Script-o-matic.net

Right, I thought I best make a post after seeing this on Shenk’s shoutbox.

Shenk:
@Scott – I think they changed the SSL Ticket implementation actually… but yeah, it broke all of them apart from Dashboard because Dom created it with a bypass method! ^-^
Scott:
@Alex – I’m aware, but it was my impression that they implemented a new packet structure for initiating encryption that broke most packet loggers in Release 47.

To my knowledge, nothing has been changed in terms of initializing the encryption, there’s been a few mathematical changes in the actual algorithm itself but other than that it’s pretty much the same. Oh, and they’re reading a few ‘new’ files (well i’ve not seen them before anyway)

var _loc_1:* = _-sc.assets.loadAssetFromFile(“config.xml”, new URLRequest(“config_habbo.xml”));

Might just be me who has missed them.

Anyway, with Dashboard. The reason it’s still working is because it never, ever used a legitimate login method to log you in. IE, it didn’t use POST or set cookies, it cheated. Therefore it should continue to work for the foreseeable future. Infact, I can only see it not working should they change the old ‘credentials.username’ and ‘credentials.password’ (I think that’s what they are!). So you guys are all safe on that side.

It seems upon releasing my ‘Flash Unbanner’ I forgot to do some proper research, every Habbo account has a unique Flash ID that Habbo re-assigns to your computer everytime you login on said account. So I don’t actually think the flash unbanner would be much use, you could try loading the client up and then during cilent boot-time running the unbanner, but as I haven’t been flash banned i’m unable to test it!

There’s also another ‘Sandbox’ ready to be released soon, this one however is for the real Habbo. It may come hand in hand with a suprise that’s being packed for the day of the merge. However, don’t hold me to that.

Dominic Gunn

Sorry for the ridiculously late post, stuff’s been going on and I really wanted to have something to give you guys before I made another post, but that’s not going to happen just yet. So I thought i’d throw this up for you.

I’ve decided to go about the encryption another way; as oppose to waiting for Sulake to screw up with one of their obfuscations, which could take a lifetime! The new idea is to dissamble the Habbo.swf into AVM2 bytecode, modify the functions we need (decodeBitmap etc) then recompile the result back into native AVM2 code. Hopefully allowing me to use something along the lines of trace(param1); just to make sure they’re not doing anything sneaky! I’m going to be using as3c to do this. Feel free to have a look and a bit of a mess-around with it, if you get far enough you’ll notice that it wont work off the bat with static classes. That’s a rather easy fix though, however if you can’t be bothered to figure it out, just wait for the post entailing how to crack the encryption! (a detailed guide!) ;]

I also plan to release tutorials on how to inject your own .swf’s into the client, and an opensource C# Habbo applicaton. Those will probably be in the next few posts so stay tuned.

One final thing, I do have a present for Habbo emulator users. The Sandbox application that I want for the offical Habbo Hotel obviously needs to be designed and tested somewhere! So what other place than on unsecure Habbo Emulators! Here’s a version that was designed for HabboRP, it’s not complete nor do I promise that any of the features will still work. Just remember guys, because it’s open-source Aaron also has access to it, so when he patches things don’t come moaning to me. I’m not going to help you! Also this isn’t me attacking anyones retro, purely just releasing an application that’ll help people do so! You can download the binarys and source code by clicking here.

Oh, and check out http://suelake.com. It’s a great Habbo V5 emulator!

Until next time guys.

Dominic Gunn