Jump to content
Moopler Closing Read more... ×
  • 0
Sign in to follow this  

Question Packet



I try capture packet

Drop 10 meso

but header is changed when I CC

Packet: db yy yy 9B 0A 03 00 03 00 00 00 E1 00 00 00 00 00 // Drop 10 Mesos


Packet: db xx xx 9B 0A 03 00 03 00 00 00 E1 00 00 00 00 00 // Drop 10 Mesos


How can I do?

Share this post

Link to post

2 answers to this question

Recommended Posts

  • 1
52 minutes ago, fire said:

that xx xx and yy yy are most probably timestamps

so just randomize them i guess?

No, this is wrong.


After patch... 183.3 I think?... they added a header-encryption to in-game send-packets. When you enter channel-servers (in-game servers), you're sent a packet with header 0x0027, which contains a DES-encrypted header. When you decrypt the DES-encrypted header, you're left with an encrypted string (I won't give further information, as people are paying big money for this).

The function responsible for parsing (decrypting and understanding) the 0x0027 header is virtualized, and thus only readable to the most elite of reverse-engineers (As far as I'm concerned, I'm amongst the only 2 people in the entire MapleStory-community who has figured it out).

Once it's been parsed, packets being sent will be evaluated in the COutPacket constructor (COutPacket::COutPacket-function). Under evaluation, their header is "mangled" according to the parsed data, and as such, the packets you send will have a new session-static header, which changes everytime you receive a new header-encryption packet (0x0027).


If you want to combat this without knowing how to unvirtualize, you still have a chance. It is very easy to make a Packet Editor, which avoids the encryption in user input/output, simply by using the COutPacket constructor. You can make a Packet Editor, which:

  • Hooks COutPacket::COutPacket.
    • Reads the header-parameter (which is not encrypted) and shows that (which is the default internal header) instead of the encrypted one.
  • Utilizes COutPacket::COutPacket to generate own packets simply by:
    • Calling the constructor to generate a COutPacket-object which contains the encrypted header.
    • Read out the encrypted packet-header and store it in your own packet-object for sending.
    • Release/free the generated memory for the COutPacket-object.
  • Like 2

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this