Thread: How to figure out opcodes for server->client and client->server for OSRS?

Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1 How to figure out opcodes for server->client and client->server for OSRS? 
    Registered Member
    Join Date
    May 2020
    Posts
    5
    Thanks given
    0
    Thanks received
    2
    Rep Power
    0
    Howdy!

    I'm currently writing my own implementation of OSRS server as a learning experience, and have figured out quite a bit. I've got login working, and have written an implementation of ISAAC etc, so login is working.

    One of the next things I'm trying to figure out is how to "reverse engineer" the opcodes.

    What I'm doing is looking at OpenOSRS and figuring out the types from that. There are 86 server packets for example, and they seem to change field names between releases, as they are obviously deobfuscated so the field names are pretty random.

    Is there a more methodical/automated way or a tool somebody has written that does this?

    I can figure it out one by one manually, but it'll take a while.
    Reply With Quote  
     

  2. #2  
    Respected Member

    Corey's Avatar
    Join Date
    Feb 2012
    Posts
    1,312
    Thanks given
    961
    Thanks received
    1,275
    Rep Power
    5000
    No. Not yet anyway.

    Doing it by hand is the way it's mostly done. The more you do it the easier it is to recognise which packet is which.

    I believe the people working on the Apollo convert to OSRS have thought about automating it, but at the moment no such proper tool exists (as far as I'm aware anyway).
    [Only registered and activated users can see links. ]

    [Only registered and activated users can see links. ]
    Spoiler for .:


    Reply With Quote  
     

  3. #3  
    Registered Member

    Join Date
    Feb 2010
    Posts
    2,802
    Thanks given
    975
    Thanks received
    588
    Rep Power
    663
    We should probably sit down with lots of versions and see if there is a clear algorithm used in generating them because I doubt jagex go through their server and manually change them everytime so it's got to be predictable. I mean they could be completely random i suppose, but the same randomisation would be used in both thr client and the server so again pseudorandom?
    Reply With Quote  
     

  4. #4  
    Registered Member
    Join Date
    May 2020
    Posts
    5
    Thanks given
    0
    Thanks received
    2
    Rep Power
    0
    Cool thanks, I'll see if I can write a tool to parse opcodes from clients, then compare to released opcodes of previous versions.
    Reply With Quote  
     

  5. #5  




    Scu11's Avatar
    Join Date
    Aug 2007
    Age
    26
    Posts
    16,096
    Thanks given
    7,098
    Thanks received
    11,936
    Rep Power
    5000
    Quote Originally Posted by Fire Cape View Post
    I doubt jagex go through their server and manually change them everytime
    they randomise them, the code isn't written against hard coded numbers

    [Only registered and activated users can see links. ]



    Reply With Quote  
     

  6. #6  
    Registered Member
    Join Date
    May 2020
    Posts
    5
    Thanks given
    0
    Thanks received
    2
    Rep Power
    0
    I've ended up writing a tool, I'm going to release it once it's done. I'm testing against multiple releases of OSRS to ensure it works. Will add more versions to test later. I'm adding packets as I need them.


    I've only implemented 6 packets so far on my server, so as I go I'll implement them.

    Code:
    ----------REVISION 171----------
    RunClientScript - (3, -2)
    UpdateRebootTimer - (5, 2)
    UpdateInventoryFull - (7, -2)
    UpdateStat - (10, 6)
    UpdateInventoryPartial - (22, -2)
    UpdateInvStopTransmit - (28, 2)
    Found a total of 6/84
    ----------REVISION 181----------
    UpdateStat - (22, 6)
    UpdateInventoryPartial - (44, -2)
    UpdateInvStopTransmit - (46, 2)
    RunClientScript - (62, -2)
    UpdateInventoryFull - (70, -2)
    UpdateRebootTimer - (72, 2)
    Found a total of 6/86
    ----------REVISION 182----------
    UpdateStat - (22, 6)
    UpdateInventoryPartial - (44, -2)
    UpdateInvStopTransmit - (46, 2)
    RunClientScript - (62, -2)
    UpdateInventoryFull - (70, -2)
    UpdateRebootTimer - (72, 2)
    Found a total of 6/86
    ----------REVISION 183----------
    UpdateRebootTimer - (1, 2)
    UpdateInventoryPartial - (5, -2)
    UpdateStat - (7, 6)
    UpdateInvStopTransmit - (17, 2)
    RunClientScript - (18, -2)
    UpdateInventoryFull - (29, -2)
    Found a total of 6/86
    ----------REVISION 184----------
    UpdateInventoryPartial - (1, -2)
    UpdateStat - (9, 6)
    UpdateInventoryFull - (49, -2)
    RunClientScript - (56, -2)
    UpdateInvStopTransmit - (57, 2)
    UpdateRebootTimer - (72, 2)
    Found a total of 6/86
    ----------REVISION 185----------
    UpdateRebootTimer - (11, 2)
    UpdateInventoryPartial - (13, -2)
    UpdateStat - (37, 6)
    UpdateInvStopTransmit - (45, 2)
    UpdateInventoryFull - (47, -2)
    RunClientScript - (83, -2)
    Found a total of 6/86
    ----------REVISION 187----------
    UpdateInvStopTransmit - (11, 2)
    UpdateInventoryFull - (47, -2)
    UpdateInventoryPartial - (51, -2)
    RunClientScript - (59, -2)
    UpdateStat - (68, 6)
    UpdateRebootTimer - (78, 2)
    Found a total of 6/86
    ----------REVISION 188----------
    UpdateRebootTimer - (4, 2)
    UpdateInvStopTransmit - (23, 2)
    RunClientScript - (31, -2)
    UpdateInventoryPartial - (35, -2)
    UpdateInventoryFull - (67, -2)
    UpdateStat - (84, 6)
    Found a total of 6/86
    ----------REVISION 189----------
    UpdateInvStopTransmit - (23, 2)
    UpdateInventoryPartial - (35, -2)
    UpdateStat - (37, 6)
    RunClientScript - (49, -2)
    UpdateInventoryFull - (71, -2)
    UpdateRebootTimer - (84, 2)
    Found a total of 6/86
    Reply With Quote  
     

  7. Thankful users:


  8. #7  
    Registered Member
    Join Date
    May 2020
    Posts
    23
    Thanks given
    1
    Thanks received
    0
    Rep Power
    11
    If you would like to figure this data out all you need is to output it via the client.

    Also it's quite brilliant as-well Runelite does somewhat expose this from what I can tell. From what I heard some run a modified Runelite and login to OSRS with a max account and use that client to output all the information they need.

    There is a tool for this, it's called a modified Runelite client + a maxed out OSRS account.

    Automating this is straight forrward as-well, you output the information displayed from client a to output json, run the numbers on a series of algo to determine proper value vs action.

    Not gonna explain this. Hope this helps.

    Quote Originally Posted by Scu11 View Post
    they randomise them, the code isn't written against hard coded numbers
    From what I know randomizing will would cause problems if they run it server side the two wouldn't communicate unless it was specified. Being random, would cause quite a bit of problems for communicating between the two entities. I don't think it's 100% random.
    Reply With Quote  
     

  9. #8  




    Scu11's Avatar
    Join Date
    Aug 2007
    Age
    26
    Posts
    16,096
    Thanks given
    7,098
    Thanks received
    11,936
    Rep Power
    5000
    Quote Originally Posted by BlackMomba View Post
    From what I know randomizing will would cause problems if they run it server side the two wouldn't communicate unless it was specified. Being random, would cause quite a bit of problems for communicating between the two entities. I don't think it's 100% random.
    they randomise it when they build the client... the server knows what they were randomised to since they store the output

    [Only registered and activated users can see links. ]



    Reply With Quote  
     

  10. #9  
    Registered Member
    Join Date
    May 2020
    Posts
    23
    Thanks given
    1
    Thanks received
    0
    Rep Power
    11
    Quote Originally Posted by Scu11 View Post
    they randomise it when they build the client... the server knows what they were randomised to since they store the output
    Yes, exactly. It's not 100% random, the server understands its instructions.
    Reply With Quote  
     

  11. #10  




    Scu11's Avatar
    Join Date
    Aug 2007
    Age
    26
    Posts
    16,096
    Thanks given
    7,098
    Thanks received
    11,936
    Rep Power
    5000
    Quote Originally Posted by BlackMomba View Post
    Yes, exactly. It's not 100% random, the server understands its instructions.
    it is random when they are generated. they shuffle all the opcodes and then make sure the client and server have agreed upon the new shuffled order... i don't know what you mean by "its not 100% random", there is nothing choosing what the numbers get shuffled to other than a psuedo random number generator

    [Only registered and activated users can see links. ]



    Reply With Quote  
     

Page 1 of 2 12 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Replies: 0
    Last Post: 07-11-2017, 01:17 PM
  2. Replies: 6
    Last Post: 04-26-2015, 04:59 PM
  3. Replies: 0
    Last Post: 04-15-2013, 05:42 PM
  4. Replies: 4
    Last Post: 07-08-2012, 11:23 PM
  5. Replies: 11
    Last Post: 05-13-2012, 10:35 PM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •