How?

#1

Ok, I know that I’m probably going to end up getting a lot of responses like “Noob” or “Google it” or some shit like that, but I figured I am a member of a community so that I can hopefully get help from the other around me…

Anyway, the main reason for this topic is…How?

Like, How do you guys figure out everything you figure out? I don’t understand how like…peterbjornx figured out all the stuff for his cache getter…or how saev found out all the stuff he needed to make a deobber? Like, how did you guys find out about the control flow variable, I’m actually guessing this is part of ZKM, but in that case, how did you find out they used ZKM?

I’m not asking to be spoon fed, I’m asking for a general nudge in the right direction, I’ve been here for like 4 years and the only thing I have to show for it are like 14 IRC Bots, which are all shit anyway.

Please, someone, enlighten me so I can hopefully make something that I find relatively useful. Even if it’s stuff I should research to make a deobber… I just want to know where I should start.

Should I get the runescape.jar and look around at the bytecode and try to cipher what’s happening? Like I said, I’m really just wanting a nudge in the general direction. Thanks guys.

#2

we decompile the client and have a look at what it does

as for deobfuscation, we look at the bytecode, notice that its complexity is increased, then look for ways to simplify it. for specific obfuscation rules, we gain access to the obfuscator and run our own classes through it to see what changes

#3

noob google it

#4

peterbjornx figured shit out for his ‘cache grabber’? oh right… someone else did and he simply used it.

#5

Reversing is easy. Language is a talent for understanding and logic is the universal tungue. Machines are purely logical, so they are inherently easy to figure out. Just think about what you’re trying to accomplish and how you would do that, then look for it!

Reverse engineering can only be accomplished if you actually grasp the concept of what’s happening. It’s not something taught but learned.

Good luck.

#6

yeah i think pplsuqbawlz had it right with the universal logic thing, i haven’t looked at a runescape client in about 2 years, so I’m no help with any deobs or this new fad of private servers… but I know my fareshare of logic, and I AM GOOD AT METH.

#7

get the fuck out of here

#8

[quote=“c|p, post:7, topic:328159”][quote author=TripleBla link=topic=424540.msg3119888#msg3119888 date=1265436565]
yeah i think pplsuqbawlz had it right with the universal logic thing, i haven’t looked at a runescape client in about 2 years, so I’m no help with any deobs or this new fad of private servers… but I know my fareshare of logic, and I AM GOOD AT METH.
[/quote]

get the fuck out of here[/quote]
Why the hostility? I’m just a little curious.

#9

no i didnt,used my code first but it didnt work,so i chose to to use silabs code, but i found out how to do it myself first

#10

It’s none of you code idiots. Intellectual property of Jagex Ltd.

We’re just kinks in the plumbing.

On another note… ZKM puts a constant UTF8 in the pool with it’s version but it’s now removed. They used to leave the constant pool unscrambled so you could easily ID all methods and fields. That, is how my bot updated. That is why I was sure I was > all. Everyone else was too dumb too realize the cp order remained.

#11

wat

#12

IIRC, i talked with you when i discovered this 2-3 years ago.

#13

looooool

#14

IIRC == if i recall correctly

#15

[quote=“pplsuqbawlz, post:10, topic:328159”]It’s none of you code idiots. Intellectual property of Jagex Ltd.

We’re just kinks in the plumbing.

On another note… ZKM puts a constant UTF8 in the pool with it’s version but it’s now removed. They used to leave the constant pool unscrambled so you could easily ID all methods and fields. That, is how my bot updated. That is why I was sure I was > all. Everyone else was too dumb too realize the cp order remained.[/quote]

did it rly

#16

[quote=“Unhandled, post:13, topic:328159”][quote author=Ollie link=topic=424540.msg3122432#msg3122432 date=1265665265]
IIRC, i talked with you when i discovered this 2-3 years ago.
[/quote]

looooool[/quote]i think unhandled needs an acronym dictionary

#17

i think you mean psb needs one

#18

[quote=“Uriko, post:16, topic:328159”][quote author=Unhandled link=topic=424540.msg3122452#msg3122452 date=1265666131]

looooool
[/quote]i think unhandled needs an acronym dictionary[/quote]

no?

#19

what the fuck is going on

#20

hey look its psb, sup man