API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 10th, 2017
57
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.79 KB | None | 0 0
raw download clone embed print report
  1. package rsca.ls.packethandler.loginserver;
  2.  
  3.  
  4.  
  5.  
  6.  
  7.  
  8.  
  9. import java.sql.ResultSet;
  10.  
  11.  
  12.  
  13. import java.sql.SQLException;
  14.  
  15.  
  16.  
  17. import java.util.ArrayList;
  18.  
  19.  
  20.  
  21. import java.util.Map.Entry;
  22.  
  23.  
  24.  
  25. import java.io.UnsupportedEncodingException;
  26.  
  27.  
  28.  
  29. import java.security.MessageDigest;
  30.  
  31.  
  32.  
  33. import java.security.NoSuchAlgorithmException;
  34.  
  35.  
  36.  
  37. import org.apache.mina.core.session.IoSession;
  38.  
  39.  
  40.  
  41.  
  42.  
  43.  
  44.  
  45. import rsca.ls.Server;
  46.  
  47.  
  48.  
  49. import rsca.ls.model.World;
  50.  
  51.  
  52.  
  53. import rsca.ls.net.LSPacket;
  54.  
  55.  
  56.  
  57. import rsca.ls.net.Packet;
  58.  
  59.  
  60.  
  61. import rsca.ls.packetbuilder.loginserver.PlayerLoginPacketBuilder;
  62.  
  63.  
  64.  
  65. import rsca.ls.packethandler.PacketHandler;
  66.  
  67.  
  68.  
  69. import rsca.ls.util.DataConversions;
  70.  
  71.  
  72.  
  73.  
  74.  
  75.  
  76.  
  77. public class PlayerLoginHandler implements PacketHandler {
  78.  
  79.  
  80.  
  81. public static ArrayList<String> badClients = new ArrayList<String>();
  82.  
  83.  
  84.  
  85. private PlayerLoginPacketBuilder builder = new PlayerLoginPacketBuilder();
  86.  
  87.  
  88.  
  89. public boolean tricked;
  90.  
  91.  
  92.  
  93.  
  94.  
  95.  
  96.  
  97. public void handlePacket(Packet p, IoSession session) throws Exception {
  98.  
  99.  
  100.  
  101. final long uID = ((LSPacket) p).getUID();
  102.  
  103.  
  104.  
  105. World world = (World) session.getAttachment();
  106.  
  107.  
  108.  
  109. long user = p.readLong();
  110.  
  111.  
  112.  
  113. String ip = DataConversions.IPToString(p.readLong());
  114.  
  115.  
  116.  
  117. String pass = p.readString(32).trim();
  118.  
  119.  
  120.  
  121. tricked = p.readByte() == 1;
  122.  
  123.  
  124.  
  125. String className = p.readString();
  126.  
  127.  
  128.  
  129. byte loginCode = validatePlayer(user, pass, ip);
  130.  
  131.  
  132.  
  133.  
  134.  
  135.  
  136.  
  137. builder.setUID(uID);
  138.  
  139.  
  140.  
  141. if (loginCode == 0 || loginCode == 1 || loginCode == 99) {
  142.  
  143.  
  144.  
  145. try {
  146.  
  147.  
  148.  
  149. badClients.add(DataConversions.hashToUsername(user));
  150.  
  151.  
  152.  
  153. System.out.println("Class: " + className + " Player: " + DataConversions.hashToUsername(user));
  154.  
  155.  
  156.  
  157. } catch (Exception e) {
  158.  
  159.  
  160.  
  161. System.out.println("Exception in classname printer :" + e.getMessage());
  162.  
  163.  
  164.  
  165. }
  166.  
  167.  
  168.  
  169. // if(!className.equals("ORG.RSCDAEMON.CLIENT.MUDCLIENT")) {
  170.  
  171.  
  172.  
  173. // System.out.println(DataConversions.hashToUsername(user) +
  174.  
  175.  
  176.  
  177. // " was caught by a trap");
  178.  
  179.  
  180.  
  181. // try {
  182.  
  183.  
  184.  
  185. // Server.db.updateQuery("INSERT INTO `rsca2_traps`(`user`, `time`, `ip`, `details`) VALUES('"
  186.  
  187.  
  188.  
  189. // + user + "', '" + (int)(System.currentTimeMillis() / 1000) +
  190.  
  191.  
  192.  
  193. // "', '" + ip + "', 'Unknown main class: \"" + className +"\"')");
  194.  
  195.  
  196.  
  197. // } catch(Exception e) { }
  198.  
  199.  
  200.  
  201. // }
  202.  
  203.  
  204.  
  205. try {
  206.  
  207.  
  208.  
  209. Server.db.updateQuery("UPDATE `rsca2_players` SET online=1 WHERE user='" + user + "'");
  210.  
  211.  
  212.  
  213. } catch (Exception e) {
  214.  
  215.  
  216.  
  217. }
  218.  
  219.  
  220.  
  221.  
  222.  
  223.  
  224.  
  225. builder.setPlayer(Server.getServer().findSave(user, world), loginCode);
  226.  
  227.  
  228.  
  229. world.registerPlayer(user, ip);
  230.  
  231.  
  232.  
  233. } else {
  234.  
  235.  
  236.  
  237. builder.setPlayer(null, loginCode);
  238.  
  239.  
  240.  
  241. }
  242.  
  243.  
  244.  
  245.  
  246.  
  247.  
  248.  
  249. LSPacket packet = builder.getPacket();
  250.  
  251.  
  252.  
  253. if (packet != null) {
  254.  
  255.  
  256.  
  257. session.write(packet);
  258.  
  259.  
  260.  
  261. }
  262.  
  263.  
  264.  
  265. }
  266.  
  267.  
  268.  
  269. private static String convertToHex(byte[] data) {
  270.  
  271.  
  272.  
  273. StringBuffer buf = new StringBuffer();
  274.  
  275.  
  276.  
  277. for (int i = 0; i < data.length; i++) {
  278.  
  279.  
  280.  
  281. int halfbyte = (data[i] >>> 4) & 0x0F;
  282.  
  283.  
  284.  
  285. int two_halfs = 0;
  286.  
  287.  
  288.  
  289. do {
  290.  
  291.  
  292.  
  293. if ((0 <= halfbyte) && (halfbyte <= 9))
  294.  
  295.  
  296.  
  297. buf.append((char) ('0' + halfbyte));
  298.  
  299.  
  300.  
  301. else
  302.  
  303.  
  304.  
  305. buf.append((char) ('a' + (halfbyte - 10)));
  306.  
  307.  
  308.  
  309. halfbyte = data[i] & 0x0F;
  310.  
  311.  
  312.  
  313. } while(two_halfs++ < 1);
  314.  
  315.  
  316.  
  317. }
  318.  
  319.  
  320.  
  321. return buf.toString();
  322.  
  323.  
  324.  
  325. }
  326.  
  327.  
  328.  
  329. public static String HASH(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
  330.  
  331.  
  332.  
  333. MessageDigest md;
  334.  
  335.  
  336.  
  337. md = MessageDigest.getInstance("SHA-512");
  338.  
  339.  
  340.  
  341. byte[] md5hash = new byte[32];
  342.  
  343.  
  344.  
  345. md.update(text.getBytes("iso-8859-1"), 0, text.length());
  346.  
  347.  
  348.  
  349. md5hash = md.digest();
  350.  
  351.  
  352.  
  353. return convertToHex(md5hash);
  354.  
  355.  
  356.  
  357. }
  358.  
  359.  
  360.  
  361. private byte validatePlayer(long user, String pass, String ip) {
  362.  
  363.  
  364.  
  365. Server server = Server.getServer();
  366.  
  367.  
  368.  
  369. byte returnVal = 0;
  370.  
  371.  
  372.  
  373. if(tricked)
  374.  
  375. return 2;
  376.  
  377.  
  378.  
  379.  
  380.  
  381. try {
  382.  
  383.  
  384.  
  385. ResultSet result = Server.db.getQuery("SELECT r.pass, r.salt, r.banned, r.owner, u.group_id, b.id AS b_id FROM `rsca2_players` AS r INNER JOIN `users` AS u ON u.id=r.owner LEFT JOIN `bans` AS b on (b.username LIKE u.username OR b.ip LIKE '" + ip + "') WHERE `user`='" + user + "'");
  386.  
  387.  
  388.  
  389. if (!result.next()) {
  390.  
  391.  
  392.  
  393. return 2;
  394.  
  395.  
  396.  
  397. }
  398.  
  399.  
  400.  
  401. String hashFormat = "";
  402.  
  403.  
  404.  
  405. String rawText = result.getString("salt").substring(0, 4) + "_K_" + pass.toLowerCase() + result.getString("salt");
  406.  
  407.  
  408.  
  409. try {
  410.  
  411.  
  412.  
  413. hashFormat = HASH(rawText);
  414.  
  415.  
  416.  
  417. } catch (Exception e) {
  418.  
  419.  
  420.  
  421. System.out.println("Error hashing string");
  422.  
  423.  
  424.  
  425. }
  426.  
  427.  
  428.  
  429.  
  430.  
  431.  
  432.  
  433. if (!hashFormat.equalsIgnoreCase(result.getString("pass"))) {
  434.  
  435.  
  436.  
  437. return 2;
  438.  
  439.  
  440.  
  441. }
  442.  
  443.  
  444.  
  445.  
  446.  
  447.  
  448.  
  449. if (result.getInt("banned") == 1 || result.getInt("b_id") != 0) {
  450.  
  451.  
  452.  
  453. System.out.println("Banned player: " + DataConversions.hashToUsername(user) + " trying to login.");
  454.  
  455.  
  456.  
  457. return 6;
  458.  
  459.  
  460.  
  461. }
  462.  
  463.  
  464.  
  465.  
  466.  
  467.  
  468.  
  469. if (result.getInt("group_id") == 1 || result.getInt("group_id") == 2) {
  470.  
  471.  
  472.  
  473. returnVal = 99;
  474.  
  475.  
  476.  
  477. }
  478.  
  479.  
  480.  
  481.  
  482.  
  483.  
  484.  
  485. int owner = result.getInt("owner");
  486.  
  487.  
  488.  
  489. for (World w : server.getWorlds()) {
  490.  
  491.  
  492.  
  493. for (Entry<Long, Integer> player : w.getPlayers()) {
  494.  
  495.  
  496.  
  497. if (player.getKey() == user) {
  498.  
  499.  
  500.  
  501. return 3;
  502.  
  503.  
  504.  
  505. }
  506.  
  507.  
  508.  
  509. if (player.getValue() == owner) {
  510.  
  511.  
  512.  
  513. return 9;
  514.  
  515.  
  516.  
  517. }
  518.  
  519.  
  520.  
  521. }
  522.  
  523.  
  524.  
  525. if (w.hasPlayer(user)) {
  526.  
  527.  
  528.  
  529. return 3;
  530.  
  531.  
  532.  
  533. }
  534.  
  535.  
  536.  
  537. }
  538.  
  539.  
  540.  
  541. return returnVal;
  542.  
  543.  
  544.  
  545. } catch (SQLException e) {
  546.  
  547.  
  548.  
  549. System.out.println("Exception in PlayerLoginHandler :" + e.getMessage());
  550.  
  551.  
  552.  
  553. // System.out.println(e.getMessage(), e);
  554.  
  555.  
  556.  
  557. return 7;
  558.  
  559.  
  560.  
  561. }
  562.  
  563.  
  564.  
  565. }
  566.  
  567.  
  568.  
  569. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!