Jump to content

GTS: website research


Recommended Posts

  • Replies 652
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

I have a problem, my signal is red, then green, then after a minute red again. Someone said earlier that port 53 and 80 need to be open or something. How do you do this? Where do you change port numbers, is that on your IP?

are you behind a router?

Link to comment
Share on other sites

Hello and thank you for the amazing work.<3

I have uploaded Vlad's script on the host I'm using for my website and the only thing that I have is :

No logs has yet been... logged.

Is this normal?

Plus when I tried to connect on the GTS I have this error: 52100

What did I do wrong?

Can someone explain to me how can I connect when I put the folder on a real host?

Thank you in advance.

Link to comment
Share on other sites

As said earlier in the thread from vlad on post #123 The mystery gift may use SSL which is hard to crack and act as the server.

So at this point, There will be no Wondercard Distribution Research.

Well, WC really uses SSL, and I already tried MITM-atack. No results yet(

Honestly, there are few things we can do.

Hard way: we can try to exploit a vulnerability of ssl, which allows to sign our own certificate with NOA key, so DS will trust. Yep, it IS bruteforce, but it can be completed in adequate time.

Easy way: we can try to redirect requests to non-encrypted channel. I don't think that DS will insist using SSL. If so - we can just patch rom and analyse data transferring while others will perform hard way)

Link to comment
Share on other sites

Rukia-san I recommend using the simple way: python for both DNS and HTTP server -much easier than that crappy site I made that I only used for debugging. You could try either LordLangdons script #43 or mine #129.

Im having some problems with your Script, when i Connect to the GTS it says:

Unable to connect to the GTS.

Returning to the reception counter.

But when i test the connection with both programs running i get a connection successful

and all my ports on my router is open and my firewalls are turned off

and when i run the program it gives me the IP address of my internet company instead of the router but i been connecting with my routers ip in the ds's dns settings because the IP address to the internet company doesnt connect for me

Link to comment
Share on other sites

try clicking on start then click run. Type in "cmd" then once the command box pops up type in "ipconfig" and hit enter then next to where it says ip address put that in your dns settings on your ds

I tried to do that and got the error code 52200... Does my modem have anything to do with this problem?

Are you useing a router like wireless or direct modem? If its a direct modem Its mostliklygonna use your regular ip takea ,ook at this http://projectpokemon.org/forums/showthread.php?780-GTS-website-research&p=68886&viewfull=1#post68886

This works as both a wireless router and a cable modem. And I've tried doing something like that but for some reason it didn't work.

Link to comment
Share on other sites

To end the face-palming. What he meant flyingpker is if you are connected to the internet trough a router. If you are then it means you need to configure the ports on the routers administration page so that the traffic on ports 80 and 53 are directed to your machine -if you want a public service, so others can connect to your server when connecting from the outside of your house/i.e. their connection does not go into your router box directly, but from the outside of your house.

Link to comment
Share on other sites

Mine ain't threaded, was my first Python script. :P GTS Nuker is the only community release that is threaded.

When we use the DNS to redirect requests, at least in my script what I did was only redirect request going to "gamestats2.gs.nintendowifi.net" to a specific IP (that was the custom webserver IP). Everything else should be left alone. Now the new host must handle two things, the GTS and the Battletower as they oddly are implemented on that server. They also share one file I believe, the setProfile.asp in the /common/ dir so it's a little messy but you could manage and redirect those requests (battletower) to the official Nintendo GTS server and only intercept the GTS communication, but that's done within the webserver, the DNS is supposed only to redirect all the traffic from the mentioned CNAME.

Link to comment
Share on other sites

We can get the DS card to connect to a fake GTS server, but what about the other way round? I tried writing a program to connect to the real GTS, without much success. I tried connecting to the GTS server, referring to the wiki page, but it gave me a 403 error. The request I sent was:

GET /pokemondpds/worldexchange/info.asp?pid=117094747 HTTP/1.1

Host: gamestats2.gs.nintendowifi.net

User-Agent: GameSpyHTTP/1.0

Connection: close

I'm assuming the DS games have to 'log on' first to get a unique PID, right? Has this been figured out?

Link to comment
Share on other sites

Mine ain't threaded, was my first Python script. :P GTS Nuker is the only community release that is threaded.

When we use the DNS to redirect requests, at least in my script what I did was only redirect request going to "gamestats2.gs.nintendowifi.net" to a specific IP (that was the custom webserver IP). Everything else should be left alone. Now the new host must handle two things, the GTS and the Battletower as they oddly are implemented on that server. They also share one file I believe, the setProfile.asp in the /common/ dir so it's a little messy but you could manage and redirect those requests (battletower) to the official Nintendo GTS server and only intercept the GTS communication, but that's done within the webserver, the DNS is supposed only to redirect all the traffic from the mentioned CNAME.

Hmm... cause I went to access my webserver (running on the same computer as the DNS server and pkmn server) and I got the Hello World message (which is what "out" is set to if there's no request in your pkmn server).

I'll have to test it more when all my stuff comes back online. I don't think I can run GTS Nuker (though I haven't tried yet) with Apache running at the same time, which is why I liked your python scripts better. I'll try and do some more research soon.

Link to comment
Share on other sites

Mine ain't threaded, was my first Python script. :P GTS Nuker is the only community release that is threaded.

When we use the DNS to redirect requests, at least in my script what I did was only redirect request going to "gamestats2.gs.nintendowifi.net" to a specific IP (that was the custom webserver IP). Everything else should be left alone. Now the new host must handle two things, the GTS and the Battletower as they oddly are implemented on that server. They also share one file I believe, the setProfile.asp in the /common/ dir so it's a little messy but you could manage and redirect those requests (battletower) to the official Nintendo GTS server and only intercept the GTS communication, but that's done within the webserver, the DNS is supposed only to redirect all the traffic from the mentioned CNAME.

Hmm... cause I went to access my webserver (running on the same computer as the DNS server and pkmn server) and I got the Hello World message (which is what "out" is set to if there's no request in your pkmn server).

I'll have to test it more when all my stuff comes back online. I don't think I can run GTS Nuker (though I haven't tried yet) with Apache running at the same time, which is why I liked your python scripts better. I'll try and do some more research soon.

Link to comment
Share on other sites

For the curious, the veekun setup is as follows:

- BIND thinks it's a master server for nintendowifi.net. It returns the veekun IP for gamestats2.gs, but the correct IPs for conntest and nat.

- In Apache, gamestats2.gs.nintendowifi.net is a ServerAlias for veekun.com. Requests to http://gamestats2.gs.nintendowifi.net/pokemondpds/common/setProfile.asp, for example, as treated the same way as though they were for http://veekun.com/pokemondpds/common/setProfile.asp.

- App side, I have these two route rules:

    map.connect('/pokemondpds/worldexchange/{page}.asp', controller='fake_gts', action='dispatch')
   map.connect('/pokemondpds/common/{page}.asp', controller='fake_gts', action='dispatch')

Anything that starts with /pokemondpds, I send off to a custom dispatch function in its own controller.

- The dispatch function takes care of challenge/response and decrypting the data, then dispatches to the right method based on the page name. Source here, although it'll be moving later.

The thing to remember is that the Nintendo server isn't doing anything special whatsoever; it's just a regular Web app, running on IIS (gross), that happens to return binary junk instead of HTML.

Link to comment
Share on other sites

Binary junk with the content-type header of text/html, at that q=

my setup is simply dnsspoof substituting replies to gamestats2.gs with my IP, and mod_rewrite in lighttpd

url.rewrite =("^/pokemon.+([?].*)" => "/gts.py$1")

which rewrites all requests to /pokemon.* to, /gts.py which uses the requested_url environ variable to figure out what to do.

I've got a fully working GTS server running there atm, with searching and trading, from within my regular wobserver C=

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...