public static void Login(IClient client, String password) { String owner = Settings.Get <String>("owner"); if (!String.IsNullOrEmpty(owner)) { if (password == owner) { client.Registered = true; client.Captcha = true; client.Owner = true; Events.LoginGranted(client); client.Level = ILevel.Host; using (SHA1 sha1 = SHA1.Create()) client.Password = sha1.ComputeHash(Encoding.UTF8.GetBytes(owner)); if (client.Quarantined) { client.Unquarantine(); } CaptchaManager.AddCaptcha(client); ServerCore.Log(client.Name + " logged in with the room owner account"); return; } } using (SHA1 sha1 = SHA1.Create()) { byte[] pwd = sha1.ComputeHash(Encoding.UTF8.GetBytes(password)); Account a = Settings.Get <bool>("strict") ? list.Find(x => x.Password.SequenceEqual(pwd) && x.Guid.Equals(client.Guid)) : list.Find(x => x.Password.SequenceEqual(pwd)); if (a != null) { client.Registered = true; client.Captcha = true; Events.LoginGranted(client); client.Level = a.Level; client.Password = a.Password; if (client.Quarantined) { client.Unquarantine(); } CaptchaManager.AddCaptcha(client); ServerCore.Log(client.Name + " logged in with " + a.Name + "'s account [level designation: " + a.Level + "]"); return; } } Events.InvalidLoginAttempt(client); }
private void ServerThread() { this.terminate = false; FilterImporter.DoTasks(); ObSalt.Init(); CaptchaManager.Load(); FloodControl.Reset(); Stats.Reset(); UserPool.Build(); core.LinkHub.LeafPool.Build(); Captcha.Initialize(); UserHistory.Initialize(); AccountManager.LoadPasswords(); BanSystem.LoadBans(); IdleManager.Reset(); Proxies.Start(Helpers.UnixTime); IgnoreManager.init(); if (Settings.Get <bool>("roomsearch")) { UdpChannelList.Start(); } ulong last_update_check = 0; ulong fast_ping_timer = Time.Now; ulong channel_push_timer = (Time.Now - 1200000); ulong reset_floods_timer = Time.Now; ulong room_search_timer = (Time.Now - 1800000); bool can_web_chat = Settings.Get <bool>("enabled", "web"); core.LinkHub.LinkMode link_mode = (core.LinkHub.LinkMode)Settings.Get <int>("link_mode"); Linker = new LinkLeaf.LinkClient(); if (link_mode == LinkHub.LinkMode.Hub) { Linker.ConnectLocal(); } Events.ServerStarted(); while (true) { if (this.terminate) { break; } ulong time = Time.Now; if (time > (last_update_check + (30 * 60 * 1000))) { last_update_check = time; CheckLatestVersion(); } if (time > (fast_ping_timer + 2000)) { fast_ping_timer = time; UserPool.AUsers.ForEachWhere(x => x.SendPacket(TCPOutbound.FastPing()), x => x.LoggedIn && x.FastPing); BanSystem.AutoClearBans(); Avatars.CheckAvatars(time); } if (time > (reset_floods_timer + 60000)) { reset_floods_timer = time; FloodControl.Reset(); Proxies.Updater(Helpers.UnixTime); } this.udp.ServiceUdp(time); this.CheckTCPListener(time); this.ServiceAresSockets(time); this.ServiceLeaves(link_mode, time); this.ServiceWW(); Linker.Service(time); if (can_web_chat) { this.ServiceWebSockets(time); if (time > (channel_push_timer + 1200000)) { channel_push_timer = time; ib0t.ChannelPusher.Push(); } } if (time > (room_search_timer + 1800000)) { room_search_timer = time; if (Settings.Get <bool>("roomsearch")) { UdpChannelList.Update(); } } Events.CycleTick(); Thread.Sleep(25); } }
private static void Login(AresClient client, TCPPacketReader packet, ulong time, bool relogin) { if (client.LoggedIn) { return; } client.FastPing = relogin; client.Guid = packet; client.FileCount = packet; ushort org_files = client.FileCount; byte crypto = packet; client.DataPort = packet; client.NodeIP = packet; client.NodePort = packet; packet.SkipBytes(4); client.OrgName = packet.ReadString(client); Helpers.FormatUsername(client); client.Name = client.OrgName; client.Version = packet.ReadString(client); client.Ares = client.Version.StartsWith("Ares 2.") || client.Version.StartsWith("Ares_2."); client.IsCbot = client.Version.StartsWith("cb0t "); client.CustomClient = true; // everyone can be custom client client.LocalIP = packet; packet.SkipBytes(4); client.Browsable = ((byte)packet) > 2 && Settings.Get <bool>("files"); client.CurrentUploads = packet; client.MaxUploads = packet; client.CurrentQueued = packet; client.Age = packet; client.Sex = packet; client.Country = packet; client.Region = packet.ReadString(client); if (client.Region.Length > 30) { client.Region = client.Region.Substring(0, 30); } client.FileCount = client.Browsable && client.Version.StartsWith("Ares") ? client.FileCount : (ushort)0; if (client.FileCount == 0) { client.Browsable = false; } // new proto data if (packet.Remaining > 0) { byte vc = packet; client.VoiceChatPublic = ((vc & 1) == 1); client.VoiceChatPrivate = ((vc & 2) == 2); client.VoiceOpusChatPublic = ((vc & 4) == 4); client.VoiceOpusChatPrivate = ((vc & 8) == 8); client.SupportsHTML = ((vc & 16) == 16); if (client.VoiceOpusChatPublic) { client.VoiceChatPublic = true; } if (client.VoiceOpusChatPrivate) { client.VoiceChatPrivate = true; } } // maybe add encryption in next cbot? client.Encryption.Mode = crypto == 250 ? EncryptionMode.Encrypted : EncryptionMode.Unencrypted; IPAddress p_check = new IPAddress(client.ExternalIP.GetAddressBytes()); client.OriginalIP = p_check; if (client.Version.StartsWith("cb0t")) { ObSalt.GetSalt(client); // client doesn't support file sharing, so protect their external ip from idiots! } client.Captcha = !Settings.Get <bool>("captcha"); if (!client.Captcha) { client.Captcha = CaptchaManager.HasCaptcha(client); } if (client.Encryption.Mode == EncryptionMode.Encrypted) { client.Encryption.Key = Crypto.CreateKey; client.Encryption.IV = Crypto.CreateIV; client.SendPacket(TCPOutbound.CryptoKey(client)); } // Use Original IP here // Fixes issue #30 https://github.com/AresChat/sb0t/issues/30 if ((UserPool.AUsers.FindAll(x => x.OriginalIP.Equals(client.OriginalIP)).Count + UserPool.WUsers.FindAll(x => x.OriginalIP.Equals(client.OriginalIP)).Count) > 5) { Events.Rejected(client, RejectedMsg.TooManyClients); throw new Exception("too many clients from this ip"); } if (UserHistory.IsJoinFlooding(client, time)) { Events.Rejected(client, RejectedMsg.TooSoon); throw new Exception("joined too quickly"); } IClient hijack = UserPool.AUsers.Find(x => (x.Name == client.Name || x.OrgName == client.OrgName) && x.ID != client.ID && x.LoggedIn); if (hijack == null) { hijack = UserPool.WUsers.Find(x => (x.Name == client.Name || x.OrgName == client.OrgName) && x.ID != client.ID && x.LoggedIn); } if (hijack != null) { if (hijack.OriginalIP.Equals(client.OriginalIP)) // Possible issue with using masked ip lets use orginal instead { if (!hijack.WebClient) { ((AresClient)hijack).Disconnect(true); } else { ((ib0t.ib0tClient)hijack).Disconnect(); } client.Name = client.OrgName; client.FastPing = true; } else { Events.Rejected(client, RejectedMsg.NameInUse); throw new Exception("name in use"); } } UserHistory.AddUser(client, time); if (BanSystem.IsBanned(client)) { if (!Helpers.IsLocalHost(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.Banned); throw new Exception("banned user"); } } if (client.LocalIP.ToString() == "6.6.6.6" || client.LocalIP.ToString() == "7.8.7.8" || org_files == 6969) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.Banned); throw new Exception("spam bot"); } if (Settings.Get <bool>("age_restrict")) { if (client.Age > 0) { if ((byte)Settings.Get <int>("age_restrict_value") > client.Age) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.UnderAge); throw new Exception("under aged user"); } } } if (Helpers.IsUnacceptableGender(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.UnacceptableGender); throw new Exception("unacceptable gender"); } if (Proxies.Check(p_check, client.DNS)) { if (!Helpers.IsLocalHost(client)) { if (Events.ProxyDetected(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.Proxy); throw new Exception("proxy detected"); } } } client.Quarantined = !client.Captcha && Settings.Get <int>("captcha_mode") == 1; if (!Events.Joining(client)) { if (!Helpers.IsLocalHost(client)) { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } Events.Rejected(client, RejectedMsg.UserDefined); throw new Exception("user defined rejection"); } } IgnoreManager.LoadIgnores(client); if (Helpers.IsLocalHost(client)) { client.Captcha = true; client.Quarantined = false; client.Registered = true; client.Owner = true; } if (hijack != null) { if (hijack.Cloaked) { hijack = null; } } if (!client.Quarantined) { if (hijack == null || !(hijack is AresClient)) { LinkLeaf.LinkUser other = null; if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { other = leaf.Users.Find(x => x.Vroom == client.Vroom && x.Name == client.Name && x.Link.Visible); if (other != null) { other.LinkCredentials.Visible = false; break; } } } UserPool.AUsers.ForEachWhere(x => x.SendPacket(other == null ? TCPOutbound.Join(x, client) : TCPOutbound.UpdateUserStatus(x, client)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => x.QueuePacket(other == null ? ib0t.WebOutbound.JoinTo(x, client.Name, client.Level) : ib0t.WebOutbound.UpdateTo(x, client.Name, client.Level)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined); } client.LoggedIn = true; client.SendPacket(TCPOutbound.Ack(client)); client.SendPacket(TCPOutbound.MyFeatures(client)); client.SendPacket(TCPOutbound.FavIcon()); client.SendPacket(TCPOutbound.TopicFirst(client, Settings.Topic)); client.SendPacket(TCPOutbound.UserlistBot(client)); UserPool.AUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.Userlist(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && !x.Cloaked); UserPool.WUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.Userlist(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && !x.Cloaked); if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { leaf.Users.ForEachWhere(x => client.SendPacket(TCPOutbound.Userlist(client, x)), x => x.Vroom == client.Vroom && x.Link.Visible && !x.Cloaked); } } client.SendPacket(TCPOutbound.UserListEnd()); client.SendPacket(TCPOutbound.OpChange(client)); client.SendPacket(TCPOutbound.SupportsVoiceClips()); client.SendPacket(TCPOutbound.Url(client, Settings.Get <String>("link", "url"), Settings.Get <String>("text", "url"))); client.SendPacket(TCPOutbound.PersonalMessageBot(client)); client.SendPacket(Avatars.Server(client)); if (client.CustomClient) { UserPool.AUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.VoiceChatUserSupport(client, x)), x => (x.VoiceChatPrivate || x.VoiceChatPublic) && !x.Quarantined && !x.Cloaked); } UserPool.AUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.Avatar(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && x.Avatar.Length > 0 && !x.Quarantined && !x.Cloaked); UserPool.WUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.Avatar(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && !x.Cloaked); if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { leaf.Users.ForEachWhere(x => client.SendPacket(TCPOutbound.Avatar(client, x)), x => x.Vroom == client.Vroom && x.Link.Visible && x.Avatar.Length > 0 && !x.Cloaked); } } UserPool.AUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.PersonalMessage(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && x.PersonalMessage.Length > 0 && !x.Quarantined && !x.Cloaked); UserPool.WUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.PersonalMessage(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.Quarantined && !x.Cloaked); if (ServerCore.Linker.Busy) { foreach (LinkLeaf.Leaf leaf in ServerCore.Linker.Leaves) { leaf.Users.ForEachWhere(x => client.SendPacket(TCPOutbound.PersonalMessage(client, x)), x => x.Vroom == client.Vroom && x.Link.Visible && x.PersonalMessage.Length > 0 && !x.Cloaked); } } FloodControl.Remove(client); if (client.SocketConnected) { IdleManager.Set(client); } if (ServerCore.Linker.Busy && ServerCore.Linker.LoginPhase == LinkLeaf.LinkLogin.Ready) { ServerCore.Linker.SendPacket(LinkLeaf.LeafOutbound.LeafJoin(ServerCore.Linker, client)); } Events.Joined(client); if (client.Owner) { client.Level = ILevel.Host; } if (client.IsCbot) { UserPool.AUsers.ForEachWhere(x => client.SendPacket(TCPOutbound.CustomFont(client, x)), x => x.LoggedIn && x.Vroom == client.Vroom && x.Font.Enabled && !x.Cloaked); } } else { if (hijack != null && hijack is AresClient) { ((AresClient)hijack).SendDepart(); } client.LoggedIn = true; client.SendPacket(TCPOutbound.Ack(client)); client.SendPacket(TCPOutbound.MyFeatures(client)); client.SendPacket(TCPOutbound.FavIcon()); client.SendPacket(TCPOutbound.TopicFirst(client, Settings.Topic)); client.SendPacket(TCPOutbound.UserlistBot(client)); client.SendPacket(TCPOutbound.UserListEnd()); client.SendPacket(TCPOutbound.PersonalMessageBot(client)); client.SendPacket(Avatars.Server(client)); CaptchaItem cap = Captcha.Create(); client.CaptchaWord = cap.Word; Events.CaptchaSending(client); client.SendPacket(TCPOutbound.NoSuch(client, String.Empty)); foreach (String str in cap.Lines) { client.SendPacket(TCPOutbound.NoSuch(client, str)); } client.SendPacket(TCPOutbound.NoSuch(client, String.Empty)); FloodControl.Remove(client); } }
public static void SecureLogin(IClient client, byte[] password) { List <IPAddress> addresses = new List <IPAddress>(); addresses.Add(IPAddress.Loopback); addresses.Add(Settings.ExternalIP); addresses.Add(Settings.LocalIP); using (SHA1 sha1 = SHA1.Create()) { String owner = Settings.Get <String>("owner"); if (!String.IsNullOrEmpty(owner)) { foreach (IPAddress ip in addresses) { byte[] pwd = sha1.ComputeHash(Encoding.UTF8.GetBytes(owner)); pwd = sha1.ComputeHash(SecurePassword(pwd, client.Cookie, ip)); if (pwd.SequenceEqual(password)) { client.Registered = true; client.Captcha = true; client.Owner = true; Events.LoginGranted(client); client.Level = ILevel.Host; client.Password = sha1.ComputeHash(Encoding.UTF8.GetBytes(owner)); if (client.Quarantined) { client.Unquarantine(); } CaptchaManager.AddCaptcha(client); ServerCore.Log(client.Name + " logged in with the room owner account"); return; } } } var linq = Settings.Get <bool>("strict") ? (from x in list where x.Guid.Equals(client.Guid) select x) : (from x in list select x); foreach (Account a in linq) { foreach (IPAddress ip in addresses) { byte[] pwd = sha1.ComputeHash(SecurePassword(a.Password, client.Cookie, ip)); if (pwd.SequenceEqual(password)) { client.Registered = true; client.Captcha = true; Events.LoginGranted(client); client.Level = a.Level; client.Password = a.Password; if (client.Quarantined) { client.Unquarantine(); } CaptchaManager.AddCaptcha(client); ServerCore.Log(client.Name + " logged in with " + a.Name + "'s account [level designation: " + a.Level + "]"); return; } } } } }
private static void Public(AresClient client, TCPPacketReader packet) { String text = packet.ReadString(client); if (text.Length > 300) { text = text.Substring(0, 300); } if (text.StartsWith("#login") || text.StartsWith("#register")) { Command(client, text.Substring(1)); return; } if (text.StartsWith("#") && client.SocketConnected) { Command(client, text.Substring(1)); } if (client.SocketConnected) { if (!client.Captcha) { if (String.IsNullOrEmpty(client.CaptchaWord) || (client.CaptchaWord.Length > 0 && client.CaptchaWord.ToUpper() != Helpers.StripColors(text).Trim().ToUpper())) { if (client.CaptchaWord.Length > 0 && client.CaptchaWord.ToUpper() != Helpers.StripColors(text).Trim().ToUpper()) { Events.CaptchaReply(client, text); if (!client.SocketConnected) { return; } } CaptchaItem cap = Captcha.Create(); client.CaptchaWord = cap.Word; Events.CaptchaSending(client); client.SendPacket(TCPOutbound.NoSuch(client, String.Empty)); foreach (String str in cap.Lines) { client.SendPacket(TCPOutbound.NoSuch(client, str)); } client.SendPacket(TCPOutbound.NoSuch(client, String.Empty)); return; } else { client.Captcha = true; Events.CaptchaReply(client, text); CaptchaManager.AddCaptcha(client); if (client.Quarantined) { client.Unquarantine(); } return; } } else { Events.TextReceived(client, text); } } else { return; } if (client.SocketConnected) { text = Events.TextSending(client, text); if (!String.IsNullOrEmpty(text) && client.SocketConnected && !client.Muzzled) { if (client.Idled) { uint seconds_away = (uint)((Time.Now - client.IdleStart) / 1000); IdleManager.Remove(client); Events.Unidled(client, seconds_away); } if (client.SocketConnected) { byte[] js_style = null; AresFont font = (AresFont)client.Font; if (font.Enabled) { font.IsEmote = !String.IsNullOrEmpty(client.CustomName); js_style = TCPOutbound.Font(font); } UserPool.AUsers.ForEachWhere(x => { if (x.SupportsHTML && x.Ares) { if (String.IsNullOrEmpty(client.CustomName) || x.BlockCustomNames) { if (x.SupportsHTML) { if (js_style != null) { x.SendPacket(js_style); } } x.SendPacket(TCPOutbound.Public(x, client.Name, text)); } else { if (x.SupportsHTML) { if (js_style != null) { x.SendPacket(js_style); } } x.SendPacket(TCPOutbound.NoSuch(x, client.CustomName + text)); } } else { if (String.IsNullOrEmpty(client.CustomName) || x.BlockCustomNames) { x.SendPacket(TCPOutbound.Public(x, client.Name, text)); } else { x.SendPacket(TCPOutbound.NoSuch(x, client.CustomName + text)); } } }, x => x.LoggedIn && x.Vroom == client.Vroom && !x.IgnoreList.Contains(client.Name) && !x.Quarantined); UserPool.WUsers.ForEachWhere(x => x.QueuePacket(String.IsNullOrEmpty(client.CustomName) ? ib0t.WebOutbound.PublicTo(x, client.Name, text) : ib0t.WebOutbound.NoSuchTo(x, client.CustomName + text)), x => x.LoggedIn && x.Vroom == client.Vroom && !x.IgnoreList.Contains(client.Name) && !x.Quarantined); if (ServerCore.Linker.Busy && ServerCore.Linker.LoginPhase == LinkLeaf.LinkLogin.Ready) { ServerCore.Linker.SendPacket(LinkLeaf.LeafOutbound.LeafPublicText(ServerCore.Linker, client.Name, text)); } Events.TextSent(client, text); } } } }