diff --git a/G-Earth.iml b/G-Earth.iml
index aea488e..16fc742 100644
--- a/G-Earth.iml
+++ b/G-Earth.iml
@@ -7,8 +7,6 @@
-
-
\ No newline at end of file
diff --git a/src/main/extensions/examples/blockreplacepackets/BlockAndReplacePackets.java b/src/main/extensions/examples/blockreplacepackets/BlockAndReplacePackets.java
index 5bf6606..97114ef 100644
--- a/src/main/extensions/examples/blockreplacepackets/BlockAndReplacePackets.java
+++ b/src/main/extensions/examples/blockreplacepackets/BlockAndReplacePackets.java
@@ -3,6 +3,9 @@ package main.extensions.examples.blockreplacepackets;
import javafx.fxml.FXMLLoader;
import javafx.scene.Parent;
import javafx.scene.Scene;
+import javafx.scene.control.Button;
+import javafx.scene.control.ComboBox;
+import javafx.scene.control.TextField;
import javafx.stage.Stage;
import main.extensions.ExtensionForm;
import main.extensions.ExtensionInfo;
@@ -23,11 +26,22 @@ import java.net.URL;
)
public class BlockAndReplacePackets extends ExtensionForm {
+ public TextField txt_replacement;
+ public ComboBox cmb_type;
+ public TextField txt_id;
+ public Button btn_add;
+
public static void main(String[] args) {
ExtensionForm.args = args;
launch(args);
}
+ //initialize javaFX elements
+ public void initialize() {
+ cmb_type.getItems().addAll("Block OUT", "Block IN", "Replace OUT", "Replace IN");
+ cmb_type.getSelectionModel().selectFirst();
+ }
+
@Override
protected void initExtension() {
@@ -38,7 +52,8 @@ public class BlockAndReplacePackets extends ExtensionForm {
FXMLLoader loader = new FXMLLoader(BlockAndReplacePackets.class.getResource("blockreplace.fxml"));
Parent root = loader.load();
- primaryStage.setTitle("Packet blocker and replacer");
- primaryStage.setScene(new Scene(root, 565, 262));
+ primaryStage.setTitle("Packet blocker &/ replacer");
+ primaryStage.setScene(new Scene(root, 580, 262));
+ primaryStage.getScene().getStylesheets().add(GEarthController.class.getResource("bootstrap3.css").toExternalForm());
}
}
diff --git a/src/main/extensions/examples/blockreplacepackets/blockreplace.fxml b/src/main/extensions/examples/blockreplacepackets/blockreplace.fxml
index 917179b..42748a1 100644
--- a/src/main/extensions/examples/blockreplacepackets/blockreplace.fxml
+++ b/src/main/extensions/examples/blockreplacepackets/blockreplace.fxml
@@ -1,36 +1,76 @@
+
+
-
+
+
+
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/main/misc/Cacher.java b/src/main/misc/Cacher.java
index 021be4f..4581f09 100644
--- a/src/main/misc/Cacher.java
+++ b/src/main/misc/Cacher.java
@@ -1,5 +1,6 @@
package main.misc;
+import main.Main;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
@@ -17,10 +18,10 @@ import java.util.Map;
*/
public class Cacher {
- private static final String CACHEFILENAME = "jsoncache.json";
+ private static final String CACHEFILENAME = "cache.json";
private static String getCacheDir() {
- return System.getProperty("user.home") + File.separator + ".G-Earth" + File.separator;
+ return new File(Main.class.getProtectionDomain().getCodeSource().getLocation().getPath()).getParent();
}
private static boolean cacheFileExists() {
diff --git a/src/main/protocol/HConnection.java b/src/main/protocol/HConnection.java
index 4dfa583..038df41 100644
--- a/src/main/protocol/HConnection.java
+++ b/src/main/protocol/HConnection.java
@@ -265,7 +265,7 @@ public class HConnection {
handler.act(buffer);
if (!datastream[0] && handler.isDataStream()) {
- clientHostAndPort = client.getInetAddress().getHostAddress() + ":" + client.getPort();
+ clientHostAndPort = client.getLocalAddress().getHostAddress() + ":" + client.getPort();
if (DEBUG) System.out.println(clientHostAndPort);
datastream[0] = true;
setState(State.CONNECTED);
diff --git a/src/main/protocol/HPacket.java b/src/main/protocol/HPacket.java
index 63ef9bd..24a5fda 100644
--- a/src/main/protocol/HPacket.java
+++ b/src/main/protocol/HPacket.java
@@ -185,6 +185,46 @@ public class HPacket implements StringifyAble {
return new byte[0];
}
+ public boolean structureEquals(String structure) {
+ if (isCorrupted()) return false;
+
+ int indexbuffer = readIndex;
+ readIndex = 6;
+
+ String[] split = structure.split(",");
+
+ for (int i = 0; i < split.length; i++) {
+ String s = split[i];
+
+ if (s.equals("s")) {
+ if (readUshort(readIndex) + 2 + readIndex > getBytesLength()) return false;
+ readString();
+ }
+ else if (s.equals("i")) {
+ if (readIndex + 4 > getBytesLength()) return false;
+ readInteger();
+ }
+ else if (s.equals("u")) {
+ if (readIndex + 2 > getBytesLength()) return false;
+ readUshort();
+ }
+ else if (s.equals("b")) {
+ if (readIndex + 1 > getBytesLength()) return false;
+ readBoolean();
+ }
+ }
+
+ boolean result = (isEOF() == 1);
+ readIndex = indexbuffer;
+ return result;
+ }
+
+ public int isEOF() {
+ if (readIndex < getBytesLength()) return 0;
+ if (readIndex == getBytesLength()) return 1;
+ return 2;
+ }
+
public byte[] toBytes() {
return packetInBytes;
}
@@ -800,34 +840,5 @@ public class HPacket implements StringifyAble {
}
public static void main(String[] args) {
-// HPacket packet = new HPacket("{l}{u:500}{i:4}{s:heey}{b:false}");
-// System.out.println(packet);
-//
-// String stringified = packet.stringify();
-// System.out.println("stringified: " + stringified);
-// System.out.println(stringified.length());
-//
-//
-// HPacket packet1 = new HPacket(new byte[0]);
-// packet1.constructFromString(stringified);
-//
-// System.out.println(packet1);
-// System.out.println(packet.equals(packet1));
-
- HPacket packet = new HPacket(555);
- for (int i = -128; i < 128; i++) {
- packet.appendByte((byte)i);
- }
- System.out.println(packet);
-
- String stringified = packet.stringify();
- System.out.println(stringified.length());
-
-
- HPacket packet1 = new HPacket(new byte[0]);
- packet1.constructFromString(stringified);
-
- System.out.println(packet1);
- System.out.println(packet.equals(packet1));
}
}
\ No newline at end of file
diff --git a/src/main/protocol/crypto/RC4.java b/src/main/protocol/crypto/RC4.java
index e04c456..66d0b7d 100644
--- a/src/main/protocol/crypto/RC4.java
+++ b/src/main/protocol/crypto/RC4.java
@@ -203,4 +203,8 @@ public class RC4 {
}
}
+
+ public byte[] getState () {
+ return state;
+ }
}
\ No newline at end of file
diff --git a/src/main/protocol/memory/Rc4Obtainer.java b/src/main/protocol/memory/Rc4Obtainer.java
index 62d5f7e..d1b083b 100644
--- a/src/main/protocol/memory/Rc4Obtainer.java
+++ b/src/main/protocol/memory/Rc4Obtainer.java
@@ -1,11 +1,13 @@
package main.protocol.memory;
import main.protocol.HConnection;
+import main.protocol.HMessage;
import main.protocol.HPacket;
import main.protocol.crypto.RC4;
import main.protocol.memory.habboclient.HabboClient;
import main.protocol.memory.habboclient.HabboClientFactory;
import main.protocol.memory.habboclient.linux.LinuxHabboClient;
+import main.protocol.packethandler.Handler;
import main.protocol.packethandler.IncomingHandler;
import main.protocol.packethandler.OutgoingHandler;
import main.protocol.packethandler.PayloadBuffer;
@@ -29,56 +31,65 @@ public class Rc4Obtainer {
public void setOutgoingHandler(OutgoingHandler handler) {
outgoingHandler = handler;
handler.addBufferListener((int addedbytes) -> {
- if (!hashappened1 && handler.getCurrentIndex() == 3) {
+ if (!hashappened1 && handler.isEncryptedStream()) {
hashappened1 = true;
- onSendFirstEncryptedMessage();
+ onSendFirstEncryptedMessage(outgoingHandler);
}
});
}
+
+ private boolean hashappened2 = false;
public void setIncomingHandler(IncomingHandler handler) {
incomingHandler = handler;
+ handler.addBufferListener((int addedbytes) -> {
+ if (!hashappened2 && handler.isEncryptedStream()) {
+ hashappened2 = true;
+ onSendFirstEncryptedMessage(incomingHandler);
+ }
+ });
}
- private void onSendFirstEncryptedMessage() {
+
+ private void onSendFirstEncryptedMessage(Handler handler) {
outgoingHandler.block();
incomingHandler.block();
- new Thread(() -> {
- if (DEBUG) System.out.println("[+] send encrypted");
+ new Thread(() -> {
+
+ if (DEBUG) System.out.println("[+] send encrypted");
List results = client.getRC4possibilities();
outerloop:
for (byte[] possible : results) {
- byte[] encBuffer = new byte[outgoingHandler.getEncryptedBuffer().size()];
+ byte[] encBuffer = new byte[handler.getEncryptedBuffer().size()];
for (int i = 0; i < encBuffer.length; i++) {
- encBuffer[i] = outgoingHandler.getEncryptedBuffer().get(i);
+ encBuffer[i] = handler.getEncryptedBuffer().get(i);
}
for (int i = 0; i < 256; i++) {
-// System.out.println(i);
for (int j = 0; j < 256; j++) {
byte[] keycpy = Arrays.copyOf(possible, possible.length);
RC4 rc4Tryout = new RC4(keycpy, i, j);
- rc4Tryout.undoRc4(encBuffer);
+ if (handler.getMessageSide() == HMessage.Side.TOSERVER) rc4Tryout.undoRc4(encBuffer);
if (rc4Tryout.couldBeFresh()) {
byte[] encDataCopy = Arrays.copyOf(encBuffer, encBuffer.length);
RC4 rc4TryCopy = rc4Tryout.deepCopy();
try {
PayloadBuffer payloadBuffer = new PayloadBuffer();
- HPacket[] checker = payloadBuffer.pushAndReceive(rc4TryCopy.rc4(encDataCopy));
+ byte[] decoded = rc4TryCopy.rc4(encDataCopy);
+ HPacket[] checker = payloadBuffer.pushAndReceive(decoded);
if (payloadBuffer.peak().length == 0) {
- outgoingHandler.setRc4(rc4Tryout);
- incomingHandler.setRc4(rc4Tryout);
+ handler.setRc4(rc4Tryout);
break outerloop;
}
}
catch (Exception e) {
-
+// e.printStackTrace();
}
}
diff --git a/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java b/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java
index 6e8198f..1b34393 100644
--- a/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java
+++ b/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java
@@ -146,10 +146,22 @@ public class LinuxHabboClient extends HabboClient {
for (LinuxMemorySnippet snippet : possibilities) {
if (snippet.getData().length >= 1024 && snippet.getData().length <= 1024+2*offset) {
for (int i = 0; i < (snippet.getData().length - ((256 - 1) * offset)); i+=offset) {
- byte[] wannabeRC4data = Arrays.copyOfRange(snippet.getData(), i, 1025 + i);
+ byte[] wannabeRC4data = Arrays.copyOfRange(snippet.getData(), i, 1024 + i);
byte[] data = new byte[256]; // dis is the friggin key
- for (int j = 0; j < 256; j++) data[j] = wannabeRC4data[j*4];
- resultSet.add(data);
+
+ boolean isvalid = true;
+ for (int j = 0; j < 1024; j++) {
+ if (j % 4 != 0 && wannabeRC4data[j] != 0) {
+ isvalid = false;
+ break;
+ }
+ if (j % 4 == 0) {
+ data[j/4] = wannabeRC4data[j];
+ }
+ }
+ if (isvalid) {
+ resultSet.add(data);
+ }
}
}
}
diff --git a/src/main/protocol/packethandler/Handler.java b/src/main/protocol/packethandler/Handler.java
index fd12dff..0fd4de6 100644
--- a/src/main/protocol/packethandler/Handler.java
+++ b/src/main/protocol/packethandler/Handler.java
@@ -1,6 +1,7 @@
package main.protocol.packethandler;
import main.protocol.HMessage;
+import main.protocol.HPacket;
import main.protocol.TrafficListener;
import main.protocol.crypto.RC4;
@@ -20,8 +21,13 @@ public abstract class Handler {
volatile boolean isDataStream = false;
volatile int currentIndex = 0;
- protected RC4 clientcipher = null;
- protected RC4 servercipher = null;
+ protected final Object lock = new Object();
+
+ protected RC4 decryptcipher = null;
+ protected RC4 encryptcipher = null;
+
+ protected volatile List tempEncryptedBuffer = new ArrayList<>();
+ protected volatile boolean isEncryptedStream = false;
public Handler(OutputStream outputStream, Object[] listeners) {
@@ -34,11 +40,51 @@ public abstract class Handler {
isDataStream = true;
}
+ public boolean isEncryptedStream() {
+ return isEncryptedStream;
+ }
+
public abstract void act(byte[] buffer) throws IOException;
+ protected void continuedAct(byte[] buffer) throws IOException {
+ notifyBufferListeners(buffer.length);
+
+ if (!isEncryptedStream) {
+ payloadBuffer.push(buffer);
+ }
+ else if (decryptcipher == null) {
+ for (int i = 0; i < buffer.length; i++) {
+ tempEncryptedBuffer.add(buffer[i]);
+ }
+ }
+ else {
+ byte[] tm = decryptcipher.rc4(buffer);
+ if (DEBUG) {
+ printForDebugging(tm);
+ }
+ payloadBuffer.push(tm);
+ }
+
+ if (!isTempBlocked) {
+ flush();
+ }
+ }
+
public void setRc4(RC4 rc4) {
- this.clientcipher = rc4.deepCopy();
- this.servercipher = rc4.deepCopy();
+ this.decryptcipher = rc4.deepCopy();
+ this.encryptcipher = rc4.deepCopy();
+
+ byte[] encrbuffer = new byte[tempEncryptedBuffer.size()];
+ for (int i = 0; i < tempEncryptedBuffer.size(); i++) {
+ encrbuffer[i] = tempEncryptedBuffer.get(i);
+ }
+
+ try {
+ act(encrbuffer);
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ tempEncryptedBuffer = null;
}
public void block() {
@@ -58,19 +104,55 @@ public abstract class Handler {
* @param message
*/
void notifyListeners(HMessage message) {
- for (TrafficListener listener : (List)listeners[0]) {
- listener.onCapture(message);
- }
- for (TrafficListener listener : (List)listeners[1]) {
- listener.onCapture(message);
- }
- for (TrafficListener listener : (List)listeners[2]) {
- listener.onCapture(message);
+ for (int x = 0; x < 3; x++) {
+ for (int i = ((List)listeners[x]).size() - 1; i >= 0; i--) {
+ ((List)listeners[x]).get(i).onCapture(message);
+ }
}
}
- public abstract void sendToStream(byte[] buffer);
- public abstract void flush() throws IOException;
+ public void sendToStream(byte[] buffer) {
+ synchronized (lock) {
+ try {
+ out.write(
+ (!isEncryptedStream)
+ ? buffer
+ : encryptcipher.rc4(buffer)
+ );
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+ public void flush() throws IOException {
+ synchronized (lock) {
+ HPacket[] hpackets = payloadBuffer.receive();
+
+ for (HPacket hpacket : hpackets){
+ HMessage hMessage = new HMessage(hpacket, getMessageSide(), currentIndex);
+ boolean isencrypted = isEncryptedStream;
+ if (isDataStream) {
+ notifyListeners(hMessage);
+ }
+
+ if (!hMessage.isBlocked()) {
+ out.write(
+ (!isencrypted)
+ ? hMessage.getPacket().toBytes()
+ : encryptcipher.rc4(hMessage.getPacket().toBytes())
+ );
+ }
+ currentIndex++;
+ }
+ }
+ }
+
+ public abstract HMessage.Side getMessageSide();
+
+ public List getEncryptedBuffer() {
+ return tempEncryptedBuffer;
+ }
protected abstract void printForDebugging(byte[] bytes);
diff --git a/src/main/protocol/packethandler/IncomingHandler.java b/src/main/protocol/packethandler/IncomingHandler.java
index 168a70c..a6198e5 100644
--- a/src/main/protocol/packethandler/IncomingHandler.java
+++ b/src/main/protocol/packethandler/IncomingHandler.java
@@ -2,44 +2,36 @@ package main.protocol.packethandler;
import main.protocol.HMessage;
import main.protocol.HPacket;
-import main.protocol.memory.Rc4Obtainer;
+import main.protocol.TrafficListener;
import java.io.IOException;
import java.io.OutputStream;
+import java.util.List;
public class IncomingHandler extends Handler {
public IncomingHandler(OutputStream outputStream, Object[] listeners) {
super(outputStream, listeners);
+
+ TrafficListener listener = new TrafficListener() {
+ @Override
+ public void onCapture(HMessage message) {
+ if (isDataStream && message.getPacket().structureEquals("s,b")) {
+ ((List)listeners[0]).remove(this);
+ HPacket packet = message.getPacket();
+ packet.readString();
+ isEncryptedStream = packet.readBoolean();
+ }
+ }
+ };
+
+ ((List)listeners[0]).add(listener);
}
-
- private final Object lock = new Object();
-
- private Boolean isEncryptedStream = null;
-
-
@Override
public void act(byte[] buffer) throws IOException {
if (isDataStream) {
- if (DEBUG) {
- printForDebugging(buffer);
- }
-
-
- if (isEncryptedStream == null || !isEncryptedStream) {
- payloadBuffer.push(buffer);
- }
- else {
- payloadBuffer.push(servercipher.rc4(buffer));
- }
-
-
- notifyBufferListeners(buffer.length);
-
- if (!isTempBlocked) {
- flush();
- }
+ continuedAct(buffer);
}
else {
out.write(buffer);
@@ -47,46 +39,8 @@ public class IncomingHandler extends Handler {
}
@Override
- public void sendToStream(byte[] buffer) {
- synchronized (lock) {
- try {
- out.write(
- (isEncryptedStream == null || !isEncryptedStream)
- ? buffer
- : clientcipher.rc4(buffer)
- );
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
- }
-
- @Override
- public void flush() throws IOException {
- synchronized (lock) {
- HPacket[] hpackets = payloadBuffer.receive();
-
- for (HPacket hpacket : hpackets){
- HMessage hMessage = new HMessage(hpacket, HMessage.Side.TOCLIENT, currentIndex);
- if (isDataStream) {
- notifyListeners(hMessage);
- }
-
- if (!hMessage.isBlocked()) {
- out.write(
- (isEncryptedStream == null || !isEncryptedStream)
- ? hMessage.getPacket().toBytes()
- : clientcipher.rc4(hMessage.getPacket().toBytes())
- );
- }
-
- if (isDataStream && isEncryptedStream == null && hpacket.length() == 261) {
- isEncryptedStream = hpacket.readBoolean(264);
- }
- currentIndex++;
- }
- }
-
+ public HMessage.Side getMessageSide() {
+ return HMessage.Side.TOCLIENT;
}
@Override
diff --git a/src/main/protocol/packethandler/OutgoingHandler.java b/src/main/protocol/packethandler/OutgoingHandler.java
index 545dbe9..3a50a65 100644
--- a/src/main/protocol/packethandler/OutgoingHandler.java
+++ b/src/main/protocol/packethandler/OutgoingHandler.java
@@ -2,21 +2,13 @@ package main.protocol.packethandler;
import main.protocol.HMessage;
import main.protocol.HPacket;
-import main.protocol.crypto.RC4;
-import main.protocol.memory.Rc4Obtainer;
import java.io.IOException;
import java.io.OutputStream;
-import java.util.ArrayList;
import java.util.List;
public class OutgoingHandler extends Handler {
- private final Object lock = new Object();
-
- private final static int encryptOffset = 3; //all packets with index < 3 aren't encrypted
- private List tempEncryptedBuffer = new ArrayList<>();
-
public OutgoingHandler(OutputStream outputStream, Object[] listeners) {
super(outputStream, listeners);
}
@@ -31,28 +23,13 @@ public class OutgoingHandler extends Handler {
@Override
public void act(byte[] buffer) throws IOException {
dataStreamCheck(buffer);
+
if (isDataStream) {
- if (currentIndex < encryptOffset) {
- payloadBuffer.push(buffer);
- }
- else if (clientcipher == null) {
- for (int i = 0; i < buffer.length; i++) {
- tempEncryptedBuffer.add(buffer[i]);
- }
- }
- else {
- byte[] tm = clientcipher.rc4(buffer);
- if (DEBUG) {
- printForDebugging(tm);
- }
- payloadBuffer.push(tm);
+ if (!isEncryptedStream && (new HPacket(buffer).length() < 2 || new HPacket(buffer).length() > 1000)) {
+ isEncryptedStream = true;
}
- notifyBufferListeners(buffer.length);
-
- if (!isTempBlocked) {
- flush();
- }
+ continuedAct(buffer);
}
else {
out.write(buffer);
@@ -60,55 +37,8 @@ public class OutgoingHandler extends Handler {
}
@Override
- public void setRc4(RC4 rc4) {
- super.setRc4(rc4);
-
- byte[] encrbuffer = new byte[tempEncryptedBuffer.size()];
- for (int i = 0; i < tempEncryptedBuffer.size(); i++) {
- encrbuffer[i] = tempEncryptedBuffer.get(i);
- }
-
- try {
- act(encrbuffer);
- } catch (IOException e) {
- e.printStackTrace();
- }
- tempEncryptedBuffer = null;
- }
-
- @Override
- public void sendToStream(byte[] buffer) {
- synchronized (lock) {
- try {
- out.write(servercipher.rc4(buffer));
- } catch (IOException e) {
- e.printStackTrace();
- }
- }
-
- }
-
- public List getEncryptedBuffer() {
- return tempEncryptedBuffer;
- }
-
- @Override
- public void flush() throws IOException {
- synchronized (lock) {
- HPacket[] hpackets = payloadBuffer.receive();
- for (HPacket hpacket : hpackets){
- HMessage hMessage = new HMessage(hpacket, HMessage.Side.TOSERVER, currentIndex);
- if (isDataStream) notifyListeners(hMessage);
- if (!hMessage.isBlocked()) {
- out.write(
- currentIndex < encryptOffset ? hMessage.getPacket().toBytes() :
- servercipher.rc4(hMessage.getPacket().toBytes())
- );
- }
- currentIndex ++;
- }
- }
-
+ public HMessage.Side getMessageSide() {
+ return HMessage.Side.TOSERVER;
}