proper encryption sessions to maintain working RC4 stream
This commit is contained in:
zefie
@@ -18,6 +18,7 @@ Connection: Keep-Alive
|
||||
wtv-encrypted: true
|
||||
wtv-ticket: `+sec_session[socket_session_data[socket.id].ssid].ticket_b64+`
|
||||
wtv-expire-all: htv-
|
||||
wtv-home-url: wtv-home:/home?
|
||||
wtv-visit: wtv-home:/splash?
|
||||
Content-Type: text/html
|
||||
`;
|
||||
@@ -16,11 +16,12 @@ if (socket_session_data[socket.id].ssid !== null) {
|
||||
//if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
|
||||
if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
|
||||
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
|
||||
if (zdebug) console.log("Response Expected:",challenge_response.toString(CryptoJS.enc.Base64));
|
||||
if (zdebug) console.log("Response Received:",client_challenge_response)
|
||||
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
|
||||
//socket_session_data[socket.id].secure = true;
|
||||
} else {
|
||||
console.log(" * wtv-challenge-response FAILED for " + socket_session_data[socket.id].ssid);
|
||||
if (zdebug) console.log("Response Expected:", challenge_response.toString(CryptoJS.enc.Base64));
|
||||
if (zdebug) console.log("Response Received:", client_challenge_response)
|
||||
gourl = "wtv-head-waiter:/login?reissue_challenge=true";
|
||||
}
|
||||
} else {
|
||||
@@ -31,55 +32,55 @@ if (socket_session_data[socket.id].ssid !== null) {
|
||||
}
|
||||
|
||||
if (gourl) {
|
||||
headers = `200 OK
|
||||
headers = `200 OK
|
||||
Connection: Keep-Alive
|
||||
wtv-open-isp-disabled: false
|
||||
wtv-visit: `+gourl+`
|
||||
wtv-visit: `+ gourl + `
|
||||
Content-type: text/html`;
|
||||
data = '';
|
||||
} else {
|
||||
var nickname = 'HackTVUsr_'+Math.floor(Math.random() * 100000);
|
||||
}
|
||||
else {
|
||||
var namerand = Math.floor(Math.random() * 100000);
|
||||
var nickname = 'HackTVUsr_' + namerand;
|
||||
var userid = '1'+ Math.floor(Math.random() * 1000000000000000000);
|
||||
var offline_user_list = CryptoJS.enc.Latin1.parse("<user-list>\n\t<user userid=\"" + userid + " user-name=\"" + nickname + "\" first-name=\"HackTV\" last-name=\"User \"" + namerand + "\" password=\"\" mail-enabled=\"true\" />\n</user-list>").toString(CryptoJS.enc.Base64);
|
||||
|
||||
headers = `200 OK
|
||||
Connection: Keep-Alive
|
||||
wtv-encrypted: true
|
||||
wtv-ticket: `+sec_session[socket_session_data[socket.id].ssid].ticket_b64+`
|
||||
wtv-client-time-zone: GMT -0000
|
||||
wtv-client-date: `+strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString()))+` GMT
|
||||
wtv-client-date: `+ strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString())) + ` GMT
|
||||
wtv-country: US
|
||||
wtv-language-header: en-US,en
|
||||
wtv-tv-zipcode: 90210
|
||||
wtv-visit: client:closeallpanels
|
||||
wtv-messagewatch-checktimeoffset: off
|
||||
wtv-expire-all: client:closeallpanels
|
||||
wtv-offline-user-list: `+offline_user_list+`
|
||||
wtv-bypass-proxy: true
|
||||
wtv-ticket: `+ sec_session[socket_session_data[socket.id].ssid].ticket_b64 + `
|
||||
wtv-messagewatch-checktimeoffset: off
|
||||
wtv-input-timeout: 14400
|
||||
wtv-connection-timeout: 90
|
||||
wtv-fader-timeout: 900
|
||||
wtv-ssl-log-url: wtv-log:/log
|
||||
wtv-smartcard-inserted-message: Contacting service
|
||||
user-id: 1`+Math.floor(Math.random() * 1000000000000000000)+`
|
||||
user-id: `+userid+`
|
||||
wtv-transition-override: off
|
||||
wtv-bypass-proxy: true
|
||||
wtv-allow-dsc: true
|
||||
wtv-messenger-enable: 0
|
||||
wtv-noback-all: wtv-
|
||||
wtv-service: reset
|
||||
wtv-service: name=wtv-1800 host=` + pubip + ` port=` + port + ` connections=1
|
||||
wtv-service: name=wtv-head-waiter host=` + pubip + ` port=` + port + ` flags=0x04 flags=0x00000001 connections=1
|
||||
wtv-service: name=htv-update host=` + pubip + ` port=` + port + ` connections=3
|
||||
wtv-service: name=wtv-log host=` + pubip + ` port=` + port + ` connections=1
|
||||
wtv-service: name=wtv-home host=` + pubip + ` port=` + port + ` flags=0x00000010
|
||||
wtv-boot-url: wtv-1800:/preregister
|
||||
wtv-user-name: `+nickname+`
|
||||
wtv-human-name: `+nickname+`
|
||||
wtv-irc-nick: `+nickname+`
|
||||
wtv-home-url: htv-update:/update?
|
||||
`+ getServiceString('all') + `
|
||||
wtv-boot-url: wtv-1800:/preregister?relogin=true
|
||||
wtv-user-name: `+ nickname + `
|
||||
wtv-human-name: `+ nickname + `
|
||||
wtv-irc-nick: `+ nickname + `
|
||||
wtv-home-url: wtv-home:/home?
|
||||
wtv-domain: wtv.zefie.com
|
||||
wtv-inactive-timeout: 0
|
||||
wtv-connection-timeout: 90
|
||||
wtv-show-time-enabled: true
|
||||
wtv-fader-timeout: 900
|
||||
wtv-tourist-enabled: true
|
||||
wtv-boot-url: wtv-head-waiter:/login
|
||||
wtv-connection-timeout: 180
|
||||
wtv-ssl-timeout: 240
|
||||
wtv-login-timeout: 7200
|
||||
@@ -87,9 +88,7 @@ wtv-open-isp-disabled: false
|
||||
wtv-log-url: wtv-log:/log
|
||||
wtv-demo-mode: 0
|
||||
wtv-wink-deferrer-retries: 3
|
||||
wtv-offline-mail-enable: true
|
||||
wtv-visit: wtv-head-waiter:/finalize-security?
|
||||
wtv-offline-mail-enable: false
|
||||
wtv-visit: wtv-home:/splash?
|
||||
Content-Type: text/html`;
|
||||
|
||||
data = '';
|
||||
}
|
||||
@@ -6,17 +6,15 @@ if (socket_session_data[socket.id].ssid !== null) {
|
||||
if (initial_headers['wtv-ticket'].length > 8) {
|
||||
sec_session[socket_session_data[socket.id].ssid].DecodeTicket(initial_headers['wtv-ticket']);
|
||||
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = initial_headers['wtv-ticket'];
|
||||
//socket_session_data[socket.id].secure = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
challenge_response = sec_session[socket_session_data[socket.id].ssid].challenge_response;
|
||||
var client_challenge_response = initial_headers['wtv-challenge-response'] || null;
|
||||
if (challenge_response && client_challenge_response) {
|
||||
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
|
||||
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
|
||||
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
|
||||
//socket_session_data[socket.id].secure = true;
|
||||
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
|
||||
} else {
|
||||
challenge_header = "wtv-challenge: "+issueWTVChallenge(socket);
|
||||
}
|
||||
@@ -26,6 +24,7 @@ if (socket_session_data[socket.id].ssid !== null) {
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
if (initial_headers) {
|
||||
var cookiedata = {};
|
||||
Object.keys(initial_headers).forEach(function (k) {
|
||||
@@ -41,14 +40,13 @@ if (initial_headers) {
|
||||
break;
|
||||
}
|
||||
});
|
||||
cookie_dat[socket_session_data[socket.id].ssid] = CryptoJS.enc.Utf8.parse(JSON.stringify(cookiedata)).toString(CryptoJS.enc.Base64);
|
||||
}
|
||||
|
||||
*/
|
||||
headers = `200 OK
|
||||
Connection: Keep-Alive
|
||||
Expires: Wed, 09 Oct 1991 22:00:00 GMT
|
||||
wtv-expire-all: wtv-head-waiter:
|
||||
wtv-service: name=wtv-log host=` + pubip + ` port=`+port+` connections=1
|
||||
`+getServiceString('wtv-log')+`
|
||||
wtv-log-url: wtv-log:/log
|
||||
`+challenge_header+`
|
||||
wtv-relogin-url: wtv-1800:/preregister?relogin=true
|
||||
|
||||
Reference in New Issue
Block a user