emileej Posted August 15, 2004 Report Posted August 15, 2004 For some reason, when connecting, I don't recieve a password response packet from the server. This is my log (number to the right is tick count):4559375: Log started 4559381: Creating socket 4559405: Connection object constructed 4560100: Connection established 4560104: SendEncryptionRequest 4560316: OnPacketSyncRequest 4560318: SendSyncResponse 4560525: OnPacketEncryption 4560528: InitEncryption 4560530: SendP!@#$%^&*word 4560534: Encrypt 4560536: SendSyncRequest 4560540: Encrypt 4560741: Decrypt 4560743: OnPacketSyncResponse 4563705: Decrypt 4563708: OnPacketDisconnect 4563811: Deleting socket 4563920: Log endsI thought perhaps my password packet is somehow wringly created:    typedef struct SP!@#$%^&*wordPacket{       Uint8 type;     //0x09       Uint8 newUser;    //0x00 or 0x01 (bool)       char name[32];       char p!@#$%^&*[32];       Uint32 macId;    //Use random id       Uint8 connType;   //0x00       Uint16 timeZoneBias;//240==EST       Uint8 unknown1;       Uint8 clientType;  //0x86       Uint32 memChecksumA;//444       Uint32 memChecksumB;//555       Uint32 permissionId;//Use random id       char unknown2[12];     }TP!@#$%^&*wordPacket; //...   ClientPackets::TP!@#$%^&*wordPacket packet;   Uint32 randId=(rand()%0x7FFFFFFE+1);   packet.type=0x09;   packet.newUser=0x00;   strcpy(packet.name,user.substr(0,31).c_str());   strcpy(packet.passpasssubstr(0,31).c_str());   packet.macId=randId;   packet.connType=0x00;   packet.timeZoneBias=240;   packet.unknown1=0x00;   packet.clientType=0x86;   packet.memChecksumA=444;   packet.memChecksumB=555;   packet.permissionId=randId;
Snrrrub Posted August 15, 2004 Report Posted August 15, 2004 The login packet has a length of 101 bytes total, not 99. Your last "unknown" field is off by 4 bytes: it should be 16 bytes long not 12. You probably want to send the login packet reliably as well. -Snrrrub
emileej Posted August 15, 2004 Author Report Posted August 15, 2004 Thanks a lot Snrrrub *correcting SOS' packet list*
emileej Posted August 15, 2004 Author Report Posted August 15, 2004 Hmm... That didnt do it :/I did a hex dump of my packet sent normal and reliably:[101] 0x9 0 0x73 0x6f 0x6d 0x65 0x20 0x6f 0x74 0x68 0x65 0x72 0x20 0x73 0x68 0x69 0x70 0 0xffffff87 0 0xffffffa1 0xffffffa1 0 0 0xffffffa8 0xfffffff8 0x74 0 0x19 0x3a 0x40 0 0x3c 0xfffffff8 0x73 0x6f 0x6d 0x65 0x62 0x6f 0x74 0x70 0x61 0x73 0x73 0 0x74 0 0xffffff9e 0x38 0 0x78 0x1d 0 0 0 0xffffffea 0x32 0 0x78 0xffffffd4 0xfffffff8 0x74 0 0x1 0 0x24 0x48 0 0 0 0xfffffff0 0 0 0 0 0xffffff86 0xffffffbc 0x1 0 0 0x2b 0x2 0 0 0x24 0x48 0 0 0 0 0 0 0 0 0 0 0 0 0 0 [106] 0x3 0 0 0 0 0x9 0 0x73 0x6f 0x6d 0x65 0x20 0x6f 0x74 0x68 0x65 0x72 0x20 0x73 0x68 0x69 0x70 0 0xffffff87 0 0xffffffa1 0xffffffa1 0 0 0xffffffa8 0xfffffff8 0x74 0 0x19 0x3a 0x40 0 0x3c 0xfffffff8 0x73 0x6f 0x6d 0x65 0x62 0x6f 0x74 0x70 0x61 0x73 0x73 0 0x74 0 0xffffff9e 0x38 0 0x78 0x1d 0 0 0 0xffffffea 0x32 0 0x78 0xffffffd4 0xfffffff8 0x74 0 0x1 0 0x24 0x48 0 0 0 0xfffffff0 0 0 0 0 0xffffff86 0xffffffbc 0x1 0 0 0x2b 0x2 0 0 0x24 0x48 0 0 0 0 0 0 0 0 0 0 0 0 0 0Also - when sending it reliably I don't get any reply.
Snrrrub Posted August 16, 2004 Report Posted August 16, 2004 There are a few issues I noticed off-the-bat. First, reliable packets have a 6-byte prefix of the form: 0x00 0x03 Secondly, you should probably make the printout a little bit nicer by AND-ing the byte you're outputting with 0xFF so that it doesn't print stuff like 0xffffffa8 for negative values. Lastly, you should ALWAYS zero out your structure before setting the values. SomePacket myPacketStruct;memset(&myPacketStruct, 0, sizeof(SomePacket));// Now do stuff -Snrrrub
emileej Posted August 17, 2004 Author Report Posted August 17, 2004 Thanks a lot - didnt think of that.
emileej Posted August 18, 2004 Author Report Posted August 18, 2004 I found some errors in my packet and corrected them, but I'm still not recieving any response from the server - not even a response to the reliable part of the packet. This is the reliable packet: typedef struct SReliablePacket{ Uint8 type; //0x00 Uint8 subtype; //0x03 Uint32 id; static const Uint32 PACKET_SIZE=6; //reliable packet is appended to this }TReliablePacket;And this is the password packet: typedef struct SP!@#$%^&*wordPacket{ Uint8 type; //0x09 Uint8 newUser; //0x00 or 0x01 (bool) char name[32]; char p!@#$%^&*[32]; Uint32 macId; //Use random id Uint8 connType; //0x00 Uint16 timeZoneBias;//240==EST Uint16 unknown1; Uint16 clientType; //0x86 Uint32 memChecksumA;//444 Uint32 memChecksumB;//555 Uint32 permissionId;//Use random id char unknown2[12]; static const Uint32 PACKET_SIZE=101; }TP!@#$%^&*wordPacket;I am now memsetting the whole packet to 0x00 before I set the values as posted before. The result looks like this:[107] 0 0x3 0x1 0 0 0 0x9 0 0x75 0x73 0x65 0x72 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x70 0x61 0x73 0x73 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0x24 0x48 0 0 0 0xf0 0 0 0 0 0 0 0 0x86 0 0 0 0xbc 0x1 0 0 0x2b 0x2 0 0 0x24 0x48 0 0 0 0 0 0 0 0
emileej Posted August 18, 2004 Author Report Posted August 18, 2004 I tried to send the packet as non-reliable and that worked. Now I recieve a strange packet, reliably, with an id saying 0x77://As it is recieved: [ 42] 0 0x3 0x21 0x8a 0xd1 0xfc 0x77 0x8c 0xff 0xdc 0x8d 0x26 0x62 0xf8 0x19 0xed 0x1b 0x48 0xfa 0xd 0xaf 0xe1 0x9 0xb3 0x8f 0x3d 0x8d 0x89 0xd1 0xb1 0xe1 0x30 0xb4 0x2c 0x74 0x6 0xb6 0xbb 0x95 0xe6 0xd7 0x4b //Without the reliable packet: [ 36] 0x77 0x8c 0xff 0xdc 0x8d 0x26 0x62 0xf8 0x19 0xed 0x1b 0x48 0xfa 0xd 0xaf 0xe1 0x9 0xb3 0x8f 0x3d 0x8d 0x89 0xd1 0xb1 0xe1 0x30 0xb4 0x2c 0x74 0x6 0xb6 0xbb 0x95 0xe6 0xd7 0x4bI cant find that anywhere in SOS' packet list.
Snrrrub Posted August 18, 2004 Report Posted August 18, 2004 It looks like you're forgetting to either encrypt/decrypt the packets... or you're printing out the incoming packets at the wrong time. Are you encrypting the outgoing packets correctly? Are you decrypting the incoming packets correctly? Are you printing out the incoming packets AFTER decrypting? -Snrrrub
emileej Posted August 18, 2004 Author Report Posted August 18, 2004 I'm printing it out after decryption - thats how I can tell that the packet is reliable, but should I both decrypt the packet and then if reliable - its content?
emileej Posted August 18, 2004 Author Report Posted August 18, 2004 Perhaps I introduced a bug when I ported your coed to my core?://Encryption routines - by Snrrrup void CSSConnection::InitEncryption(Uint32 key){ Log("InitEncryption"); Sint32 temp = 0; encCypherKey = key; for(int cnt = 0; cnt < 520; cnt += 2) // Each "block" is 2 bytes and the keystream size is 520 bytes { temp = (Uint32)((Uint64)((Uint64)key * (Uint64)0x834E0B5F) >> 48); temp += (temp >> 31); key = ((key % 0x1F31D) * 16807) - (temp * 2836) + 123; if((Sint32)key < 0) key += 0x7FFFFFFF; *((Uint16 *)(encKeyStream + cnt)) = (Uint16)key; } encryptionEnabled=true; } void CSSConnection::Encrypt(char *data,int len){ Log("Encrypt"); if(!encryptionEnabled) return; int StartPos = 1; Uint32 Encrypted = encCypherKey; if(!data[0]) //If Byte at Offset 0 is 0x00 StartPos++; for(Uint32 Count = StartPos; Count < len; Count += 4) { Encrypted ^= *(Uint32 *)(encKeyStream + (Count - StartPos)) ^ (Uint32)(data+Count); //((Uint32*)(data[Count]))=Encrypted; WriteUint32to8(Encrypted,(Uint8*)(data+Count),len-Count); } } void CSSConnection::Decrypt(char *data,int len){ Log("Decrypt"); if(!encryptionEnabled) return; Uint32 Decrypted = encCypherKey; int StartPos = 1; if(!data[0]) //If Byte at Offset 0 is 0x00 StartPos++; for(Uint32 Count = StartPos; Count < len; Count += 4) { Uint32 Encrypted = (Uint32)(data+Count); Decrypted ^= *(Uint32 *)(encKeyStream + (Count - StartPos)) ^ Encrypted; //((Uint32*)(data+Count))=Decrypted; WriteUint32to8(Decrypted,(Uint8*)(data+Count),len-Count); Decrypted = Encrypted; } }
Samapico Posted August 18, 2004 Report Posted August 18, 2004 god.. you people are giving me a headache!
emileej Posted August 18, 2004 Author Report Posted August 18, 2004 Splody tells me that 0x77 is a lvz object switch and therefore irrelevant for the bot.
Snrrrub Posted August 19, 2004 Report Posted August 19, 2004 Well either the packet isn't decrypted or it's not decrypted properly. You can't just look at the packet type bytes and say that it's been decrypted properly because they're not encrypted in the first place. The fact that you're getting a realiable ID that's ridiculously huge means that the packet (as printed) is not valid. As for the code, I'm not sure what the purpose of "WriteUint32to8" is... and I don't know how it's implemented either so I can't comment on it. When you receive a packet, you decrypt the whole thing once (including any reliable headers) and that's it. -Snrrrub
emileej Posted August 20, 2004 Author Report Posted August 20, 2004 I posted it here:http://www.ssforum.net/index.php?showtopic...indpost&p=68211
Smong Posted August 20, 2004 Report Posted August 20, 2004 What is this doing in your rel header?static const Uint32 PACKET_SIZE=6;If you are doing something likesend_rel(unsigned char *buf, int len) { unsigned char *pkt = malloc(sizeof(struct relheader) + len); /* fill out header */ ... memcpy(pkt + sizeof(struct relheader), buf, len); /* push on rel buffer */ ... }I don't think it will work as the sizeof(struct relheader) is going to include PACKET_SIZE; and will get send too.
emileej Posted August 20, 2004 Author Report Posted August 20, 2004 Yes ofcourse and no I'm doing something like this:send_rel(unsigned char *buf, int len) { unsigned char *pkt = malloc(relheader::PACKET_SIZE + len); /* fill out header */ ... memcpy(pkt + relheader::PACKET_SIZE, buf, len); /* push on rel buffer */ ... }Because I got some extra bytes at the end of the struct when I used sizeof to determine the size.
Recommended Posts