The client begins by sending a single byte, 14.
The server should then send 8 bytes as a response to initiate the response. These bytes are ignored, but should be all 0s anyways.
Following that the server needs to send a response code of 0, followed by a random 64-bit number that will be used as part of the ISAAC seed.
- Packet length: Byte
- Magic number: 255 (Byte)
- Client version: Word
- Memory type: Byte (Highmem / Lowmem)
- CRCs: 9 DWords, CRC of all .idx0 File Archives loaded by the client
- RSA length: Byte
- After this point the remaining bytes must be decrypted!
- RSA magic number: 10 (Byte) - this is used to check if the block was correctly decrypted
- Client ISAAC seed: QWord
- Server ISAAC seed: QWord
- Client UID: DWord - ID to track client/player installations (can be changed client-side by deleting uid.dat and relaunching)
- Username: String
- Password: String
Both client and server ISAAC seeds should be combined into a complete 16-byte seed for ISAAC to use.
The decryptor ISAAC (used while reading packets from the client) should be initialized as-is from the ISAAC seed.
The encryptor ISAAC (used while sending packets to the client) should have 50 added to every 4-bytes of the ISAAC seed and then initialized, e.g.
let clientIsaac = data.readQWord(); let serverIsaac = data.readQWord(); let sessionDecoder = [ (clientIsaac.shiftRight(32).toInt()), (clientIsaac.toInt()), (serverIsaac.shiftRight(32).toInt()), (serverIsaac.toInt()) ]; let sessionEncoder = [ (clientIsaac.shiftRight(32).toInt()) + 50, (clientIsaac.toInt()) + 50, (serverIsaac.shiftRight(32).toInt()) + 50, (serverIsaac.toInt()) + 50 ];
Respond with Connection if successful.
Jagex's RSA Key
Private exponent: 4563042879983685819415859508309337987464904274730456483940553788384065737798175536144539635545496149193181089921240252410947054964044522362195913220892133
Public exponent: 58778699976184461502525193738213253649000149147835990136706041084440742975821
PEM format (thanks Graham!):
-----BEGIN PRIVATE KEY----- MIIBcgIBADANBgkqhkiG9w0BAQEFAASCAVwwggFYAgEAAkEAiMOHSKWCKPcmHNw0 C1aR19CXXe4OzbcXYJ5r+XHrP+cj750TDkaGgTc5dorZRy60bYv8wELBpfywXpMf Yy7qXQIhAIHzkLLPjKcDnuUHl1lR1aCxWoe/iz+ZyWaDQRjFD9lNAkBXH7BiBIth ch6/zx6HcVMkG3DDqibtsPnwahsr4HxOReq6T8NW6oBsvtKY04YTWQpT/eA4PDpB F1hRYpMkCSXlAiEA12bEXY1UEkjlCVg2WUOK14Ug0Kd8fKayvoFWOoUTahkCIQCi inQF+Sys+2JOzUx80OWHR/JqcF6eqc20u7PnfB1S5QIhAJIcknTm7h3OH3kbx5Dq AtzL3tEJyD83H3EMM8GRTmB9AiBb6wjlrcM3AIG08VSVyhxCTeUwS9ck5NaNV8LM LFx19QIgFdwct6Ho3H2nTDvthwudGhnE1rwbQEeTy9eOAMUMSSY= -----END PRIVATE KEY-----
Exchange login information
Response code 0.
Continue to exchange login information (packet 16 or 18).
Wait and try again
Response code 1.
Waits for 2000ms and tries again.
Response code 2.
You will also need to send the privilege level (0 to 2), and a single byte (1 or 0) that tells the client to send additional input information during the game session. This was used to flag suspected bot behavior.
- 0: Normal player
- 1: PMod
- 2: JMod
Invalid username or password
Response code 3.
"Invalid username or password"
Response code 4.
"Your account has been disabled. Please check your message-center for details."
Account already logged in
Response code 5.
"Your account is already logged in. Try again in 60 secs..."
Response code 6.
"RuneScape has been updated! Please reload this page."
World is full
Response code 7.
"This world is full. Please use a different world."
Login server offline
Response code 8.
"Unable to connect. Login server offline."
Login limit exceeded
Response code 9.
"Login limit exceeded. Too many connections from your address."
Bad session ID
Response code 10.
"Unable to connect. Bad session id."
Login server rejected session
Response code 11.
"Login server rejected session. Please try again."
Members account required
Response code 12.
"You need a members account to login to this world. Please subscribe, or use a different world."
Could not complete login
Response code 13.
"Could not complete login. Please try using a different world."
Server is being updated
Response code 14.
"The server is being updated. Please wait 1 minute and try again."
Response code 15.
Login attempts exceeded
Response code 16.
"Login attempts exceeded. Please wait 1 minute and try again."
Standing in members-only area
Response code 17.
"You are standing in a members-only area. To play on this world move to a free area first."
Invalid login server
Response code 20.
"Invalid loginserver requested. Please try using a different world."
Just left another world
Response code 21.
"You have only just left another world. Your profile will be transferred in: (byte) seconds."
This response also has a single byte appended that tells the player how many seconds they must wait.
Wait and try again (counting failures)
Response code -1.
Waits for 2000 ms and tries again while counting failures.
Any other response code will be unrecognized by the client and display "Unexpected server response. Please try using a different world."
Where do I go from here?
Continue the player's session at Old_Engine/Game_Protocol.