internal Results BufferTCPPacket_MS2(TcpPacket pTCPPacket, DateTime pArrivalTime)
{
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (Terminated)";
return(mPackets.Count == 0 ? Results.CloseMe : Results.Terminated);
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort + " - " + mRemotePort;
startTime = DateTime.Now;
try
{
mRemoteEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).SourceAddress.ToString() + ":" + pTCPPacket.SourcePort.ToString();
mLocalEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).DestinationAddress.ToString() + ":" + pTCPPacket.DestinationPort.ToString();
Console.WriteLine("[CONNECTION] From {0} to {1}", mRemoteEndpoint, mLocalEndpoint);
return(Results.Continue);
}
catch
{
return(Results.CloseMe);
}
}
if (pTCPPacket.Syn && pTCPPacket.Ack)
{
mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return(Results.Continue);
}
if (pTCPPacket.PayloadData.Length == 0)
{
return(Results.Continue);
}
if (mBuild == 0)
{
byte[] tcpData = pTCPPacket.PayloadData;
if (pTCPPacket.SourcePort == mLocalPort)
{
mOutboundSequence += (uint)tcpData.Length;
}
else
{
mInboundSequence += (uint)tcpData.Length;
}
byte[] headerData = new byte[tcpData.Length];
Buffer.BlockCopy(tcpData, 0, headerData, 0, tcpData.Length);
PacketReader pr = new PacketReader(headerData);
ushort rawSeq = pr.ReadUShort();
int length = pr.ReadInt();
if (headerData.Length - 6 < length)
{
Console.WriteLine("Connection on port {0} did not have a MapleStory2 Handshake", mLocalEndpoint);
return(Results.CloseMe);
}
ushort header = pr.ReadUShort();
if (header != 1)//RequestVersion
{
Console.WriteLine("Connection on port {0} did not have a valid MapleStory2 Connection Header", mLocalEndpoint);
return(Results.CloseMe);
}
uint version = pr.ReadUInt();
uint localIV = pr.ReadUInt();
uint remoteIV = pr.ReadUInt();
uint blockIV = pr.ReadUInt();
byte ignored = pr.ReadByte();
mBuild = version;
mLocale = 0;//TODO: Handle regions somehow since handshake doesn't contain it
mPatchLocation = "MST";
mOutboundStream = new MapleStream(true, rawSeq, mBuild, localIV, blockIV);
mInboundStream = new MapleStream(false, rawSeq, mBuild, remoteIV, blockIV);
// Another packet was sent with handshake...
if (pr.Remaining > 0)
{
// Buffer it since it is encrypted
mInboundStream.Append(pr.ReadBytes(pr.Remaining));
}
// Generate HandShake packet
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, false, header);
if (definition == null)
{
definition = new Definition();
definition.Outbound = false;
definition.Locale = mLocale;
definition.Opcode = header;
definition.Name = "RequestVersion";
definition.Build = mBuild;
SaveDefinition(definition);
}
{
var filename = Helpers.GetScriptPath(mLocale, mBuild, false, header);
Helpers.MakeSureFileDirectoryExists(filename);
// Create main script
if (!File.Exists(filename))
{
string contents = @"
using (ScriptAPI) {
AddShort(""Raw Sequence"");
AddField(""Packet Length"", 4);
AddShort(""Opcode"");
AddField(""MapleStory2 Version"", 4);
AddField(""Local Initializing Vector (IV)"", 4);
AddField(""Remote Initializing Vector (IV)"", 4);
AddField(""Block Initializing Vector (IV)"", 4);
}
";
File.WriteAllText(filename, contents);
}
}
// Initial TCP packet may not be split up properly, copy only handshake portion
byte[] handshakePacketData = new byte[6 + length];
Buffer.BlockCopy(tcpData, 0, handshakePacketData, 0, length + 6);
MaplePacket packet = new MaplePacket(pArrivalTime, false, mBuild, mLocale, header, definition == null ? "" : definition.Name, handshakePacketData, (uint)0, remoteIV);
if (!mOpcodes.Exists(op => op.Outbound == packet.Outbound && op.Header == packet.Opcode)) // Should be false, but w/e
{
mOpcodes.Add(new Opcode(packet.Outbound, packet.Opcode));
}
mPacketList.Items.Add(packet);
AddPacket(packet);
Console.WriteLine("[CONNECTION] MapleStory2 V{2}", mLocalEndpoint, mRemoteEndpoint, mBuild);
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
return(Results.Show);
}
if (pTCPPacket.SourcePort == mLocalPort)
{
ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream, pArrivalTime);
}
else
{
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
}
return(Results.Continue);
}
private void ProcessTCPPacket(TcpPacket pTCPPacket, ref uint pSequence, Dictionary <uint, byte[]> pBuffer, MapleStream pStream, DateTime pArrivalDate)
{
if (pTCPPacket.SequenceNumber > pSequence)
{
byte[] data;
while (pBuffer.TryGetValue(pSequence, out data))
{
pBuffer.Remove(pSequence);
pStream.Append(data);
pSequence += (uint)data.Length;
}
if (pTCPPacket.SequenceNumber > pSequence)
{
pBuffer[(uint)pTCPPacket.SequenceNumber] = pTCPPacket.PayloadData;
}
}
if (pTCPPacket.SequenceNumber < pSequence)
{
int difference = (int)(pSequence - pTCPPacket.SequenceNumber);
if (difference > 0)
{
byte[] data = pTCPPacket.PayloadData;
if (data.Length > difference)
{
pStream.Append(data, difference, data.Length - difference);
pSequence += (uint)(data.Length - difference);
}
}
}
else if (pTCPPacket.SequenceNumber == pSequence)
{
byte[] data = pTCPPacket.PayloadData;
pStream.Append(data);
pSequence += (uint)data.Length;
}
MaplePacket packet;
bool refreshOpcodes = false;
try
{
mPacketList.BeginUpdate();
while ((packet = pStream.Read(pArrivalDate)) != null)
{
AddPacket(packet);
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, packet.Outbound, packet.Opcode);
if (!mOpcodes.Exists(op => op.Outbound == packet.Outbound && op.Header == packet.Opcode))
{
mOpcodes.Add(new Opcode(packet.Outbound, packet.Opcode));
refreshOpcodes = true;
}
if (definition != null && !mViewIgnoredMenu.Checked && definition.Ignore)
{
continue;
}
if (packet.Outbound && !mViewOutboundMenu.Checked)
{
continue;
}
if (!packet.Outbound && !mViewInboundMenu.Checked)
{
continue;
}
mPacketList.Items.Add(packet);
if (mPacketList.SelectedItems.Count == 0)
{
packet.EnsureVisible();
}
}
mPacketList.EndUpdate();
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
mTerminated = true;
Text += " (Terminated)";
//MainForm.CloseSession(this);
return;
}
if (DockPanel != null && DockPanel.ActiveDocument == this && refreshOpcodes)
{
MainForm.SearchForm.RefreshOpcodes(true);
}
}
private void ProcessTCPPacket(TcpPacket pTCPPacket, ref uint pSequence, Dictionary <uint, byte[]> pBuffer, MapleStream pStream, DateTime pArrivalDate)
{
if (pTCPPacket.SequenceNumber > pSequence)
{
byte[] data;
while (pBuffer.TryGetValue(pSequence, out data))
{
pBuffer.Remove(pSequence);
pStream.Append(data);
pSequence += (uint)data.Length;
}
if (pTCPPacket.SequenceNumber > pSequence)
{
pBuffer[(uint)pTCPPacket.SequenceNumber] = pTCPPacket.PayloadData;
}
}
if (pTCPPacket.SequenceNumber < pSequence)
{
int difference = (int)(pSequence - pTCPPacket.SequenceNumber);
if (difference > 0)
{
byte[] data = pTCPPacket.PayloadData;
if (data.Length > difference)
{
pStream.Append(data, difference, data.Length - difference);
pSequence += (uint)(data.Length - difference);
}
}
}
else if (pTCPPacket.SequenceNumber == pSequence)
{
byte[] data = pTCPPacket.PayloadData;
pStream.Append(data);
pSequence += (uint)data.Length;
}
MaplePacket packet;
bool refreshOpcodes = false;
try
{
mPacketList.BeginUpdate();
while ((packet = pStream.Read(pArrivalDate)) != null)
{
if (Locale == MapleLocale.GLOBAL && Build >= 193)
{
if (packet.Outbound)
{
if (isOpcodeTableLoaded)
{
ushort realOpcode = 0;
if (mOpcodeTable.TryGetValue(packet.Opcode, out realOpcode))
{
packet.Opcode = realOpcode;
}
packet.SubItems[3].Text = $"0x{packet.Opcode.ToString("X4")}";
}
}
else
{
if (!isOpcodeTableLoaded && packet.Opcode == HeaderTableOpcode)
{
bool healthy = false;
int blockSize, length = 0;
healthy = packet.ReadInt(out blockSize);
healthy = packet.ReadInt(out length);
byte[] buffer = new byte[length];
byte[] key = Encoding.ASCII.GetBytes("M@PleStoryMaPLe!");
healthy = packet.ReadBytes(buffer);
if (healthy)
{
string opcodes = TripleDESCipher.Decrypt(buffer, key);
for (ushort i = 0; i < 0x0A7F - Begin_User; i++)
{
if (i * 4 + 4 <= opcodes.Length)
{
string sOpcode = opcodes.Substring(i * 4, 4);
ushort uOpcode;
if (!UInt16.TryParse(sOpcode, out uOpcode))
{
break;
}
mOpcodeTable.Add(uOpcode, (ushort)(Begin_User + i));
}
else
{
healthy = false;
}
}
}
if (healthy)
{
isOpcodeTableLoaded = true;
}
}
}
}
AddPacket(packet);
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, packet.Outbound, packet.Opcode);
if (!mOpcodes.Exists(op => op.Outbound == packet.Outbound && op.Header == packet.Opcode))
{
mOpcodes.Add(new Opcode(packet.Outbound, packet.Opcode));
refreshOpcodes = true;
}
if (definition != null && !mViewIgnoredMenu.Checked && definition.Ignore)
{
continue;
}
if (packet.Outbound && !mViewOutboundMenu.Checked)
{
continue;
}
if (!packet.Outbound && !mViewInboundMenu.Checked)
{
continue;
}
mPacketList.Items.Add(packet);
if (mPacketList.SelectedItems.Count == 0)
{
packet.EnsureVisible();
}
}
mPacketList.EndUpdate();
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
mTerminated = true;
Text += " (Terminated)";
//MainForm.CloseSession(this);
return;
}
if (DockPanel != null && DockPanel.ActiveDocument == this && refreshOpcodes)
{
MainForm.SearchForm.RefreshOpcodes(true);
}
}
internal Results BufferTCPPacket(TcpPacket pTCPPacket, DateTime pArrivalTime)
{
if (Config.Instance.Maple2)
{
return(BufferTCPPacket_MS2(pTCPPacket, pArrivalTime));
}
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (Terminated)";
return(mPackets.Count == 0 ? Results.CloseMe : Results.Terminated);
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort + " - " + mRemotePort;
startTime = DateTime.Now;
try
{
mRemoteEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).SourceAddress.ToString() + ":" + pTCPPacket.SourcePort.ToString();
mLocalEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).DestinationAddress.ToString() + ":" + pTCPPacket.DestinationPort.ToString();
Console.WriteLine("[CONNECTION] From {0} to {1}", mRemoteEndpoint, mLocalEndpoint);
return(Results.Continue);
}
catch
{
return(Results.CloseMe);
}
}
if (pTCPPacket.Syn && pTCPPacket.Ack)
{
mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return(Results.Continue);
}
if (pTCPPacket.PayloadData.Length == 0)
{
return(Results.Continue);
}
if (mBuild == 0)
{
byte[] tcpData = pTCPPacket.PayloadData;
if (pTCPPacket.SourcePort == mLocalPort)
{
mOutboundSequence += (uint)tcpData.Length;
}
else
{
mInboundSequence += (uint)tcpData.Length;
}
ushort length = (ushort)(BitConverter.ToUInt16(tcpData, 0) + 2);
byte[] headerData = new byte[tcpData.Length];
Buffer.BlockCopy(tcpData, 0, headerData, 0, tcpData.Length);
bool mIsKMS = false;
PacketReader pr = new PacketReader(headerData);
if (length != tcpData.Length || tcpData.Length < 13)
{
if (socks5 > 0 && socks5 < 7)
{
if (pr.ReadByte() == 5 && pr.ReadByte() == 1)
{
pr.ReadByte();
mProxyEndpoint = mLocalEndpoint;
mLocalEndpoint = "";
switch (pr.ReadByte())
{
case 1: //IPv4
for (int i = 0; i < 4; i++)
{
mLocalEndpoint += pr.ReadByte();
if (i < 3)
{
mLocalEndpoint += ".";
}
}
break;
case 3: //Domain
//readInt - String Length
//readAsciiString - Address
break;
case 4: //IPv6
for (int i = 0; i < 16; i++)
{
pr.ReadByte();
}
break;
}
byte[] ports = new byte[2];
for (int i = 1; i >= 0; i--)
{
ports[i] = pr.ReadByte();
}
PacketReader portr = new PacketReader(ports);
mProxyPort = mRemotePort;
mRemotePort = portr.ReadUShort();
mLocalEndpoint += ":" + mRemotePort;
Text = "Port " + mLocalPort + " - " + mRemotePort + "(Proxy" + mProxyPort + ")";
Console.WriteLine("[socks5] From {0} to {1} (Proxy {2})", mRemoteEndpoint, mLocalEndpoint, mProxyEndpoint);
}
socks5++;
return(Results.Continue);
}
else if (tcpData.Length == 3 && pr.ReadByte() == 5)
{
socks5 = 1;
return(Results.Continue);
}
Console.WriteLine("Connection on port {0} did not have a MapleStory Handshake", mLocalEndpoint);
return(Results.CloseMe);
}
pr.ReadUShort();
ushort version = pr.ReadUShort();
byte subVersion = 1;
string patchLocation = pr.ReadMapleString();
byte[] localIV = pr.ReadBytes(4);
byte[] remoteIV = pr.ReadBytes(4);
byte serverLocale = pr.ReadByte();
if (serverLocale > 0x12)
{
return(Results.CloseMe);
}
if (serverLocale == 0x02 || (serverLocale == 0x01 && version > 255))
{
mIsKMS = true;
}
else
{
mIsKMS = false;
}
if (mIsKMS)
{
int test = int.Parse(patchLocation);
version = (ushort)(test & 0x7FFF);
subVersion = (byte)((test >> 16) & 0xFF);
}
else if (patchLocation.All(character => { return(character >= '0' && character <= '9'); }))
{
if (!byte.TryParse(patchLocation, out subVersion))
{
Console.WriteLine("Failed to parse subVersion");
}
}
mBuild = version;
mLocale = serverLocale;
mPatchLocation = patchLocation;
mOutboundStream = new MapleStream(true, version, mLocale, localIV, subVersion);
mInboundStream = new MapleStream(false, version, mLocale, remoteIV, subVersion);
// Generate HandShake packet
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, false, 0xFFFF);
if (definition == null)
{
definition = new Definition();
definition.Outbound = false;
definition.Locale = mLocale;
definition.Opcode = 0xFFFF;
definition.Name = "Maple Handshake";
definition.Build = mBuild;
SaveDefinition(definition);
}
{
var filename = Helpers.GetScriptPath(mLocale, mBuild, false, 0xFFFF);
Helpers.MakeSureFileDirectoryExists(filename);
// Create main script
if (!File.Exists(filename))
{
string contents = @"
using (ScriptAPI) {
AddShort(""Packet Size"");
AddUShort(""MapleStory Version"");
AddString(""MapleStory Patch Location/Subversion"");
AddField(""Local Initializing Vector (IV)"", 4);
AddField(""Remote Initializing Vector (IV)"", 4);
AddByte(""MapleStory Locale"");
}
";
File.WriteAllText(filename, contents);
}
}
MaplePacket packet = new MaplePacket(pArrivalTime, false, mBuild, mLocale, 0xFFFF, definition == null ? "" : definition.Name, tcpData, (uint)0, BitConverter.ToUInt32(remoteIV, 0));
if (!mOpcodes.Exists(op => op.Outbound == packet.Outbound && op.Header == packet.Opcode)) // Should be false, but w/e
{
mOpcodes.Add(new Opcode(packet.Outbound, packet.Opcode));
}
mPacketList.Items.Add(packet);
AddPacket(packet);
Console.WriteLine("[CONNECTION] MapleStory V{2}.{3} Locale {4}", mLocalEndpoint, mRemoteEndpoint, mBuild, subVersion, serverLocale);
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
return(Results.Show);
}
if (pTCPPacket.SourcePort == mLocalPort)
{
ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream, pArrivalTime);
}
else
{
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
}
return(Results.Continue);
}
private void ProcessTCPPacket(TcpPacket pTCPPacket, ref uint pSequence, Dictionary<uint, byte[]> pBuffer, MapleStream pStream, DateTime pArrivalDate)
{
if (pTCPPacket.SequenceNumber > pSequence)
{
byte[] data;
while ((data = pBuffer.GetOrDefault(pSequence, null)) != null)
{
pBuffer.Remove(pSequence);
pStream.Append(data);
pSequence += (uint)data.Length;
}
if (pTCPPacket.SequenceNumber > pSequence) pBuffer[(uint)pTCPPacket.SequenceNumber] = pTCPPacket.PayloadData;
}
if (pTCPPacket.SequenceNumber < pSequence)
{
int difference = (int)(pSequence - pTCPPacket.SequenceNumber);
if (difference > 0)
{
byte[] data = pTCPPacket.PayloadData;
if (data.Length > difference)
{
pStream.Append(data, difference, data.Length - difference);
pSequence += (uint)(data.Length - difference);
}
}
}
else if (pTCPPacket.SequenceNumber == pSequence)
{
byte[] data = pTCPPacket.PayloadData;
pStream.Append(data);
pSequence += (uint)data.Length;
}
MaplePacket packet;
bool refreshOpcodes = false;
try
{
while ((packet = pStream.Read(pArrivalDate, mBuild, mLocale)) != null)
{
mPackets.Add(packet);
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, packet.Outbound, packet.Opcode);
if (!mOpcodes.Exists(kv => kv.First == packet.Outbound && kv.Second == packet.Opcode))
{
mOpcodes.Add(new Pair<bool, ushort>(packet.Outbound, packet.Opcode));
refreshOpcodes = true;
}
if (definition != null && !mViewIgnoredMenu.Checked && definition.Ignore) continue;
mPacketList.Items.Add(packet);
if (mPacketList.SelectedItems.Count == 0) packet.EnsureVisible();
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
mTerminated = true;
Text += " (Terminated)";
//MainForm.CloseSession(this);
return;
}
if (DockPanel.ActiveDocument == this && refreshOpcodes) MainForm.SearchForm.RefreshOpcodes(true);
}
internal Results BufferTCPPacket(TcpPacket pTCPPacket, DateTime pArrivalTime)
{
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (Terminated)";
return mPackets.Count == 0 ? Results.CloseMe : Results.Terminated;
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort + " - " + mRemotePort;
startTime = DateTime.Now;
try
{
mRemoteEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).SourceAddress.ToString() + ":" + pTCPPacket.SourcePort.ToString();
mLocalEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).DestinationAddress.ToString() + ":" + pTCPPacket.DestinationPort.ToString();
Console.WriteLine("[CONNECTION] From {0} to {1}", mRemoteEndpoint, mLocalEndpoint);
return Results.Continue;
}
catch
{
return Results.CloseMe;
}
}
if (pTCPPacket.Syn && pTCPPacket.Ack) { mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return Results.Continue; }
if (pTCPPacket.PayloadData.Length == 0) return Results.Continue;
if (mBuild == 0)
{
byte[] tcpData = pTCPPacket.PayloadData;
if (pTCPPacket.SourcePort == mLocalPort) mOutboundSequence += (uint)tcpData.Length;
else mInboundSequence += (uint)tcpData.Length;
ushort length = (ushort)(BitConverter.ToUInt16(tcpData, 0) + 2);
byte[] headerData = new byte[tcpData.Length];
Buffer.BlockCopy(tcpData, 0, headerData, 0, tcpData.Length);
bool mIsKMS = false;
PacketReader pr = new PacketReader(headerData);
if (length != tcpData.Length || tcpData.Length < 13)
{
if (socks5 > 0 && socks5 < 7)
{
if (pr.ReadByte() == 5 && pr.ReadByte() == 1)
{
pr.ReadByte();
mProxyEndpoint = mLocalEndpoint;
mLocalEndpoint = "";
switch (pr.ReadByte())
{
case 1://IPv4
for (int i = 0; i < 4; i++)
{
mLocalEndpoint += pr.ReadByte();
if (i < 3)
{
mLocalEndpoint += ".";
}
}
break;
case 3://Domain
//readInt - String Length
//readAsciiString - Address
break;
case 4://IPv6
for (int i = 0; i < 16; i++)
{
pr.ReadByte();
}
break;
}
byte[] ports = new byte[2];
for (int i = 1; i >= 0; i--)
{
ports[i] = pr.ReadByte();
}
PacketReader portr = new PacketReader(ports);
mProxyPort = mRemotePort;
mRemotePort = portr.ReadUShort();
mLocalEndpoint += ":" + mRemotePort;
Text = "Port " + mLocalPort + " - " + mRemotePort + "(Proxy" + mProxyPort + ")";
Console.WriteLine("[socks5] From {0} to {1} (Proxy {2})", mRemoteEndpoint, mLocalEndpoint, mProxyEndpoint);
}
socks5++;
return Results.Continue;
}
else if (tcpData.Length == 3 && pr.ReadByte() == 5)
{
socks5 = 1;
return Results.Continue;
}
Console.WriteLine("Connection on port {0} did not have a MapleStory Handshake", mLocalEndpoint);
return Results.CloseMe;
}
pr.ReadUShort();
ushort version = pr.ReadUShort();
byte subVersion = 1;
string patchLocation = pr.ReadMapleString();
byte[] localIV = pr.ReadBytes(4);
byte[] remoteIV = pr.ReadBytes(4);
byte serverLocale = pr.ReadByte();
if (serverLocale > 0x12)
{
return Results.CloseMe;
}
if (serverLocale == 0x02 || (serverLocale == 0x01 && version > 255)) mIsKMS = true;
else mIsKMS = false;
if (mIsKMS)
{
int test = int.Parse(patchLocation);
version = (ushort)(test & 0x7FFF);
subVersion = (byte)((test >> 16) & 0xFF);
}
else if (patchLocation.All(character => { return character >= '0' && character <= '9'; }))
{
if (!byte.TryParse(patchLocation, out subVersion))
Console.WriteLine("Failed to parse subVersion");
}
mBuild = version;
mLocale = serverLocale;
mPatchLocation = patchLocation;
mOutboundStream = new MapleStream(true, mBuild, mLocale, localIV, subVersion);
mInboundStream = new MapleStream(false, mBuild, mLocale, remoteIV, subVersion);
// Generate HandShake packet
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, false, 0xFFFF);
if (definition == null)
{
definition = new Definition();
definition.Outbound = false;
definition.Locale = mLocale;
definition.Opcode = 0xFFFF;
definition.Name = "Maple Handshake";
definition.Build = mBuild;
DefinitionsContainer.Instance.SaveDefinition(definition);
}
{
string filename = "Scripts" +
Path.DirectorySeparatorChar + mLocale.ToString() +
Path.DirectorySeparatorChar + mBuild.ToString() +
Path.DirectorySeparatorChar + "Inbound" +
Path.DirectorySeparatorChar + "0xFFFF.txt";
if (!Directory.Exists(Path.GetDirectoryName(filename))) Directory.CreateDirectory(Path.GetDirectoryName(filename));
if (!File.Exists(filename))
{
string contents = "";
contents += "using (ScriptAPI) {\r\n";
contents += "\tAddShort(\"Packet Size\");\r\n";
contents += "\tAddUShort(\"MapleStory Version\");\r\n";
contents += "\tAddString(\"MapleStory Patch Location/Subversion\");\r\n";
contents += "\tAddField(\"Local Initializing Vector (IV)\", 4);\r\n";
contents += "\tAddField(\"Remote Initializing Vector (IV)\", 4);\r\n";
contents += "\tAddByte(\"MapleStory Locale\");\r\n";
if (mRemotePort == 8484 && ((mLocale == MapleLocale.GLOBAL && version >= 160) ||
(mLocale == MapleLocale.TAIWAN && version >= 176) ||
(mLocale == MapleLocale.CHINA && version >= 122)))
contents += "\tAddByte(\"Unknown\");\r\n";
contents += "}";
File.WriteAllText(filename, contents);
}
}
MaplePacket packet = new MaplePacket(pArrivalTime, false, mBuild, mLocale, 0xFFFF, definition == null ? "" : definition.Name, tcpData, (uint)0, BitConverter.ToUInt32(remoteIV, 0));
if (!mOpcodes.Exists(kv => kv.First == packet.Outbound && kv.Second == packet.Opcode)) // Should be false, but w/e
{
mOpcodes.Add(new Pair<bool, ushort>(packet.Outbound, packet.Opcode));
}
mPacketList.Items.Add(packet);
mPackets.Add(packet);
MainForm.SearchForm.RefreshOpcodes(true);
Console.WriteLine("[CONNECTION] MapleStory V{2}.{3} Locale {4}", mLocalEndpoint, mRemoteEndpoint, mBuild, subVersion, serverLocale);
}
if (pTCPPacket.SourcePort == mLocalPort) ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream, pArrivalTime);
else ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
return Results.Continue;
}
internal Results BufferTCPPacket(TcpPacket pTCPPacket, DateTime pArrivalTime)
{
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (Terminated)";
if (mPackets.Count == 0)
{
// f**k
return(Results.CloseMe);
}
else
{
return(Results.Terminated);
}
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort.ToString();
startTime = DateTime.Now;
mRemoteEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).SourceAddress.ToString() + ":" + pTCPPacket.SourcePort.ToString();
mLocalEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).DestinationAddress.ToString() + ":" + pTCPPacket.DestinationPort.ToString();
Console.WriteLine("[CONNECTION] From {0} to {1}", mLocalEndpoint, mRemoteEndpoint);
return(Results.Continue);
}
if (pTCPPacket.Syn && pTCPPacket.Ack)
{
mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return(Results.Continue);
}
if (pTCPPacket.PayloadData.Length == 0)
{
return(Results.Continue);
}
if (mBuild == 0)
{
if (pTCPPacket.PayloadData.Length < 13)
{
return(Results.CloseMe);
}
byte[] tcpData = pTCPPacket.PayloadData;
//mBuild = (ushort)(tcpData[2] | (tcpData[3] << 8));
bool mIsKMS = false;
PacketReader pr = new PacketReader(tcpData);
pr.ReadShort();
ushort version = pr.ReadUShort();
var pos = pr.Position;
{
var shrt = pr.ReadShort();
if (shrt < 0 || shrt > 0x0020)
{
return(Results.CloseMe);
}
}
pr.Reset(pos);
string patchLocation = pr.ReadMapleString();
byte[] localIV = pr.ReadBytes(4);
byte[] remoteIV = pr.ReadBytes(4);
byte serverLocale = pr.ReadByte();
if (serverLocale == 0x07 && pr.Remaining > 0)
{
ushort unk = pr.ReadUShort();
}
if (pr.Remaining > 0 || serverLocale > 0x12)
{
//MessageBox.Show("Connection closing. pr.remaining > 0 | ServerLocale > 0x12: " + (pr.Remaining > 0) + " - " + (serverLocale > 0x12));
//MessageBox.Show(string.Format("Version {0} patch location {1} serverlocale {4}", version, patchLocation, localIV, remoteIV, serverLocale));
return(Results.CloseMe);
}
if (serverLocale == 0x02 || (serverLocale == 0x01 && version > 255))
{
mIsKMS = true;
}
else
{
mIsKMS = false;
}
if (mIsKMS)
{
int test = int.Parse(patchLocation);
ushort t1 = (ushort)(test & 0x7FFF);
int t2 = (test >> 15) & 1;
int t3 = (test >> 16) & 0xFF;
Console.WriteLine("Logging KMS connection. Version {0} | {1} | {2}", t1, t2, t3);
mBuild = t1;
}
else
{
mBuild = version;
}
mLocale = serverLocale;
mPatchLocation = patchLocation;
mOutboundStream = new MapleStream(true, mBuild, mLocale, localIV);
mInboundStream = new MapleStream(false, (ushort)(0xFFFF - mBuild), mLocale, remoteIV);
mInboundSequence += (uint)tcpData.Length;
// Generate HandShake packet
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, false, 0xFFFF);
if (definition == null)
{
definition = new Definition();
definition.Outbound = false;
definition.Locale = mLocale;
definition.Opcode = 0xFFFF;
definition.Name = "Maple Handshake";
definition.Build = mBuild;
Config.Instance.Definitions.Add(definition);
}
{
string filename = "Scripts" +
Path.DirectorySeparatorChar + mLocale.ToString() +
Path.DirectorySeparatorChar + mBuild.ToString() +
Path.DirectorySeparatorChar + "Inbound" +
Path.DirectorySeparatorChar + "0xFFFF.txt";
if (!Directory.Exists(Path.GetDirectoryName(filename)))
{
Directory.CreateDirectory(Path.GetDirectoryName(filename));
}
if (!File.Exists(filename))
{
string contents = "";
contents += "using (ScriptAPI) {\r\n";
contents += "\tAddShort(\"Packet Size\");\r\n";
contents += "\tAddUShort(\"MapleStory Version\");\r\n";
contents += "\tAddString(\"MapleStory Patch Location\");\r\n";
contents += "\tAddField(\"Local Initializing Vector (IV)\", 4);\r\n";
contents += "\tAddField(\"Remote Initializing Vector (IV)\", 4);\r\n";
contents += "\tAddByte(\"MapleStory Locale\");\r\n";
contents += "}";
File.WriteAllText(filename, contents);
}
}
MaplePacket packet = new MaplePacket(pArrivalTime, false, mBuild, mLocale, 0xFFFF, definition == null ? "" : definition.Name, tcpData);
if (!mOpcodes.Exists(kv => kv.First == packet.Outbound && kv.Second == packet.Opcode))
{ // Should be false, but w/e
mOpcodes.Add(new Pair <bool, ushort>(packet.Outbound, packet.Opcode));
}
mPacketList.Items.Add(packet);
mPackets.Add(packet);
MainForm.SearchForm.RefreshOpcodes(true);
Console.WriteLine("[CONNECTION] MapleStory V{2}.{3} Locale {4}", mLocalEndpoint, mRemoteEndpoint, mBuild, patchLocation, serverLocale);
}
if (pTCPPacket.SourcePort == mLocalPort)
{
ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream, pArrivalTime);
}
else
{
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
}
return(Results.Continue);
}
private void ProcessTCPPacket(TcpPacket pTCPPacket, ref uint pSequence, Dictionary <uint, byte[]> pBuffer, MapleStream pStream, DateTime pArrivalDate, bool isInbound)
{
/*
*
* if (pTCPPacket.SequenceNumber > pSequence)
* {
* byte[] data;
* while ((data = pBuffer.GetOrDefault(pSequence, null)) != null)
* {
* pBuffer.Remove(pSequence);
* pStream.Append(data);
* pSequence += (uint)data.Length;
* }
* if (pTCPPacket.SequenceNumber > pSequence) pBuffer[(uint)pTCPPacket.SequenceNumber] = pTCPPacket.PayloadData;
* }
* if (pTCPPacket.SequenceNumber < pSequence)
* {
* int difference = (int)(pSequence - pTCPPacket.SequenceNumber);
* if (difference > 0)
* {
* byte[] data = pTCPPacket.PayloadData;
* if (data.Length > difference)
* {
* pStream.Append(data, difference, data.Length - difference);
* pSequence += (uint)(data.Length - difference);
* }
* }
* }
*
* else if (pTCPPacket.SequenceNumber == pSequence)
* {*/
byte[] data = pTCPPacket.PayloadData;
if (isInbound)
{
pStream.Append(data, ref inboundBuffer);
}
else
{
pStream.Append(data, ref outboundBuffer);
}
//pSequence += (uint)data.Length;
// }
MaplePacket packet;
bool refreshOpcodes = false;
try
{
while ((isInbound ? (packet = pStream.Read(pArrivalDate, mBuild, mLocale, ref isFirstPacket, ref inboundBuffer, ref curInboundIV)) : (packet = pStream.Read(pArrivalDate, mBuild, mLocale, ref isFirstPacket, ref outboundBuffer, ref curOutboundIV))) != null)
{
Console.WriteLine("OK");
Console.WriteLine(" ");
mPackets.Add(packet);
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, packet.Outbound, packet.Opcode);
if (!mOpcodes.Exists(kv => kv.First == packet.Outbound && kv.Second == packet.Opcode))
{
mOpcodes.Add(new Pair <bool, ushort>(packet.Outbound, packet.Opcode));
refreshOpcodes = true;
}
//if (definition != null && !mViewIgnoredMenu.Checked && definition.Ignore) continue;
mPacketList.Items.Add(packet);
if (mPacketList.SelectedItems.Count == 0)
{
packet.EnsureVisible();
}
}
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
mTerminated = true;
Text += " (Terminated)";
//MainForm.CloseSession(this);
return;
}
if (DockPanel.ActiveDocument == this && refreshOpcodes)
{
MainForm.SearchForm.RefreshOpcodes(true);
}
}
internal Results BufferTCPPacket(TcpPacket pTCPPacket, DateTime pArrivalTime)
{
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (Terminated)";
if (mPackets.Count == 0)
{
// f**k
return Results.CloseMe;
}
else
{
return Results.Terminated;
}
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort.ToString();
startTime = DateTime.Now;
mRemoteEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).SourceAddress.ToString() + ":" + pTCPPacket.SourcePort.ToString();
mLocalEndpoint = ((PacketDotNet.IPv4Packet)pTCPPacket.ParentPacket).DestinationAddress.ToString() + ":" + pTCPPacket.DestinationPort.ToString();
Console.WriteLine("[CONNECTION] From {0} to {1}", mLocalEndpoint, mRemoteEndpoint);
return Results.Continue;
}
if (pTCPPacket.Syn && pTCPPacket.Ack) { mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return Results.Continue; }
if (pTCPPacket.PayloadData.Length == 0) return Results.Continue;
if (mBuild == 0)
{
if (pTCPPacket.PayloadData.Length < 13) return Results.CloseMe;
byte[] tcpData = pTCPPacket.PayloadData;
//mBuild = (ushort)(tcpData[2] | (tcpData[3] << 8));
bool mIsKMS = false;
PacketReader pr = new PacketReader(tcpData);
pr.ReadShort();
ushort version = pr.ReadUShort();
var pos = pr.Position;
{
var shrt = pr.ReadShort();
if (shrt < 0 || shrt > 0x0020)
{
return Results.CloseMe;
}
}
pr.Reset(pos);
string patchLocation = pr.ReadMapleString();
byte[] localIV = pr.ReadBytes(4);
byte[] remoteIV = pr.ReadBytes(4);
byte serverLocale = pr.ReadByte();
if (pr.Remaining > 0 || serverLocale > 0x12)
{
return Results.CloseMe;
}
if (serverLocale == 0x02 || (serverLocale == 0x01 && version > 255)) mIsKMS = true;
else mIsKMS = false;
if (mIsKMS)
{
int test = int.Parse(patchLocation);
ushort t1 = (ushort)(test & 0x7FFF);
int t2 = (test >> 15) & 1;
int t3 = (test >> 16) & 0xFF;
Console.WriteLine("Logging KMS connection. Version {0} | {1} | {2}", t1, t2, t3);
mBuild = t1;
}
else
{
mBuild = version;
}
mLocale = serverLocale;
mPatchLocation = patchLocation;
mOutboundStream = new MapleStream(true, mBuild, mLocale, localIV);
mInboundStream = new MapleStream(false, (ushort)(0xFFFF - mBuild), mLocale, remoteIV);
mInboundSequence += (uint)tcpData.Length;
// Generate HandShake packet
Definition definition = Config.Instance.GetDefinition(mBuild, mLocale, false, 0xFFFF);
if (definition == null)
{
definition = new Definition();
definition.Outbound = false;
definition.Locale = mLocale;
definition.Opcode = 0xFFFF;
definition.Name = "Maple Handshake";
definition.Build = mBuild;
Config.Instance.Definitions.Add(definition);
}
{
string filename = "Scripts" +
Path.DirectorySeparatorChar + mLocale.ToString() +
Path.DirectorySeparatorChar + mBuild.ToString() +
Path.DirectorySeparatorChar + "Inbound" +
Path.DirectorySeparatorChar + "0xFFFF.txt";
if (!Directory.Exists(Path.GetDirectoryName(filename))) Directory.CreateDirectory(Path.GetDirectoryName(filename));
if (!File.Exists(filename))
{
string contents = "";
contents += "using (ScriptAPI) {\r\n";
contents += "\tAddShort(\"Packet Size\");\r\n";
contents += "\tAddUShort(\"MapleStory Version\");\r\n";
contents += "\tAddString(\"MapleStory Patch Location\");\r\n";
contents += "\tAddField(\"Local Initializing Vector (IV)\", 4);\r\n";
contents += "\tAddField(\"Remote Initializing Vector (IV)\", 4);\r\n";
contents += "\tAddByte(\"MapleStory Locale\");\r\n";
contents += "}";
File.WriteAllText(filename, contents);
}
}
MaplePacket packet = new MaplePacket(pArrivalTime, false, mBuild, mLocale, 0xFFFF, definition == null ? "" : definition.Name, tcpData);
if (!mOpcodes.Exists(kv => kv.First == packet.Outbound && kv.Second == packet.Opcode))
{ // Should be false, but w/e
mOpcodes.Add(new Pair<bool, ushort>(packet.Outbound, packet.Opcode));
}
mPacketList.Items.Add(packet);
mPackets.Add(packet);
MainForm.SearchForm.RefreshOpcodes(true);
Console.WriteLine("[CONNECTION] MapleStory V{2}.{3} Locale {4}", mLocalEndpoint, mRemoteEndpoint, mBuild, patchLocation, serverLocale);
}
if (pTCPPacket.SourcePort == mLocalPort) ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream, pArrivalTime);
else ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream, pArrivalTime);
return Results.Continue;
}