C++ Password Seed

Page 1 of 2 1 2
02/12/2011 00:10 Mr_PoP#1
Quote:
Nullable
Code:
typedef struct packetSeed
{
    unsigned short Length; // 0x8
    unsigned short Type; // 0x423
    unsigned int Seed; // random
} * PPACKETSEED;
so it should go like this

8 bytes (length, type and then a random int pass seed)

the random pass << means i should make a rand of some letter and numbers then encrypt it ?
02/12/2011 00:29 pro4never#2
seeing as I said a random int seed that would mean the value of it should be an int.

Simply generate a random number and write it to the password seed and send to the client. Client should now respond with the auth request packet which you will need to then read the relevant sections, setup your password encryption using the seed you sent in the first packet and the username you read from the auth request packet and run it through password decryption to get the users password. You can then continue with login procedure like normal (IE: Confirm all information from the client and then send the corresponding auth response packet and continue to game server)
02/12/2011 01:38 Mr_PoP#3
Quote:
Originally Posted by pro4never View Post
seeing as I said a random int seed that would mean the value of it should be an int.

Simply generate a random number and write it to the password seed and send to the client. Client should now respond with the auth request packet which you will need to then read the relevant sections, setup your password encryption using the seed you sent in the first packet and the username you read from the auth request packet and run it through password decryption to get the users password. You can then continue with login procedure like normal (IE: Confirm all information from the client and then send the corresponding auth response packet and continue to game server)
does it matter if the rand was like (22222222) or (11111111) etc?
02/12/2011 03:35 Ian*#4
Quote:
Originally Posted by Mr_PoP View Post
does it matter if the rand was like (22222222) or (11111111) etc?
as long as it does not exceed sizeof(int)
02/12/2011 03:38 Mr_PoP#5
Quote:
Originally Posted by Ian* View Post
as long as it does not exceed sizeof(int)
i made a function to control it
02/12/2011 03:49 Ian*#6
Quote:
Originally Posted by Mr_PoP View Post
i made a function to control it
:awesome:
02/12/2011 13:36 Mr_PoP#7
onther question if i may , can i make it conset or something ??? why should i make it random?!!?
02/12/2011 19:28 Santa#8
Quote:
Originally Posted by Mr_PoP View Post
onther question if i may , can i make it conset or something ??? why should i make it random?!!?
It doesn't matter how u come up with the number. Just as long as it doesn't exceed the max size of an int as stated before.
02/12/2011 21:29 Mr_PoP#9
considering my program is just for test so am not using packets

here is the code i made

Code:
                        Auth_Setup();
			CAuthCryptography Dec;
			AuthProtocolCryptographer dec;
			Print("Socket Connected -> %s",inet_ntoa(addr.sin_addr));
			char rSeed[9];
			RandSeed(rSeed);
			send(sListen,rSeed,8,0);
			char buf[1096];
			int buflen=strlen(buf);
			recv(sListen,buf,buflen,0);
			Dec.Decrypt(buf,buf,buflen);
			unsigned char psw[16];
			memcpy(psw,buf+132,16);
			dec.Decrypt(psw,16);
			cout<<psw;
the randseed for make 8 random numbers like =78549621 and its working becuase the client sending back some encrypted letters and at the end the same number i sent to it , when i receved it i tried to decrypt it but it didnt work , i used (Hybridz & Nullable) codes but it didnt work , i know it's sounds mean because I keep asking and it's look like am an stupid but as u know Guys always the 1st time is hardest one lol, so please dont get upset becuase am asking etc , thank u all :)
02/12/2011 23:14 bone-you#10
Before you continue, you need to manage your sockets properly. Having a single "recv" pull data will cause you a lot of problems later on that you will be unable to identify. What if that single recv returns no data read? Are they blocking sockets? Could I fake being a client to lock your server up indefinitely? What if recv doesn't read the entire packet at once?
02/13/2011 00:49 Mr_PoP#11
Quote:
Originally Posted by bone-you View Post
Before you continue, you need to manage your sockets properly. Having a single "recv" pull data will cause you a lot of problems later on that you will be unable to identify. What if that single recv returns no data read? Are they blocking sockets? Could I fake being a client to lock your server up indefinitely? What if recv doesn't read the entire packet at once?
yeah yeah , i will do that but once i find the right codes which will allow me to decrypt/encrypt what am geting from the client once i get the (servername,accid,password) i will make a new prog with a manged socket i saw ur source yeah , but it's only i cant decrypt the pass,accid and server name!
02/13/2011 01:09 CptSky#12
Quote:
Originally Posted by Mr_PoP View Post
yeah yeah , i will do that but once i find the right codes which will allow me to decrypt/encrypt what am geting from the client once i get the (servername,accid,password) i will make a new prog with a manged socket i saw ur source yeah , but it's only i cant decrypt the pass,accid and server name!
The seed is for the password encryption (RC5). If you can't decrypt the first packet sent by the client, you need to check the auth crypto...
02/13/2011 19:13 unknownone#13
You can't use "any" random numbers. You must use 16 random numbers produced by calling the rand() method. (Which are int16s, but you only need the least sig byte). You must first call srand(packet->Seed)

This works because rand() and srand() are not really random (In Microsoft's implementation). They produce a fixed sequence of integers if seeded by the same number, because it's implementation looks like this.

Code:
int _seed;

int srand(int seed) {
    _seed = seed;
}

short rand() {
    _seed *= 0x343fd;
    _seed += 0x269ec3;
    return (short)((_seed >> 0x10) & 0x7fff);
}
02/13/2011 19:35 Basser#14
Good luck programming a function that returns a random number.
02/13/2011 19:41 Mr_PoP#15
Quote:
Originally Posted by unknownone View Post
You can't use "any" random numbers. You must use 16 random numbers produced by calling the rand() method. (Which are int16s, but you only need the least sig byte). You must first call srand(packet->Seed)

This works because rand() and srand() are not really random (In Microsoft's implementation). They produce a fixed sequence of integers if seeded by the same number, because it's implementation looks like this.

Code:
int _seed;

int srand(int seed) {
    _seed = seed;
}

short rand() {
    _seed *= 0x343fd;
    _seed += 0x269ec3;
    return (short)((_seed >> 0x10) & 0x7fff);
}
Quote:
Originally Posted by Basser View Post
Good luck programming a function that returns a random number.
well this one works :

Code:
//random seed
void rPassSeed(char *seed)
{
	srand ( time(NULL) );
	char k[8];
	for (int i=0;i<8;i++)
	{
		k[i]=rand()%10;
	}
	sprintf(seed,"%d%d%d%d%d%d%d%d",k[0],k[1],k[2],k[3],k[4],k[5],k[6],k[7]);
}
i made it char so i can use send() function!?
Page 1 of 2 1 2