Secrets Posted November 27, 2018 Group: Developer Topic Count: 36 Topics Per Day: 0.01 Content Count: 588 Reputation: 437 Joined: 01/26/16 Last Seen: Wednesday at 03:00 PM Share Posted November 27, 2018 [Untested] Slap Roarrr.asi into your RO client folder and watch brAthena get confused. I take no responsibility of any kind from consequences of using this client add-on. It is simply provided as a proof-of-concept on how weak brAthena's MAC address ban system is. Use it at your own risk. Quote Link to comment Share on other sites More sharing options...
Normynator Posted November 27, 2018 Group: Developer Topic Count: 7 Topics Per Day: 0.00 Content Count: 292 Reputation: 199 Joined: 05/03/13 Last Seen: May 26, 2023 Share Posted November 27, 2018 Do you have Source Code for that PoC publicly available? 1 Quote Link to comment Share on other sites More sharing options...
anacondaq Posted November 27, 2018 Group: Members Topic Count: 42 Topics Per Day: 0.01 Content Count: 1096 Reputation: 348 Joined: 02/26/12 Last Seen: May 30, 2023 Share Posted November 27, 2018 (edited) I don't understand your hate to different emulators, like hercules or brathena, but his src mod will not work at all because of its nature and ethernet. Also, your changes can break almost all protection if focusing and having a goal for it. I talk about protections which use simple mac address taken from client's network adapter PC's (hardware mac) as a unique identifier of a player session for doing different manipulations. Also, macs can be very easy edited with default GUI from windows without any problems. So mac protection for server owners = bad idea, must be used something more interesting and unique like motherboard + cpu + some other PC part like hard drive + some salt. Edited November 27, 2018 by Anacondaqq Quote Link to comment Share on other sites More sharing options...
Zell Posted November 27, 2018 Group: Members Topic Count: 53 Topics Per Day: 0.01 Content Count: 412 Reputation: 266 Joined: 04/25/12 Last Seen: 17 hours ago Share Posted November 27, 2018 What do u mean by get confused? Quote Link to comment Share on other sites More sharing options...
Secrets Posted November 28, 2018 Group: Developer Topic Count: 36 Topics Per Day: 0.01 Content Count: 588 Reputation: 437 Joined: 01/26/16 Last Seen: Wednesday at 03:00 PM Author Share Posted November 28, 2018 14 hours ago, Anacondaqq said: I don't understand your hate to different emulators, like hercules or brathena, but his src mod will not work at all because of its nature and ethernet. Also, your changes can break almost all protection if focusing and having a goal for it. I talk about protections which use simple mac address taken from client's network adapter PC's (hardware mac) as a unique identifier of a player session for doing different manipulations. Also, macs can be very easy edited with default GUI from windows without any problems. So mac protection for server owners = bad idea, must be used something more interesting and unique like motherboard + cpu + some other PC part like hard drive + some salt. brAthena's solution is using a launcher or some custom mod to read the computer's physical address and put it into packet 0x0825 (enabled with SSO login packet patch) at 0x3C offset. Quote Link to comment Share on other sites More sharing options...
Secrets Posted November 28, 2018 Group: Developer Topic Count: 36 Topics Per Day: 0.01 Content Count: 588 Reputation: 437 Joined: 01/26/16 Last Seen: Wednesday at 03:00 PM Author Share Posted November 28, 2018 15 hours ago, Normynator said: Do you have Source Code for that PoC publicly available? No, it's my other experimental "secure login" project with with codes commented and a line for this bypass added, and I'm too lazy to clean it up for a release. It just hooks into the "send" function and modify the buffer. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.