Problem: Can't extract data now.

[davy0810]

OS: Win10(PC) Andriod(Mobile)
Server: China
Issue:
The last time proxy worked normally was Dec.3.
But it can't extract data ( can log in game like normally ) now, and I wonder why.
The only error messege I found from proxy.log was like that:
proxy - ERROR - Exception while receiving from connection client <socket._socketobject object at 0x03268848> with reason error(10054, '')

Have tried to use the latest program, use other wireless networks, run the program as an administrator, close the firewall and anti-virus. But all failed.

I need help. Thank you!

[davy0810]

whole log file:

2016-12-16 17:41:31,641: SWPlugin - INFO - Loaded 6 plugins
2016-12-16 17:41:39,135: SWProxy - INFO - Running Proxy server at 192.168.0.147 on port 8080
2016-12-16 17:41:39,137: proxy - INFO - Starting server on 192.168.0.147, port 8080
2016-12-16 17:42:09,640: proxy - INFO - 192.168.0.136:45554 - POST push.qpyou.cn:80/api/sender.php - 200 OK - 395 bytes
2016-12-16 17:42:16,680: proxy - INFO - 192.168.0.136:42635 - CONNECT gateway.appguard.co.kr:443
2016-12-16 17:42:22,020: proxy - INFO - 192.168.0.136:47238 - CONNECT setting.adzcore.com:443
2016-12-16 17:42:25,259: proxy - INFO - 192.168.0.136:43507 - CONNECT push.qpyou.cn:443
2016-12-16 17:42:25,497: proxy - INFO - 192.168.0.136:47825 - POST activeuser.qpyou.cn:80/gateway.php - 200 OK - 577 bytes
2016-12-16 17:42:25,631: proxy - INFO - 192.168.0.136:55983 - POST push.qpyou.cn:80/api/sender.php - 200 OK - 395 bytes
2016-12-16 17:42:25,990: proxy - INFO - 192.168.0.136:37288 - POST activeuser.qpyou.cn:80/gateway.php - 200 OK - 530 bytes
2016-12-16 17:42:26,500: proxy - INFO - 192.168.0.136:52528 - POST activeuser.qpyou.cn:80/gateway.php - 200 OK - 465 bytes
2016-12-16 17:42:26,904: proxy - ERROR - <ProxyConnectionFailed - graph.facebook.com:443 - error(10060, '')>
Traceback (most recent call last):
File "proxy.py", line 471, in _process_rlist
File "proxy.py", line 395, in _process_request
ProxyConnectionFailed: <ProxyConnectionFailed - graph.facebook.com:443 - error(10060, '')>
2016-12-16 17:42:26,904: proxy - INFO - 192.168.0.136:42735 - CONNECT graph.facebook.com:443
2016-12-16 17:42:27,934: proxy - INFO - 192.168.0.136:52694 - CONNECT live.chartboost.com:443
2016-12-16 17:42:28,371: proxy - INFO - 192.168.0.136:48258 - GET summonerswar-cn.com2us.net:80/api/location_c2.php - 200 OK - 608 bytes
2016-12-16 17:42:32,345: proxy - INFO - 192.168.0.136:34667 - POST None:None/?product=weishi&version=1&user=a78b97ea241763a14eeee126646593a6 - None None - 0 bytes
2016-12-16 17:42:34,082: proxy - INFO - 192.168.0.136:54478 - CONNECT push.qpyou.cn:443
2016-12-16 17:42:40,711: proxy - ERROR - <ProxyConnectionFailed - graph.facebook.com:443 - error(10060, '')>
Traceback (most recent call last):
File "proxy.py", line 471, in _process_rlist
File "proxy.py", line 395, in _process_request
ProxyConnectionFailed: <ProxyConnectionFailed - graph.facebook.com:443 - error(10060, '')>
2016-12-16 17:42:40,711: proxy - INFO - 192.168.0.136:34909 - CONNECT graph.facebook.com:443
2016-12-16 17:42:40,888: proxy - INFO - 192.168.0.136:49723 - POST api.qpyou.cn:80/device/registered - 200 OK - 387 bytes
2016-12-16 17:42:41,924: proxy - INFO - 192.168.0.136:51840 - GET hub.qpyou.cn:80/auth - 302 Moved Temporarily - 856 bytes
2016-12-16 17:42:42,305: proxy - INFO - 192.168.0.136:49644 - POST api.qpyou.cn:80/user/me - 200 OK - 584 bytes
2016-12-16 17:42:43,392: proxy - INFO - 192.168.0.136:52877 - POST m-wall.qpyou.cn:80/api/init - 200 OK - 424 bytes
2016-12-16 17:42:43,953: proxy - INFO - 192.168.0.136:38354 - POST m-mercury.qpyou.cn:80/init - 200 OK - 649 bytes
2016-12-16 17:42:44,586: proxy - INFO - 192.168.0.136:55100 - CONNECT live.chartboost.com:443
2016-12-16 17:42:45,061: proxy - INFO - 192.168.0.136:39469 - POST m-mercury.qpyou.cn:80/init - 200 OK - 627 bytes
2016-12-16 17:42:53,319: proxy - INFO - 192.168.0.136:46503 - POST m-mercury.qpyou.cn:80/init - 200 OK - 740 bytes
2016-12-16 17:42:53,520: proxy - INFO - 192.168.0.136:36157 - CONNECT action.adzcore.com:443
2016-12-16 17:42:53,559: proxy - INFO - 192.168.0.136:39505 - CONNECT push.qpyou.cn:443
2016-12-16 17:42:53,569: proxy - INFO - 192.168.0.136:34798 - CONNECT push.qpyou.cn:443
2016-12-16 17:42:53,573: proxy - INFO - 192.168.0.136:34998 - CONNECT image-glb.qpyou.cn:443
2016-12-16 17:42:53,578: proxy - INFO - 192.168.0.136:56320 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:42:53,588: proxy - INFO - 192.168.0.136:46637 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:42:53,595: proxy - INFO - 192.168.0.136:58343 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:42:53,595: proxy - INFO - 192.168.0.136:39719 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:42:53,641: proxy - INFO - 192.168.0.136:47779 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:42:53,654: proxy - INFO - 192.168.0.136:43714 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:42:56,588: proxy - INFO - 192.168.0.136:48994 - POST analytics.app-adforce.jp:80/fax/analytics - 200 OK - 110 bytes
2016-12-16 17:43:00,783: proxy - INFO - 192.168.0.136:45440 - CONNECT cli-api-chat-gsp.com2us.net:443
2016-12-16 17:43:01,091: proxy - INFO - 192.168.0.136:58690 - CONNECT cli-api-chat-gsp.com2us.net:443
2016-12-16 17:43:06,845: proxy - INFO - 192.168.0.136:58658 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:43:10,456: proxy - INFO - 192.168.0.136:33206 - POST api.qpyou.cn:80/user/119972323 - 200 OK - 499 bytes
2016-12-16 17:43:11,451: proxy - INFO - 192.168.0.136:40004 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:43:12,986: proxy - INFO - 192.168.0.136:46078 - POST None:None/api/addressbook/addressbooksynccount - None None - 0 bytes
2016-12-16 17:43:13,930: proxy - INFO - 192.168.0.136:36689 - CONNECT 169452.engine.mobileapptracking.com:443
2016-12-16 17:43:14,990: proxy - INFO - 192.168.0.136:53109 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:43:15,448: proxy - INFO - 192.168.0.136:55544 - POST api.qpyou.cn:80/user/165023206 - 200 OK - 516 bytes
2016-12-16 17:43:16,094: proxy - INFO - 192.168.0.136:51375 - POST api.qpyou.cn:80/user/134211636 - 200 OK - 504 bytes
2016-12-16 17:43:16,578: proxy - INFO - 192.168.0.136:51263 - POST api.qpyou.cn:80/user/167296239 - 200 OK - 503 bytes
2016-12-16 17:43:17,135: proxy - INFO - 192.168.0.136:34140 - POST api.qpyou.cn:80/user/125711545 - 200 OK - 512 bytes
2016-12-16 17:43:18,869: proxy - INFO - 192.168.0.136:50706 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:43:18,869: proxy - INFO - 192.168.0.136:54461 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-16 17:43:18,869: proxy - INFO - 192.168.0.136:39135 - CONNECT image-glb.qpyou.cn:443
2016-12-16 17:43:18,871: proxy - INFO - 192.168.0.136:56533 - CONNECT live.chartboost.com:443

[kakaroto]

Humm... interesting.. I haven't tried SWProxy since last FRR, but it looks like they're not using regular HTTP anymore, they are using HTTPS, which means that we can't intercept the data anymore since it is now SSL encrypted. At least, that's what the log file says.

[newpoem]

Same issue for me, oh god, please no.

[Xzandro]

Seems like that it is for some regions only. Europe works just fine. Who knows for how long. Besides that, it seems the response is fine right? http://summonerswar-cn.com2us.net/api/location_c2.php I get normal encrypted data.

[newpoem]

Device: Apple Server: China

This is my latest failed try:
2016-12-17 13:56:51,585: SWPlugin - INFO - Loaded 6 plugins
2016-12-17 13:56:54,591: SWProxy - INFO - Running Proxy server at 10.0.0.1 on port 8080
2016-12-17 13:56:54,592: proxy - INFO - Starting server on 10.0.0.1, port 8080
2016-12-17 13:57:33,619: proxy - INFO - 10.0.0.4:49382 - CONNECT configuration.apple.com:443
2016-12-17 13:57:35,190: proxy - INFO - 10.0.0.4:49383 - CONNECT gsp-ssl.ls.apple.com:443
2016-12-17 13:57:40,898: proxy - INFO - 10.0.0.4:49390 - GET summonerswar-cn.com2us.net:80/api/location_c2.php - 200 OK - 608 bytes
2016-12-17 13:57:58,671: proxy - INFO - 10.0.0.4:49403 - CONNECT cli-api-chat-gsp.com2us.net:443
2016-12-17 13:57:59,936: proxy - INFO - 10.0.0.4:49404 - CONNECT cli-api-chat-gsp.com2us.net:443
2016-12-17 13:58:04,184: proxy - INFO - 10.0.0.4:49381 - CONNECT setting.adzcore.com:443
2016-12-17 13:58:05,285: proxy - INFO - 10.0.0.4:49384 - CONNECT graph.facebook.com:443
2016-12-17 13:58:05,698: proxy - INFO - 10.0.0.4:49387 - CONNECT itunes.apple.com:443
2016-12-17 13:58:05,956: proxy - INFO - 10.0.0.4:49386 - POST analytics.app-adforce.jp:80/fax/analytics - 200 OK - 110 bytes
2016-12-17 13:58:06,385: proxy - INFO - 10.0.0.4:49385 - CONNECT action.adzcore.com:443
2016-12-17 13:58:06,957: proxy - INFO - 10.0.0.4:49400 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-17 13:58:06,960: proxy - INFO - 10.0.0.4:49399 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-17 13:58:06,960: proxy - INFO - 10.0.0.4:49396 - CONNECT m-mercury.qpyou.cn:443
2016-12-17 13:58:06,960: proxy - INFO - 10.0.0.4:49397 - CONNECT 169452.engine.mobileapptracking.com:443
2016-12-17 13:58:06,960: proxy - INFO - 10.0.0.4:49398 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-17 13:58:06,960: proxy - INFO - 10.0.0.4:49393 - CONNECT api.qpyou.cn:443
2016-12-17 13:58:06,961: proxy - INFO - 10.0.0.4:49394 - CONNECT hub.qpyou.cn:443
2016-12-17 13:58:06,961: proxy - INFO - 10.0.0.4:49395 - CONNECT friend-api.qpyou.cn:443
2016-12-17 13:58:06,961: proxy - INFO - 10.0.0.4:49392 - CONNECT image-glb.qpyou.cn:443
2016-12-17 13:58:06,961: proxy - INFO - 10.0.0.4:49388 - CONNECT live.chartboost.com:443
2016-12-17 13:58:06,961: proxy - INFO - 10.0.0.4:49391 - CONNECT summonerswar-cn.qpyou.cn:443
2016-12-17 13:58:06,961: proxy - INFO - 10.0.0.4:49389 - CONNECT activeuser.qpyou.cn:443

My Last successful try:
2016-11-26 21:57:43,211: SWPlugin - INFO - Loaded 6 plugins
2016-11-26 21:57:47,278: SWProxy - INFO - Running Proxy server at 10.0.0.1 on port 8080
2016-11-26 21:57:47,328: proxy - INFO - Starting server on 10.0.0.1, port 8080
2016-11-26 21:58:26,908: proxy - INFO - 10.0.0.4:50884 - CONNECT configuration.apple.com:443
2016-11-26 21:58:28,486: proxy - INFO - 10.0.0.4:50885 - CONNECT gsp-ssl.ls.apple.com:443
2016-11-26 21:58:31,371: proxy - INFO - 10.0.0.4:50891 - POST activeuser.qpyou.cn:80/gateway.php - 200 OK - 418 bytes
2016-11-26 21:58:31,645: proxy - INFO - 10.0.0.4:50892 - POST activeuser.qpyou.cn:80/gateway.php - 200 OK - 463 bytes
2016-11-26 21:58:33,923: proxy - INFO - 10.0.0.4:50893 - GET summonerswar-cn.com2us.net:80/api/location_c2.php - 200 OK - 608 bytes
2016-11-26 21:58:34,621: proxy - INFO - 10.0.0.4:50894 - POST summonerswar-cn.com2us.net:80/api/server_status_c2.php - 200 OK - 287 bytes
2016-11-26 21:58:35,319: proxy - INFO - 10.0.0.4:50895 - POST summonerswar-cn.com2us.net:80/api/version_info_c2.php - 200 OK - 544 bytes
2016-11-26 21:58:39,890: proxy - INFO - 10.0.0.4:50897 - POST api.qpyou.cn:80/device/registered - 200 OK - 387 bytes
2016-11-26 21:58:40,575: proxy - INFO - 10.0.0.4:50898 - GET hub.qpyou.cn:80/auth - 302 Moved Temporarily - 764 bytes
2016-11-26 21:58:40,944: proxy - INFO - 10.0.0.4:50900 - POST api.qpyou.cn:80/user/me - 200 OK - 593 bytes
2016-11-26 21:58:41,395: proxy - INFO - 10.0.0.4:50902 - POST m-mercury.qpyou.cn:80/init - 200 OK - 1001 bytes
2016-11-26 21:58:41,589: SWProxy - INFO - Found Summoners War API request : CheckLoginBlock
2016-11-26 21:58:41,591: proxy - INFO - 10.0.0.4:50901 - POST summonerswar-cn.com2us.net:80/api/gateway_c2.php - 200 OK - 424 bytes
2016-11-26 21:58:41,812: proxy - INFO - 10.0.0.4:50903 - POST m-mercury.qpyou.cn:80/init - 200 OK - 968 bytes
2016-11-26 21:58:42,710: proxy - INFO - 10.0.0.4:50899 - POST None:None/api/addressbook/addressbooksynccount - None None - 0 bytes
2016-11-26 21:58:46,717: proxy - INFO - 10.0.0.4:50906 - POST None:None/api/addressbook/addressbooksynccount - None None - 0 bytes
2016-11-26 21:58:52,723: proxy - INFO - 10.0.0.4:50907 - POST None:None/api/addressbook/addressbooksynccount - None None - 0 bytes
2016-11-26 21:58:57,434: proxy - INFO - 10.0.0.4:50883 - CONNECT setting.adzcore.com:443
2016-11-26 21:58:58,533: proxy - INFO - 10.0.0.4:50888 - CONNECT live.chartboost.com:443
2016-11-26 21:58:59,401: proxy - INFO - 10.0.0.4:50889 - POST analytics.app-adforce.jp:80/fax/analytics - 200 OK - 110 bytes
2016-11-26 21:59:00,706: proxy - INFO - 10.0.0.4:50890 - CONNECT action.adzcore.com:443
2016-11-26 21:59:00,733: proxy - INFO - 10.0.0.4:50908 - POST None:None/api/addressbook/addressbooksynccount - None None - 0 bytes
2016-11-26 21:59:04,295: proxy - INFO - 10.0.0.4:50887 - CONNECT itunes.apple.com:443
2016-11-26 21:59:10,733: proxy - INFO - 10.0.0.4:50910 - POST None:None/api/addressbook/addressbooksynccount - None None - 0 bytes
2016-11-26 21:59:11,726: proxy - INFO - 10.0.0.4:50896 - CONNECT image-glb.qpyou.cn:443
2016-11-26 21:59:11,766: proxy - INFO - 10.0.0.4:50904 - POST summonerswar-cn.com2us.net:80/api/gateway_c2.php - None None - 0 bytes
2016-11-26 21:59:12,825: proxy - INFO - 10.0.0.4:50886 - CONNECT graph.facebook.com:443
2016-11-26 21:59:14,920: proxy - INFO - 10.0.0.4:50905 - CONNECT 169452.engine.mobileapptracking.com:443
2016-11-26 21:59:16,473: SWProxy - INFO - Found Summoners War API request : HubUserLogin
2016-11-26 21:59:16,730: SWProxy - INFO - Monsters and Runes data generated

[ghost]

Until they dont use cert-pinning this should not be a big deal. There is a proxy.py with HTTPS-Support on githup:

https://github.com/inaz2/proxy2

Ok the process would a bit more complex for normal user. But with a root-cert it should/could it work.

[kakaroto]

@Viper2k4 yeah but you don't know if they use cert-pinning, also, installing a custom certificate on your phone means you need to have the phone rooted, which is not easy for everyone. If Com2Us decide to make the application check if the right certificate was used, then that's an instant ban and I'm not in the mood for changing this tool into a "you might very easily get detected and banned" kind of tool.

[ghost]

True but then HTTPS is the final cut. Donno about android but i can install an root-cert on my iPhone without an jailbreak and i think this should also be possible on Android, i would say. But yes its not very cool, beacuse a bit more detectable.

But it would also be shame if all this would die.

[kakaroto]

Yeah, it definitely would be a shame, as it is very useful, but to be honest, I barely even use it anymore, the game is becoming less interesting for me, so I might either :

• not do anything cause I don't care
• actually do something not caring if I get banned.

[huami1391]

phone cannot be jailbroken or rooted as SW will detect and cause an error.

[ghost]

Mh :(

Ok i could take a look at this. Someone know if i lose my team-settings after logging-out to create an Asia-Account? ^^. Or is actual an emulator working (would be the best choice for testing).

[ghost]

So i test a bit and i can finally prove there is no Cert-Pinning. After installing the Fiddler-Cert on the Device (i only have to set a pin, but root was not required) i get repsonse like before. And i can also prove the encryption is the same as before.

[kakaroto]

Cool, thanks for testing. One thing you could do would be to test what happens if you reject the HTTPS connection request, will it fall back on regular HTTP ?
Also, isn't the address being sent in the location_v2.php request ? (I think someone had made a patch ti use that instead to see which url it will connect to and only filter those, but I don't think that was merged), so it might be possible to modify the location value to make the app use regular HTTP instead of HTTPS. Doing that though would make SWProxy start modifying requests instead of only intercepting them, and I'm not sure I want to go there.. It would be good to at least know if that would work.

[ghost]

I have to test it. But give me a bit time. I have to write the encryption-part.
Yes addresses are send in the location_v2.php call:

{
    "ip_address": "11.111.11.111",
    "country_code": "DE",
    "country_code_org": "DE",
    "server_url_list": [{
        "server_id": 1,
        "status": "http://summonerswar-gb.qpyou.cn/api/server_status_c2.php",
        "gateway": "http://summonerswar-gb.qpyou.cn/api/gateway_c2.php",
        "version": "http://summonerswar-gb.qpyou.cn/api/version_info_c2.php"
    }, {
        "server_id": 2,
        "status": "http://summonerswar-hub.qpyou.cn/api/server_status_c2.php",
        "gateway": "http://summonerswar-hub.qpyou.cn/api/gateway_c2.php",
        "version": "http://summonerswar-hub.qpyou.cn/api/version_info_c2.php"
    }, {
        "server_id": 3,
        "status": "http://summonerswar-jp.qpyou.cn/api/server_status_c2.php",
        "gateway": "http://summonerswar-jp.qpyou.cn/api/gateway_c2.php",
        "version": "http://summonerswar-jp.qpyou.cn/api/version_info_c2.php"
    }, {
        "server_id": 4,
        "status": "https://summonerswar-cn.qpyou.cn/api/server_status_c2.php",
        "gateway": "https://summonerswar-cn.qpyou.cn/api/gateway_c2.php",
        "version": "https://summonerswar-cn.qpyou.cn/api/version_info_c2.php"
    }, {
        "server_id": 5,
        "status": "https://summonerswar-sea.qpyou.cn/api/server_status_c2.php",
        "gateway": "https://summonerswar-sea.qpyou.cn/api/gateway_c2.php",
        "version": "https://summonerswar-sea.qpyou.cn/api/version_info_c2.php"
    }, {
        "server_id": 6,
        "status": "http://summonerswar-eu.qpyou.cn/api/server_status_c2.php",
        "gateway": "http://summonerswar-eu.qpyou.cn/api/gateway_c2.php",
        "version": "http://summonerswar-eu.qpyou.cn/api/version_info_c2.php"
    }]
}

As u can see only ".sea" and ".cn" are involced affected.
Yes its hard. I think actual com2us dont rly has a problem with SWProxy (they could simply change the key if they want to). But if we start manipulate data could change this very fast.

[Xzandro]

Ahh, that is kinda good news. So its not an impossible thing to do at least.

[kakaroto]

@Viper2k4 I've just written the encryption part (much easier of course since i have the source for smon_decryptor), I can send it to you if you want, just send me an email (my address from git commit log, yours seems to be a noreply) and I'll reply with the file.
Watch out though, there might be some things to prevent manipulating the data, if I remember correctly, some requests/responses (not all, can't remember what condition made it add it) had a special SW specific header in the HTTP request/response itself which contained some kind of encrypted hash of the actual message. We have no way of forging those since they were not required during the development of SWProxy. Just make sure to look at HTTP headers before you modify anything, if you see a header that shouldn't be there, let me know first before you modify the response.
Also note,this would be for testing purposes only. Modifying that would indeed be the easiest for most users, having a custom certificate installed is probably too hard to do for most 'average joe/jane' users, and it would be safer in terms of SW since we wouldn't modify anything in its data, but it's much less safe for the users themselves.. as it adds other security issues such as the ability for a malicious plugin to intercept anything from the phone, such as https logins/passwords.

As for com2us, they don't like us either, but I think they accept us somehow because they can't do much against us. They did change the key once, and they've put a lot of effort into making it very hard to find, but it took just a couple of hours for the new key to be found, so they've learned that it's not worth all that development cost/effort to change it again. If we do start doing things that are against the ToS (and modifying the server addresses from what THEY want, would probably count as a breach of ToS), then yes, they might decide to take more drastic measures against SWProxy.

[ghost]

No problem, i does it by my self (u know python is not an safe^^).
So the "gatway_c2.php" and "location_c2.php" has no content relevant header in the response (the request got the header entrys that are a bit suspect^^). So it seems all fine.

I manipulate the response with a simple replace('https','http') (just for the testing^^) und encrypt it. I could decrypt again and i see my manipulated version. So my encryption does his job.

But now the sad story. It dosent work. I think its because an client-side redirect :/

[goinglee]

Good news!! 👍
But I still don't know how to fix this problem. Could you please give me a hint to fix it? Thanks a lot.

[ghost]

At the moment u can do nothing :(. Simply wait and hope we found an good and easy way to fix it.

[crayontxx2]

As far as I see, it works by replacing all https with http in the response of location_c2.php

[ghost]

Did u try this? i tryed it above and it does NOT work.

[crayontxx2]

Yes, it WORKS for me now. But I don't think it is a good idea to do this because com2us can easily find the use of swproxy as we changed the port.

[ghost]

Uff rly? U have add the encryption part to SWProxy and simple replace('https','http') just this work for u? Did i make a mistake? :/

[crayontxx2]

I am not sure why it doesn't work for you as I am not using python. Maybe double check your code :)

[ghost]

Ah ok u dont try it with SWProxy. I check my code more then twice :/.
I will try it later with C#. Maybe the proxy.py is mixup something. Did u only change the body or anything else to?

But nice to know that this is working ^^

[crayontxx2]

I just changed body and content length.^^

[ghost]

Mh, but doesent matter. Now we know just changing the URLs work. That is what @kakaroto wants to know :)

PS: Yes the content length could be the problem. The proxy i normally use (in C#) simply ajust it internaly :/

[kakaroto]

@Viper2k4, the proxy.py probably doesn't send the modified data back, I think you modify it, but it doesn't change what the proxy actually sends. I remember modifying proxy.py before in order to make it regenerate the response before sending it.

[ghost]

Mh seems so. But its strange, manipulate a Request is working. So yes, its seems like a problem with the proxy.py

But just for Info. Today i dont have the time to look deeper at this stuff. Maybe tomorrow.

EDIT

just for Info we should check in the decrypt/encrypt-functions for empty input. Because the "location_c2.php" request is empty

[hugo4566]

any news? D:

[jenovachild]

@Viper2k4 @kakaroto I have my own proxy running as part of an application that I developed in C# and yes, it is possible to modify request packets before they hit the servers (I do this to change monsters while leveling food mons.. I have a bot that I can set and forget and it will level all my food to max star).

@kakaroto is right about the headers in the request, SmonChecker or something like that.. I can pretty much confirm that this is not a hash of the request (currently, the change I'm making to the request is the 'BattleScenarioStart' request.. changing the monster ID's) as I am able to manipulate the data and still have it work as normal.

I dabbled with the though of sending requests 'clientless' -- meaning I could close summoners war and just have my application interact with the servers, I only spent half a day or so on looking into this but I wasn't able to confirm that I could get this working, but I believe it could be possible.. I would like to know what those special headers in the request are though :(

[Xzandro]

As of yesterday, they removed https. So there currently is no problem anymore. Dont know what is in the future.

[ghost]

@jenovachild We are aware that this is possible. But proxy.py as part of SWProxy dont edit a response, a request change is possible. And btw. SmonChecker only exist on Android-Devices. And im relativ sure it's an hash from the content. Because if there is exact the same content the SmonChecker is the same. Truly is not an simple hash but still an hash ^^ But iOS dont have this headers, so (i think because they cant include appguard). Wrote me an mail so i can send u some iOS Request/Responses if u need: viper2k4@yandex.com

But it doesent-matter HTTPS is removed and Asia/China is fine again :). So i think we can close this, for now.

[kakaroto]

@jenovachild it's a hash, it's just an encrypted one. And I prefer not to have any discussions here about bots or other ToS-breaking apps.

@Viper2k4 @Xzandro cool they removed https! Either they were just testing things (and realized https added too much overhead on their servers, so they decided to drop it), or they saw we planned on modifying requests and they didn't want to put us in that situation, lol :p
Anyways, thanks for the reports, I'm closing the issue.

[DBa2016]

@jenovachild : can you drop me an email to dba2016@barski.org ? I would like to exchange some information