Keplar
-
Posts
3 -
Joined
-
Last visited
Content Type
Profiles
Pokédex
Portal
Technical Documentation
Pages
Tutorials
Forums
Events
Downloads
Gallery
Blogs
Everything posted by Keplar
-
The problem is that we aren't even sure how long the salt is, whether the salt is placed before or after the data payload (or both), or even what sections of data are being hashed. If it's anywhere near as long as the 20 character SHA1 salt used in the GTS, then it's not even worth trying to brute-force. You'd have better luck finding/hiring a hardware engineer to reproduce what neimod and smea can do, and pull it out of RAM. This deeply confuses me. Assuming we're right that this is a hash, and assuming that this hash is absolutely required by the game and that we're not just making mistakes elsewhere in our injection process, then it should've been impossible for bond and xfr to inject an edited Pokemon using wonder trade. Unless, of course, they happen to have the same hardware setup as neimod and smea.
-
16 byte checksum? That sounds more like an MD5 hash, in my opinion. Out of curiosity, I've coded a small script to hash all possible data segments of the packet's payload, and compare these hashes for a possible match. Unfortunately, no hashed data segments of my packet matched. Perhaps a salted MD5 hash is being used?
-
So you're having trouble using a virtual adapter to broadcast? I was actually considering switching over to that, in favor of a pure software solution that didn't require an extra router. At the moment, I'm searching for a program that I can easily tweak to swap out sections of packets. It would be nice if this involved HTTP traffic or if there was a simple DNS address I could spoof... It sure would make things a lot easier. UDP modification is relatively new to me.