Need a hint

Have you created a useful tool? or Do you want to get help building one? This is the right place!
Forum rules
READ NOW: L2j Forums Rules of Conduct
Post Reply
afk5min
Posts: 38
Joined: Tue Jan 31, 2012 4:02 pm
Location: Away From Keyboard

Need a hint

Post by afk5min »

I was looking on what to replace dated sniffers to sniff retail packets, and discovered this:
Image

By any chance, could someone elaborate on:
What is the name of this sniffer?
Where could I get it?
What is the latest protocol version supported?
Compute sequentially, true or false?

Code: Select all

p :- p.p. ?- p.
User avatar
lord_rex
Posts: 78
Joined: Sat Jun 06, 2009 2:38 pm
Location: Hell, 9th circle, centre
Contact:

Re: Need a hint

Post by lord_rex »

I would really like to know it also.. :)
You're right. I have forgotten how to act like a normal human being. And I play games and I lie and I trick people to avoid the truth of how I feel.
Image
Hyrelius
Posts: 257
Joined: Thu Dec 16, 2010 5:16 am

Re: Need a hint

Post by Hyrelius »

Hey there,

while I am not sure if I am even allowed to write down the information here - nor do I take any responsibility as to its correctness or any other means - I still think I can give you a hint or two.

I used to look into l2phx. It seems to support Freya and probably GoD, though my version had trouble with the latter as it didn't come with predefined packet descriptions (as seen in the right panel of your first screenshot) for GoD.

It was hard to configure so I cannot really elaborate on that. I just know I finally managed to get it to work. By the way: at least Microsoft Security Essentials recognize the executable file as a threat, which I'm pretty sure it's not.

Not a pro regarding packet sniffing though as I only tried it once to determine if a certain action triggers sending a packet or not.

Happy New Year,
Hyrelius.

Edit: oh yeah - just remembered: the tool isn't made by L2J - so I doubt they will be supporting it. If it was for debugging packets, you might want to look into this option somewhere in the configuration files. But since you seem to aim for something different, either look into that tool or wait for a more precise answer :).
Image
I don't mind helping - however: I only do so if I want to.
No support for other server packs than L2J.
User avatar
jurchiks
Posts: 6769
Joined: Sat Sep 19, 2009 4:16 pm
Location: Eastern Europe

Re: Need a hint

Post by jurchiks »

The tool needs to attach itself to the l2 process to sniff packets, that's why it's being recognised as a threat. It isn't actually a virus.

There are tools like WireShark that don't attach themselves to processes (afaik), but they require additional setup to get it to work with l2 and there is no such packet info support in those.
If you have problems, FIRST TRY SOLVING THEM YOURSELF, and if you get errors, TRY TO ANALYZE THEM, and ONLY if you can't help it, THEN ask here.
Otherwise you will never learn anything if all you do is copy-paste!
Discussion breeds innovation.
afk5min
Posts: 38
Joined: Tue Jan 31, 2012 4:02 pm
Location: Away From Keyboard

Re: Need a hint

Post by afk5min »

Hyrelius wrote:I used to look into l2phx. It seems to support Freya and probably GoD, though my version had trouble with the latter as it didn't come with predefined packet descriptions (as seen in the right panel of your first screenshot) for GoD.
The bad thing is, while it may have been a nice tool in GF times (so... like 3-3.5 years ago), seeing as it even supported client opcode scrambling (the l2.ru mode) required for retail sniffing, the last update was...
Date: August 3, 2011 16:23:40
Which was some Freya-related stuff (a.k.a. long dead and obsolete). During HF times, I used packetsamurai adapted to L2, but it was (is) lacking, not to mention the overall slowness and memory footprint :P

Perhaps any other similar tools you know? Because that one screenshot is all I have on this one.
Compute sequentially, true or false?

Code: Select all

p :- p.p. ?- p.
otsaki5
Posts: 40
Joined: Tue Oct 14, 2014 10:22 am

Re: Need a hint

Post by otsaki5 »

Can someone link the sniffer name or location to download? thank you!
Post Reply