Hey,

What's the current status for ShowEQ for Project1999? I recently started playing and I love doing development work, so I was thinking of reviving it if the ball has been dropped since the 2014 patch?

Just bought a Raspberry Pi3, and SharkTap, and I'm going to set up a development environment to mess around with it for a couple weeks.

Does anyone currently have it working?

Also, if anyone else wants to work on it with me, please let me know. I'll set up a Slack server or something.

As always,
Slippery Slope

Go for it. I dont think anyone has done anything for a while on the project. If you are successful, we can make a branch for you.

Hey BlueAdept,

Just want to say, having taken about an hour or two to read the forum, I totally appreciate that you're still on here and active. It's one of the main reasons I considered doing it.

:) Thanks. If you can get it working, I am willing to make a whole new forum section, svn, and a file section for you and make you a developer for it. I dont think it will be easy. People have tried before. If you succeed, I would need you or have you recruit some people to help keep it going.

Still working on this. If anyone has time to assist in development, packet analysis, etc. Shoot me a message on here.

Slippery_Slope has made some progress but it is a big undertaking and he could really use some help. If anyone has some spare time and thinks that they might be able to help, please contact him.

I only wish I was knowledgeable enough to help. How much time would it take to get skilled enough to help out in a project like this, BlueAdept? And are there resources that can help you get there?

I honestly never really got into it that much. I used to help with some of the structs but never knew how to find the op codes. At least with structs, they are usually a fixed length and you basically log a session. Look at the logs to find the struct you are interested in and then after the patch, log again and see if the struct has changed. Then try to figure out what has changed. If it is something new, identify it with a name, if not, make or add it to the unknown and how many bytes it is.

Hey,

What's the current status for ShowEQ for Project1999? I recently started playing and I love doing development work, so I was thinking of reviving it if the ball has been dropped since the 2014 patch?

Just bought a Raspberry Pi3, and SharkTap, and I'm going to set up a development environment to mess around with it for a couple weeks.

Does anyone currently have it working?

Also, if anyone else wants to work on it with me, please let me know. I'll set up a Slack server or something.

As always,
Slippery Slope

Hi!
I am new here and would also like to start learning how to develop for this. I have a modified router which allows me to see all traffic and WireShark along with some c++ skills.
While I don't play on P99 I wouldn't mind working on it as well. Maybe there are some resources online on on this forum that could point me in the right direction? EDIT: I see the Development Forum now! I'll start there. Anyway wanted to say Hi anyway so left the post.

Would love to help!
tmTim

Here is a guide to getting started.

https://medium.com/@Packet99/installing-showeq-in-2018-81566001ec89

I've now posted Part 2, which explains how to get traffic to your system. Enjoy.

https://medium.com/@Packet99/part-2-getting-traffic-to-your-showeq-system-eba072da940b

Thanks Slippery_Slope. I assume you have made some progress in getting SEQ to work on 1999. Congrats. If you get a working version, I can give you a branch in the file section if you like.

Very nice work slippery_slope. I appreciate what you are doing.

Thanks Southron.

Here is post three. Understanding Project1999 Protections (anti-cheat engine and 'dsetup.dll')

https://medium.com/@Packet99/understanding-project1999-protections-b62b686f7c7e

Thank you for all your work Slippery. I had a quick question as I am getting traffic but it does seem like the offsets are correct as I am getting garbled data. I was going to reload everything and try again just to see if it was my screw up following the guide. I didn't know if something server side was changed that might require new offsets. Thanks again for all the work and assistance.

Thank you for all your work Slippery. I had a quick question as I am getting traffic but it does seem like the offsets are correct as I am getting garbled data. I was going to reload everything and try again just to see if it was my screw up following the guide. I didn't know if something server side was changed that might require new offsets. Thanks again for all the work and assistance.

Further code changes are required to get SEQ working. What you see is a result of the encryption that was implemented. Search for another post with details on this change.

Final part of my series here getting ShowEQ working. Thanks again BlueAdept.

https://medium.com/@Packet99/decrypting-project1999-spawns-7248acb1797b

That was a great write up. I actually learned quite a bit from it. I wish I had the time to learn more about it. I never did learn about the op codes. I could do the struct changes in the past. It was pretty easy to do a dump and see the changes.

So the key is only introduced when you log on and doesn't change when you zone? For a little while, Sony had added something similar to EQ except when you zoned, it gave a new key. They used to have to decrypt it and then backfill the spawns in SEQ. The issue for EQ was that it was causing some additional lag along with some other issues and then during one patch, they just got rid of the whole thing. I believe that was during luclin era.

I would welcome any guides or tips you can do. It seems you have a pretty in depth knowledge of how SEQ works and of the EQ packets.

I do have a lot of questions for you, but most of them are more curiosity than substance. I am going to start a new thread with some questions for the whole SEQ community regarding its future. Have a look and see if any of it peaks an interest.

The key is sent whenever you receive a OP_SendLoginInfo packet. These packets happen on first log in, but also when you zone. I've seen the key change sometimes too, but generally it's the same for an entire session.

Interesting you mention the other encryption, I did see references to a decode key in the ShowEQ code base, however I couldn't figure out where it was used. Makes sense if the functionality was removed.

Feel free to PM me any other curiosities :)

Unfortunately I dont have the libeq.a files from back then nor do I have the source for the libeq.cpp for the decryption back then. I did not have that kind of access back then. The SVN should have source from that era, but the decryption routines were pulled out.

Final part of my series here getting ShowEQ working. Thanks again BlueAdept.

https://medium.com/@Packet99/decrypting-project1999-spawns-7248acb1797b

Damn, thought at the end of the article I'd have the details on how to get this working.... Kinda disappointing since I'm not a code writer to find a tease....

The last time people got it working with p99, they kept changing it since they really didn't want people using SEQ with it. Slippery_Slope wasn't sure he wanted to share the fix at all since the last time they kept breaking it until they abandoned the project. We both came up with a solution of a guide, without giving the exact fix, with enough information to get it working if a person really wanted it. I think he did a wonderful job of explaining it and, with a bit of work and a bit of coding, I think almost anyone could get it working.

He didn't have to do anything for anyone, but he wrote an outstanding article about it to help those who help themselves. I am sure p99 noticed this thread and, as far as I know, have not elected to change the encryption even after this was published.

After looking at this thread again I decided to try it myself. It took me 3 weeks to get it working. I am not a developer, though I work in IT and just code on the side in higher languages (java, php, mql) from time to time. A big fan of classic EQ I had the motivation to achieve that goal of a working ShowEQ in p99.
I went through slippery_slopes' guide and step by step I got closer and closer. The guide is outstanding and I can just emphasize to read it thoroughly again and again.
https://medium.com/@Packet99/decrypting-project1999-spawns-7248acb1797b
Especially page 4. It is all there, some things you have to find out yourself, some things you will already find in the ShowEQ code base for some things you have to be creative but there are many ways to implement it.



Then for the steps 1. Configuration, 2. Struct setup definition, 3. Session handling, 4. Struct usage and decryption:

The first 2 steps of Slippery's guide are easy, but the devil is in the detail of C++ especially in the pointer and reference system of C++ AND the very rigid const casting.
So Part 3 is the trickiest part while part 4 is manageable with some googling for a working rotating XOR encryption/decryption (hint: geeks4geeks) and once you understood how pointers are passed and used.
Part 3 took me long and thanks to some help ;) I made it work.

After all I think there are perhaps easier and more crude ways to get it to run, but that guide is pretty solid.

Will I share the code? No. Then why do I even post this whole thing?

Because I encourage you to solve it yourself if you really wanna do it. It is possible. And it provides you with the ability to also start your own little code projects if you want that.

So for anyone who wants to get it working as well, do yourself a favor and read how pointer and reference is defined, passed and used in C++.
And understand how you can const cast and why you cannot pass const to nonconst.
I thought I can avoid that and it made my life hard as hell. Nights and nights of try and error and frustration. But once I understood it, it was much more smooth and easy to debug and code.

Anyway I would call it a success story and it proved a simple fact for a general aspects in life. "If you really want something, you have to get your ass up and start working on it yourself." And for this particular example you do NOT have to be a crack in C++ to achieve it. I am not and I will never be. If you never seen code, it would probably take you 2 more weeks. But it is manageable.

This here also helped me a lot to execute code and check if it is working, especially when decrypting:

https://www.onlinegdb.com/

Great post. Thanks.

Up late, kids at Grandma's, wife asleep with the baby - thought I would plug around in P99 and thought I would check back here to see what if anything has been happening w/ SEQ and P99. I went through that guide, and it would be neat to try and actually read/edit some code to get SEQ working. I've got 7 years in IT now, currently working as a VoIP engineer, and have no coding experience (I can write them .bat files though LOL - maybe even Google some .vbs!) Between the last few comments this has encouraged me to try and see how far I can get. Clearly everything up to decompiling/code related stuff I'm starting at square 0.

Thanks for the encouragement! This might be a good excuse to reach out to the programmers I worked with at my last job.

Anyone who has actually got it working with p99, I am not stopping you from posting your code, if you wish. I just want everyone to know that the last time this was working, they actively made changes to break it. As far as I know, since I do not play on p99, they have not made any changes to the encryption algorithms since this was posted.

Final part of my series here getting ShowEQ working. Thanks again BlueAdept.

https://medium.com/@Packet99/decrypting-project1999-spawns-7248acb1797b

So reverse engineering the dsetup.dll is basically impossible, ahh but debugging it as it runs to watch its behavior isn't! IDA Pro? Surprise, surprise, that's what the screenshots look like!

Ha, that thing was fun to read. Definitely memory lane. I'm glad someone appreciates all the comments I put in while I was working through the major protocol changes on Zaphod's IRC back in the day with Doodman and ksmith.

As long as the client is compromised, protecting everquest is a losing battle. You just need engaged people to keep up with their changes, though. It's always cool to me that this project keeps chugging thanks to BA and Newby and Fransick and it makes me smile to know all the work that went into the protocol layer for showeq is useful many years later!

Thanks goes out to you purple and all the other Devs. Many people have stepped up over time to keep SEQ working. Every time someone has retired, someone always stepped up to fill the gaps. It is hard to believe that this project is almost 20 years old. The top honors go to Ashran and Megaton for creating SEQ and for Ratt picking it up after they retired. With out Ratt, Sony would have buried this project. He dealt with all the legal threats and still provides the hosting for the project. As for myself, even though I was a user from almost the start, I took over management of the project when Ratt retired because I use it and I am selfish because I didnt want to give it up. So I did what was necessary to keep people in line, do what I can and to try to keep it running.

You know it is one thing to keep a game running for 20 years because it is still making money. It is another thing to keep an opensource project, that doesnt generate money, going. My hats off to every single person who used, helped, or even just lurked. With out the user base, this project would have died a long time ago.

I really think I owe SEQ my thanks because I dont know if I would have learned linux without it. I now work at a job where I only support Red Hat linux users.

Soo true!! Back in 2001 SEQ was the reason to install my first Linux distri. I had no clue but Boy did that exercice help me in my study, grade and later my own business. It was one of the starting stones of a foundation for a carreer.
I still remember my first ./configure, make, make install. I had absolutely no clue what I was doing, but it worked and I felt like a supergenius. :D :D :D



I really think I owe SEQ my thanks because I dont know if I would have learned linux without it. I now work at a job where I only support Red Hat linux users.

Just FYI - I use Zotac CI325 with 8GB of RAM and 240GB SSD running on Debian Linux as a router. It has two gige network ports - one connected to cable modem and other to an 8 port managed switch. It works better than any off the shelf routers like Netgear, Linksys, etc. ShowEQ works well off of it. Just saying because this thing can compile very fast. I also have a raspberry pi and i got put off by its ultra slow compile time.

As I continue to dig deeper into the ShowEQ code to try and make sense out of decrypting the game stream, I am just blown away at the amount of work that people put into this program. I was going through the changelog and reading all the comments from all the people out there participating in patching little things here and there. As a kid in High School just wanting to play EverQuest on the weekends, and having your Dad handle keeping ShowEQ up and working - I had no idea what was going on to make this work! To me it seems there were people spending more time working on ShowEQ than actually playing EQ! My mind is still blown...

For some developers, they probably did spend more time working on ShowEQ than playing EQ. I was a went to college for programming in the late 80s. As a hobby, I used to reverse engineer copy protection. It was more fun for me trying to figure out how to crack it and what the person was thinking when they wrote it, than using the actual game or program. There were easy ones to "fix" and then there were ones that had multiple checks, delayed checks, doc checks and ones that led you down the rabbit hole that took hours to figure out what they were doing.

I am sure it was similar for some of the past talent here. It was more fun to figure out what they were doing in the stream than actually playing. Unfortunately, it does take a toll and then it becomes a chore.

A lot of people here will never understand. Even though I never contributed much with the code (most I really did were struct fixes), my previous experience gave me an insight to their world. My specialty here was mainly helping people with problems. I did what I could to keep the project alive, but if we ever loose the person doing the opcodes/structs, the project will probably end unless someone else steps up since I have found I am not good at figuring it out.

Thanks for the appreciation. The current and past developers really deserve it.

Hey BA, just to clarify...

Since this encryption was originally implemented on live years ago, an old version of ShowEQ already had the code included to handle decrypting the game stream right? So in theory if I had an old copy of ShowEQ, with some minor tweaks I could unencrypt the data right? I think I can actually retrieve some old ShowEQ files from the early 2000's... Dad never throws anything out LOL.

Well not that easy. Years ago that was the case. I forget which one p99 uses, but I think the decryption routines are in the code but they made changes. ShowEQ originally did have the routines in it but an unspoken agreement was struck and the decryption routines were put into a pre-compiled library (libeq.a). That restriction was removed at a later point of time when Sony did not keep their word. I do not have the source to the libeq.a decryption source code. It is not in the repo so I guess they are lost. I do not think the one they use now was during the time of the libeq.a time though. I think it is one after the libeq.a times. I think they added a new .dll that made changes or additions to the decryption.

After looking at this thread again I decided to try it myself. It took me 3 weeks to get it working. I am not a developer, though I work in IT and just code on the side in higher languages (java, php, mql) from time to time. A big fan of classic EQ I had the motivation to achieve that goal of a working ShowEQ in p99.

I come from a similar background (IT, dabble in high level languages but not much C++). I'm considering taking on this challenge just to see if I could pull it off for myself.

Do you happen to know (or would you mind checking) if your solution still works post-Green server launch (patch V52 currently)? I suspect this was a pivotal point for the P99 project and am curious if your approach in general still works before I invest the time to follow the same approach.

Thanks!

Anyone able to make a Turnkey version of this?

I dont think so. I was told that they would not allow a working version for p1999. They would keep pushing out an update to break it each time. I havent heard if they have changed the encryption since he released the how to but assume it would still work if you put time into it.

Is the "OP_SendLoginInfo" packet encrypted?? When I login, and zone, I don't see this opcode anywhere in the ShowEQ logs. I can see my player's name clear-text with an opcode of 0x300, but I'm trying to obtain the XOR key to try and understand how this encryption/decryption is working. Any help would be greatly appreciated!

Is the "OP_SendLoginInfo" packet encrypted?? When I login, and zone, I don't see this opcode anywhere in the ShowEQ logs. I can see my player's name clear-text with an opcode of 0x300, but I'm trying to obtain the XOR key to try and understand how this encryption/decryption is working. Any help would be greatly appreciated!

Sooooooo nevermind, I figured this out. In ShowEQ GUI, there's an option under network>log>ALL PACKETS which led me astray. I had to specifically choose "World Data" to get the world.log file to generate which was located in /root/.showeq/log folder. This contained the decoded OP_SendLoginInfo packet with my XOR key. I was originally trying to just read the UDP traffic and finally realized you need ShowEQ to decode the packets into readable form.

Is there anyone who can explain how to manually decrypt a packet with the XOR key?

When you cast a spell in game, on ShowEQ GUI you can see your encrypted player name. I was trying to use the XOR key to decrypt this value, but for some reason I can't decrypt the first 3 characters of the name. They key must work, but for some reason I'm not able to decrypt the whole thing... Anyone have any ideas? I can get most of the name decrypted. Happy 4th.

When you cast a spell in game, on ShowEQ GUI you can see your encrypted player name. I was trying to use the XOR key to decrypt this value, but for some reason I can't decrypt the first 3 characters of the name. They key must work, but for some reason I'm not able to decrypt the whole thing... Anyone have any ideas? I can get most of the name decrypted. Happy 4th.

I was able to figure this out... I think I understand better when people say its a "rotating" XOR, as the key starts at the beginning and then starts over, or "rotates" over and over till the end of the data. When I decrypted my character name, I needed to include a few additional characters of the same key to properly decrypt the whole name. I think I'll make a YouTube video demonstrating how this works, as you're never going to get this to work if you don't understand how P99 is obfuscating the game stream. Watching a 5 minute video on how XOR works was really helpful (https://www.youtube.com/watch?v=xK_SqWG9w-Y). This guy has a very simple video on how XOR works in general.

Good to know. Thanks.

Good to know. Thanks.

BA - do you know how to debug the ShowEQ code with a saved packet capture like Slippery Slope explained?

Test post, trying to figure out how to get subscribed to this thread...

In your profile you can set it to automatically subscribe to any thread you post to (not sure what the default setting is). Also, above the first post on each page is a "Thread Tools" menu that you can use to subscribe to individual threads.

Thanks for the help - I just flipped my setting to auto subscribe. I was missing out on threads left and right. The tool menu wasn't that obvious and didn't see it until you mentioned it here. Thanks again for that! Hopefully I'm dialed in now on the forum.

Unfortunately I dont have the libeq.a files from back then nor do I have the source for the libeq.cpp for the decryption back then. I did not have that kind of access back then. The SVN should have source from that era, but the decryption routines were pulled out.

Apparently Ratt decided to release it in the wild: http://www.showeq.net/forums/showthread.php?3415-Trick-or-Treat-look-whats-in-the-bag&highlight=libeq.cpp

This was the source for libeq.a, but it's greek to me... Not even sure if this was still during the XOR days. Guess I'll go over this a while and see if any of it helps me...

Apparently Ratt decided to release it in the wild: http://www.showeq.net/forums/showthread.php?3415-Trick-or-Treat-look-whats-in-the-bag&highlight=libeq.cpp

This was the source for libeq.a, but it's greek to me... Not even sure if this was still during the XOR days. Guess I'll go over this a while and see if any of it helps me...

After some more research it looks like there was a "new" encryption released with planes of power expansion (October 29, 2002). Ratt released the source on 5/9/03, so this wasn't XOR.