Basic Client-server with RSA

Page 1 of 2

01/30/2012 16:44 injection illusion logic#1

hey folks , i was working on a proxy , dont want to leech and hook , need to get it all done by me

done basic client-server connection and added RSA encryption/decryption but there is some bugs

1- only accept numbers from client to server
2- BUG when trying to encrypt the numbers and decrypt them
idea
its client send string to enc. section and it take it back as double , it send it as byte array , server decrypt it and show the decryption as string (the bug is if inpute was 123456 the output will be nan
not 123456)
EDIT : this was for an infinite number inside calculations , fixed in client but not able to do the same with server , working on it also on new base , will be updated tomorrow

need help to fix/develop it (its all done in couple of days learning c#)
got couple more questions
here the code source

Spoiler

Code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net.Sockets;
using System.Net;
using NextProxytest0._2;

namespace NextProxytest0._4
{
    class Program
    {
        static void Main(string[] args)
        {
             
        
            Socket listener = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
            listener.Bind(new IPEndPoint(IPAddress.Any, 5555));
            listener.Listen(100);
            Socket connection = listener.Accept();
            Console.WriteLine("port 5555 is on and accepting all connections from any client" + "\n");
            Console.WriteLine("waiting connection" + "\n");
            if (connection.Connected)
                Console.WriteLine("client connected" + "\n");
            byte[] buffer = new byte[1024]; // this will be our client buffer
            NextProxytest0._2.encryption.encryption dobject;
            dobject = new NextProxytest0._2.encryption.encryption();
            while (connection.Connected)
            {
                Console.WriteLine("now we are connected and waiting for packets (buffer to be sent)" + "\n");
                byte[] rec = null;
                int lenght = connection.Receive(buffer, SocketFlags.None);
                if (lenght > 0 && lenght < 1025)
                    rec = new byte[lenght];
                Array.Copy(buffer, rec, lenght);
                Console.WriteLine("recived packets encrypted (encoding.ascii.getstring(rec) : " + "\n");
                Console.WriteLine("\n" + Encoding.ASCII.GetString(rec) + "\n");
                Console.WriteLine("recived packets decrypted dobject.decrypte( Encoding.ASCII.GetString(rec) : " + "\n");
                Console.WriteLine("\n" + dobject.decrypte( Encoding.ASCII.GetString(rec) ) + "\n");
            }
            if (connection.Connected == false)
                Console.WriteLine("connection disconnected" + "\n");
            if (listener.Connected == false)
                Console.WriteLine("listener.connected is false" + "\n");
            Console.ReadLine();
        }

    }
}

Code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net;
using System.Net.Sockets;
using NextProxytest0._2.encryption;

namespace NextProxytest0._2.Client_Server
{
    class Client
    {
        
        public static void m()
        {
            Socket connection = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
            connection.Connect("127.0.0.1", 5555);
            encryption.encryption eobject;
            eobject = new encryption.encryption();
            while (connection.Connected)
            {
                Console.WriteLine("client connected to server on ip : 127.0.0.1 and port 5555" + "\n");
                Console.WriteLine("client is ready to send packets , please enter some string to be sent as byte array ONLY NUMBERS AVILABLE CHARCTERS IS NOT" + "\n");
                eobject = new encryption.encryption();
                string buffertobesent = Console.ReadLine();       
                connection.Send(Encoding.ASCII.GetBytes(eobject.encrypte(buffertobesent)));
                Console.WriteLine("\n" + "client send to the server this following packets   : " + buffertobesent + "\n");

            }

            Console.WriteLine("disconnected" + "\n");
            Console.ReadLine();
        }
    }

Code:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using NextProxytest0._2.Client_Server;
using System.IO;

namespace NextProxytest0._2.encryption
{
    //basic RSA encryption
    public class encryption
    {
        public string BytesToEncryptec;
       

        // this is the encryption section where ill start doing basic encryption on it
        
        public  string encrypte(string BytesToEncrypte)
        {
            // to encrypte u should use C = M^E mod N
            // to decrypte u should use M = C^D mod N
            //where E,N is public key : such that 1<E<piN(@N)
            // where N,D is private key
            // where M is the packets
            // we gona cut it down to parts if M<N
            // equation used N = P*q
            // @N(piN) = (P-1) * (q-1)
            // DE = 1 + K(piN)
            double bte = Convert.ToDouble(BytesToEncrypte);
            NextProxytest0._2.encryption.option optionobject;
            optionobject = new NextProxytest0._2.encryption.option();

            bte = Math.Pow(bte,optionobject.E) % optionobject.N ;
            string btes = Convert.ToString(bte);
            return(btes);
        }
        public string decrypte(string BytesToDecrypte)
        {
            //M = C^D mod N

            double btd = Convert.ToDouble(BytesToDecrypte);
            NextProxytest0._2.encryption.option optionobject;
            optionobject = new NextProxytest0._2.encryption.option();
            double M = Math.Pow(btd, optionobject.D) % optionobject.N;
            string ms = Convert.ToString(M);
            return (ms);
        }
    }
}

Code:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;

namespace NextProxytest0._2.encryption
{
    public partial class option : Form
    {
       public int p;
       public int q;
       public long E; //public encryption
       public long N; //public modulus
       public int piN; //pi the public modulus
       public float D; //private exponent
       public int k = 5;

        public option()
        {
            InitializeComponent();
        }

        public string calcprocess(string cb)
        {
            

            p = 61; // sure u may change p,q,e,k
            q = 53;
            N = p * q;
            piN = (p - 1) * (q - 1);
            E = 17;
            D = 1 + (piN * k) / E;
            return (cb);
        }
    }
}

also i got couple of questions over here

Spoiler

thanks for helping , sorry if it was long also if u find the codesource not useful for u
codesource in attachments

ill adding disconnection , seal , proxy(middleman) once i fix bugs in this , its my 0.06 beta :P been 3 days learning(C#) so dont go hard on me but ma asm is fine

special thanks for pro4never for his tuts :P
another download link for the attachments : [[Only registered and activated users can see links. Click Here To Register...]]
scan for the attachments : [Only registered and activated users can see links. Click Here To Register...]

humans die but ideas never

01/30/2012 17:01 pro4never#2

General info on packet structuring, proxies and general conquer routines
[Only registered and activated users can see links. Click Here To Register...]

Explicit information and examples of how to write a proxy. The source is fully functional just doesn't work with latest version due to the dhkey exchange changes. I don't touch password encryption so those changes will not effect it.
[Only registered and activated users can see links. Click Here To Register...]

More socket side information on how to write a proxy.
[Only registered and activated users can see links. Click Here To Register...]

Honestly... I realllyyy suggest reading through the forum first. Every question you're asking is already answered tons of times.

RSA has nothing to do with blowfish. They are different encryption routines. DHKey is the method of exchanging private/public keys which are then used to set up the blowfish encryption algorithm. Most encryption systems use an encryption key to seed the initial encryption values. The problem with this if the two communicating programs need to both be using the same encryption key. Because of this the dhkey system is used to securely (sorta) decide on a shared encryption key (both use).

Honestly it looks like the issue with your 'encryption' system (really just swapping things around... and poorly) is that you don't reverse things properly and in some cases CANNOT reverse properly.

Example...

Convert all 'Q' into 'P'.

How do you then convert this back? You need something that can be reversed and maintain data integrity. If all 'Q' are turned into 'P' then to reverse it all 'P' in encrypted stream have to become 'Q'. This converts EVERYTHING to Q even if P was the original letter pre-encryption.

This is why using your own encryption system is a poor idea when starting out. You can worry about writing your own encryption system later. Use a pre-existing one. Hell... use account encryption from conquer. It's a simple counter based system that's VERY easy to implement.

01/30/2012 17:34 Lateralus#3

Has anyone written their own implementation of the blowfish cipher using the CFB 64 mode (you know, without using libeay32.dll) or is there a public implementation or algorithm available? Sorry for the slight threadjack.

01/30/2012 17:34 injection illusion logic#4

=i got what u mean , ex : if Q is number then this way will work but if its byte array (even any number array) , it will all just mix up , was working on foreach but didnt really work fine , need to cut them down with some way and then put them back which im doing now
=its the 6th time to rewrite everything (this time im overloading some functions and fixing the encryption system , i know in some point i thought its impossible for some stuff to be swapped but with thinking i figured out some ways )
=sorry about making a lil thread asking for help but it saved me like a day searching for info and guess we are here to help each other :) ,
--
about "use account encryption from conquer. It's a simple counter based system that's VERY easy to implement." i thought about downloading some good source and keep tracing the client and source , read packets with wpe(packet reader) , duno if its good idea

well i got a favor
give me example (pre written here or anywhere) about

how the dhkey works also its blowfish encryption algorithm (will try to figure it out from your base but still need more about this)

how to figure out stuff needed for dhkey from the client , i found the encryptionkey(doesnt took a min) , but duno info about dhkey which makes me shoot in dark

btw i dont want to learn this just to code proxy , proxy is just a start :)

thanks for helping :)

01/30/2012 17:38 Lateralus#5

Quote:

Originally Posted by injection illusion logic

about "use account encryption from conquer. It's a simple counter based system that's VERY easy to implement." i thought about downloading some good source and keep tracing the client and source , read packets with wpe(packet reader) , duno if its good idea

If you're saying what I think you're saying, you won't be able to get the account server crypt this way. You'll need to reverse it from the client, or yeah, look at public sources.

01/30/2012 17:52 Kiyono#6

Quote:

Originally Posted by Lateralus

Has anyone written their own implementation of the blowfish cipher using the CFB 64 mode (you know, without using libeay32.dll) or is there a public implementation or algorithm available? Sorry for the slight threadjack.

Project Manifest doesn't use libeay32.dll and runs on 5135, is that what you're searching for?

01/30/2012 17:52 injection illusion logic#7

and what u think im saying :P ?
umm i guess ill keep working on my shit till a day or tho TILL
i add disconnect , fix bugs with rewritting the whole thing , change enc/dec static , make auth server and a decent server to reply for packets sent , proxy in the middle
once im done those ill be able to look at public source
what im thinking about is a non static encryption system which encrypt the packets with a new encryption when server tell him so ;)
ex :
client to server : here is some packets with seal and encryption1
server to client : this is reply to ur packets with my seal and ur encryption also use another module or ur encryption or another encryption
and so on , lemme rewrite the whole thing and come to ask for more :P

01/30/2012 18:13 shitboi#8

hey evan,

you should check out openssl. When i wrote my proxy, i realized that there are no easy-to-obtain public cryptography library that supports user-defined padded blowfish64; Sun's cryptographic extension supports only empty array of bytes for the padding.

I got help from Dan (author of nproxy), i think he translated the C implementation of blowfish64 to java, and shared his codes with me.

To answer your question, there are definitely people on this forum who actually played around with the implementation of blowfish64.

01/30/2012 19:14 Lateralus#9

Quote:

Originally Posted by Kiyono

Project Manifest doesn't use libeay32.dll and runs on 5135, is that what you're searching for?

It uses a custom crypt - that's why.

Quote:

Originally Posted by shitboi

hey evan,

you should check out openssl. When i wrote my proxy, i realized that there are no easy-to-obtain public cryptography library that supports user-defined padded blowfish64; Sun's cryptographic extension supports only empty array of bytes for the padding.

I got help from Dan (author of nproxy), i think he translated the C implementation of blowfish64 to java, and shared his codes with me.

To answer your question, there are definitely people on this forum who actually played around with the implementation of blowfish64.

Ah, thanks. Could you link me to the C implementation of blowfish64? I've searched for it, no luck.

01/30/2012 19:56 injection illusion logic#10

im stucked in some math

Spoiler

if input 2 after enc its 29 and after dec its 29 o-0 lol
enc eq. C = M^E Mod N , M = C^D Mod N (RSA basic enc/dec)
P,Q should be prim numbers [Only registered and activated users can see links. Click Here To Register...]
M<N else u should padding , 1<E<PiN

-.- im sick of the RSA , updating topic tomorrow with a rewritten base

01/30/2012 20:27 Lateralus#11

I don't quite understand what your goal is. You shouldn't need to crack RSA in order to use a proxy (though I'm not that familiar with recent changes... or even semi-recent). Is this Conquer-related or are you asking about RSA or other ciphers in general?

01/30/2012 21:48 InfamousNoone#12

Quote:

Originally Posted by Lateralus

It uses a custom crypt - that's why.

Ah, thanks. Could you link me to the C implementation of blowfish64? I've searched for it, no luck.

No actually, if you decompile BlowfishCFB.dll distro'd with PM it does use blowfish (implemented in native C++, wrapped with Managed C++) w/ out OpenSSL, we never changed the game encryption, only the auth; and spell.

01/30/2012 23:38 Lateralus#13

Quote:

Originally Posted by InfamousNoone

No actually, if you decompile BlowfishCFB.dll distro'd with PM it does use blowfish (implemented in native C++, wrapped with Managed C++) w/ out OpenSSL, we never changed the game encryption, only the auth; and spell.

Oh sweet. I'll check it out.

01/31/2012 19:56 shitboi#14

I found one on codeproject.com I am not sure if i am allowed to directly place a link, but oh well...

[Only registered and activated users can see links. Click Here To Register...]

02/01/2012 14:03 � Haydz#15

Quote:

Originally Posted by Lateralus

Has anyone written their own implementation of the blowfish cipher using the CFB 64 mode (you know, without using libeay32.dll) or is there a public implementation or algorithm available? Sorry for the slight threadjack.

Checkout the bouncycastle c# source.

Page 1 of 2