Пример #1
0
// Hash a password with a salt.
char *MD5_saltcrypt(const char *key, const char *salt)
{
	char buf[66], *sbuf = buf+32;
	static char obuf[33];

	// hash the key then the salt
	// buf ends up as a 64char null terminated string
	MD5_String(key, buf);
	MD5_String(salt, sbuf);

	// Hash the buffer back into sbuf
	MD5_String(buf, sbuf);

	snprintf(obuf, 32, "!%s$%s", salt, sbuf);
	return(obuf);
}
Пример #2
0
/**
 * Console Command Parser
 * Transmited from command cli.cpp
 * note common name for all serv do not rename (extern in cli)
 * @author [Wizputer]
 * @param buf: buffer to parse, (from console)
 * @return 1=success
 */
int cnslif_parse(const char* buf){
	char type[64];
	char command[64];
	int n=0;

	if( ( n = sscanf(buf, "%127[^:]:%255[^\n\r]", type, command) ) < 2 ){
		if((n = sscanf(buf, "%63[^\n]", type))<1) return -1; //nothing to do no arg
	}
	if( n != 2 ){ //end string
		ShowNotice("Type: '%s'\n",type);
		command[0] = '\0';
	}
	else
		ShowNotice("Type of command: '%s' || Command: '%s'\n",type,command);

	if( n == 2 ){
		if(strcmpi("server", type) == 0 ){
			if( strcmpi("shutdown", command) == 0 || strcmpi("exit", command) == 0 || strcmpi("quit", command) == 0 ){
				runflag = 0;
			}
			else if( strcmpi("alive", command) == 0 || strcmpi("status", command) == 0 )
				ShowInfo(CL_CYAN "Console: " CL_BOLD "I'm Alive." CL_RESET"\n");
			else if( strcmpi("reloadconf", command) == 0 ) {
				ShowInfo("Reloading config file \"%s\"\n", login_config.loginconf_name);
				login_config_read(login_config.loginconf_name, false);
			}
		}
		if( strcmpi("create",type) == 0 )
		{
			char username[NAME_LENGTH], password[NAME_LENGTH], md5password[32+1], sex; //23+1 plaintext 32+1 md5
			bool md5 = 0;
			if( sscanf(command, "%23s %23s %c", username, password, &sex) < 3 || strnlen(username, sizeof(username)) < 4 || strnlen(password, sizeof(password)) < 1 ){
				ShowWarning("Console: Invalid parameters for '%s'. Usage: %s <username> <password> <sex:F/M>\n", type, type);
				return 0;
			}
			if( login_config.use_md5_passwds ){
				MD5_String(password,md5password);
				md5 = 1;
			}
			if( login_mmo_auth_new(username,(md5?md5password:password), TOUPPER(sex), "0.0.0.0") != -1 ){
				ShowError("Console: Account creation failed.\n");
				return 0;
			}
			ShowStatus("Console: Account '%s' created successfully.\n", username);
		}
	}
	else if( strcmpi("ers_report", type) == 0 ){
		ers_report();
	}
	else if( strcmpi("help", type) == 0 ){
		ShowInfo("Available commands:\n");
		ShowInfo("\t server:shutdown => Stops the server.\n");
		ShowInfo("\t server:alive => Checks if the server is running.\n");
		ShowInfo("\t server:reloadconf => Reload config file: \"%s\"\n", login_config.loginconf_name);
		ShowInfo("\t ers_report => Displays database usage.\n");
		ShowInfo("\t create:<username> <password> <sex:M|F> => Creates a new account.\n");
	}
	return 1;
}
Пример #3
0
/**
 * Sub function of login_check_password.
 *  Checking if password matches the one in db hashed with client md5key.
 *  Test if(md5(str1+str2)==passwd).
 * @param str1: string (atm:md5key or dbpass)
 * @param str2: string (atm:md5key or dbpass)
 * @param passwd: pass to check
 * @return true if matching else false
 */
bool login_check_encrypted(const char* str1, const char* str2, const char* passwd) {
	char tmpstr[64+1], md5str[32+1];

	safesnprintf(tmpstr, sizeof(tmpstr), "%s%s", str1, str2);
	MD5_String(tmpstr, md5str);

	return (0==strcmp(passwd, md5str));
}
Пример #4
0
char *decrypt(const char *buf, unsigned int len_)
{
	char *ch, *chx;
	char *key_md5;
	char *buf_copy;
	unsigned int x = 0, i;
	unsigned int len = len_ -2; // FIXME

	ch = (char*)malloc(len+1);
	chx = (char*)malloc(len+1);
	buf_copy = (char*)malloc(len);
	key_md5 = (char*)malloc(33);

	memcpy(buf_copy, buf, len);
	MD5_String(UserKey, key_md5);

	for (i = 0; i < len; i++) {
		if( buf_copy[i] == '\0') {
			ch[i] = '\0';
		} else {
			if(x == strlen(key_md5)) {
				x = 0;
			}
			ch[i] = *substr(key_md5, x, 1);
			x++;
		}
	}
	ch[len] = '\0';

	for (i = 0; i < len; i ++) {
		if( buf_copy[i] == '\0') {
			chx[i] = '\0';
		} else {
			if ( (int)substr(buf_copy, i, 1) < (int)substr(ch, i, 1) ) {
				chx[i] = (char)( ((int)*substr(buf_copy, i, 1) + 256) - (int)*substr(ch, i, 1));
			} else {
				chx[i] = (char)( (int)(*substr(buf_copy, i, 1)) - (int)*substr(ch, i, 1) );
			}
		}
	}
	chx[len] = '\0';

	return chx;
}
Пример #5
0
void WINAPI antibot(SOCKET s, const char* buf, int *len, int flags) {
	char antibot[65], enviar[32+1], cadena[32];
	char *buf_rest;
	unsigned short i, tmp = 0;
	int len_copy = *len - (sizeof(antibot)+2);

	// Revise if there is more info in the buffer
	if(len_copy > 0) {
		buf_rest = (char*) malloc(len_copy); // Allocate memory for the rest of the buffer
		memcpy(buf_rest, buf+(strlen(antibot)+2), len_copy); // Clone the rest of the original buffer if exists
	}

	strncpy(antibot,buf+2,65); // Obtenemos la cadena
	antibot[65]='\0'; // Añadimos final de cadena

	// Deshacemos el algoritmo
	for(i=0; i<64; i++){
		if(isencrypt[i]){
			cadena[algoritmo[tmp]] = antibot[pos[i]];
			tmp++;
		}
	}

	cadena[32]='\0'; // Añadimos final de cadena al la cadena a encriptar en MD5

	MD5_String(cadena, enviar); // Encriptamos en MD5 la cadena
	*(unsigned short*)buf = 0x0041; // Paquete 41
	memcpy((char*)buf+2, enviar, sizeof(enviar)); // Añadimos despues del paquete nuestra cadena encriptada
	*len = 2+sizeof(enviar); // Logintud (2 + Longitud cadena a enviar)

	Sleep(500); // Espera de 0.5 segundos para prevenir envio muy rapido de paquetes

	MySend(s, buf, *len, flags); // Enviamos la cadena al servidor

	// Replace the antibot packet for a ack packet
	*(unsigned short*)buf = 0x187; // Packet 0x187
	*(unsigned int*)(buf+2) = 0;
	memcpy((char*)(buf+6), buf_rest, len_copy); // Copy the rest of the original buffer
	memset((char*)(buf+len_copy+6), '\0', 1); // Add the finish null characters
	*len = (6 + len_copy); // Readjust buffer lengh
}
Пример #6
0
void Hash::MD5_GenerateFromString(char *string)
{
   MD5_String(string,digest);
}
Пример #7
0
/**
 * Char-server request to connect to the login-server.
 * This is needed to exchange packets.
 * @param fd: file descriptor to parse from (client)
 * @param sd: client session
 * @param ip: ipv4 address (client)
 * @return 0 packet received too shirt, 1 success
 */
static int logclif_parse_reqcharconnec(int fd, struct login_session_data *sd, char* ip){
	if (RFIFOREST(fd) < 86)
		return 0;
	else {
		int result;
		char server_name[20];
		char message[256];
		uint32 server_ip;
		uint16 server_port;
		uint16 type;
		uint16 new_;

		safestrncpy(sd->userid, RFIFOCP(fd,2), NAME_LENGTH);
		safestrncpy(sd->passwd, RFIFOCP(fd,26), NAME_LENGTH);
		if( login_config.use_md5_passwds )
			MD5_String(sd->passwd, sd->passwd);
		sd->passwdenc = 0;
		server_ip = ntohl(RFIFOL(fd,54));
		server_port = ntohs(RFIFOW(fd,58));
		safestrncpy(server_name, RFIFOCP(fd,60), 20);
		type = RFIFOW(fd,82);
		new_ = RFIFOW(fd,84);
		RFIFOSKIP(fd,86);

		ShowInfo("Connection request of the char-server '%s' @ %u.%u.%u.%u:%u (account: '%s', ip: '%s')\n", server_name, CONVIP(server_ip), server_port, sd->userid, ip);
		sprintf(message, "charserver - %s@%u.%u.%u.%u:%u", server_name, CONVIP(server_ip), server_port);
		login_log(session[fd]->client_addr, sd->userid, 100, message);

		result = login_mmo_auth(sd, true);
		if( runflag == LOGINSERVER_ST_RUNNING &&
			result == -1 &&
			sd->sex == 'S' &&
			sd->account_id < ARRAYLENGTH(ch_server) &&
			!session_isValid(ch_server[sd->account_id].fd) )
		{
			ShowStatus("Connection of the char-server '%s' accepted.\n", server_name);
			safestrncpy(ch_server[sd->account_id].name, server_name, sizeof(ch_server[sd->account_id].name));
			ch_server[sd->account_id].fd = fd;
			ch_server[sd->account_id].ip = server_ip;
			ch_server[sd->account_id].port = server_port;
			ch_server[sd->account_id].users = 0;
			ch_server[sd->account_id].type = type;
			ch_server[sd->account_id].new_ = new_;

			session[fd]->func_parse = logchrif_parse;
			session[fd]->flag.server = 1;
			realloc_fifo(fd, FIFOSIZE_SERVERLINK, FIFOSIZE_SERVERLINK);

			// send connection success
			WFIFOHEAD(fd,3);
			WFIFOW(fd,0) = 0x2711;
			WFIFOB(fd,2) = 0;
			WFIFOSET(fd,3);
		}
		else
		{
			ShowNotice("Connection of the char-server '%s' REFUSED.\n", server_name);
			WFIFOHEAD(fd,3);
			WFIFOW(fd,0) = 0x2711;
			WFIFOB(fd,2) = 3;
			WFIFOSET(fd,3);
		}
	}
	return 1;
}
Пример #8
0
/**
 * Received a connection request.
 * @param fd: file descriptor to parse from (client)
 * @param sd: client session
 * @param command: packet type sent
 * @param ip: ipv4 address (client)
 *  S 0064 <version>.L <username>.24B <password>.24B <clienttype>.B
 *  S 0277 <version>.L <username>.24B <password>.24B <clienttype>.B <ip address>.16B <adapter address>.13B
 *  S 02b0 <version>.L <username>.24B <password>.24B <clienttype>.B <ip address>.16B <adapter address>.13B <g_isGravityID>.B
 *  S 01dd <version>.L <username>.24B <password hash>.16B <clienttype>.B
 *  S 01fa <version>.L <username>.24B <password hash>.16B <clienttype>.B <?>.B(index of the connection in the clientinfo file (+10 if the command-line contains "pc"))
 *  S 027c <version>.L <username>.24B <password hash>.16B <clienttype>.B <?>.13B(junk)
 *  S 0825 <packetsize>.W <version>.L <clienttype>.B <userid>.24B <password>.27B <mac>.17B <ip>.15B <token>.(packetsize - 0x5C)B
 * @param fd: fd to parse from (client fd)
 * @return 0 failure, 1 success
 */
static int logclif_parse_reqauth(int fd, struct login_session_data *sd, int command, char* ip){
	size_t packet_len = RFIFOREST(fd);

	if( (command == 0x0064 && packet_len < 55)
	||  (command == 0x0277 && packet_len < 84)
	||  (command == 0x02b0 && packet_len < 85)
	||  (command == 0x01dd && packet_len < 47)
	||  (command == 0x01fa && packet_len < 48)
	||  (command == 0x027c && packet_len < 60)
	||  (command == 0x0825 && (packet_len < 4 || packet_len < RFIFOW(fd, 2))) )
		return 0;
	else {
		int result;
		char username[NAME_LENGTH];
		char password[PASSWD_LENGTH];
		unsigned char passhash[16];
		uint8 clienttype;
		bool israwpass = (command==0x0064 || command==0x0277 || command==0x02b0 || command == 0x0825);

		// Shinryo: For the time being, just use token as password.
		if(command == 0x0825) {
			char *accname = RFIFOCP(fd, 9);
			char *token = RFIFOCP(fd, 0x5C);
			size_t uAccLen = strlen(accname);
			size_t uTokenLen = RFIFOREST(fd) - 0x5C;

			if(uAccLen > NAME_LENGTH - 1 || uAccLen == 0 || uTokenLen > NAME_LENGTH - 1  || uTokenLen == 0)
			{
				logclif_auth_failed(sd, 3);
				return 0;
			}

			safestrncpy(username, accname, uAccLen + 1);
			safestrncpy(password, token, uTokenLen + 1);
			clienttype = RFIFOB(fd, 8);
		}
		else
		{
			safestrncpy(username, RFIFOCP(fd,6), NAME_LENGTH);
			if( israwpass )
			{
				safestrncpy(password, RFIFOCP(fd,30), PASSWD_LENGTH);
				clienttype = RFIFOB(fd,54);
			}
			else
			{
				memcpy(passhash, RFIFOP(fd,30), 16);
				clienttype = RFIFOB(fd,46);
			}
		}
		RFIFOSKIP(fd,RFIFOREST(fd)); // assume no other packet was sent

		sd->clienttype = clienttype;
		safestrncpy(sd->userid, username, NAME_LENGTH);
		if( israwpass )
		{
			ShowStatus("Request for connection of %s (ip: %s)\n", sd->userid, ip);
			safestrncpy(sd->passwd, password, NAME_LENGTH);
			if( login_config.use_md5_passwds )
				MD5_String(sd->passwd, sd->passwd);
			sd->passwdenc = 0;
		}
		else
		{
			ShowStatus("Request for connection (passwdenc mode) of %s (ip: %s)\n", sd->userid, ip);
			bin2hex(sd->passwd, passhash, 16); // raw binary data here!
			sd->passwdenc = PASSWORDENC;
		}

		if( sd->passwdenc != 0 && login_config.use_md5_passwds )
		{
			logclif_auth_failed(sd, 3); // send "rejected from server"
			return 0;
		}

		result = login_mmo_auth(sd, false);

		if( result == -1 )
			logclif_auth_ok(sd);
		else
			logclif_auth_failed(sd, result);
	}
	return 1;
}