private static void OnAsciiPacket(NetState state, PacketReader pvSrc) { byte type = pvSrc.ReadByte(); if (type == 0x20) { pvSrc.ReadInt16(); // hue pvSrc.ReadInt16(); // font StringBuilder cheat = new StringBuilder(), version = new StringBuilder(); int pos = 0; /* * 'C'(43) 'H'(48) 'E'(45) 'A'(41) 'T'(54) ' ' * (20) 'U'(55) 'O'(4F) '.'(2E) 'e'(65) 'x'(78) 'e'(65) ' '(20) * '1'(31) ' '(20) * '0'(30) '-'(2D) '-'(2D) ''(0) * '&'(26) '^'(5E) 'O'(D8) ''(1) ''(1F) 'c'(A9) ''(1A) ''(F9) 'a'(61) ''(7F) 'B'(42) '?'(99) 'E'(CA) ''(D0) '?'(8B) 'B'(42) * '1'(31) '.'(2E) '0'(30) '.'(2E) '1'(31) '0'(30) ''(0) */ for (pos = 0; pos < 128;) { byte c = pvSrc.ReadByte(); c ^= m_Key[pos++ & 0xF]; if (c == 0) { break; } //Console.Write(String.Format("'{0}'({0:X}) ", c)); cheat.Append((char)c); // todo: better way to convert byte to char? } bool allZero = true; bool cryptValid = true; StringBuilder sum = new StringBuilder(); for (int i = 0; i < 16; i++) { byte c = pvSrc.ReadByte(); if (c != 0) { allZero = false; } c ^= m_Key[pos++ & 0xF]; sum.AppendFormat("{0:X} ", c); cryptValid = cryptValid && c == CryptDLLChecksum[i]; } if (!cryptValid && !allZero) { try { sum.AppendFormat("\t{0}\t{1}", state.Mobile.Account, DateTime.Now); using (StreamWriter sw = new StreamWriter("CryptSums.log", true)) sw.WriteLine(sum.ToString()); } catch { } } for ( ; pos < 128;) { byte c = pvSrc.ReadByte(); c ^= m_Key[pos++ & 0xF]; if (c == 0) { break; } version.Append((char)c); } Version ver; try { ver = new Version(version.ToString()); } catch { ver = new Version(0, 0, 0); } /*Console.WriteLine( "Auth... String=\"{0}\"", cheat.ToString() ); * Console.WriteLine( "Valid={0} / allZero={1}", cryptValid, allZero ); * Console.WriteLine( "Version={0}", version.ToString() );*/ /*int now = (int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds; * int timeStamp = pvSrc.ReadByte() | (pvSrc.ReadByte()<<8) | (pvSrc.ReadByte()<<16) | (pvSrc.ReadByte()<<24); * timeStamp = ~timeStamp; * timeStamp ^= 0x54494D45; * * int serverIP = pvSrc.ReadByte() | (pvSrc.ReadByte()<<8) | (pvSrc.ReadByte()<<16) | (pvSrc.ReadByte()<<24); * serverIP = ~serverIP; * serverIP ^= timeStamp;*/ string val = cheat.ToString(); string[] split = val.Split(' '); if (split.Length >= 2 && split[0] == "CHEAT") { split[1] = split[1].ToUpper(); // this could be changed to only allow certain programs (EXPLORER.EXE, UO.EXE, UOG.EXE, etc) and block all others. ClientValidity vd = m_Table[state] as ClientValidity; if (vd == null) { return; } vd.m_GotResp = true; if (split[1] == "RAZOR.EXE") { vd.m_ClientType = ClientType.OldRazor; } else if (split[1] == "INJECTION.EXE" || split[1] == "ILAUNCH.EXE") { vd.m_ClientType = ClientType.Injection; } else if (split[1] == "UO.EXE") // only new razor should report this. { //if ( Math.Abs( now - timeStamp ) > 60*60*15 ) // the packet is good for 15 hours only // vd.m_ClientType = ClientType.FakeRazor; //else if (ver < CryptDLLVersion) { vd.m_ClientType = ClientType.OldRazor; } else { vd.m_ClientType = ClientType.NewRazor; } if (!allZero && !cryptValid) { vd.m_TPHackedDLL = true; } } else if (split[1] == "EASYUO.EXE" || split[1] == "EUOX.EXE" || split[1] == "EUO.EXE") { vd.m_ClientType = ClientType.EasyUO; } else if (split[1] == "UOG.EXE") { // UOG.EXE is an old razor user or a UOG only user } else if (split[1] == "EXPLORER.EXE" || split[1] == "IEXPLORE.EXE" || split[1] == "CONNEC" || split[1] == "CONNECTUO.EXE" || split[1] == "CUODESKTOP.EXE") { // these are launched from ConnectUO or by double clicking client.exe } else { try { string str = string.Format("{0} {1}", split[1], state.Account); bool found = false; for (int i = 0; i < m_Exes.Count; i++) { if (((string)m_Exes[i]) == str) { found = true; break; } } if (!found) { m_Exes.Add(str); using (StreamWriter sw = new StreamWriter("ExeNames.log", true)) sw.WriteLine("{0} {1}", str, DateTime.Now); } } catch { } } } } else { // seek back to the begining and call the default handler pvSrc.Seek(3, SeekOrigin.Begin); PacketHandlers.AsciiSpeech(state, pvSrc); } }