Re: encryption

From: Stefan Kaczmarek <stefan_at_thezonie.org>
Date: Thu, 14 Jun 2007 12:44:58 -0700

I decrypted both of those packets fine. The second one was op code 2,
length 0x1a, a sha and ip 65.120.42.225.

I use the exact same code to encrypt and decrypt ... What do you need
from me to figure this out?

        private static void DoCrypt(int key,byte[] data,int offset)
        {
                byte bite=0;
                for(int i=offset;i<data.length;i++)
                {
// key = (key * 1103515245 + 12345) & 0x7fffffff;
                        
                        // Bork the key
                        int a=key>>>16;
                        int b=key&0xffff;
                        a=(a * (1103515245 >>> 16))+12345;
                        b=(b * (1103515245 & 0xffff))+12345;
                        key=(key ^ a) ^ b;
                        
                        bite=(byte)((key/65536) % 256);
                        data[i] ^= bite;
                }
        }

- Z

On Jun 14, 2007, at 12:32 PM, Dylan Douglas wrote:

> Okay, finally got Wireshark to work on the MiiVi server. Here's the
> deal:
>
> I get the encrypted ping:
> { 0x61, 0xef, 0xb9, 0x16, 0x75, 0x28, 0xb3 }
> Decrypt it and get:
> { 0x00, 0x00, 0x00 }
> Yay teh shit works, right?
>
> I get the pierce, I'll assume by the length:
> { 0xb8, 0xde, 0xa1, 0x23, 0xff, 0x0f, 0xc4, 0xd9, 0x51, 0x93, 0x8d,
> 0x85, 0x3d, 0xe0, 0xa8, 0x87, 0x5a, 0xf6, 0x93, 0x69, 0xdc, 0xdb,
> 0x8c,
> 0x5d, 0x30, 0x2e, 0x1c, 0xfd, 0x8b, 0xcf, 0x8f, 0x2a, 0xf1 }
> Decrypt it and get:
> { 0x03, 0x01, 0x19, 0x0c ..... }
> Doh! WTF is a 0x03 op code? Also the length is screwed, since it
> should
> come out to be 1A.
>
> Both of these are from my office machine, so why does one work and the
> other is borkered? I checked several ping packets and they all work.
> All the other packets are fucked. Can you check your encryption is
> being happy for the piercing and not just the pinging? The weird
> thing
> is the packet aren't unencrypted either.
>
>
>
> -----
> Dylan Douglas
> MediaDefender
>
>
>
> <winmail.dat>
Received on Fri Sep 14 2007 - 10:56:03 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:48 BST