Server Help

Trash Talk - Unknown files in server directory
Qndre - Tue Mar 23, 2004 4:04 pm
Post subject: Unknown files in server directory
"scrty" and "scrty1"
What's the content of these files?
n64 said it's related to encryption.
Maybe the ominous key "tables"?
_
PS: If they are the key tables, I've won with my client but if they aren't, that's a bit embarrassing. biggrin.gif
PPS: I want to know if they are the encryption tables before I start to implement them because it would be much time wasted if they weren't the encryption tables.
Mr Ekted - Tue Mar 23, 2004 7:24 pm
Post subject:
They are. They are generated by the Continuum client.
CypherJF - Tue Mar 23, 2004 10:13 pm
Post subject:
Won't do much good, because they change on each execution don't they?
Mr Ekted - Tue Mar 23, 2004 10:15 pm
Post subject:
Yes, they are unique per zone. If you ran your own zone, then you'd be able to use the files in your own bots to login as Cont (provided you knew how to use the files to encrypt packets, and you supported the additional Cont protocols).
Mine GO BOOM - Tue Mar 23, 2004 11:09 pm
Post subject: Re: Unknown files in server directory
Qndre wrote:
before I start to implement them

Umm.. having a table of keys, in a format that is unknown to you, won't help you much. Its not like those keys are just XOR with the data like VIEs.

Keep your time spent on making your client working well before you attempt to spend a great deal of time on encryption.
Qndre - Wed Mar 24, 2004 7:00 am
Post subject:
Time for a mass-reply!
_
Mine GO BOOM wrote:

Keep your time spent on making your client working well before you attempt to spend a great deal of time on encryption.

Of course I will make it work properly first but I will keep the encryption module updatable.
_
CypherJF wrote:

Won't do much good, because they change on each execution don't they?

No they don't change both. It's only one which changes. Load the "scrty" into notepad, run subgame2 and load it again. You'll see it has been changed by subgame2. Then try the same with "scrty1". Load it into notepad, run subgame2 and open it again. And you'll see it has NOT changed.
_
Mine GO BOOM wrote:

Its not like those keys are just XOR with the data like VIEs.

VIE keys are also not just XORred with the data. That's why you need a black-box-like "sasme.dll" to implement it. A continous keystream is built of the key and this keystream ig XORred with the data. In CONT it's similar. It's just that the keystream is longer than in VIE. (it's 8320 bit in CONT)
_
Mine GO BOOM wrote:

Umm.. having a table of keys, in a format that is unknown to you (why should it be unknown?), won't help you much.

The format is not unknown, it is an array. I only don't know it's dimensions but there will be a way to calculate the dimensions.
_
Mr Ekted wrote:

provided you knew (provided I knew? I do) how to use the files to encrypt packets, and you supported the additional Cont protocols

First yes! Second maybe! What's that? Additional Cont protocols? If that's only the extra-packets CTM has then I am also able to implement them.
Mine GO BOOM - Wed Mar 24, 2004 8:31 am
Post subject:
Qndre wrote:
Sorry but that's not right. If you delete them and only run the server (and don't connect with a client) then they are also generated. Just delete them and run "subgame2" without connecting to it and they will be generated.

Incorrect. Continuum itself makes those files, just subgame2 tells it to dump them to a file. Try this with just the VIE client and you'll notice.
Qndre wrote:
No they don't. Load the "scrty" into notepad, run subgame2 and load it again. You'll see it has been changed by subgame2. Then try the same with "scrty1". Load it into notepad, run subgame2 and open it again. And you'll see it has NOT changed.

Scrty1 changes with versions of Continuum. Every release so far changes the tables and the format around a bit.
Qndre - Wed Mar 24, 2004 9:07 am
Post subject:
Mine GO BOOM wrote:

Incorrect. Continuum itself makes those files, just subgame2 tells it to dump them to a file. Try this with just the VIE client and you'll notice.

Oh, k. But even if no client has connected to the zone yet, these files are generated. So subgame2 calls the client whenever it needs the tables to be generated? So if you run subgame2 on a machine which has no Continuum installed then "scrty" and "scrty1" won't be generated and the server doesn't support Continuum encryption if there is no Continuum client on the machine? And you can't rip these files? They are unique for each server like Ekted says? So a server can never use Continuum encryption if the machine it's running on doesn't have the original Continuum client installed?
Cyan~Fire - Wed Mar 24, 2004 10:18 am
Post subject:
Have you ever thought that maybe the server creates just an incomplete 'scrty1' file when you first run it and then fills it out when a client connects?
Mr Ekted - Wed Mar 24, 2004 2:22 pm
Post subject:
Here we go again. Qndre asks for help, we answer him, and he proceeds to tell us all we are full of shit. I am tired of his attitude, and will no longer help him. Good luck with your "one packet per month" project. Bye.
Anonymous - Wed Mar 24, 2004 6:01 pm
Post subject:
subgame uses version1/subspace.exe. The latest continuum client is renamed to subspace.exe and put in that folder. That is also how some zones are ctm39pr1 only.

@Qndre
If a sentence doesn't have a '?' on the end, it is a statement, not a question, so don't try and 'answer' them.
Qndre - Thu Mar 25, 2004 10:10 am
Post subject:
Cyan~Fire wrote:

Have you ever thought that maybe the server creates just an incomplete 'scrty1' file when you first run it and then fills it out when a client connects?

No. But I didn't even know that the client generates those tables.
Mr Ekted wrote:

They are generated by the Continuum client.

But what if you don't have a Continuum client installed on your system but only the server? Then "subgame2" won't be able to run or won't be able to use encryption? Doesn't seem very plausible to me.
Mr Ekted wrote:

Qndre asks for help, we answer him, and he proceeds to tell us all we are full of shit.

I have NEVER said that. Quote the sentences out of any post of THIS THREAD which say that.
One thing I don't know is why I still post threads here if all I get is a reply that I am foolish and inexperienced and that I don't know anything and that I am a big asshole? You can call you assholes each other if you want. I won't post here any more.
Mine GO BOOM - Thu Mar 25, 2004 11:37 am
Post subject:
Qndre wrote:
But what if you don't have a Continuum client installed on your system but only the server? Then "subgame2" won't be able to run or won't be able to use encryption? Doesn't seem very plausible to me.

It doesn't need to be installed. In fact, I havn't had Subspace or Continuum 'installed' on my systems in over 4 years. I've just extracted zip files to places, and then run it.

Its the same way the server works. It looks inside a subfolder for the Continuum client's exe. If it finds it, it loads it up and gets access to the encryption. If it cannot find it, it doesn't get access to the encryption. It doesn't look for Continuum to be installed on the system, it just looks at a predefined location and expects it to be there.
Cyan~Fire - Thu Mar 25, 2004 11:49 am
Post subject:
Smong wrote:
subgame uses version1/subspace.exe. The latest continuum client is renamed to subspace.exe and put in that folder.
Qndre - Thu Mar 25, 2004 12:06 pm
Post subject:
Mine GO BOOM wrote:
[..]
Its the same way the server works. It looks inside a subfolder for the Continuum client's exe. If it finds it, it loads it up and gets access to the encryption. If it cannot find it, it doesn't get access to the encryption. [..]

With "installed" I only meant that a client is anywhere on the system. So if no client is on the disk, the server uses the old VIE encryption and if there is, it uses the client to encrypt the packets? Now I got it right?
Smong - Thu Mar 25, 2004 12:14 pm
Post subject:
Why do I get the feeling no one reads my posts? Have a look about 5 posts up, 24th March 2004, 11:01 pm.

To test your theory, delete or rename version1/subspace.exe, scrty and sctry1. Then try connecting to the server with continuum (ctm doesn't have a vie enc fallback option).
nintendo64 - Thu Mar 25, 2004 12:42 pm
Post subject:
Smong wrote:
Why do I get the feeling no one reads my posts? Have a look about 5 posts up, 24th March 2004, 11:01 pm.


Qndre seems to ignore or misinterpret all the posts done by some of the posters in the thread.

look at Spectate-Only Client... we had to repeat to him like over eight times the same stuff we already told him..... i don't know if it has a problem with understanding english or whether he does it without noticing.

Moving on

Mr Ekted wrote:
They are. They are generated by the Continuum client.


Qndre wrote:
Sorry but that's not right. If you delete them and only run the server (and don't connect with a client) then they are also generated. Just delete them and run "subgame2" without connecting to it and they will be generated.


Mr Ekted wrote:
Here we go again. Qndre asks for help, we answer him, and he proceeds to tell us all we are full of shit. I am tired of his attitude, and will no longer help him. Good luck with your "one packet per month" project. Bye.


what ekted means about your "attitude" Qndre is that if you don't know how something works, and you ask someone how it works, then why do you tell them, they are wrong? even thought you might think something works some specific way, you could be the one wrong. That's sometimes annoying along with some people you explain to them how it works and then they end up trying to explain to you how it works (Even Thought THEY DON'T KNOW).

Moving on

The question i have on my mind is... Subgame knows exactly the location of the encryption area in the Continuum Client. I thought there was some kind of "secure-space" interface used in CTM Client to grant access to others applications such as Ekted DLL. If Subgame has that kind of access wouldn't that be foolish? (considering how easy you can retrieve data from Subgame or Fix.dll for that matter)

-nintendo64
Qndre - Thu Mar 25, 2004 1:45 pm
Post subject:
nintendo64 wrote:

[..] even thought you might think something works some specific way, you could be the one wrong. That's sometimes annoying along with some people you explain to them how it works [..]
The question i have on my mind is... Subgame knows exactly the location of the encryption area in the Continuum Client. I thought there was some kind of "secure-space" interface used in CTM Client to grant access to others applications such as Ekted DLL. If Subgame has that kind of access wouldn't that be foolish? (considering how easy you can retrieve data from Subgame or Fix.dll for that matter)

_
I know that I can be wrong. Please tell me one person, who can't be? icon_smile.gif
_
Now to the encryption again. This means I can call the official client with some parameters and it generates these "scrty" and "scrty1" files for me, which I can save in an array and start using for the encryption? K, even if that worked, there might be a way without calling the client (PriitK has written such an algorithm so someone else will also be able to do, but maybe not without C biggrin.gif ) because I want to avoid a copyright violition even if Continuum itself is one. *laugh*
_
"scrty" and "scrty1" are arrays. I don't know their dimensions (I see how long they are, but not how many rows and how many columns they have if stored in an array) and "scrty" has some random or pseudo-random content. Everything in "scrty" changes if it's re-generated. "scrty1" is always the same or is only the same if generated on the same machine. (I have two different kinds of information so I'll try it out - it can be done easiely since I have more PCs running on one network)
_
These tables are used for encryption only, but not for security checksum, are they? The security checksum algorithm for CTM is different from the one for VIE, isn't it?
_
But you can say what you want, Continuum's encryption is definitely NOT one of the most secure encryptions. Even algorithms, which are more secure, have been cracked. Just think of some of the first versions of web encryptions (no idea if it was already called SSL) or even the hard-to-crack "hashing-algorithms"... So bruteforce won't help too much on CTM encryption. I figured out the keystream lenghth is 8320 bit (not sure about that) and the key is said to be 64-bit long and not only 32-bit like in VIE. (I've only seen 32-bit keys in the packets but maybe there are others transmitted in the handshake (handshake = 0x0010 and 0x0011 packet (not on the packetlist)))
_
The "scrty" and "scrty1" files look to me like they were certificates in a "private-key-public-key" (also called asymmetric encryption) algorithm (like PGP) but that is just a guess.
_
I'll try to get the source code of ASSS because in ASSS directory there are also these files and maybe ASSS also calls the client.
Cyan~Fire - Thu Mar 25, 2004 3:57 pm
Post subject:
ASSS has "security.*", which contains all the encryption information. It is the only part of ASSS that is not open-source.

Qndre wrote:
"scrty" and "scrty1" are arrays

You can't say it as if it's a fact. That's only what you've guessed.
Qndre - Thu Mar 25, 2004 4:26 pm
Post subject:
Yes but they look very much like arrays. And since they're called "Encryption Tables" ... A table is just a 2-dimensional array. But of course it can be completely different and they might also contain high-encrypted ASM code which can be executed after decrypting but that's not very plausible.
Mr Ekted - Fri Mar 26, 2004 3:09 am
Post subject:
They are files full of random numbers. Saying they "look like arrays" is not very astute.
Qndre - Fri Mar 26, 2004 3:09 pm
Post subject:
There is also a file in ASSS server called "security.so". Maybe it's also related to encryption. If my information is right, "*.so" files are just sourcecode files encrypted with a quite old technique called "secure-sourcecode". If I can decrypt the source out of the "security.so", I might be able to access those "scrty" and "scrty1" encryption tables. If I look at the "scrty1" file of ASSS before ASSS ran the first time, there is almost no information in it but much empty space. So maybe the key table is really just filled in if client runs...
_
The logo of "secure-sourcecode". Don't know if it's the official one because no official site exists any more (it's just too old).
Mine GO BOOM - Fri Mar 26, 2004 3:16 pm
Post subject:
Qndre wrote:
There is also a file in ASSS server called "security.so". Maybe it's also related to encryption. If my information is right, "*.so" files are just sourcecode files encrypted with a quite old technique called "secure-sourcecode".

Or, you could just look it up. Scroll down a bit till you get to the UNIX Shared Library Function section and read that.

Also, fixed your image, since no one should ever use bmps anymore. There is no reason.
Qndre - Fri Mar 26, 2004 4:05 pm
Post subject:
I guess without any information from other people I'd be able to crack the encryption in half a year. Maybe it also takes a whole year but that's the absolute maximum for an encryption of this strength.
Quote:

Or, you could just look it up. Scroll down a bit till you get to the UNIX Shared Library Function section and read that.

The file format is not explained but it seems to be assembly code because every disassembler accepts it.
Cyan~Fire - Fri Mar 26, 2004 5:33 pm
Post subject:
I wrote:
ASSS has "security.*", which contains all the encryption information.

Security.so for Linux and security.dll for Windows. Shortened to security.* for laziness.

Don't you ever read?
Mr Ekted - Fri Mar 26, 2004 6:12 pm
Post subject:
Typical Qndre dialog...

Qndre: MD5 is the easiest encryption ever. Took me 2 minutes to break it.
Other: MD5 is not encryption.
Qndre: Yes it is. It hides information.
Other: Encryption is reversible. MD5 is one way hash.
Qndre: I never said MD5 was encryption. I just said it was very tough.
D1st0rt - Fri Mar 26, 2004 6:23 pm
Post subject:
.so is just the linux version of a dll
nintendo64 - Fri Mar 26, 2004 8:52 pm
Post subject:
Mr Ekted wrote:
Typical Qndre dialog...

Qndre: MD5 is the easiest encryption ever. Took me 2 minutes to break it.
Other: MD5 is not encryption.
Qndre: Yes it is. It hides information.
Other: Encryption is reversible. MD5 is one way hash.
Qndre: I never said MD5 was encryption. I just said it was very tough.


heh

nintendo64 wrote:
what ekted means about your "attitude" Qndre is that if you don't know how something works, and you ask someone how it works, then why do you tell them, they are wrong? even thought you might think something works some specific way, you could be the one wrong. That's sometimes annoying along with some people you explain to them how it works and then they end up trying to explain to you how it works (Even Thought THEY DON'T KNOW).


-nintendo64
Dr Brain - Fri Mar 26, 2004 8:55 pm
Post subject:
After reading how you said you know that .so is encrypted sourcecode, I realized that you don't really read what everyone else is saying, and will no longer read this board, because posting here would be a waste of my time.

Best of luck to you on your project,
Dr Brain
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group