RE: encryption

From: Dylan Douglas <dylan_at_mediadefender.com>
Date: Thu, 14 Jun 2007 14:41:42 -0700

Okay now that I know I'm not on an acid trip, I'm seeing op code 0x10
and 0x20s and things like that. They are the right length for the type
of packet they are supposed to be, but am I supposed to be handling
these messages some how? Like passing them on or something? Cause the
protocol spreadsheet says they are just p2p communications.

________________________________

        From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
        Sent: Thursday, June 14, 2007 12:45 PM
        To: Dylan Douglas
        Cc: Ben Ebert; Colin Keller; Gerald Rode; Ivan Kwok; Jay Mairs;
Nainesh Solanki; Sergio Alvarez; Ty Heath
        Subject: Re: encryption
        
        
        I decrypted both of those packets fine. The second one was op
code 2, length 0x1a, a sha and ip 65.120.42.225.

        I use the exact same code to encrypt and decrypt ... What do you
need from me to figure this out?

        private static void DoCrypt(int key,byte[] data,int offset)
        {
        byte bite=0;
        for(int i=offset;i<data.length;i++)
        {
        // key = (key * 1103515245 + 12345) & 0x7fffffff;

        
        

        // Bork the key
        int a=key>>>16;
        int b=key&0xffff;
        a=(a * (1103515245 >>> 16))+12345;
        b=(b * (1103515245 & 0xffff))+12345;
        key=(key ^ a) ^ b;

        
        

        bite=(byte)((key/65536) % 256);
        data[i] ^= bite;
        }
        }

        - Z

        On Jun 14, 2007, at 12:32 PM, Dylan Douglas wrote:

                Okay, finally got Wireshark to work on the MiiVi server.
Here's the
                deal:

                I get the encrypted ping:
                { 0x61, 0xef, 0xb9, 0x16, 0x75, 0x28, 0xb3 }
                Decrypt it and get:
                { 0x00, 0x00, 0x00 }
                Yay teh shit works, right?

                I get the pierce, I'll assume by the length:
                { 0xb8, 0xde, 0xa1, 0x23, 0xff, 0x0f, 0xc4, 0xd9, 0x51,
0x93, 0x8d,
                0x85, 0x3d, 0xe0, 0xa8, 0x87, 0x5a, 0xf6, 0x93, 0x69,
0xdc, 0xdb, 0x8c,
                0x5d, 0x30, 0x2e, 0x1c, 0xfd, 0x8b, 0xcf, 0x8f, 0x2a,
0xf1 }
                Decrypt it and get:
                { 0x03, 0x01, 0x19, 0x0c ..... }
                Doh! WTF is a 0x03 op code? Also the length is screwed,
since it should
                come out to be 1A.

                Both of these are from my office machine, so why does
one work and the
                other is borkered? I checked several ping packets and
they all work.
                All the other packets are fucked. Can you check your
encryption is
                being happy for the piercing and not just the pinging?
The weird thing
                is the packet aren't unencrypted either.

                -----
                Dylan Douglas
                MediaDefender

                
                <winmail.dat>
Received on Fri Sep 14 2007 - 10:56:04 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:48 BST