void fillMd5Packet(const u_char *md5Seed) { if (bufType <= 1) { /* 不使用数据包? */ /* xrgsu的Md5包与Start包只有一个字节的差异,若以其他版本为基础,可进一步区别对待 */ fillStartPacket(); if (bufType == 1) Check(md5Seed); } else { if (readPacket(1) == -1) fillMd5Packet(md5Seed); else Check(md5Seed); } echoNo = 0x0000102B; /* 初始化echoNo */ }
static int sendChallengePacket() { int nameLen = strlen(userName); if (startMode%3 == 2) /* 赛尔 */ { if (sendCount == 0) { printf(_(">> 发送密码...\n")); *(u_int16_t *)(sendPacket+0x0E) = htons(0x0100); *(u_int16_t *)(sendPacket+0x10) = *(u_int16_t *)(sendPacket+0x14) = htons(nameLen+22); sendPacket[0x12] = 0x02; sendPacket[0x13] = capBuf[0x13]; sendPacket[0x16] = 0x04; sendPacket[0x17] = 16; memcpy(sendPacket+0x18, checkPass(capBuf[0x13], capBuf+0x18, capBuf[0x17]), 16); memcpy(sendPacket+0x28, userName, nameLen); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, nameLen+40); } if (sendCount == 0) { printf(_(">> 发送密码...\n")); fillMd5Packet(capBuf+0x18); fillEtherAddr(0x888E0100); *(u_int16_t *)(sendPacket+0x14) = *(u_int16_t *)(sendPacket+0x10) = htons(nameLen+22); sendPacket[0x12] = 0x02; sendPacket[0x13] = capBuf[0x13]; sendPacket[0x16] = 0x04; sendPacket[0x17] = 16; memcpy(sendPacket+0x18, checkPass(capBuf[0x13], capBuf+0x18, capBuf[0x17]), 16); memcpy(sendPacket+0x28, userName, nameLen); memcpy(sendPacket+0x28+nameLen, fillBuf, fillSize); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 0x3E8); }