Upgrading password encryption

[pro4never]

Quote:

Originally Posted by Kiyono

Well I can't really do anything about the pointer usage since it's what Hybrid coded and I don't know how to change it.


No it's not the User, I printed it to the console and it showed the correct User.

//edit With:
Client.Password = Client.Decrypt(login->User, Received);
And entering password: 123456789
and the console prints: #<"%♀'$&! which are indeed 9 characters but not the correct ones.

Well that's your problem right there then. You need to use something else to read the packet into an array rather than into a string.


The simplest way is completely remove what you have there and then simply read from the packet using your own methods.


IE:

byte[] Pass = new byte[16];
Buffer.BlockCopy(Data, StartOfPass, Pass, 0, 16);

Then run pass through the decryption.


or just use any packet reading methods (impulses is sexy, Also a fan of tannel's)

[Kiyono]

Quote:

Originally Posted by pro4never

Well that's your problem right there then. You need to use something else to read the packet into an array rather than into a string.


The simplest way is completely remove what you have there and then simply read from the packet using your own methods.


IE:

byte[] Pass = new byte[16];
Buffer.BlockCopy(Data, StartOfPass, Pass, 0, 16);

Then run pass through the decryption.


or just use any packet reading methods (impulses is sexy, Also a fan of tannel's)

I lost you there, how am I reading it into a string?

[pro4never]

public string Password { get { fixed (uint* ptr = szPassword) { return new string((sbyte*)ptr); } } }


It's reading it as a string... for the password encryption to work you want it as a password array of 16 bytes.

I'd say just completely dump that handling of the code. All you really need to do for it is run 3 block copies (then convert two of them to strings using System.Encoding.ASCII.GetString(array); and the other one run through the decryption...

maybe when i'm home later I'll post how mine works (although mine is using tannel's packet reader)

[Kiyono]

Quote:

Originally Posted by pro4never

public string Password { get { fixed (uint* ptr = szPassword) { return new string((sbyte*)ptr); } } }


It's reading it as a string... for the password encryption to work you want it as a password array of 16 bytes.

I'd say just completely dump that handling of the code. All you really need to do for it is run 3 block copies (then convert two of them to strings using System.Encoding.ASCII.GetString(array); and the other one run through the decryption...

maybe when i'm home later I'll post how mine works (although mine is using tannel's packet reader)

I'm not using that part at all, it was causing me trouble so I scrapped it.
//edit
PasswordCrypter.Decrypt((uint*)login->szPassword);
Client.Password = login->Password;
That uses szPassword crap, I simply changed it to:
Client.Password = Client.Decrypt(login->User, Received);

Decrypting:

Code:

public string Decrypt(string User, byte[] Packet)
        {
            MSVCRT.srand(gSeed);
            var rc5Key = new byte[0x10];
            for (int i = 0; i < 0x10; i++)
                rc5Key[i] = (byte)MSVCRT.rand();
            Byte[] EncryptedPass = new byte[16];
            Buffer.BlockCopy(Packet, 132, EncryptedPass, 0, 16);
            return Encoding.ASCII.GetString(
                (new ConquerPasswordCryptpographer(User).Decrypt(new RC5(rc5Key).Decrypt(EncryptedPass))));
        }

[TaiZer]

Try to type "test" as password it will decrypt well. If you try "test1" you will get "test#" for the decrypted password.
I have the same problem but I wanted to solve it later -_- lol

[Kiyono]

Quote:

Originally Posted by TaiZer

Try to type "test" as password it will decrypt well. If you try "test1" you will get "test#" for the decrypted password.
I have the same problem but I wanted to solve it later -_- lol

Just tried it and this seems to be the case, wonder why only numbers are affected.