This commit is contained in:
Caret 2024-02-11 13:16:55 -06:00
parent 3f4b281841
commit e344defb3b
4 changed files with 77 additions and 7 deletions

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
/target
Cargo.lock
*.exe
*.pcapng

View File

@ -10,6 +10,11 @@ macro_rules! resp {
};
}
pub fn encresp(content: &str) -> HttpResponse {
let encrypted_content = aes_en(&content); // Encrypt the content.
resp!(encrypted_content) // Use your macro here, if it can be adapted to work with Vec<u8>
}
///////////////////////////////////////////////////////////////////////////////////////////
use serde::Deserialize;
@ -45,6 +50,9 @@ fn clean_json_string(input: &str) -> String {
.collect();
cleaned_str
}
// {'result':200,'encresponse':{}}
#[post("/game")]
pub async fn game_stuff(body: web::Bytes, req: actix_web::HttpRequest) -> HttpResponse {
// For getting the game online, we need to give it a json type encrypted!
@ -61,14 +69,53 @@ pub async fn game_stuff(body: web::Bytes, req: actix_web::HttpRequest) -> HttpRe
Ok(data) => {
// You can now work with the deserialized data
println!("{}",format!("data.protocol -> {}", data.protocol).black().bold().on_magenta());
// Respond with success or any other logic you need
return resp!("");
match data.protocol.as_str() {
"unlock" => return encresp("{'result':200,'response':{}}"), // 1st
"gameconfig" => return encresp("{'result':400,'response':{}}"), // 2nd -> not getting the right data???
"information" => return encresp("{'result':400,'response':{}}"), // 3rd
"ranking" => return encresp("{'result':200,'response':{}}"), // 4th
"auth" => return encresp("{'result':200,'response':{}}"),
"achievement" => return encresp("{'result':200,'response':{}}"),
"achievementyell" => return encresp("{'result':200,'response':{}}"),
"checkword" => return encresp("{'result':200,'response':{}}"),
"discard" => return encresp("{'result':200,'response':{}}"),
"gacha.member" => return encresp("{'result':200,'response':{}}"),
"gameentry" => return encresp("{'result':200,'response':{}}"),
"gameentry.center" => return encresp("{'result':200,'response':{}}"),
"gameresult" => return encresp("{'result':200,'response':{}}"),
"gametotalresult" => return encresp("{'result':200,'response':{}}"),
"gameexit" => return encresp("{'result':200,'response':{}}"),
"getmembercard" => return encresp("{'result':200,'response':{}}"),
"music.unlock" => return encresp("{'result':200,'response':{}}"),
"present" => return encresp("{'result':200,'response':{}}"),
"printcard" => return encresp("{'result':200,'response':{}}"),
"profile.inquiry" => return encresp("{'result':200,'response':{}}"),
"profile.print" => return encresp("{'result':200,'response':{}}"),
"userranking" => return encresp("{'result':200,'response':{}}"),
"registerafter" => return encresp("{'result':200,'response':{}}"),
"scfescheck" => return encresp("{'result':200,'response':{}}"),
"scfesregister" => return encresp("{'result':200,'response':{}}"),
"sellcard" => return encresp("{'result':200,'response':{}}"),
"setterminallog" => return encresp("{'result':200,'response':{}}"),
"setterminalstatus" => return encresp("{'result':200,'response':{}}"),
"travelstamp" => return encresp("{'result':200,'response':{}}"),
"TravelStart" => return encresp("{'result':200,'response':{}}"),
"TravelResult" => return encresp("{'result':200,'response':{}}"),
"TravelSnap.commit" => return encresp("{'result':200,'response':{}}"),
"TravelSnap.inquiry" => return encresp("{'result':200,'response':{}}"),
"TravelSnap.share" => return encresp("{'result':200,'response':{}}"),
"TravelSnap.print" => return encresp("{'result':200,'response':{}}"),
"userdata.get" => return encresp("{'result':200,'response':{}}"),
"userdata.initialize" => return encresp("{'result':200,'response':{}}"),
"userdata.set" => return encresp("{'result':200,'response':{}}"),
_ => return encresp("{'result':400,'response':{}}"),
}
},
Err(err) => {
// Handle deserialization error
println!("Deserialization error: {}", err);
// Respond with a JSON error message or other appropriate response
return resp!("");
// encrespond with a JSON error message or other appropriate response
return encresp("{'result':400,'response':{}}");
}
}
}

View File

@ -24,8 +24,15 @@ Decrypt:
(key and iv are `0123456789012345` in hex format for openssl)
`openssl enc -d -aes-128-cfb -in aes.bin -out lol.txt -K '3031323334353637383930313233343536373839303132333435363738393031' -iv '30313233343536373839303132333435'`
`openssl enc -d -aes-128-cfb -in aes.bin -out lol.txt -K '30313233343536373839303132333435' -iv '30313233343536373839303132333435'`
Oneliner:
`curl -X POST http://localhost/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '3031323334353637383930313
2333435'`
`curl -X POST http://localhost/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '30313233343536373839303132333435'`
### Test a game command:
The python file pads the given protocol string, then openssl encrypts it for the server to then decrypt and respond. With the response we get, we are able to decrypt that using the same method.
`python pad_plaintext.py '{"game":{"eventcode":"000","version":"2.4.1"},"param":{},"protocol":"unlock"}' | openssl enc -e -aes-128-cfb -K '30313233343536373839303132333435' -iv '30313233343536373839303132333435' | curl -X POST -H "Content-Type: application/octet-stream" --data-binary @- http://10.3.0.141/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '30313233343536373839303132333435'`
`python pad_plaintext.py '{"game":{"eventcode":"000","version":"2.4.1"},"param":{},"protocol":"unlock","terminal":{"tenpo_id":"1337","tenpo_index":1337,"terminal_attrib":0,"terminal_id":"1C1B0D07CDBB"}}' | openssl enc -e -aes-128-cfb -K '30313233343536373839303132333435' -iv '30313233343536373839303132333435' | curl -X POST -H "Content-Type: application/octet-stream" --data-binary @- http://localhost/game | openssl enc -d -aes-128-cfb -K '30313233343536373839303132333435' -iv '30313233343536373839303132333435'`

15
utils/pad_plaintext.py Normal file
View File

@ -0,0 +1,15 @@
import sys
def pkcs7_padding(data):
block_size = 16 # AES block size in bytes
padding_required = block_size - (len(data) % block_size)
padding = chr(padding_required).encode() * padding_required
return str.encode(data) + padding
plaintext = str(sys.argv[1])
# Apply PKCS7 padding
padded_plaintext = pkcs7_padding(plaintext)
# Output the padded plaintext to stdout so it can be piped into OpenSSL
sys.stdout.buffer.write(padded_plaintext)