KeyWorld

Too bad, it was intented to be a great week end, now I'm sad. You are an awesome guy, I wish you the best for your future and hope to see you here again some times.

Or just update the client keys (already explained some pages before).

It's working for the 14 first packet received from the client, after the encryption will not be update and it's possible to use WPE/RPE. And yeah WPE/RPE are the same (talking about this update).

If guys search for a "not broken" client, check the list behind (each encryption tested 10 000 000 times), seems like Gravity doesn't even take time to find correct keys : 20110817 - PASSED 20110824 - FAILED x32 20110831 - PASSED 20110906 - PASSED 20111005 - FAILED x29 20111012 - FAILED x32 20111021 - PASSED 20111025 - PASSED 20111102 - FAILED x31 20111109 - FAILED x16 20111122 - FAILED x16 20111207 - FAILED x31 20111214 - FAILED x32 20111220 - FAILED x16 20111228 - FAILED x7 20120104 - PASSED 20120111 - PASSED 20120120 - PASSED 20120202 - PASSED 20120207 - PASSED 20120214 - FAILED x31 20120229 - PASSED 20120307 - FAILED x31 20120314 - PASSED 20120321 - PASSED 20120328 - FAILED x32 20120404 - PASSED 20120410 - FAILED x32 20120418 - FAILED x15 20120424 - FAILED x11 20120509 - PASSED 20120515 - PASSED 20120525 - FAILED x16 20120605 - PASSED 20120612 - FAILED x14 20120618 - PASSED 20120702 - PASSED 20120716 - PASSED 20130320 - FAILED x32 20130514 - PASSED 20130522 - PASSED 20130529 - FAILED x30 20130605 - PASSED 20130612 - PASSED 20130618 - PASSED 20130626 - FAILED x11 20130703 - FAILED x32 20130807 - FAILED x4 20131218 - FAILED x31 20131223 - FAILED x14 20131230 - PASSED

@snowflake1963 There were some updates since this post, it require now to include the Debug class, and define where is locate your fullclient: <?phpdefine('__ROOT__', dirname(__FILE__) . '/');// Loading CORE filesrequire_once( __ROOT__ . 'core/class.Controller.php');require_once( __ROOT__ . 'core/class.Cache.php');require_once( __ROOT__ . 'core/class.Client.php');require_once( __ROOT__ . 'core/class.DB.php');require_once( __ROOT__ . 'core/class.Debug.php'); Client::$path = __ROOT__ . "client/" ; // Define where your client path is (where you put your grfs, data, etc.)Client::$data_ini = "DATA.INI" ; // The name of your DATA.INI (to locate your grfs, if not set: grfs will not be loaded)Client::init(); // What do you want to display ?// Full Character ?// So include the render neededrequire_once( __ROOT__ . 'render/class.CharacterRender.php' ); // Set up the headerheader('Content-type:image/png'); // Since you use class.CharacterRender, use it :$chargen = new CharacterRender(); // Set your datas here$chargen->action = CharacterRender::ACTION_READYFIGHT; // You can see constants in$chargen->direction = CharacterRender::DIRECTION_SOUTHEAST; // render/class.RORender.php$chargen->body_animation = 0;$chargen->doridori = 0;$chargen->sex = "M";$chargen->class = 4002;$chargen->clothes_color = 0;$chargen->hair = 5;$chargen->hair_color = 12;$chargen->head_top = 0;$chargen->head_mid = 0;$chargen->head_bottom = 0;$chargen->weapon = 0;$chargen->shield = 0;$chargen->robe = 0;$chargen->option = 0; // Generate the image and display it$img = $chargen->render();imagepng($img);?>

It's always true, all encryptions are easy to break when you know where to search

Was I the only one, back in the past, who simply modify the DES encryption table used in the executable ? Easy, no files to add, no extra work by the client. Easily bypass if you know where to search, but it was better than molebox at the time and no one though about looking at the DES encryption.

Not possible currently to generate an animated image. Some reasons for it: - too intensive and memory consuming to generate X images for an animation. - gif can contain only 256 colors when a sprite is 256 * elements (without talking about rgba frames). - not possible to know when to loop the animation since each animated elements (body, hats) have a differents animation duration. It can be done client side using javascript but downloading spr/act pal is already too much in my opinion. To display monster it's the id you have to use : /monster/1002

@snowflake1963 Just add your fullclient informations to be able to load and extract files ? //- ClientClient::$path = __ROOT__ . "client/" ; // Define where your client path is (where you put your grfs, data, etc.)Client::$data_ini = "DATA.INI" ; // The name of your DATA.INI (to locate your grfs, if not set: grfs will not be loaded) Thank you guys

So rathena sux Only implement a buggy version of .@var++ sux a lot... So let say I forget about rathena for this script now. I know about getd() and setd(), the only problem with this command is the memory leak it create (specially in this case), so I'm not fan of it anymore So here a new version, with the *counting_sort_index*, and also a big bonus : asm functions (for fun). http://upaste.me/2d0f10561576aed88 [Debug]: script debug : 0 110198899 : ==== [SORT INDEX] Testing for 1000 elements.[Debug]: script debug : 0 110198899 : [merge_sort_index] Time used -> 610 ms [PASSED][Debug]: script debug : 0 110198899 : [merge_sort_index_asm] Time used -> 578 ms [PASSED][Debug]: script debug : 0 110198899 : [comb_sort_index] Time used -> 508 ms [PASSED][Debug]: script debug : 0 110198899 : [comb_sort_index_asm] Time used -> 476 ms [PASSED][Debug]: script debug : 0 110198899 : [counting_sort_index] Time used -> 94 ms [PASSED][Debug]: script debug : 0 110198899 : [counting_sort_index_asm] Time used -> 91 ms [PASSED][Debug]: script debug : 0 110198900 : ==== [SORT] Testing for 1000 elements.[Debug]: script debug : 0 110198900 : [merge_sort] Time used -> 407 ms [PASSED][Debug]: script debug : 0 110198900 : [merge_sort_asm] Time used -> 378 ms [PASSED][Debug]: script debug : 0 110198900 : [comb_sort] Time used -> 385 ms [PASSED][Debug]: script debug : 0 110198900 : [comb_sort_asm] Time used -> 343 ms [PASSED][Debug]: script debug : 0 110198900 : [counting_sort] Time used -> 57 ms [PASSED][Debug]: script debug : 0 110198900 : [counting_sort_asm] Time used -> 53 ms [PASSED]

Basically: https://github.com/HerculesWS/Hercules/blob/master/src/map/script.c#L1105 https://github.com/HerculesWS/Hercules/blob/master/src/map/script.c#L3011 https://github.com/HerculesWS/Hercules/blob/master/src/map/script.c#L3425 Number in script are integer, supported from -2147483647 to 2147483647, else it lead to overflow error. So if you can't create a number greater than this value, you will never be able to select an index superior than 2147483647 in an array.

I'm glad people want to see my name here but AUTHORS file is in Hercules emulator repository. I never contribute to it so it's just normal to not see my name here.

In fact it's limited to 2 billion index max : since the script engine use integer (and not unsigned integer) to store variables and numbers. But still a great improvement

It's not cheating, it's just reducing commands calls The best for now is counting sort in Hercules. Can't write it now in my phone but it will execute faaaar faster. Edit: So I checked today in a slow server, with some stupids greats optimizations in all functions. Here my results using 1000 elements : [Debug]: script debug : 0 110144879 : ==== [SORT] Testing for 1000 elements.[Debug]: script debug : 0 110144879 : [merge_sort] Time used -> 405 ms [PASSED][Debug]: script debug : 0 110144879 : [comb_sort] Time used -> 394 ms [PASSED][Debug]: script debug : 0 110144879 : [counting_sort] Time used -> 57 ms [PASSED] [Debug]: script debug : 0 110144878 : ==== [SORT INDEX] Testing for 1000 elements.[Debug]: script debug : 0 110144878 : [merge_sort_index] Time used -> 608 ms [PASSED][Debug]: script debug : 0 110144878 : [comb_sort_index] Time used -> 483 ms [PASSED] So as you can see, a hacky Comb Sort is faster than a hacky merge sort in all cases. If you want to cheat even more, you can use my hackyyyy counting sort (but it does not sort indexes). Have fun: http://rathena.org/board/pastebin/2kto2abymrp/

Optimized version of the merge sort index : function script mergeSortIndex { .@size = getarg(2); copyarray .@arr, getarg(0), .@size; while (.@i < .@size) { set .@idx[.@i], .@i; .@i++; } .@width = 1; while (.@width < .@size) { .@left = 0; while (.@left < .@size) { .@middle = .@size < .@left + .@width ? .@size : .@left + .@width; .@right = .@size < .@left + .@width * 2 ? .@size : .@left + .@width * 2; .@l = .@left; .@m = .@middle; while (.@l < .@middle && .@m < .@right) { if (.@arr[.@l] < .@arr[.@m]) { .@tmp_arr[.@left] = .@arr[.@l]; .@tmp_idx[.@left] = .@idx[.@l]; .@l++; } else { .@tmp_arr[.@left] = .@arr[.@m]; .@tmp_idx[.@left] = .@idx[.@m]; .@m++; } .@left++; } if (.@middle - .@l) { copyarray .@tmp_arr[.@left], .@arr[.@l], .@middle - .@l; copyarray .@tmp_idx[.@left], .@idx[.@l], .@middle - .@l; .@left += .@middle - .@l; } if (.@right - .@m) { copyarray .@tmp_arr[.@left], .@arr[.@m], .@right - .@m; copyarray .@tmp_idx[.@left], .@idx[.@m], .@right - .@m; .@left += .@right - .@m; } } .@width *= 2; copyarray .@arr, .@tmp_arr, .@size; copyarray .@idx, .@tmp_idx, .@size; } copyarray getarg(1), .@tmp_idx, .@size; return;}

You'll have even better performance if you replace the for loop with a while loop and the two condition with a ternary I can't test my iterative merge sort, I'm currently stuck with a script engine bug, will have to do some work around soon.

It's currently a WordPress. Is it what you are looking for ?

Seems like you can improve the script : I don't really understand why you create a temporary array, and at least, your (2) problem is related to the fact that you don't bind your output array with your temporary array content. Seems like you don't use argument 4 of mergesort and this functions can be improve to avoid executing the if condition at each recursion. And at least in merge function the three last while() can be optimized using our favorite copyarray command. If it's still slow, some solutions exists to implement the merge sort without relying on recursions

Hi Annie I'll check later more deeply your script to see if there are rooms for improvements, not much time currently. But from what I remember (maybe not the case anymore) the script engine do not like recursion (call functions, return to the previous state) and that's what slowing down the script.

@Annie Just because it's you <3 You miss array element in the setmapflag And because it's too much time since the last time I touch to Athena script, just cheating: - script warp_banned -1,{OnInit: setarray .@denymap_2nd$, "morocc", "payon", "aldebaran"; // Maps NOT for second jobs. Add more with a comma, last member should have a semicolon setarray .@denymap_3rd$, "amatsu", "gonryun", "geffen"; // Same as above, but for third jobs .@denymap_2ndSize = getarraysize(.@denymap_2nd$); .@denymap_3rdSize = getarraysize(.@denymap_3rd$); for (.@i = 0; .@i < .@denymap_2ndSize; .@i++) { setmapflag .@denymap_2nd$[.@i], mf_loadevent; } for (.@i = 0; .@i < .@denymap_3rdSize; .@i++) { setmapflag .@denymap_3rd$[.@i], mf_loadevent; } .@joinMap_2nd$ = "x1" + implode( .@denymap_2nd$, "x1") + "x1"; .@joinMap_3rd$ = "x1" + implode( .@denymap_3rd$, "x1") + "x1"; end;OnPCLoadMapEvent: .@class = eaclass(); .@search$ = "x1" + strcharinfo(3) + "x1"; if ( ((.@class & (EAJL_UPPER | EAJL_2)) && strpos(.@joinMap_2nd$, .@search$) > -1) || ((.@class & EAJL_THIRD) && strpos(.@joinMap_3rd$, .@search$) > -1) ) { dispbottom "You're not supposed to be here..."; warp "SavePoint",0,0; }}

Would be great to add orn to the list. Also known as the Zilleuse de Grigri she was freaking awesome and worked a lot on the homunculus system in the past (and maybe some others things I do not know about). Great initiative, remembered me about humans.txt

Thank you

I'm going to play with this features soon. As far I see : - only the map-server use this feature. - nothing sent to the client to say "hey for now you need to switch to encryption" - bothersome... - basic encryption in only the header of the packet and only from the packets sent from client (not from server). Am I correct ?

Welcome 2014. Great job.

Sorry, it was not my intention to troll you all with a "Apple Sucks !" in this Apple Store, I didn't know there were so much fanboy here. Since I'm lazy and will have vacations in some hours, just read the above posts to get answers. I didn't ask to rewrite FluxCP or updating it, but I suggested to create a new one with solid foundation. If you don't want, who cares ? : it's a suggestion. If you want to get informations about the hack I will add you to our discussion. Talking about how to exploit a zero-day in public, isn't something smart at all.