diff --git a/src/main/protocol/crypto/RC4.java b/src/main/protocol/crypto/RC4.java
index e04c456..66d0b7d 100644
--- a/src/main/protocol/crypto/RC4.java
+++ b/src/main/protocol/crypto/RC4.java
@@ -203,4 +203,8 @@ public class RC4 {
         }
 
     }
+
+    public byte[] getState () {
+        return state;
+    }
 }
\ No newline at end of file
diff --git a/src/main/protocol/memory/Rc4Obtainer.java b/src/main/protocol/memory/Rc4Obtainer.java
index 606456b..d1b083b 100644
--- a/src/main/protocol/memory/Rc4Obtainer.java
+++ b/src/main/protocol/memory/Rc4Obtainer.java
@@ -1,11 +1,13 @@
 package main.protocol.memory;
 
 import main.protocol.HConnection;
+import main.protocol.HMessage;
 import main.protocol.HPacket;
 import main.protocol.crypto.RC4;
 import main.protocol.memory.habboclient.HabboClient;
 import main.protocol.memory.habboclient.HabboClientFactory;
 import main.protocol.memory.habboclient.linux.LinuxHabboClient;
+import main.protocol.packethandler.Handler;
 import main.protocol.packethandler.IncomingHandler;
 import main.protocol.packethandler.OutgoingHandler;
 import main.protocol.packethandler.PayloadBuffer;
@@ -29,59 +31,65 @@ public class Rc4Obtainer {
     public void setOutgoingHandler(OutgoingHandler handler) {
         outgoingHandler = handler;
         handler.addBufferListener((int addedbytes) -> {
-            if (!hashappened1 && handler.getCurrentIndex() == 3) {
+            if (!hashappened1 && handler.isEncryptedStream()) {
                 hashappened1 = true;
-                onSendFirstEncryptedMessage();
+                onSendFirstEncryptedMessage(outgoingHandler);
+            }
+        });
+    }
+
+    private boolean hashappened2 = false;
+    public void setIncomingHandler(IncomingHandler handler) {
+        incomingHandler = handler;
+        handler.addBufferListener((int addedbytes) -> {
+            if (!hashappened2 && handler.isEncryptedStream()) {
+                hashappened2 = true;
+                onSendFirstEncryptedMessage(incomingHandler);
             }
         });
     }
 
 
-    public void setIncomingHandler(IncomingHandler handler) {
-        incomingHandler = handler;
-    }
-
-
-    private void onSendFirstEncryptedMessage() {
+    private void onSendFirstEncryptedMessage(Handler handler) {
         outgoingHandler.block();
         incomingHandler.block();
-        new Thread(() -> {
-            if (DEBUG) System.out.println("[+] send encrypted");
 
+        new Thread(() -> {
+
+            if (DEBUG) System.out.println("[+] send encrypted");
 
             List<byte[]> results = client.getRC4possibilities();
             outerloop:
             for (byte[] possible : results) {
 
-                byte[] encBuffer = new byte[outgoingHandler.getEncryptedBuffer().size()];
+                byte[] encBuffer = new byte[handler.getEncryptedBuffer().size()];
                 for (int i = 0; i < encBuffer.length; i++) {
-                    encBuffer[i] = outgoingHandler.getEncryptedBuffer().get(i);
+                    encBuffer[i] = handler.getEncryptedBuffer().get(i);
                 }
 
                 for (int i = 0; i < 256; i++) {
-//                    System.out.println(i);
                     for (int j = 0; j < 256; j++) {
                         byte[] keycpy = Arrays.copyOf(possible, possible.length);
                         RC4 rc4Tryout = new RC4(keycpy, i, j);
 
-                        rc4Tryout.undoRc4(encBuffer);
+                        if (handler.getMessageSide() == HMessage.Side.TOSERVER) rc4Tryout.undoRc4(encBuffer);
                         if (rc4Tryout.couldBeFresh()) {
                             byte[] encDataCopy = Arrays.copyOf(encBuffer, encBuffer.length);
                             RC4 rc4TryCopy = rc4Tryout.deepCopy();
 
                             try {
                                 PayloadBuffer payloadBuffer = new PayloadBuffer();
-                                HPacket[] checker = payloadBuffer.pushAndReceive(rc4TryCopy.rc4(encDataCopy));
+                                byte[] decoded = rc4TryCopy.rc4(encDataCopy);
+                                HPacket[] checker = payloadBuffer.pushAndReceive(decoded);
 
                                 if (payloadBuffer.peak().length == 0) {
-                                    outgoingHandler.setRc4(rc4Tryout);
-                                    incomingHandler.setRc4(rc4Tryout);
+                                    handler.setRc4(rc4Tryout);
                                     break outerloop;
                                 }
 
                             }
                             catch (Exception e) {
-
+//                                e.printStackTrace();
                             }
 
                         }
diff --git a/src/main/protocol/packethandler/Handler.java b/src/main/protocol/packethandler/Handler.java
index e6160d3..b86cd9c 100644
--- a/src/main/protocol/packethandler/Handler.java
+++ b/src/main/protocol/packethandler/Handler.java
@@ -40,8 +40,14 @@ public abstract class Handler {
         isDataStream = true;
     }
 
+    public boolean isEncryptedStream() {
+        return isEncryptedStream;
+    }
+
     public abstract void act(byte[] buffer) throws IOException;
     protected void continuedAct(byte[] buffer) throws IOException {
+        notifyBufferListeners(buffer.length);
+
         if (!isEncryptedStream) {
             payloadBuffer.push(buffer);
         }
@@ -58,8 +64,6 @@ public abstract class Handler {
             payloadBuffer.push(tm);
         }
 
-        notifyBufferListeners(buffer.length);
-
         if (!isTempBlocked) {
             flush();
         }
@@ -130,7 +134,7 @@ public abstract class Handler {
             HPacket[] hpackets = payloadBuffer.receive();
 
             for (HPacket hpacket : hpackets){
-                HMessage hMessage = new HMessage(hpacket, HMessage.Side.TOCLIENT, currentIndex);
+                HMessage hMessage = new HMessage(hpacket, getMessageSide(), currentIndex);
                 boolean isencrypted = isEncryptedStream;
                 if (isDataStream) {
                     notifyListeners(hMessage);
@@ -148,6 +152,8 @@ public abstract class Handler {
         }
     }
 
+    public abstract HMessage.Side getMessageSide();
+
     public List<Byte> getEncryptedBuffer() {
         return tempEncryptedBuffer;
     }
diff --git a/src/main/protocol/packethandler/IncomingHandler.java b/src/main/protocol/packethandler/IncomingHandler.java
index 636f816..7ddb8bc 100644
--- a/src/main/protocol/packethandler/IncomingHandler.java
+++ b/src/main/protocol/packethandler/IncomingHandler.java
@@ -15,9 +15,9 @@ public class IncomingHandler extends Handler {
         super(outputStream, listeners);
 
         ((List<TrafficListener>)listeners[0]).add(message -> {
-            if (isDataStream && onlyOnce && message.getPacket().length() == 261) {
+            if (isDataStream && onlyOnce && (message.getPacket().length() == 261 || message.getPacket().length() == 517)) {
                 onlyOnce = false;
-                isEncryptedStream = message.getPacket().readBoolean(264);
+                isEncryptedStream = message.getPacket().readBoolean(message.getPacket().length() + 3);
             }
         });
     }
@@ -32,6 +32,11 @@ public class IncomingHandler extends Handler {
         }
     }
 
+    @Override
+    public HMessage.Side getMessageSide() {
+        return HMessage.Side.TOCLIENT;
+    }
+
     @Override
     protected void printForDebugging(byte[] bytes) {
         System.out.println("-- DEBUG INCOMING -- " + new HPacket(bytes).toString() + " -- DEBUG --");
diff --git a/src/main/protocol/packethandler/OutgoingHandler.java b/src/main/protocol/packethandler/OutgoingHandler.java
index 545e368..3a50a65 100644
--- a/src/main/protocol/packethandler/OutgoingHandler.java
+++ b/src/main/protocol/packethandler/OutgoingHandler.java
@@ -36,6 +36,11 @@ public class OutgoingHandler extends Handler {
         }
     }
 
+    @Override
+    public HMessage.Side getMessageSide() {
+        return HMessage.Side.TOSERVER;
+    }
+
 
     @Override
     protected void printForDebugging(byte[] bytes) {