diff --git a/src/main/protocol/HPacket.java b/src/main/protocol/HPacket.java index 2d3e4c3..4df5708 100644 --- a/src/main/protocol/HPacket.java +++ b/src/main/protocol/HPacket.java @@ -235,6 +235,9 @@ public class HPacket implements StringifyAble { public void setReadIndex(int number) { readIndex = number; } + public void resetReadIndex() { + setReadIndex(6); + } public boolean isCorrupted() { diff --git a/src/main/protocol/memory/Rc4Obtainer.java b/src/main/protocol/memory/Rc4Obtainer.java index d1b083b..f0aaf9e 100644 --- a/src/main/protocol/memory/Rc4Obtainer.java +++ b/src/main/protocol/memory/Rc4Obtainer.java @@ -58,51 +58,60 @@ public class Rc4Obtainer { if (DEBUG) System.out.println("[+] send encrypted"); - List results = client.getRC4possibilities(); - outerloop: - for (byte[] possible : results) { + List cached = client.getRC4cached(); + boolean worked = onSendFirstEncryptedMessage(handler, cached); - byte[] encBuffer = new byte[handler.getEncryptedBuffer().size()]; - for (int i = 0; i < encBuffer.length; i++) { - encBuffer[i] = handler.getEncryptedBuffer().get(i); + if (!worked) { + worked = onSendFirstEncryptedMessage(handler, client.getRC4possibilities()); + if (!worked) { + System.err.println("COULD NOT FIND RC4 TABLE"); } - - for (int i = 0; i < 256; i++) { - for (int j = 0; j < 256; j++) { - byte[] keycpy = Arrays.copyOf(possible, possible.length); - RC4 rc4Tryout = new RC4(keycpy, i, j); - - if (handler.getMessageSide() == HMessage.Side.TOSERVER) rc4Tryout.undoRc4(encBuffer); - if (rc4Tryout.couldBeFresh()) { - byte[] encDataCopy = Arrays.copyOf(encBuffer, encBuffer.length); - RC4 rc4TryCopy = rc4Tryout.deepCopy(); - - try { - PayloadBuffer payloadBuffer = new PayloadBuffer(); - byte[] decoded = rc4TryCopy.rc4(encDataCopy); - HPacket[] checker = payloadBuffer.pushAndReceive(decoded); - - if (payloadBuffer.peak().length == 0) { - handler.setRc4(rc4Tryout); - break outerloop; - } - - } - catch (Exception e) { -// e.printStackTrace(); - } - - } - - } - } - - } - + + incomingHandler.unblock(); outgoingHandler.unblock(); }).start(); } + + private boolean onSendFirstEncryptedMessage(Handler handler, List potentialRC4tables) { + for (byte[] possible : potentialRC4tables) { + + byte[] encBuffer = new byte[handler.getEncryptedBuffer().size()]; + for (int i = 0; i < encBuffer.length; i++) { + encBuffer[i] = handler.getEncryptedBuffer().get(i); + } + + for (int i = 0; i < 256; i++) { + for (int j = 0; j < 256; j++) { + byte[] keycpy = Arrays.copyOf(possible, possible.length); + RC4 rc4Tryout = new RC4(keycpy, i, j); + + if (handler.getMessageSide() == HMessage.Side.TOSERVER) rc4Tryout.undoRc4(encBuffer); + if (rc4Tryout.couldBeFresh()) { + byte[] encDataCopy = Arrays.copyOf(encBuffer, encBuffer.length); + RC4 rc4TryCopy = rc4Tryout.deepCopy(); + + try { + PayloadBuffer payloadBuffer = new PayloadBuffer(); + byte[] decoded = rc4TryCopy.rc4(encDataCopy); + HPacket[] checker = payloadBuffer.pushAndReceive(decoded); + + if (payloadBuffer.peak().length == 0) { + handler.setRc4(rc4Tryout); + return true; + } + + } catch (Exception e) { +// e.printStackTrace(); + } + + } + + } + } + } + return false; + } } diff --git a/src/main/protocol/memory/habboclient/HabboClient.java b/src/main/protocol/memory/habboclient/HabboClient.java index af3c097..8ad3ad9 100644 --- a/src/main/protocol/memory/habboclient/HabboClient.java +++ b/src/main/protocol/memory/habboclient/HabboClient.java @@ -15,5 +15,8 @@ public abstract class HabboClient { this.hConnection = connection; } + // optional + public abstract List getRC4cached(); + public abstract List getRC4possibilities(); } diff --git a/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java b/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java index 1b34393..e1264c1 100644 --- a/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java +++ b/src/main/protocol/memory/habboclient/linux/LinuxHabboClient.java @@ -48,6 +48,11 @@ public class LinuxHabboClient extends HabboClient { if (DEBUG) System.out.println("* Found flashclient process: " + PID); } + @Override + public List getRC4cached() { + return new ArrayList<>(); + } + private void refreshMemoryMaps() { String filename = "/proc/"+this.PID+"/maps"; diff --git a/src/main/protocol/memory/habboclient/windows/WindowsHabboClient.java b/src/main/protocol/memory/habboclient/windows/WindowsHabboClient.java index a30a272..0232dc4 100644 --- a/src/main/protocol/memory/habboclient/windows/WindowsHabboClient.java +++ b/src/main/protocol/memory/habboclient/windows/WindowsHabboClient.java @@ -36,6 +36,11 @@ public class WindowsHabboClient extends HabboClient { return possibleData; } + @Override + public List getRC4cached() { + return new ArrayList<>(); + } + @Override public List getRC4possibilities() { List result = new ArrayList<>(); diff --git a/src/main/protocol/packethandler/Handler.java b/src/main/protocol/packethandler/Handler.java index 0fd4de6..7a3513f 100644 --- a/src/main/protocol/packethandler/Handler.java +++ b/src/main/protocol/packethandler/Handler.java @@ -106,9 +106,11 @@ public abstract class Handler { void notifyListeners(HMessage message) { for (int x = 0; x < 3; x++) { for (int i = ((List)listeners[x]).size() - 1; i >= 0; i--) { + message.getPacket().resetReadIndex(); ((List)listeners[x]).get(i).onCapture(message); } } + message.getPacket().resetReadIndex(); } public void sendToStream(byte[] buffer) {