API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 12th, 2016
144
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.98 KB | None | 0 0
raw download clone embed print report
  1. logs in and immediately disconnects.
  2.  
  3. [spoiler=RS2LoginDecoder.java][code]public class RS2LoginDecoder extends CumulativeProtocolDecoder {
  4.  
  5. /**
  6. * Logger instance.
  7. */
  8. private static final Logger logger = Logger.getLogger(RS2LoginDecoder.class.getName());
  9.  
  10. private static final BigInteger RSA_MODULUS = new BigInteger("99234433886957417407142723827046832622114348147945599397464427833661960018848153472573879499899867651178121260980276949391172180010657066463709006907084327433834733809218673390740450817039502420010902422983878879670832697057333209969650628692157939441444731736680977431727329798577390372092136908252242107937");
  11.  
  12. private static final BigInteger RSA_EXPONENT = new BigInteger("64674922175467478976933444662170245232286649563501539390937914552988438565772940160124023301024200787109130619653792046314984471745658105800759919007923646217418588563286622699146784642677122391871805476129226582613500750662495211764769999368734826149638239347018884181387665087007318848838446366146357406913");
  13.  
  14.  
  15. /**
  16. * Opcode stage.
  17. */
  18. public static final int STATE_OPCODE = 0;
  19.  
  20. /**
  21. * Login stage.
  22. */
  23. public static final int STATE_LOGIN = 1;
  24.  
  25. /**
  26. * Precrypted stage.
  27. */
  28. public static final int STATE_PRECRYPTED = 2;
  29.  
  30. /**
  31. * Crypted stage.
  32. */
  33. public static final int STATE_CRYPTED = 3;
  34.  
  35. /**
  36. * Update stage.
  37. */
  38. public static final int STATE_UPDATE = -1;
  39.  
  40. /**
  41. * Game opcode.
  42. */
  43. public static final int OPCODE_GAME = 14;
  44.  
  45. /**
  46. * Update opcode.
  47. */
  48. public static final int OPCODE_UPDATE = 15;
  49.  
  50. /**
  51. * Secure random number generator.
  52. */
  53. private static final SecureRandom RANDOM = new SecureRandom();
  54.  
  55. /**
  56. * Initial login response.
  57. */
  58. private static final byte[] INITIAL_RESPONSE = new byte[] {
  59. 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0
  60. };
  61.  
  62. @Override
  63. protected boolean doDecode(IoSession session, IoBuffer in, ProtocolDecoderOutput out) throws Exception {
  64. int state = (Integer) session.getAttribute("state", STATE_OPCODE);
  65. switch(state) {
  66.  
  67. case STATE_OPCODE:
  68. if(in.remaining() >= 1) {
  69. /*
  70. * Here we read the first opcode which indicates the type
  71. * of connection.
  72. *
  73. * 14 = game
  74. * 15 = update
  75. *
  76. * Updating is disabled in the vast majority of 317
  77. * clients.
  78. */
  79. int opcode = in.get() & 0xFF;
  80. switch(opcode) {
  81. case OPCODE_GAME:
  82. session.setAttribute("state", STATE_LOGIN);
  83. return true;
  84. case OPCODE_UPDATE:
  85. session.setAttribute("state", STATE_UPDATE);
  86. session.write(new PacketBuilder().put(INITIAL_RESPONSE).toPacket());
  87. return true;
  88. default:
  89. logger.info("Invalid opcode : " + opcode);
  90. session.close(false);
  91. break;
  92. }
  93. } else {
  94. in.rewind();
  95. return false;
  96. }
  97. break;
  98. case STATE_LOGIN:
  99. if(in.remaining() >= 1) {
  100. /*
  101. * The name hash is a simple hash of the name which is
  102. * suspected to be used to select the appropriate login
  103. * server.
  104. */
  105. @SuppressWarnings("unused")
  106. int nameHash = in.get() & 0xFF;
  107.  
  108. /*
  109. * We generated the server session key using a SecureRandom
  110. * class for security.
  111. */
  112. long serverKey = RANDOM.nextLong();
  113.  
  114. /*
  115. * The initial response is just 0s which the client is set
  116. * to ignore (probably some sort of modification).
  117. */
  118. session.write(new PacketBuilder().put(INITIAL_RESPONSE).put((byte) 0).putLong(serverKey).toPacket());
  119. session.setAttribute("state", STATE_PRECRYPTED);
  120. session.setAttribute("serverKey", serverKey);
  121. return true;
  122. }
  123. break;
  124. case STATE_PRECRYPTED:
  125. if(in.remaining() >= 2) {
  126. /*
  127. * We read the type of login.
  128. *
  129. * 16 = normal
  130. * 18 = reconnection
  131. */
  132. int loginOpcode = in.get() & 0xFF;
  133. if(loginOpcode != 16 && loginOpcode != 18) {
  134. logger.info("Invalid login opcode : " + loginOpcode);
  135. session.close(false);
  136. in.rewind();
  137. return false;
  138. }
  139.  
  140. /*
  141. * We read the size of the login packet.
  142. */
  143. int loginSize = in.get() & 0xFF;
  144.  
  145. /*
  146. * And calculated how long the encrypted block will be.
  147. */
  148. int loginEncryptSize = loginSize - (36 + 1 + 1 + 2);
  149.  
  150. /*
  151. * This could be invalid so if it is we ignore it.
  152. */
  153. if(loginEncryptSize <= 0) {
  154. logger.info("Encrypted packet size zero or negative : " + loginEncryptSize);
  155. session.close(false);
  156. in.rewind();
  157. return false;
  158. }
  159. session.setAttribute("state", STATE_CRYPTED);
  160. session.setAttribute("size", loginSize);
  161. session.setAttribute("encryptSize", loginEncryptSize);
  162. return true;
  163. }
  164. break;
  165. case STATE_CRYPTED:
  166. int size = (Integer) session.getAttribute("size");
  167. int encryptSize = (Integer) session.getAttribute("encryptSize");
  168. if(in.remaining() >= size) {
  169. /*
  170. * We read the magic ID which is 255 (0xFF) which indicates
  171. * this is the real login packet.
  172. */
  173. int magicId = in.get() & 0xFF;
  174. if(magicId != 255) {
  175. logger.info("Incorrect magic id : " + magicId);
  176. session.close(false);
  177. in.rewind();
  178. return false;
  179. }
  180.  
  181. /*
  182. * We now read a short which is the client version and
  183. * check if it equals 317.
  184. */
  185. int version = in.getShort() & 0xFFFF;
  186. if(version != Server.VERSION) {
  187. logger.info("Incorrect version : " + version);
  188. session.close(false);
  189. in.rewind();
  190. return false;
  191. }
  192.  
  193. /*
  194. * The following byte indicates if we are using a low
  195. * memory version.
  196. */
  197. @SuppressWarnings("unused")
  198. boolean lowMemoryVersion = (in.get() & 0xFF) == 1;
  199.  
  200. /*
  201. * We know read the cache indices.
  202. */
  203. for(int i = 0; i < 9; i++) {
  204. in.getInt();
  205. }
  206.  
  207. /*
  208. * The encrypted size includes the size byte which we don't
  209. * need.
  210. */
  211. encryptSize--;
  212.  
  213. /*
  214. * We check if there is a mismatch in the sizing.
  215. */
  216. int reportedSize = in.get() & 0xFF;
  217. if(reportedSize != encryptSize) {
  218. logger.info("Packet size mismatch (expected : " + encryptSize + ", reported : " + reportedSize + ")");
  219. session.close(false);
  220. in.rewind();
  221. return false;
  222. }
  223.  
  224. byte[] encryptionBytes = new byte[encryptSize];
  225. in.get(encryptionBytes);
  226.  
  227. IoBuffer rsaBuffer = IoBuffer.wrap(new BigInteger(encryptionBytes)
  228. .modPow(RSA_EXPONENT, RSA_MODULUS).toByteArray());
  229.  
  230. /*
  231. * We now read the encrypted block opcode (although in most
  232. * 317 clients and this server the RSA is disabled) and
  233. * check it is equal to 10.
  234. */
  235. int blockOpcode = rsaBuffer.get() & 0xFF;
  236. if(blockOpcode != 10) {
  237. logger.info("Invalid login block opcode : " + blockOpcode);
  238. session.close(false);
  239. in.rewind();
  240. return false;
  241. }
  242.  
  243. /*
  244. * We read the client's session key.
  245. */
  246. long clientKey = rsaBuffer.getLong();
  247.  
  248. /*
  249. * And verify it has the correct server session key.
  250. */
  251. long serverKey = (Long) session.getAttribute("serverKey");
  252. long reportedServerKey = rsaBuffer.getLong();
  253. if(reportedServerKey != serverKey) {
  254. logger.info("Server key mismatch (expected : " + serverKey + ", reported : " + reportedServerKey + ")");
  255. session.close(false);
  256. in.rewind();
  257. return false;
  258. }
  259.  
  260. /*
  261. * The UID, found in random.dat in newer clients and
  262. * uid.dat in older clients is a way of identifying a
  263. * computer.
  264. *
  265. * However, some clients send a hardcoded or random UID,
  266. * making it useless in the private server scene.
  267. */
  268. int uid = rsaBuffer.getInt();
  269.  
  270. /*
  271. * We read and format the name and passwords.
  272. */
  273. String name = NameUtils.formatName(IoBufferUtils.getRS2String(rsaBuffer).trim());
  274. String pass = IoBufferUtils.getRS2String(rsaBuffer);
  275. logger.info("Login request : username=" + name + " password=" + pass);
  276.  
  277. /*
  278. * And setup the ISAAC cipher which is used to encrypt and
  279. * decrypt opcodes.
  280. *
  281. * However, without RSA, this is rendered useless anyway.
  282. */
  283. int[] sessionKey = new int[4];
  284. sessionKey[0] = (int) (clientKey >> 32);
  285. sessionKey[1] = (int) clientKey;
  286. sessionKey[2] = (int) (serverKey >> 32);
  287. sessionKey[3] = (int) serverKey;
  288.  
  289. session.removeAttribute("state");
  290. session.removeAttribute("serverKey");
  291. session.removeAttribute("size");
  292. session.removeAttribute("encryptSize");
  293.  
  294. ISAACCipher inCipher = new ISAACCipher(sessionKey);
  295. for(int i = 0; i < 4; i++) {
  296. sessionKey[i] += 50;
  297. }
  298. ISAACCipher outCipher = new ISAACCipher(sessionKey);
  299.  
  300. /*
  301. * Now, the login has completed, and we do the appropriate
  302. * things to fire off the chain of events which will load
  303. * and check the saved games etc.
  304. */
  305. session.getFilterChain().remove("protocol");
  306. session.getFilterChain().addFirst("protocol", new ProtocolCodecFilter(RS2CodecFactory.GAME));
  307.  
  308. PlayerDetails pd = new PlayerDetails(session, name, pass, uid, inCipher, outCipher);
  309. World.getWorld().load(pd);
  310. }
  311. break;
  312. }
  313. in.rewind();
  314. return false;
  315. }
  316.  
  317. }
  318. [/code][/spoiler]
  319.  
  320. [spoiler=RSClient.java][spoiler=resetImageProducers()][code]
  321. public void resetImageProducers()
  322. {
  323. if (loginScreen != null)
  324. return;
  325. System.err.println("resetImageProducer - called");
  326. super.fullGameScreen = null;
  327. chatImageProducer = null;
  328. mapAreaImageProducer = null;
  329. inventoryImageProducer = null;
  330. gameScreenImageProducer = null;
  331. RSRaster.setAllPixelsToZero();
  332. loginScreen = new RSImageProducer((clientSize == CLIENT_FIXED ? 765 : clientWidth), (clientSize == CLIENT_FIXED ? 503 : clientHeight), getGameComponent());
  333. RSRaster.setAllPixelsToZero();
  334. if (titleStreamLoader != null)
  335. {
  336. System.gc();
  337. }
  338. welcomeScreenRaised = true;
  339. }[/code][/spoiler]
  340. [spoiler=resetImageProducers2()][code]
  341. public void resetImageProducers2()
  342. {
  343. if ((chatImageProducer != null && clientSize == CLIENT_FIXED) || (clientSize != 0 && fullscreenInterfaceID == -1 && gameScreenImageProducer != null))
  344. return;
  345. System.err.println("resetImageProducer2 - called");
  346. super.fullGameScreen = null;
  347. loginScreen = null;
  348. if (clientSize == CLIENT_FIXED)
  349. chatImageProducer = new RSImageProducer(516, 165, getGameComponent());
  350. if (clientSize == CLIENT_FIXED)
  351. mapAreaImageProducer = new RSImageProducer(249, 168, getGameComponent());
  352. RSRaster.setAllPixelsToZero();
  353. mapArea[(clientSize == CLIENT_FIXED ? 0 : 2)].drawSprite(0, 0);
  354. if (clientSize == CLIENT_FIXED)
  355. inventoryImageProducer = new RSImageProducer(249, 335, getGameComponent());
  356. gameScreenImageProducer = new RSImageProducer(clientSize == CLIENT_FIXED ? 512 : clientWidth, clientSize == CLIENT_FIXED ? 334 : clientHeight, getGameComponent());
  357. RSRaster.setAllPixelsToZero();
  358. welcomeScreenRaised = true;
  359. }[/code][/spoiler][/spoiler]
  360.  
  361. server-sided:
  362. [code]Nov 12, 2016 11:32:48 PM org.hyperion.rs2.RS2Server start
  363. INFO: Binding to port : 43594...
  364. Nov 12, 2016 11:32:48 PM org.hyperion.rs2.RS2Server start
  365. INFO: Ready
  366. Nov 12, 2016 11:34:09 PM org.hyperion.rs2.net.RS2LoginDecoder doDecode
  367. INFO: Login request : username=Bobby password=12345
  368. New Region Loaded.
  369. Nov 12, 2016 11:34:09 PM org.hyperion.rs2.model.World register
  370. INFO: Registered player : org.hyperion.rs2.model.Player [name=bobby rights=PLAYER members=true index=1] [online=1]
  371. Nov 12, 2016 11:34:09 PM org.hyperion.rs2.model.World unregister
  372. INFO: Unregistered player : org.hyperion.rs2.model.Player [name=bobby rights=PLAYER members=true index=1] [online=0][/code]
  373.  
  374. client-sided:
  375. [code]INFO: Settings successfully loaded.
  376. 0 0
  377. resetImageProducer2 - called
  378. T1 - 223,0 - -1,-1
  379. resetImageProducer - called[/code]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!