private static void EventSink_Login(LoginEventArgs e)
{
ClientValidity cl;
NetState ns;
Mobile mob = e.Mobile;
if (mob == null)
{
return;
}
ns = mob.NetState;
if (ns == null || !ns.Running)
{
return;
}
if (!m_Table.ContainsKey(ns))
{
m_Table[ns] = cl = new ClientValidity(ns);
}
else
{
cl = (ClientValidity)m_Table[ns];
}
cl.Begin();
}
private static void OnThirdPartyHacked(NetState ns, bool hacked)
{
ClientValidity cl;
if (!m_Table.ContainsKey(ns))
{
m_Table[ns] = cl = new ClientValidity(ns);
}
else
{
cl = (ClientValidity)m_Table[ns];
}
cl.m_TPHacked = hacked;
}
private static void OnThirdPartyAuth(NetState ns, bool authOK)
{
ClientValidity cl;
if (!m_Table.ContainsKey(ns))
{
m_Table[ns] = cl = new ClientValidity(ns);
}
else
{
cl = (ClientValidity)m_Table[ns];
}
cl.m_TPAuthed = authOK;
}
private static void OnThirdPartyHacked( NetState ns, bool hacked )
{
ClientValidity cl;
if ( !m_Table.ContainsKey( ns ) )
m_Table[ns] = cl = new ClientValidity( ns );
else
cl = (ClientValidity)m_Table[ns];
cl.m_TPHacked = hacked;
}
private static void OnThirdPartyAuth( NetState ns, bool authOK )
{
ClientValidity cl;
if ( !m_Table.ContainsKey( ns ) )
m_Table[ns] = cl = new ClientValidity( ns );
else
cl = (ClientValidity)m_Table[ns];
cl.m_TPAuthed = authOK;
}
private static void EventSink_Login( LoginEventArgs e )
{
ClientValidity cl;
NetState ns;
Mobile mob = e.Mobile;
if ( mob == null )
return;
ns = mob.NetState;
if ( ns == null || !ns.Running )
return;
if ( !m_Table.ContainsKey( ns ) )
m_Table[ns] = cl = new ClientValidity( ns );
else
cl = (ClientValidity)m_Table[ns];
cl.Begin();
}
private static void OnAsciiPacket(NetState state, PacketReader pvSrc)
{
byte type = pvSrc.ReadByte();
if (type == 0x20)
{
pvSrc.ReadInt16(); // hue
pvSrc.ReadInt16(); // font
StringBuilder cheat = new StringBuilder(), version = new StringBuilder();
int pos = 0;
/*
* 'C'(43) 'H'(48) 'E'(45) 'A'(41) 'T'(54) ' '
* (20) 'U'(55) 'O'(4F) '.'(2E) 'e'(65) 'x'(78) 'e'(65) ' '(20)
* '1'(31) ' '(20)
* '0'(30) '-'(2D) '-'(2D) ''(0)
* '&'(26) '^'(5E) 'O'(D8) ''(1) ''(1F) 'c'(A9) ''(1A) ''(F9) 'a'(61) ''(7F) 'B'(42) '?'(99) 'E'(CA) ''(D0) '?'(8B) 'B'(42)
* '1'(31) '.'(2E) '0'(30) '.'(2E) '1'(31) '0'(30) ''(0)
*/
for (pos = 0; pos < 128;)
{
byte c = pvSrc.ReadByte();
c ^= m_Key[pos++ & 0xF];
if (c == 0)
{
break;
}
//Console.Write(String.Format("'{0}'({0:X}) ", c));
cheat.Append((char)c); // todo: better way to convert byte to char?
}
bool allZero = true;
bool cryptValid = true;
StringBuilder sum = new StringBuilder();
for (int i = 0; i < 16; i++)
{
byte c = pvSrc.ReadByte();
if (c != 0)
{
allZero = false;
}
c ^= m_Key[pos++ & 0xF];
sum.AppendFormat("{0:X} ", c);
cryptValid = cryptValid && c == CryptDLLChecksum[i];
}
if (!cryptValid && !allZero)
{
try
{
sum.AppendFormat("\t{0}\t{1}", state.Mobile.Account, DateTime.Now);
using (StreamWriter sw = new StreamWriter("CryptSums.log", true))
sw.WriteLine(sum.ToString());
}
catch
{
}
}
for ( ; pos < 128;)
{
byte c = pvSrc.ReadByte();
c ^= m_Key[pos++ & 0xF];
if (c == 0)
{
break;
}
version.Append((char)c);
}
Version ver;
try {
ver = new Version(version.ToString());
} catch {
ver = new Version(0, 0, 0);
}
/*Console.WriteLine( "Auth... String=\"{0}\"", cheat.ToString() );
* Console.WriteLine( "Valid={0} / allZero={1}", cryptValid, allZero );
* Console.WriteLine( "Version={0}", version.ToString() );*/
/*int now = (int)(DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds;
* int timeStamp = pvSrc.ReadByte() | (pvSrc.ReadByte()<<8) | (pvSrc.ReadByte()<<16) | (pvSrc.ReadByte()<<24);
* timeStamp = ~timeStamp;
* timeStamp ^= 0x54494D45;
*
* int serverIP = pvSrc.ReadByte() | (pvSrc.ReadByte()<<8) | (pvSrc.ReadByte()<<16) | (pvSrc.ReadByte()<<24);
* serverIP = ~serverIP;
* serverIP ^= timeStamp;*/
string val = cheat.ToString();
string[] split = val.Split(' ');
if (split.Length >= 2 && split[0] == "CHEAT")
{
split[1] = split[1].ToUpper();
// this could be changed to only allow certain programs (EXPLORER.EXE, UO.EXE, UOG.EXE, etc) and block all others.
ClientValidity vd = m_Table[state] as ClientValidity;
if (vd == null)
{
return;
}
vd.m_GotResp = true;
if (split[1] == "RAZOR.EXE")
{
vd.m_ClientType = ClientType.OldRazor;
}
else if (split[1] == "INJECTION.EXE" || split[1] == "ILAUNCH.EXE")
{
vd.m_ClientType = ClientType.Injection;
}
else if (split[1] == "UO.EXE") // only new razor should report this.
{
//if ( Math.Abs( now - timeStamp ) > 60*60*15 ) // the packet is good for 15 hours only
// vd.m_ClientType = ClientType.FakeRazor;
//else
if (ver < CryptDLLVersion)
{
vd.m_ClientType = ClientType.OldRazor;
}
else
{
vd.m_ClientType = ClientType.NewRazor;
}
if (!allZero && !cryptValid)
{
vd.m_TPHackedDLL = true;
}
}
else if (split[1] == "EASYUO.EXE" || split[1] == "EUOX.EXE" || split[1] == "EUO.EXE")
{
vd.m_ClientType = ClientType.EasyUO;
}
else if (split[1] == "UOG.EXE")
{
// UOG.EXE is an old razor user or a UOG only user
}
else if (split[1] == "EXPLORER.EXE" || split[1] == "IEXPLORE.EXE" || split[1] == "CONNEC" || split[1] == "CONNECTUO.EXE" || split[1] == "CUODESKTOP.EXE")
{
// these are launched from ConnectUO or by double clicking client.exe
}
else
{
try
{
string str = string.Format("{0} {1}", split[1], state.Account);
bool found = false;
for (int i = 0; i < m_Exes.Count; i++)
{
if (((string)m_Exes[i]) == str)
{
found = true;
break;
}
}
if (!found)
{
m_Exes.Add(str);
using (StreamWriter sw = new StreamWriter("ExeNames.log", true))
sw.WriteLine("{0} {1}", str, DateTime.Now);
}
}
catch
{
}
}
}
}
else
{
// seek back to the begining and call the default handler
pvSrc.Seek(3, SeekOrigin.Begin);
PacketHandlers.AsciiSpeech(state, pvSrc);
}
}
