you have watch hxh, imagine riu was the teacher and those viewing his thread was gon and killua

Edited by DISKDISH, 24 June 2017 - 06:04 PM.


#14 StefSan

StefSan

    Member

  • Members
  • PipPipPip
  • 3702 posts
  • NasagiChan
  • DN, Greenwood
  • KokoCrunch

Posted 24 June 2017 - 06:04 PM

View PostDISKDISH, on 24 June 2017 - 05:59 PM, said:

....short...

I smell Butthurt... (:>) (oo;)

#15 DISKDISH

DISKDISH

    Member

  • Members
  • PipPip
  • 261 posts
  • Basher's of Basher

Posted 24 June 2017 - 06:10 PM

View PostStefSan, on 24 June 2017 - 06:04 PM, said:

I smell Butthurt... (:>) (oo;)

yes my butthurt so much! smell my azz too wahahaha

#16 Nvin

Nvin

    Member

  • Members
  • PipPip
  • 451 posts
  • Lorallite
  • DN, Springwood
  • QUEENS Guild

Posted 24 June 2017 - 06:16 PM

View PostDISKDISH, on 24 June 2017 - 06:02 PM, said:

to stop him posting vital details, if he really know a thing, he should directly contact cc, not posting those info, im not network engineer, but! wahahaah secret!

if you have watch hxh, imagine riu was the teacher and those viewing his thread was gon and killua

IIRC, he is in contact with Mantou, which I believe works with CC.

He posted here to share information he thinks might caused the "bug" and checked it. It so happened, that upon checking, the packets are somehow secured in a way that they are not allow him to edit it. Hence, his hypothesis was not proven correct.

Since you are not in a network field of expertise, that makes your sarcasm rant not valid. Otherwise, you can help or manage to share some thoughts about how that "bug" happened.

I am sorry, I fail to understand your point, as this is not Hunter X Hunter and those who reads these posts are real, alive human beings and, apparently, not Gon and Kilua. If they do, I sure wish they could share their thoughts. I bet they might have some good ideas instead of criticizing others without a single idea what the topic/post is about.

Edited by Nvin, 24 June 2017 - 06:17 PM.


#17 Riuga

Riuga

    Member

  • Members
  • PipPip
  • 889 posts
  • iRiuga
  • DN, Holywood
  • Programmers

Posted 24 June 2017 - 06:18 PM

You are the one who's proving yourself to be an idiot, if anything.

The server does not check packets for > 10 character length, for if it did, then it would not broadcast it to every other client. So yes, they can hack the client to allow them to type and send longer messages, and since the server does not verify the length, it will broadcast it to other clients as the OP demonstrates. I never said that you can hack the client to make yourself "god"; I am talking strictly in the context of world chat.


Some may consider what I'm doing as "leaking" information, however I guarantee you that anyone serious about hacking DN and is competent enough to do so has already discovered all of these things long before I ever discussed them in public. I see nothing wrong with discussing these types of information in public as a result. Those who have to rely on me to give them information regarding these things are obviously too incompetent to even apply my information for malicious use.

Having said that, I consider myself a benevolent pro bono security / networking analyst in the context of DN, not a malicious hacker as you fantasize about. I play by CC's rules, which include not disassembling the client. I do not have to personally disassemble the client in order to know that it is possible to edit out the 10 character limit via this method.

I am confident in what I say as server and database programming was my job for 5 years until the company I used to work for got bought by a larger company (which I am working for at the moment). In my time, I have done server-side and cryptography programming for my own MMO project (Project S), and contributed to two other (C300 & C500) MMO servers (not private servers, to be clear). In recent days, I have also started working on yet another game server project.

Goodbye, Diskdish. This will be my first and last post regarding your asinine rambling unless you have something intelligent to say.

Edited by Riuga, 24 June 2017 - 06:21 PM.


#18 DISKDISH

DISKDISH

    Member

  • Members
  • PipPip
  • 261 posts
  • Basher's of Basher

Posted 24 June 2017 - 06:19 PM

this is so hilarious, really rui asking permission to use third party program?

1. using third party is against rules and regulation. your not part of the technical/dev team.
2. asking permission is senseless, u could directly use it, do cc live in your house and see thats your testing some genius thing?
3. you could go direct and send cc your finding
4. what is the shet reason why you posting those things? to impress other? people just love leeching..... wahahaha

#19 DISKDISH

DISKDISH

    Member

  • Members
  • PipPip
  • 261 posts
  • Basher's of Basher

Posted 24 June 2017 - 06:28 PM

View PostRiuga, on 24 June 2017 - 06:18 PM, said:

"leaking" - the moment u posted wireshark

Having said that, I consider myself a benevolent pro bono security / networking analyst in the context of DN, not a malicious hacker as you fantasize about. I play by CC's rules, which include not disassembling the client. I do not have to personally disassemble the client in order to know that it is possible to edit out the 10 character limit via this method. - contradict with your theory? you already done dis-ambling thing in dn, you cannot say apple are good or apple maybe good unless u already tasted it!

I am confident in what I say as server and database programming was my job for 5 years until the company I used to work for got bought by a larger company (which I am working for at the moment). In my time, I have done server-side and cryptography programming for my own MMO project (Project S), and contributed to two other (C300 & C500) MMO servers (not private servers, to be clear). In recent days, I have also started working on yet another game server project. - never heard of this game? so this game failed ahahaha?

Goodbye, Diskdish. This will be my first and last post regarding your asinine rambling unless you have something intelligent to say. - will as like older days i need an L and N to deal with - kira

Edited by DISKDISH, 24 June 2017 - 06:30 PM.


#20 Nvin

Nvin

    Member

  • Members
  • PipPip
  • 451 posts
  • Lorallite
  • DN, Springwood
  • QUEENS Guild

Posted 24 June 2017 - 06:31 PM

View PostDISKDISH, on 24 June 2017 - 06:28 PM, said:

"leaking" - the moment use posted wireshark

Having said that, I consider myself a benevolent pro bono security / networking analyst in the context of DN, not a malicious hacker as you fantasize about. I play by CC's rules, which include not disassembling the client. I do not have to personally disassemble the client in order to know that it is possible to edit out the 10 character limit via this method. - contradict with your theory? you already done dis-ambling thing in dn, you cannot say apple are good or apple maybe good unless u already tasted it!

I am confident in what I say as server and database programming was my job for 5 years until the company I used to work for got bought by a larger company (which I am working for at the moment). In my time, I have done server-side and cryptography programming for my own MMO project (Project S), and contributed to two other (C300 & C500) MMO servers (not private servers, to be clear). In recent days, I have also started working on yet another game server project. - never heard of this game? so this game failed ahahaha?

Goodbye, Diskdish. This will be my first and last post regarding your asinine rambling unless you have something intelligent to say. - will as like older days i need an L and N to deal with - kira

View PostDISKDISH, on 24 June 2017 - 05:34 PM, said:

are you talking to yourself? no one seems interested with your explanation.

Edited by Nvin, 24 June 2017 - 06:33 PM.