|
|
@ -20,6 +20,8 @@ namespace NightmareCoreWeb2 |
|
|
|
public DateTime LastLogin { get; set; } |
|
|
|
public DateTime LastLogin { get; set; } |
|
|
|
public List<Character> Characters { get; set; } |
|
|
|
public List<Character> Characters { get; set; } |
|
|
|
public List<AccountAccess> Access { get; set; } |
|
|
|
public List<AccountAccess> Access { get; set; } |
|
|
|
|
|
|
|
private readonly BigInteger g = 7; |
|
|
|
|
|
|
|
private readonly BigInteger N = BigInteger.Parse("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7", NumberStyles.HexNumber); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public static Account AccountByID(int id) |
|
|
|
public static Account AccountByID(int id) |
|
|
@ -149,59 +151,67 @@ namespace NightmareCoreWeb2 |
|
|
|
MySqlCommand cmd = new MySqlCommand(sql, conn); |
|
|
|
MySqlCommand cmd = new MySqlCommand(sql, conn); |
|
|
|
cmd.Parameters.AddWithValue("username", this.Username); |
|
|
|
cmd.Parameters.AddWithValue("username", this.Username); |
|
|
|
MySqlDataReader rdr = cmd.ExecuteReader(); |
|
|
|
MySqlDataReader rdr = cmd.ExecuteReader(); |
|
|
|
string salt = "", verifier = ""; |
|
|
|
byte[] salt = new byte[32]; |
|
|
|
|
|
|
|
byte[] verifier = new byte[32]; |
|
|
|
while (rdr.Read()) |
|
|
|
while (rdr.Read()) |
|
|
|
{ |
|
|
|
{ |
|
|
|
try |
|
|
|
try |
|
|
|
{ |
|
|
|
{ |
|
|
|
salt = rdr.GetString(0); |
|
|
|
rdr.GetBytes(0, 0, salt, 0, 32); |
|
|
|
verifier = rdr.GetString(1); |
|
|
|
rdr.GetBytes(1, 0, verifier, 0, 32); |
|
|
|
} |
|
|
|
} |
|
|
|
catch (Exception) { } |
|
|
|
catch (Exception) { } |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return VerifySRP6Login(this.Username, password, Encoding.ASCII.GetBytes(salt), Encoding.ASCII.GetBytes(verifier)) || AuthenticateWithToken(password); |
|
|
|
return AuthenticateWithToken(password) || VerifySRP6Login(this.Username, password, salt, verifier); |
|
|
|
} |
|
|
|
} |
|
|
|
// https://gist.github.com/Rochet2/3bb0adaf6f3e9a9fbc78ba5ce9a43e09
|
|
|
|
public bool VerifySRP6Login(string username, string password, byte[] salt, byte[] verifier) |
|
|
|
public static byte[] CalculateSRP6Verifier(string username, string password, byte[] salt_bytes) |
|
|
|
|
|
|
|
{ |
|
|
|
{ |
|
|
|
// algorithm constants
|
|
|
|
// re-calculate the verifier using the provided username + password and the stored salt
|
|
|
|
BigInteger g = 7; |
|
|
|
byte[] checkVerifier = CalculateVerifier(username, password, salt); |
|
|
|
BigInteger N = BigInteger.Parse("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7", NumberStyles.HexNumber); |
|
|
|
Console.WriteLine($"{Encoding.ASCII.GetString(verifier)} {verifier.Length} bytes\n{Encoding.ASCII.GetString(checkVerifier)} {checkVerifier.Length} bytes"); |
|
|
|
|
|
|
|
Console.WriteLine($"DB {new BigInteger(verifier)}\nTC {new BigInteger(CalculateVerifier(username, password, salt))}"); |
|
|
|
SHA1 sha1 = SHA1.Create(); |
|
|
|
// compare it against the stored verifier
|
|
|
|
|
|
|
|
return verifier.SequenceEqual(checkVerifier.Reverse().ToArray()); |
|
|
|
// calculate first hash
|
|
|
|
} |
|
|
|
byte[] login_bytes = Encoding.ASCII.GetBytes((username + ':' + password).ToUpper()); |
|
|
|
public byte[] Hash(byte[] componentOne, byte[] componentTwo) |
|
|
|
byte[] h1_bytes = sha1.ComputeHash(login_bytes); |
|
|
|
{ |
|
|
|
|
|
|
|
if (componentOne == null) throw new ArgumentNullException(nameof(componentOne)); |
|
|
|
// calculate second hash
|
|
|
|
if (componentTwo == null) throw new ArgumentNullException(nameof(componentTwo)); |
|
|
|
byte[] h2_bytes = sha1.ComputeHash(salt_bytes.Concat(h1_bytes).ToArray()); |
|
|
|
return Hash(componentOne.Concat(componentTwo).ToArray()); |
|
|
|
|
|
|
|
} |
|
|
|
// convert to integer (little-endian)
|
|
|
|
public byte[] Hash(byte[] bytes) |
|
|
|
BigInteger h2 = new BigInteger(h2_bytes.Reverse().ToArray()); |
|
|
|
{ |
|
|
|
Console.WriteLine(h2); |
|
|
|
if (bytes == null) throw new ArgumentNullException(nameof(bytes)); |
|
|
|
|
|
|
|
|
|
|
|
// g^h2 mod N
|
|
|
|
|
|
|
|
BigInteger verifier = BigInteger.ModPow(g, h2, N); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// convert back to a byte array (little-endian)
|
|
|
|
|
|
|
|
byte[] verifier_bytes = verifier.ToByteArray().Reverse().ToArray(); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// pad to 32 bytes, remember that zeros go on the end in little-endian!
|
|
|
|
|
|
|
|
byte[] verifier_bytes_padded = new byte[Math.Max(32, verifier_bytes.Length)]; |
|
|
|
|
|
|
|
Buffer.BlockCopy(verifier_bytes, 0, verifier_bytes_padded, 0, verifier_bytes.Length); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// done!
|
|
|
|
//WoW expects non-secure SHA1 hashing. SRP6 is deprecated too. We need to do it anyway
|
|
|
|
return verifier_bytes_padded; |
|
|
|
using (SHA1 shaProvider = SHA1.Create()) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
return shaProvider.ComputeHash(bytes); |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
public static bool VerifySRP6Login(string username, string password, byte[] salt, byte[] verifier) |
|
|
|
public byte[] CalculateVerifier(string username, string password, byte[] salt) |
|
|
|
{ |
|
|
|
{ |
|
|
|
// re-calculate the verifier using the provided username + password and the stored salt
|
|
|
|
using (SHA1 shaProvider = SHA1.Create()) |
|
|
|
byte[] checkVerifier = CalculateSRP6Verifier(username, password, salt); |
|
|
|
{ |
|
|
|
Console.WriteLine($"{Encoding.ASCII.GetString(verifier)}\n{Encoding.ASCII.GetString(checkVerifier)}"); |
|
|
|
if (BitConverter.IsLittleEndian) |
|
|
|
// compare it against the stored verifier
|
|
|
|
{ |
|
|
|
return verifier.SequenceEqual(checkVerifier); |
|
|
|
return BigInteger.ModPow( |
|
|
|
|
|
|
|
g, |
|
|
|
|
|
|
|
new BigInteger(Hash(salt, Hash(Encoding.UTF8.GetBytes($"{username.ToUpper()}:{password.ToUpper()}")))), |
|
|
|
|
|
|
|
N |
|
|
|
|
|
|
|
).ToByteArray(); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
return BigInteger.ModPow( |
|
|
|
|
|
|
|
g, |
|
|
|
|
|
|
|
new BigInteger(Hash(salt, Hash(Encoding.UTF8.GetBytes($"{username.ToUpper()}:{password.ToUpper()}")).Reverse().ToArray())), |
|
|
|
|
|
|
|
N |
|
|
|
|
|
|
|
).ToByteArray(); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|