Creating a reflection bot

[Mj]

So I am interested in possible creating an open-source only reflection bot. I have been reading up on a few different things on rsh, but am still a bit confused on what actually needs to be made. If I only want to use reflection, I still need to create an updater correct? Once I have an updater I can use that to deobfuscate the client correct? I'm still a bit confused on what happens after that. I can use the decompiled classes to hook them to the actual ones at runtime?

[AFools]

Dude; if your asking such broad questions.. you probably don't enough coding experience to finish such a project. Firstly try build scripts through Simba? Then attempt to make your own 'Client' you can use the hooks already provided.. Then make your own method to grab and de-obfuscate the hooks at the end.

Then you will have your own client.. I'm guessing by this stage you would of lost the idea of it being open-source? otherwise you would instead would make use of the community here, as 99.99% of thing posted on this community are educational and open-source??


My suggestion is too start somewhere; then ask questions that are precise.. A precise questions begs a precise answer.. which many here have done this before, and would be keen to help where and when they can.

[the bank]

So I am interested in possible creating an open-source only reflection bot. I have been reading up on a few different things on rsh, but am still a bit confused on what actually needs to be made. If I only want to use reflection, I still need to create an updater correct? Once I have an updater I can use that to deobfuscate the client correct? I'm still a bit confused on what happens after that. I can use the decompiled classes to hook them to the actual ones at runtime?

You've got a lot of things messed up.

Yes, a reflection client will still require an updater. Look up the Java Reflection API and learn about it.

No, an updater's purpose is not to deobfuscate the client. In fact, the client does not have to be deobfuscated. It often is, simply because it provides a slightly more static codebase to analyze. The client does however need to be decrypted, as it is stored in an encrypted "inner-pack".

The updater's rel purpose is to locate the fields that you will be reflecting. Since class names and field names change every update (and every gamepack within that update) it is required for a reflection client.

You have a lot of learning to do. A lot. Here's something to get you on your way - the function I use for decrypting the inner-pack:

Java Code:

static byte[] decrypt(String name) throws Exception {
        int j1 = 0;
        int i;
        int j;
        int k;
        int l;
        byte[] abyte0;
        char c1;
        int i1;
        char c2;
        try {
            i = name.length();
            if (0 == i)
                return new byte[0];
        } catch (RuntimeException runtimeexception) {
            throw new Exception("");
        }
        label0: {
            label1: {
                label2: {
                    label3: {
                        label4: {
                            j = -4 & i + 3;
                            k = 3 * (j / 4);
                            if (~i >= ~(-2 + j))
                                break label1;
                            c1 = name.charAt(j - 2);
                            if ('\0' <= c1 && c1 < p.length) {
                                l = p[c1];
                                if (j1 == 0)
                                    break label4;
                            }
                            l = -1;
                        }
                        if (~l == 0)
                            break label1;
                        if (i <= j - 1)
                            break label2;
                        c2 = name.charAt(-1 + j);
                        if (~c2 <= -1 && ~p.length < ~c2) {
                            i1 = p[c2];
                            if (j1 == 0)
                                break label3;
                        }
                        i1 = -1;
                    }
                    if (0 != ~i1 && j1 == 0)
                        break label0;
                }
                k--;
                if (j1 == 0)
                    break label0;
            }
            k -= 2;
        }
        abyte0 = new byte[k];
        decrypt2(abyte0, 0, name, (byte) -75);
        return abyte0;
    }

[Mj]

Thanks for the help, I've been trying to read up on some different sources, but maybe haven't given myself enough time to absorb everything and understand it thoroughly. I will try to start smaller. I do have programming experience in Java, just not with this type of thing. Might have been getting a little ahead of myself.

[Comodo]

Maybe instead of starting with making a reflection bot, you start with writing simple scripts and working your way up from there? Exactly how experienced are you with Java?

[Kasi]

http://www.rune-server.org/runescape...decrypter.html

Pretty neat tool in-case you wanted to look at it and learn more, it's the full source to @the bank;'s snippit. Idno if it still works and i'm fairly sure decrypting the inner pack is illegal but meh. Happy learning!

[Mj]

Maybe instead of starting with making a reflection bot, you start with writing simple scripts and working your way up from there? Exactly how experienced are you with Java?

I mean it depends on what you say I am experienced with in Java. I don't know everything in the Java API, and most of the things I have done haven't had a need to use the java reflection API, or hooks, but thought it would be interested in doing it as a pet project to learn. I am starting smaller. Also thanks Kasi, I will take a look into that.