19 posts in this topic

RagnaShield Beta – Introduction

 

2iibsps.png

 

Installation guide

1zgb9f4.png


Features - Clientside

25kr0n7.png


Hardware IDs

Every time a player connects to his account, various hardware IDs are retrieved from the computer, such as the MAC Address, the CPU ID, Disk ID and Motherboard ID. This information is then sent to the server and stored in the `login` table. The purpose of this feature is to create a fingerprint of the player's computer capable of ensuring you they will not come back after a hardware ban. The player's hardware IDs are then compared to the ban list to see how much of a match they are. This setting can be modified from ragnashield.conf with ban_sensitivity

Advanced File Hashing (including those inside GRFs)
You can hash as many files as you wish within your RO folder or your GRFs. RagnaHosting already provides a default list to prevent no-delay sprites by protecting the default job sprites,

this GRF will take the highest priority and will be named JobSprites.grf. To customize this list and include your own files or sprites, contact the RagnaHosting Networks with the necessary information.

If any of your hashed files fails the check, the client will show an error and it wont launch. This behavior cannot be changed.

* This protection currently does not take into account the order in which your files are being loaded. If this becomes necessary, you might want to protect your DATA.INI as well.

Dual Clienting
By default, only up to two clients can run simultaneously. The choice of two clients is to allow your players to trade between their accounts. This feature can be modified as per user request.

 

Hiding clientinfo.xml

Your clientinfo.xml has been embedded to your RagnaShield protection components and the client will disallow any connection bypassing the one provided.

This would protect you from most of those people trying to find your IP for some malicious intentions. This also ensures that you'll only be able to use this protection when you're hosted with us.

 

Better compression (LZMA support)
LZMA is a compression method allowing you to significantly reduce the size of your GRF files.

The idea of this feature was introduced by Curiosity, for more information visit the following thread on rAthena : https://rathena.org/board/topic/95086-lessgrf-slim-down-your-grf.
RagnaHosting uses this compression by default on your GRF files. As you may have noticed, the size of a fully patched Full Client is only about 1.4GB, the one RagnaHosting provides.

In GRF Editor, you can use this custom compression by going in Tools > Settings > General > Compression method > Custom compression... and select the cps.dll provided in the thread mentioned above.

* Do not attempt to load the custom cps.dll provided by RagnaShield in GRF Editor, you will crash and may end up having to reinstall the application.

 

File Encryption (Unique GRF Editor keys)
RagnaShield allows you to encrypt your GRF files' content using GRF Editor's encryption. You will receive a key.grfkey file which can be used directly by GRF Editor to encrypt or decrypt your content.

 

File Encryption (RagnaHosting Shared Encryption)
By being part of RagnaHosting, you will gain access to free or cheaper custom content for your server. This content is encrypted and will only work on ALL servers using RagnaShield as their protection. If you decide to leave the host however, you will no longer be able to use them. This feature itself warrants a post of its own, I'll be explaining in details how this works.

 

Splash Screen
Pretty self explanatory, RagnaShield will display a splash screen 250px by 150px in size when your client launches, and closes it as soon as the client fully loads up (the login screen appears).

Third-party program restriction / blocking
This feature is in constant development and there are already a handful of softwares being blocked by the game guard. You can choose whether or not you want to allow tools such as RCX to run on your server. Other programs such as CheatEngine will automatically be blocked. This feature is fully customizable as well to fit every server's needs. We do encourage you to submit cheat tools so we could block them for everyone. We believe there's no reliable way to block macros, and we want to make it clear that we're not advertising RagnaShield to be able to do that.

 

What about bots?
Blocking bots or other similar tools is not part of RagnaShield's protection. To prevent those, we recommend you use newer clients allowing packet obfuscation; it will block bots better than any features we could add to our game guard. By default, we'll include packet obfuscation support on the client we'll provide you, it'll use fully qualified keys, and it'll be unique for each server.


Features - Severside

n6e5cl.png

 

Banning system
It is important to understand the difference between an account ban, an IP ban and a hardware ban.

10hvsdw.png
 
Knowing when to use which can be a bit confusing at first, however RagnaShield's ban commands are more straightforward because they combine these together nicely.

Banning a player bans both their hardware IDs and their account at the same time. Our custom bans take into account the level (group id) of the GM who is issuing the ban.

As such, it is only possible for a GM to ban an account with a lower group id than his own. Therefore admins (group 99) can never be banned. The hardware ban, which is always

applied regardless of the group id of the target, can be bypassed if the account's owner has a higher group id.

 

Configuration file (ragnashield.conf)
The configuration file is found at conf/ragnashield.conf.

21eazpy.png
 
Hardware IDs
Hardware IDs are stored on the server side when a player attempts to log in. All the info are also added to the loginlog table. RagnaHosting lists 4 kinds of Hardware IDs, namely;

MAC AddressCPU IDDrive ID and Motherboard ID. There's a 5th and special kind of ID which combines the latter 3 into a unique hashed ID, which can make it easier for you to

integrate on your scripts. All of these information are added to the `login` and `loginlog` tables.
 
Ingame @commands

@ragnaban / @ban2
usage: @ragnaban <time> <player_name> {<reason>}
ex   : @ragnaban 1d "test player" Stole gears.

Similar to @ban, this command does both a regular @ban and a hardware ban. The computer of the player will no longer be able to connect to your server.

If the account ban's time is greater than the one given by the command, it will keep the longest one. When a player's name contains spaces, you must use quotes,

otherwise it's not needed. The reason given for the ban is also optional but it is recommended.
 
@ragnafullban / @fullban
usage: @ragnafullban <time> <player_name> {<reason>}
ex   : @ragnafullban 1d "test player" Stole gears.
This is the same as the previous command, except it will also ban all the accounts related to the player. It bans the accounts based on the last person who logged into them.
 
@ragnaunban / @unban2
usage: @ragnaunban <player_name> 
ex   : @ragnaunban "test player"

This command removes the hardware ban of a player as well as removing the account ban of the player mentioned.
 
@ragnafullunban / @fullunban
usage: @ragnafullunban <player_name> 
ex   : @ragnafullunban "test player"

Same as the previous ban, except it unbans all the accounts connected with the player (using the hardware IDs of the person who logged into the account last).
 
@showmacban
usage: @showmacban

Shows the current MAC addresses banned.
 
@execute <system_command>
usage: @execute echo Hello world!

Executes a command on the server's VPS. This command allows you to customize server tasks outside of the game. The example command will display "Hello world!" in the map-server console. You could use it to recompile or restart your server, create a backup, etc. The possibilities are limitless for this command. We'll be writing scripts for everyone for you to make use of Linux commands and utilities from inside the game! This means you can tell your GM to type @execute sqldump before he hosts his event, just in case something goes wrong. Feel free to send us suggestions of what commands you want to see on here.
 
@ping {<player_name>}
usage: @ping

This command asks the server to ping yourself or another player. The task is put on a background thread and you will have to wait a few seconds to retrieve the ping statistics. To retrieve the pong info, you'll have to type @ping again. Each ping has a hard delay of 10 seconds and the statistics will be erased from your server's VPS after 30 seconds. By default, players cannot use @ping <player_name>. If you want to allow lower GMs to use the latter command, you must give them the @ping2 atcommand permission ("ping2: true" in groups.conf).

Script methods
The following script methods are shortcuts to simplify your custom scripts.
 
getcharmac({<account ID>/<character ID>/<character name>})
usage: getcharmac();
usage: getcharmac("test_player");
If no argument is specified, the currently attached player's RID will be used to retrieve the MAC address.
 
gethardwareid(<type> {,<account ID>/<character ID>/<character name>})
usage: [email protected]$ = gethardwareid(0);
usage: [email protected]$ = gethardwareid(4, "test_player");
Type 0 – MAC address
Type 1 – CPU ID
Type 2 – Disk drive ID
Type 3 – Motherboard ID
Type 4 – Unique ID (combines types 1-2-3)
This command retrieves the hardware information from a player.

 

Credits

Conflicts - Project manager, started this whole project and gathered the team. Helped test the features thoroughly. Kept pushing for more features, and will keep doing that for the foreseeable future.

Nanakiwurtz - Ported the source code for both rAthena and rAmod, scripted the sample scripts as well as general testing of the features.  She will be taking care of your protection component customization requests.

Tokeiburu -Responsible for the tools used for the generation of the game guard files. He's being humble though, to put it simply, RagnaShield wouldn't have been possible without him.

 

Updates:

Version 1.0.1

  • Added shared encryption key.
  • Added GRF file hashing.
  • The RagnaShield logo on startup now closes once the client's main window shows up.

Version 1.0.4

  • Fixed packet conflicts between RagnaShield and the packet obfuscation feature.
    This error would show up in your emulator's map-server console as "unsupported packet : 22 or 26 in length".
  • Updated startup logo.
  • Other minor bug fixes.

  • Improved RagnaShield's CPU usage down to almost 0%. The usage was already pretty low, except now it uses Windows' events to detect new process creation.
    This means it no longer needs to scan your process list at every specific interval of time.
  • Fixed a bug regarding the third-party protection blocking false-positive process.
  • Hidden processes are now detected.

Version 1.0.7
  • Fixed a bug regarding the GRF hashing process; this bug would crash your exe without any warning.
  • The third-party protection module for Windows XP was unable to launch properly, this has been fixed.
  • Improved overall customization :
    • clientinfo.xml is no longer hidden within the game guard. To edit the content, you must open RagnaShieldRagnaShield.xml, then it's just like a regular clientinfo.xml. This was changed to allow admins to add more GM accounts without us having to rebuild your client files. You will notice that the IP fields are protected as well the port fields (so the security is still the same as before). The allowed IP tags are "#PRIMARY", "#FILTERED" and "#LOCALHOST". The last one allows you to test your server on a local network.
    • DATA.INI is no longer embedded within the client. You can edit the content and add as many custom GRFs as you want. The first two entries are reserved for RagnaShield
    • The data folder can be read safely without having an impact on our protected sprites (job sprites). This blocks no-delay skills while allowing you to test custom changes.

    [*]

    Common errors are now displayed in a more friendly manner (replaced some of the 0xF#####87 errors).
    [*]
    Introducing a new file signature protection. This fully blocks any unauthorized processes from being executed at the same time as your client.

Version 1.0.8

  • Added file version to the game guard to track down further issues.
  • Added a custom crash report to help track down further issues and which will quite possibly help you solve other issues. The file is stored in ClientCrash.log
  • Huge update on RagnaShield's third-party protection. It is planned to be improved, but newer cheat softwares should have a harder time to work.
  • WMI errors will now show up in hexadecimal, this will be easier to track them down as well.
  • Pressing Ctrl-Del ingame will crash the client and generate a crash log on purpose.
  • Security upgrade regarding macro'ing softwares.
  • Updated third-party definitions and rules.

Edited by Conflicts

Share this post


Link to post
Share on other sites

the installation guide image is missing. :)

Share this post


Link to post
Share on other sites

the installation guide image is missing. :)

 

Yeah imgur seems to be having problems, I've moved all the images to tinypic.

Share this post


Link to post
Share on other sites

any plan to make it a hercules plugin as well?

+1 for this it will be nice to make it plugins

Share this post


Link to post
Share on other sites

off topic.. I like the color quotation blocks , why our forum doesn't have those ?

Share this post


Link to post
Share on other sites

off topic.. I like the color quotation blocks , why our forum doesn't have those ?

Make a suggestion in community suggestion? @@Mysterious is fast on responding those.

 

 

any plan to make it a hercules plugin as well?

+1 for this it will be nice to make it plugins
IF this is only for their clients, I doubt if there will be plugin.(either way, even if its free, I still doubt if there will be plugin)

Share this post


Link to post
Share on other sites

 

 

off topic.. I like the color quotation blocks , why our forum doesn't have those ?

Make a suggestion in community suggestion? @@Mysterious is fast on responding those.

 

 

Yeah, I don't mind looking at community suggestions :)

Share this post


Link to post
Share on other sites

Well, I guess I could give a few updates...!

 

There's been a couple of bug fixes and some compatibility issues have been resolved with Windows XP. The CPU usage has been drastically lowered (down to almost nothing). We are currently working on making RagnaShield more flexible :

  • You will now be able to let the client read from the data folder while still being able to protect your files (job sprites, etc).
  • Clientinfo.xml won't be hidden anymore to allow server owners to edit some of the content without having to rebuild the game guard all the time. The IP and port fields will still be hidden however (and cannot be modified).
  • data.ini won't be embedded (in the client) anymore either. The first two entries, in data.ini, are reserved by RagnaShield to ensure its own protected files are read first.

The third-party protection has to be tweaked a little, it detects too many false positives and that's currently an issue. We've switched (not fully) to a file signature protection instead, since this is much more reliable to begin with.

 

The server installation process has been made easier; an executable will patch your source files for you (though, this program is not shared to server owners yet, but we plan to). A plugin for Hercules would indeed be nice, but also requires more work on our hand to keep multiple files up-to-date. So currently, there are no plans to make this into a plugin.

 

The game guard is still in beta for now, mostly because of Windows XP causing issues "every now and then". That's... pretty much covers most of it ;].

 

Edit : Oh and, we've made the error codes clearer too.

Edited by Tokeiburu

Share this post


Link to post
Share on other sites

Ow, @@Tokeiburu here, so, need to try.

 

Btw guys, how much it cost? How can i try your protection on my server without using your VPS services? (because i have own dedi)

Don't think so. I think you need to be hosted under their servers to use their protection.

Share this post


Link to post
Share on other sites

 

Ow, @@Tokeiburu here, so, need to try.

 

Btw guys, how much it cost? How can i try your protection on my server without using your VPS services? (because i have own dedi)

Don't think so. I think you need to be hosted under their servers to use their protection.

 

That is sad, because my projects very resource intensive (due to different DDoS attacks) & i'm jumping to different host if i need (to make gameplay smoother). + different gre tunnels + custom internal networks. Sad... Okay, i will wait for a public release, i hope it will be available.

Edited by UltraCat

Share this post


Link to post
Share on other sites

Mysterious is correct. If it were just me, it would probably be released freely, but it's a team project, so I can't ;P.

Share this post


Link to post
Share on other sites

Hello. We haven't been quite active in documenting our changes and updates, but RagnaShield is in constant development. Here's a list of changes from 1.0.0 to 1.0.8;

 

Version 1.0.1

  • Added shared encryption key.
  • Added GRF file hashing.
  • The RagnaShield logo on startup now closes once the client's main window shows up.

Version 1.0.4

  • Fixed packet conflicts between RagnaShield and the packet obfuscation feature.
    This error would show up in your emulator's map-server console as "unsupported packet : 22 or 26 in length".
  • Updated startup logo.
  • Other minor bug fixes.

  • Improved RagnaShield's CPU usage down to almost 0%. The usage was already pretty low, except now it uses Windows' events to detect new process creation.
    This means it no longer needs to scan your process list at every specific interval of time.
  • Fixed a bug regarding the third-party protection blocking false-positive process.
  • Hidden processes are now detected.

Version 1.0.7
  • Fixed a bug regarding the GRF hashing process; this bug would crash your exe without any warning.
  • The third-party protection module for Windows XP was unable to launch properly, this has been fixed.
  • Improved overall customization :
    • clientinfo.xml is no longer hidden within the game guard. To edit the content, you must open RagnaShieldRagnaShield.xml, then it's just like a regular clientinfo.xml. This was changed to allow admins to add more GM accounts without us having to rebuild your client files. You will notice that the IP fields are protected as well the port fields (so the security is still the same as before). The allowed IP tags are "#PRIMARY", "#FILTERED" and "#LOCALHOST". The last one allows you to test your server on a local network.
    • DATA.INI is no longer embedded within the client. You can edit the content and add as many custom GRFs as you want. The first two entries are reserved for RagnaShield
    • The data folder can be read safely without having an impact on our protected sprites (job sprites). This blocks no-delay skills while allowing you to test custom changes.

    [*]

    Common errors are now displayed in a more friendly manner (replaced some of the 0xF#####87 errors).
    [*]
    Introducing a new file signature protection. This fully blocks any unauthorized processes from being executed at the same time as your client.

Version 1.0.8

  • Added file version to the game guard to track down further issues.
  • Added a custom crash report to help track down further issues and which will quite possibly help you solve other issues. The file is stored in ClientCrash.log
  • Huge update on RagnaShield's third-party protection. It is planned to be improved, but newer cheat softwares should have a harder time to work.
  • WMI errors will now show up in hexadecimal, this will be easier to track them down as well.
  • Pressing Ctrl-Del ingame will crash the client and generate a crash log on purpose.
  • Security upgrade regarding macro'ing softwares.
  • Updated third-party definitions and rules.

Edited by Conflicts

Share this post


Link to post
Share on other sites

Last update, 2015... Project still alive? @Conflicts after seeing NovaRO i want to try this one.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now