packet tokenizer: unknown switch: 16CF

[orgmatileg]

Anyone know how to fix this? I used Gravindo RO - Indonesia and here the ragexe https://drive.google.com/open?id=0B3UcfHfBZfh2MGNoVVNjODFzMlU i tried a lot method over googling for exctracting packet but i have no luck, all failed.. Look like they encrypted the ragexe.exe, please help me thank you..

[andibanget]

Ok we face almost the same problem here. :D I try to calculate and understand how this work. Let me try and wait all the masters here.

[ilfan14]

any one can encoded password? i think wrong in Function password_salted_md5 and secureLoginHash..

[radityo04]

@ilfan14 can i get your code sir? maybe i can try to fix it..

[Eongs]

@ilfan14 can you send me the file to

[k1nt4r0]

how to handle the 16cf? share pls?

[radityo04]

i need your config 1st and i try to analyze..

On Feb 10, 2017 1:21 PM, "Eongs" notifications@github.com wrote:

@ilfan14 https://github.com/ilfan14 can you send me the file to

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/OpenKore/openkore/issues/433#issuecomment-278867225, or mute the thread https://github.com/notifications/unsubscribe-auth/AYfWhseE3klAc4BIlxy5fk9QK4ySftc1ks5rbAHYgaJpZM4L7abP .

[joserizal99]

same issue , i think its a kind of new servertype, ,they also hidden master number, donno if im right or not

[orgmatileg]

How to solve 16cf please?

[Eongs]

I haven't have the solution yet... Because of that i ask for the same too.

On Feb 10, 2017 9:46 PM, "orgmatileg" notifications@github.com wrote:

How to solve 16cf please?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/OpenKore/openkore/issues/433#issuecomment-278959194, or mute the thread https://github.com/notifications/unsubscribe-auth/AYfZAG3qiY3EvVNB9v_Dl5BYunDWLi86ks5rbHhagaJpZM4L7abP .

[lututui]

16CF is not a valid RO packet switch. This usually means the sever settings are wrong or that the server has some kind of shield. It could also mean that a previous packet had an incorrect length in recvpackets.

[Eongs]

Then how do we solve this problems... Can you give me the solution?

On Feb 10, 2017 10:13 PM, "lututui" notifications@github.com wrote:

16CF is not a valid RO packet switch. This usually means the sever settings are wrong or that the server has some kind of shield. It could also mean that a previous packet had an incorrect length in recvpackets.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/OpenKore/openkore/issues/433#issuecomment-278970514, or mute the thread https://github.com/notifications/unsubscribe-auth/AYfZAEek_x95Tc77TVY2nGqjNY0sjV_jks5rbH6MgaJpZM4L7abP .

[c4c1n6kr3m1]

the solution is easy to say !!!!!! , 
`decrypt those 20 bytes 16CF packet`
but hard to do ..........

[ilfan14]

@lututui yes.. the server have new shield like i said in the top.. can you help me?

[michaelaw320]

Seems the 20 bytes are encrypted by idRO's Dephine protection, this kind of problem existed since 2010 I think http://forums.openkore.com/viewtopic.php?f=56&t=8587&start=70

[noobforce]

@ilfan14 can u send me what extraxtor did u use to bypass that 16cf so I can try to help encode that md5 password? Thank you

[spyware293]

Instead of trying to decrypt the login packet, you can just make delphine to do it for you.

It's not worth to bot though. You will ended up getting banned.

[kancielz]

@spyware293 nice bro, can you give me the file?? please please please

[Eongs]

Nice can you share the file to me too...

On Feb 13, 2017 9:55 AM, "kancielz" notifications@github.com wrote:

@spyware293 https://github.com/spyware293 nice bro, can you give me the file?? please please please

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/OpenKore/openkore/issues/433#issuecomment-279283061, or mute the thread https://github.com/notifications/unsubscribe-auth/AYfZAFWy6wA7qobKS6cqP5C1KLvSjEOuks5rb8YfgaJpZM4L7abP .

[papanyashen]

@spyware293 can u post how to make delphine do de encrypt ? thanks in advanced

[cydh]

The delphine plugin, yes? I just saw a slight in that sources and the forum link on the plugin file, seems it's the solution. (Can 't test yet)

On Feb 13, 2017 9:30 AM, "spyware293" notifications@github.com wrote:

Instead of trying to decrypt the login packet, you can just make delphine to do it for you.

https://camo.githubusercontent.com/0f470fa0cb81b20a6bdb653d5ab7c030439231e0/687474703a2f2f692e696d6775722e636f6d2f335744764d694b2e706e67

It's not worth to bot though. You will ended up getting banned.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/OpenKore/openkore/issues/433#issuecomment-279280357, or mute the thread https://github.com/notifications/unsubscribe-auth/AD1K4NY_DiHm0mluGKR7SDYyNuT6H1WTks5rb8BigaJpZM4L7abP .

[k1nt4r0]

@spyware293 how u do that? teach pls?

[abd-kohar]

@k1nt4r0 @Eongs @kancielz it already stated "Instead of trying to decrypt the login packet, you can just make delphine to do it for you."

instead begging to spoon-feed, why don't we just try from clue that he said (delphine.pl). and post n ask for some help, if there's (obviously) any prob or stuck.

other ppl, does it hardly, struggle for many many hours to solve prob like this, do you even think??? their contribution, their effort, their spent time and u all just like... "give me the code pls, share the code pls, send me the code pls" WOW, ur life so ez man...

[k1nt4r0]

lol bro, can u read my post? i said "teach pls?" i know the plugin, and i ask about the decrypt lol

dont judge a book from the cover i try to bypass it from the first cbt and until now i didnt get it, so i ask a help to decrypt cause i never did it before

i search already from google, but the my openkore got error so, i ask how to do it cause he got it already

[RaynV]

I think he refer to Idro's delphine protection

"make delphine to do it for you." Probably he's using X-Kore that's how netredirect.dll work

[BangToyib]

@spyware293 nice bro, can you share the file??

[hendra814]

seriuously? delphine key again? ok. i'll try it

[Edops]

@spyware293 please kindly share your way to enable delphine.pl in the meantime i'll search for older forum answers

[rundumb]

@spyware293 can you share how to make delphine work for this server ? or a guide ... thx b4 Well im clueless about delphine ... this is what i got so far ... can you tell me which part i do wrong

[Edops]

@rundumb how to use delphine.pl?

[ilfan14]

@spyware293 just one question.. how you inject ragexe.exe with your RPE/WPE to sniff packet??

[hendra814]

please learn from this old forum hopefully this is can help you guys http://dwarna-ro.blogspot.co.id/p/cara-buat-togelkey-idro.html

[rundumb]

@hendra814 i did but all of those link dead

[k1nt4r0]

@hendra814 i tried it already, but i got nothing

[abd-kohar]

@Edops edit sys.txt in control folder, enable da plugin there. loadPlugins 3 or loadPlugins 2 and write the plugin name in _loadPluginslist

[rundumb]

i got new problem ... wtf ... please help me senpai

[Edops]

already enable delphine plugins, still stuck at 16CF code, where did i do wrong?

so from what i learn

1. enable plugins on sys.txt
2. create 2 txt files on tables "delphine-data.txt" & "delphine-key.txt" (which i don't know what to write inside
3. run start.exe (?) CMIIW

and @hendra814 any link to the video mentioned?

[528custom]

@Edops (2.) please refer to the full manual. you should put something on them.

[Lilori]

lol spyware was being hated by almost ppl in idro. now ppl in idro pleased to him about bot. loooool

note: try to re-encrypt the packet in 'another' way, and do all your knowledge.

[528custom]

@Lilori oh the irony :))

I once creating those "togel" key back in 2010(?) for my people. let me try this method once more.

[michaelaw320]

@spyware293 would you mind elaborating on what you meant by let the delphine do the work, my assumption would be you linked the delphine (in ragexe/dll) to openkore (either the dll or the exe) and executes a function from within the dll/exe or you used some sort of XKore Poseidon method? or you meant the delphine.pl plugin?

[jegrek]

one lil problem here, remapped data capture from injecting the "exe" and data capture from sniff ,

anyone ?

[Edops]

@528custom well the link is outdated and mostly the file is gone from 4shared, and there's no vid to help too, so i'm still clueless what to do with that .txt file *sadlife

[528custom]

believe me, if you guys share anything works on this thread, remember, every people on this planet can also access this thread :)

[spyware293]

@michaelaw320 You can hook the ws2_32.dll inside ragexe and redirect the login packet to openkore. Alternatively, you can use xkore but you need to hide it from mfc90g.dll because it scan other process modules that contain perl and xstools.

[andibanget]

@spyware293 Thanks for all the clue. You're my inspiration :D

[zelda21]

@spyware293 please share config ^_^

[michaelaw320]

@spyware293 I see, responses like this are the responses that makes github healthy I'm wondering what is the function prototype that you called from ws2_32.dll, did you disassembled it?

[Edops]

what sniffer do you guys use to sniff?

[cydh]

Try Wireshark. Hmm can't get alive link for rPE.

On Feb 13, 2017 3:24 PM, "Edops" notifications@github.com wrote:

what sniffer do you guys use to sniff?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/OpenKore/openkore/issues/433#issuecomment-279321709, or mute the thread https://github.com/notifications/unsubscribe-auth/AD1K4J-TmYv67DXvutTdjxCuE3cTc_Hvks5rcBNGgaJpZM4L7abP .

[danzhere]

@spyware293 can u help me how to hook dll inside exe?