C++ Password Seed

Mr_PoP · 02/12/2011, 00:10

Quote:

Nullable

Code:

typedef struct packetSeed
{
    unsigned short Length; // 0x8
    unsigned short Type; // 0x423
    unsigned int Seed; // random
} * PPACKETSEED;

so it should go like this

8 bytes (length, type and then a random int pass seed)

the random pass << means i should make a rand of some letter and numbers then encrypt it ?

~~pro4never~~ · 02/12/2011, 00:29

seeing as I said a random int seed that would mean the value of it should be an int.

Simply generate a random number and write it to the password seed and send to the client. Client should now respond with the auth request packet which you will need to then read the relevant sections, setup your password encryption using the seed you sent in the first packet and the username you read from the auth request packet and run it through password decryption to get the users password. You can then continue with login procedure like normal (IE: Confirm all information from the client and then send the corresponding auth response packet and continue to game server)

Mr_PoP · 02/12/2011, 01:38

Quote:

Originally Posted by pro4never

seeing as I said a random int seed that would mean the value of it should be an int.

Simply generate a random number and write it to the password seed and send to the client. Client should now respond with the auth request packet which you will need to then read the relevant sections, setup your password encryption using the seed you sent in the first packet and the username you read from the auth request packet and run it through password decryption to get the users password. You can then continue with login procedure like normal (IE: Confirm all information from the client and then send the corresponding auth response packet and continue to game server)

does it matter if the rand was like (22222222) or (11111111) etc?

Ian* · 02/12/2011, 03:35

Quote:

Originally Posted by Mr_PoP

does it matter if the rand was like (22222222) or (11111111) etc?

as long as it does not exceed sizeof(int)

Mr_PoP · 02/12/2011, 03:38

Quote:

Originally Posted by Ian*

as long as it does not exceed sizeof(int)

i made a function to control it

Ian* · 02/12/2011, 03:49

Quote:

Originally Posted by Mr_PoP

i made a function to control it

Mr_PoP · 02/12/2011, 13:36

onther question if i may , can i make it conset or something ??? why should i make it random?!!?

Santa · 02/12/2011, 19:28

Quote:

Originally Posted by Mr_PoP

onther question if i may , can i make it conset or something ??? why should i make it random?!!?

It doesn't matter how u come up with the number. Just as long as it doesn't exceed the max size of an int as stated before.

Mr_PoP · 02/12/2011, 21:29

considering my program is just for test so am not using packets

here is the code i made

Code:

                        Auth_Setup();
			CAuthCryptography Dec;
			AuthProtocolCryptographer dec;
			Print("Socket Connected -> %s",inet_ntoa(addr.sin_addr));
			char rSeed[9];
			RandSeed(rSeed);
			send(sListen,rSeed,8,0);
			char buf[1096];
			int buflen=strlen(buf);
			recv(sListen,buf,buflen,0);
			Dec.Decrypt(buf,buf,buflen);
			unsigned char psw[16];
			memcpy(psw,buf+132,16);
			dec.Decrypt(psw,16);
			cout<<psw;

the randseed for make 8 random numbers like =78549621 and its working becuase the client sending back some encrypted letters and at the end the same number i sent to it , when i receved it i tried to decrypt it but it didnt work , i used (Hybridz & Nullable) codes but it didnt work , i know it's sounds mean because I keep asking and it's look like am an stupid but as u know Guys always the 1st time is hardest one lol, so please dont get upset becuase am asking etc , thank u all

bone-you · 02/12/2011, 23:14

Before you continue, you need to manage your sockets properly. Having a single "recv" pull data will cause you a lot of problems later on that you will be unable to identify. What if that single recv returns no data read? Are they blocking sockets? Could I fake being a client to lock your server up indefinitely? What if recv doesn't read the entire packet at once?

Mr_PoP · 02/13/2011, 00:49

Quote:

Originally Posted by bone-you

Before you continue, you need to manage your sockets properly. Having a single "recv" pull data will cause you a lot of problems later on that you will be unable to identify. What if that single recv returns no data read? Are they blocking sockets? Could I fake being a client to lock your server up indefinitely? What if recv doesn't read the entire packet at once?

yeah yeah , i will do that but once i find the right codes which will allow me to decrypt/encrypt what am geting from the client once i get the (servername,accid,password) i will make a new prog with a manged socket i saw ur source yeah , but it's only i cant decrypt the pass,accid and server name!

CptSky · 02/13/2011, 01:09

Quote:

Originally Posted by Mr_PoP

yeah yeah , i will do that but once i find the right codes which will allow me to decrypt/encrypt what am geting from the client once i get the (servername,accid,password) i will make a new prog with a manged socket i saw ur source yeah , but it's only i cant decrypt the pass,accid and server name!

The seed is for the password encryption (RC5). If you can't decrypt the first packet sent by the client, you need to check the auth crypto...

unknownone · 02/13/2011, 19:13

You can't use "any" random numbers. You must use 16 random numbers produced by calling the rand() method. (Which are int16s, but you only need the least sig byte). You must first call srand(packet->Seed)

This works because rand() and srand() are not really random (In Microsoft's implementation). They produce a fixed sequence of integers if seeded by the same number, because it's implementation looks like this.

Code:

int _seed;

int srand(int seed) {
    _seed = seed;
}

short rand() {
    _seed *= 0x343fd;
    _seed += 0x269ec3;
    return (short)((_seed >> 0x10) & 0x7fff);
}

Basser · 02/13/2011, 19:35

Good luck programming a function that returns a random number.

Mr_PoP · 02/13/2011, 19:41

Quote:
Originally Posted by unknownone
You can't use "any" random numbers. You must use 16 random numbers produced by calling the rand() method. (Which are int16s, but you only need the least sig byte). You must first call srand(packet->Seed)

This works because rand() and srand() are not really random (In Microsoft's implementation). They produce a fixed sequence of integers if seeded by the same number, because it's implementation looks like this.
Code:
int _seed;

int srand(int seed) {
    _seed = seed;
}

short rand() {
    _seed *= 0x343fd;
    _seed += 0x269ec3;
    return (short)((_seed >> 0x10) & 0x7fff);
}

Quote:

Originally Posted by Basser

Good luck programming a function that returns a random number.

well this one works :

Code:

//random seed
void rPassSeed(char *seed)
{
	srand ( time(NULL) );
	char k[8];
	for (int i=0;i<8;i++)
	{
		k[i]=rand()%10;
	}
	sprintf(seed,"%d%d%d%d%d%d%d%d",k[0],k[1],k[2],k[3],k[4],k[5],k[6],k[7]);
}

i made it char so i can use send() function!?