Jump to content

r16771: Client MD5 Hash Check

GreenBox

By GreenBox
in Development News

 Share

Recommended Posts

  • Replies 52
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

GreenBox
GreenBox

As of r16771, the login-server can perform a server-side check of the client MD5 hash, ensuring that the client was not tampered. The client only send the correct MD5 hash on certain server types/ser

GreenBox
GreenBox

The diff just forces the client to send the hash in all servicetypes, it's an already existing code. Checking GRF hash would be much more complex.

clydelion
clydelion

Very nice!! This is great in conjunction with HackShield! My suggestion is to use battle_config.client_hash_check instead, so it can be reloaded via @reloadbattleconf, thus a restart is not required w

GreenBox Poring

GreenBox

Posted
  • Author
Posted

Theoretically you can hook CLoginMode::GetClientHash, as it takes only one parameter as the pointer for where to store the hash you can do whatever you like with those 16 bytes.

For 2012-04-10RagexeRE this is it signature:

.text:0077E1B0 ; bool __stdcall CLoginMode__GetClientHash(char *destMd5)
.text:0077E1B0 ?GetClientHash@CLoginMode@@AAEXXZ proc near
.text:0077E1B0										 ; CODE XREF: CLoginMode::CheckExeHashFromAccServer(void)+43p
.text:0077E1B0
.text:0077E1B0 this			= MD5 ptr -560h
.text:0077E1B0 Filename		= byte ptr -508h
.text:0077E1B0 DstBuf		  = byte ptr -404h
.text:0077E1B0 var_4		   = dword ptr -4
.text:0077E1B0 digest		  = dword ptr  4

.text:0077E1B0                 sub     esp, 560h
.text:0077E1B6                 mov     eax, dword_8F1A20
.text:0077E1BB                 xor     eax, esp
.text:0077E1BD                 mov     [esp+560h+var_4], eax
.text:0077E1C4                 push    ebp
.text:0077E1C5                 mov     ebp, [esp+564h+digest]
.text:0077E1CC                 push    esi
.text:0077E1CD                 lea     ecx, [esp+568h+this] ; this
.text:0077E1D1                 call    MD5__MD5
.text:0077E1D6                 mov     ecx, g_hInstance
--------------------------------------------------------

bool __stdcall GetClientHash(char *destMd5)
{
 FILE *v1; // eax@1
 FILE *v2; // esi@1
 int v3; // eax@3
 bool result; // al@4
 MD5 this; // [sp+8h] [bp-560h]@1
 char Filename; // [sp+60h] [bp-508h]@1
 char DstBuf; // [sp+164h] [bp-404h]@3
 unsigned int v8; // [sp+564h] [bp-4h]@1

 v8 = (unsigned int)&this ^ dword_8F1A20;
 MD5::MD5(&this);
 GetModuleFileNameA(g_hInstance, &Filename, 0x104u);
 v1 = fopen(&Filename, "rb");
 v2 = v1;
 if ( v1 )
 {
if ( !feof(v1) )
{
  do
  {
	v3 = fread(&DstBuf, 1u, 0x400u, v2);
	MD5::Update(&this, &DstBuf, v3);
  }
  while ( !feof(v2) );
}
MD5::Finish(&this, destMd5);
result = 1;
 }
 else
 {
result = 0;
 }
 return result;
}

  • 2 weeks later...
Brynner Metaling

Brynner

Posted
Posted

hmmm ill try it later. i hope it will work :D

Why not? It can regenerates MD5 signatures with a click of button.

its not working. even i use diff client_hash. the other client can still connect to the server.

nanakiwurtz Poring

nanakiwurtz

Posted
Posted

Have you rechecked your group_id and the hash in login_athena.conf?

Try to put a different group_id in it and login with another client.

Use different clients with different MD5 signature for each group_id.

Brynner Metaling

Brynner

Posted
Posted

Have you rechecked your group_id and the hash in login_athena.conf?

Try to put a different group_id in it and login with another client.

Use different clients with different MD5 signature for each group_id.

if you include this to your diff. WDGForceClientHashPacket.dll it will force you to use only 1 client hash. and if you enable to use hash_check there is no other way to connect to the server unless you include the WDGForceClientHashPacket.dll on your client diff. which means you can't modified the client hash.

Brynner Metaling

Brynner

Posted
Posted

works great but if i use different client it says my client is not latest or something. how can you change that to something else?

make sure that different client include this WDGForceClientHashPacket.dll on his diff. or else it cannot connect to the server if the client_hash_check is on

Feefty Poring

Feefty

Posted
Posted

works great but if i use different client it says my client is not latest or something. how can you change that to something else?

make sure that different client include this WDGForceClientHashPacket.dll on his diff. or else it cannot connect to the server if the client_hash_check is on

what i mean is i want to change the "error" that client given if they're using different client.

Vianna Poring

Vianna

Posted
Posted

works great but if i use different client it says my client is not latest or something. how can you change that to something else?

make sure that different client include this WDGForceClientHashPacket.dll on his diff. or else it cannot connect to the server if the client_hash_check is on

what i mean is i want to change the "error" that client given if they're using different client.

It's somewhere in msgstringtable.txt

GM Takumirai Poring

GM Takumirai

Posted
Posted

how to reconfigure this client hash?..

i also want to know where to edit if i want other hash code in hex??..

is there a complete guide for this?..

guide on how to set up a new hex code of md5 hash?

Brynner Metaling

Brynner

Posted
Posted

how to reconfigure this client hash?..

i also want to know where to edit if i want other hash code in hex??..

is there a complete guide for this?..

guide on how to set up a new hex code of md5 hash?

i think there is no other way to change the md5 hash code.

  • 4 weeks later...
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...