EQEmulator Forums

EQEmulator Forums (https://www.eqemulator.org/forums/index.php)
-   Archive::Development (https://www.eqemulator.org/forums/forumdisplay.php?f=621)
-   -   16 bit checksums (https://www.eqemulator.org/forums/showthread.php?t=15048)

fathernitwit 07-29-2004 07:39 AM

Quote:

Originally Posted by RangerDown
And did you try to set Key2 to 0 all the time, does that make the user/pass send in the clear?

Perhaps something else is wrong in my code, but if i set key2 to 0, it is still not sent in the clear... EQ is accepting the packets, so I think the crc is correct, it must be using different encryption or something...

It might have something to do with key1... because I am not doing anything with key1 except echoing it back in the reply, after that it seems worthless... but it might be a weak 'CRC' type of check to make sure the reply comes back and at least partially makes sense (key1 is the same)

RangerDown 07-29-2004 07:51 AM

Drat :( In that case, they must've changed some stuff up with the user/pass encryption after June 22.

When I'm back at home this evening I'll post the contents of a collected session between my Emu-compatible client and the Emu login server so you at least have something to compare the existing protocol to.

kathgar 07-29-2004 10:53 AM

When the old new login came out, passwords and usernames were sent plaintext, and that key had nothing to do with it. I think about a month in to the new login they decided that encryption would be a good idea.

RangerDown 07-29-2004 11:24 AM

Quote:

I think about a month in to the new login they decided that encryption would be a good idea.
Wait a minute... SOE had a good idea??!!!

/hoards canned food and bottled water... armageddon is coming!

Doodman 08-06-2004 04:23 PM

You can send the 16 bit crc as 00 00 and the client will accept it just fine.

I do it in the chat channels and in my partially implemented login server.

As for the crypto key, it is not sent from server->client. It is static and in eqmain.dll. Everytime you log in on live you send the same chunk of data for the same user/pass. Supposedly it is 3des with some transpositions. Just need the key and what transpositions they do. 8)

Doodman 08-06-2004 04:29 PM

Plus, beyond the leading op_code (OP_SessionRequest is 0x01 and Op_SessionResponse is 0x02) here is the structure of the SessionRequest and SessionResponse packets:
Code:

struct SessionRequest {
        unsigned long UnknownA;
        unsigned long Session;
        unsigned short UnknownB;
        unsigned short MaxLength;
};             
               
struct SessionResponse {
        unsigned long Session;
        unsigned long Key;
        unsigned short UnknownA;
        unsigned char UnknownB;
        unsigned char UnknownC;
        unsigned short MaxLength;
        unsigned long UnknownD;
};

In the login server Key is ignored and unused. In the chatchannels it is used to "scramble" the packets being sent.


All times are GMT -4. The time now is 06:09 PM.

Powered by vBulletin®, Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.