From 5662357981447a6b7c8093cc58b4c719808d393a Mon Sep 17 00:00:00 2001 From: zefie Date: Sun, 11 Jul 2021 18:06:43 -0400 Subject: [PATCH] initial commit --- .gitattributes | 63 +++ .gitignore | 363 ++++++++++++++++++ hacktv_updsrv.sln | 25 ++ hacktv_updsrv/README.md | 3 + .../ServiceVault/htv-update/upd/Games.html | 122 ++++++ .../ServiceVault/htv-update/upd/cSetup.html | 143 +++++++ .../ServiceVault/htv-update/upd/diskmap.txt | 7 + .../ServiceVault/htv-update/upd/tricks.html | 52 +++ .../ServiceVault/htv-update/upd/updater.html | 48 +++ .../ServiceVault/htv-update/update.html | 48 +++ .../ServiceVault/htv-update/updatesuccess.txt | 3 + hacktv_updsrv/ServiceVault/wtv-1800/LC2.tok | 32 ++ .../wtv-1800/LC2/artemis_18004653537.tok | Bin 0 -> 7216 bytes .../wtv-1800/LC2/artemis_18006138199.tok | Bin 0 -> 7208 bytes .../wtv-1800/offer-open-isp-suggest.js | 33 ++ .../ServiceVault/wtv-1800/preregister.js | 4 + .../wtv-head-waiter/login-stage-two.js | 17 + .../ServiceVault/wtv-head-waiter/login.js | 57 +++ .../ServiceVault/wtv-head-waiter/test.js | 2 + hacktv_updsrv/ServiceVault/wtv-log/log.js | 11 + hacktv_updsrv/app.js | 264 +++++++++++++ hacktv_updsrv/hacktv_updsrv.njsproj | 39 ++ hacktv_updsrv/package-lock.json | 44 +++ hacktv_updsrv/package.json | 15 + hacktv_updsrv/wtvsec.js | 224 +++++++++++ 25 files changed, 1619 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 hacktv_updsrv.sln create mode 100644 hacktv_updsrv/README.md create mode 100644 hacktv_updsrv/ServiceVault/htv-update/upd/Games.html create mode 100644 hacktv_updsrv/ServiceVault/htv-update/upd/cSetup.html create mode 100644 hacktv_updsrv/ServiceVault/htv-update/upd/diskmap.txt create mode 100644 hacktv_updsrv/ServiceVault/htv-update/upd/tricks.html create mode 100644 hacktv_updsrv/ServiceVault/htv-update/upd/updater.html create mode 100644 hacktv_updsrv/ServiceVault/htv-update/update.html create mode 100644 hacktv_updsrv/ServiceVault/htv-update/updatesuccess.txt create mode 100644 hacktv_updsrv/ServiceVault/wtv-1800/LC2.tok create mode 100644 hacktv_updsrv/ServiceVault/wtv-1800/LC2/artemis_18004653537.tok create mode 100644 hacktv_updsrv/ServiceVault/wtv-1800/LC2/artemis_18006138199.tok create mode 100644 hacktv_updsrv/ServiceVault/wtv-1800/offer-open-isp-suggest.js create mode 100644 hacktv_updsrv/ServiceVault/wtv-1800/preregister.js create mode 100644 hacktv_updsrv/ServiceVault/wtv-head-waiter/login-stage-two.js create mode 100644 hacktv_updsrv/ServiceVault/wtv-head-waiter/login.js create mode 100644 hacktv_updsrv/ServiceVault/wtv-head-waiter/test.js create mode 100644 hacktv_updsrv/ServiceVault/wtv-log/log.js create mode 100644 hacktv_updsrv/app.js create mode 100644 hacktv_updsrv/hacktv_updsrv.njsproj create mode 100644 hacktv_updsrv/package-lock.json create mode 100644 hacktv_updsrv/package.json create mode 100644 hacktv_updsrv/wtvsec.js diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 00000000..1ff0c423 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,63 @@ +############################################################################### +# Set default behavior to automatically normalize line endings. +############################################################################### +* text=auto + +############################################################################### +# Set default behavior for command prompt diff. +# +# This is need for earlier builds of msysgit that does not have it on by +# default for csharp files. +# Note: This is only used by command line +############################################################################### +#*.cs diff=csharp + +############################################################################### +# Set the merge driver for project and solution files +# +# Merging from the command prompt will add diff markers to the files if there +# are conflicts (Merging from VS is not affected by the settings below, in VS +# the diff markers are never inserted). Diff markers may cause the following +# file extensions to fail to load in VS. An alternative would be to treat +# these files as binary and thus will always conflict and require user +# intervention with every merge. To do so, just uncomment the entries below +############################################################################### +#*.sln merge=binary +#*.csproj merge=binary +#*.vbproj merge=binary +#*.vcxproj merge=binary +#*.vcproj merge=binary +#*.dbproj merge=binary +#*.fsproj merge=binary +#*.lsproj merge=binary +#*.wixproj merge=binary +#*.modelproj merge=binary +#*.sqlproj merge=binary +#*.wwaproj merge=binary + +############################################################################### +# behavior for image files +# +# image files are treated as binary by default. +############################################################################### +#*.jpg binary +#*.png binary +#*.gif binary + +############################################################################### +# diff behavior for common document formats +# +# Convert binary document formats to text before diffing them. This feature +# is only available from the command line. Turn it on by uncommenting the +# entries below. +############################################################################### +#*.doc diff=astextplain +#*.DOC diff=astextplain +#*.docx diff=astextplain +#*.DOCX diff=astextplain +#*.dot diff=astextplain +#*.DOT diff=astextplain +#*.pdf diff=astextplain +#*.PDF diff=astextplain +#*.rtf diff=astextplain +#*.RTF diff=astextplain diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..9491a2fd --- /dev/null +++ b/.gitignore @@ -0,0 +1,363 @@ +## Ignore Visual Studio temporary files, build results, and +## files generated by popular Visual Studio add-ons. +## +## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore + +# User-specific files +*.rsuser +*.suo +*.user +*.userosscache +*.sln.docstates + +# User-specific files (MonoDevelop/Xamarin Studio) +*.userprefs + +# Mono auto generated files +mono_crash.* + +# Build results +[Dd]ebug/ +[Dd]ebugPublic/ +[Rr]elease/ +[Rr]eleases/ +x64/ +x86/ +[Ww][Ii][Nn]32/ +[Aa][Rr][Mm]/ +[Aa][Rr][Mm]64/ +bld/ +[Bb]in/ +[Oo]bj/ +[Oo]ut/ +[Ll]og/ +[Ll]ogs/ + +# Visual Studio 2015/2017 cache/options directory +.vs/ +# Uncomment if you have tasks that create the project's static files in wwwroot +#wwwroot/ + +# Visual Studio 2017 auto generated files +Generated\ Files/ + +# MSTest test Results +[Tt]est[Rr]esult*/ +[Bb]uild[Ll]og.* + +# NUnit +*.VisualState.xml +TestResult.xml +nunit-*.xml + +# Build Results of an ATL Project +[Dd]ebugPS/ +[Rr]eleasePS/ +dlldata.c + +# Benchmark Results +BenchmarkDotNet.Artifacts/ + +# .NET Core +project.lock.json +project.fragment.lock.json +artifacts/ + +# ASP.NET Scaffolding +ScaffoldingReadMe.txt + +# StyleCop +StyleCopReport.xml + +# Files built by Visual Studio +*_i.c +*_p.c +*_h.h +*.ilk +*.meta +*.obj +*.iobj +*.pch +*.pdb +*.ipdb +*.pgc +*.pgd +*.rsp +*.sbr +*.tlb +*.tli +*.tlh +*.tmp +*.tmp_proj +*_wpftmp.csproj +*.log +*.vspscc +*.vssscc +.builds +*.pidb +*.svclog +*.scc + +# Chutzpah Test files +_Chutzpah* + +# Visual C++ cache files +ipch/ +*.aps +*.ncb +*.opendb +*.opensdf +*.sdf +*.cachefile +*.VC.db +*.VC.VC.opendb + +# Visual Studio profiler +*.psess +*.vsp +*.vspx +*.sap + +# Visual Studio Trace Files +*.e2e + +# TFS 2012 Local Workspace +$tf/ + +# Guidance Automation Toolkit +*.gpState + +# ReSharper is a .NET coding add-in +_ReSharper*/ +*.[Rr]e[Ss]harper +*.DotSettings.user + +# TeamCity is a build add-in +_TeamCity* + +# DotCover is a Code Coverage Tool +*.dotCover + +# AxoCover is a Code Coverage Tool +.axoCover/* +!.axoCover/settings.json + +# Coverlet is a free, cross platform Code Coverage Tool +coverage*.json +coverage*.xml +coverage*.info + +# Visual Studio code coverage results +*.coverage +*.coveragexml + +# NCrunch +_NCrunch_* +.*crunch*.local.xml +nCrunchTemp_* + +# MightyMoose +*.mm.* +AutoTest.Net/ + +# Web workbench (sass) +.sass-cache/ + +# Installshield output folder +[Ee]xpress/ + +# DocProject is a documentation generator add-in +DocProject/buildhelp/ +DocProject/Help/*.HxT +DocProject/Help/*.HxC +DocProject/Help/*.hhc +DocProject/Help/*.hhk +DocProject/Help/*.hhp +DocProject/Help/Html2 +DocProject/Help/html + +# Click-Once directory +publish/ + +# Publish Web Output +*.[Pp]ublish.xml +*.azurePubxml +# Note: Comment the next line if you want to checkin your web deploy settings, +# but database connection strings (with potential passwords) will be unencrypted +*.pubxml +*.publishproj + +# Microsoft Azure Web App publish settings. Comment the next line if you want to +# checkin your Azure Web App publish settings, but sensitive information contained +# in these scripts will be unencrypted +PublishScripts/ + +# NuGet Packages +*.nupkg +# NuGet Symbol Packages +*.snupkg +# The packages folder can be ignored because of Package Restore +**/[Pp]ackages/* +# except build/, which is used as an MSBuild target. +!**/[Pp]ackages/build/ +# Uncomment if necessary however generally it will be regenerated when needed +#!**/[Pp]ackages/repositories.config +# NuGet v3's project.json files produces more ignorable files +*.nuget.props +*.nuget.targets + +# Microsoft Azure Build Output +csx/ +*.build.csdef + +# Microsoft Azure Emulator +ecf/ +rcf/ + +# Windows Store app package directories and files +AppPackages/ +BundleArtifacts/ +Package.StoreAssociation.xml +_pkginfo.txt +*.appx +*.appxbundle +*.appxupload + +# Visual Studio cache files +# files ending in .cache can be ignored +*.[Cc]ache +# but keep track of directories ending in .cache +!?*.[Cc]ache/ + +# Others +ClientBin/ +~$* +*~ +*.dbmdl +*.dbproj.schemaview +*.jfm +*.pfx +*.publishsettings +orleans.codegen.cs + +# Including strong name files can present a security risk +# (https://github.com/github/gitignore/pull/2483#issue-259490424) +#*.snk + +# Since there are multiple workflows, uncomment next line to ignore bower_components +# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) +#bower_components/ + +# RIA/Silverlight projects +Generated_Code/ + +# Backup & report files from converting an old project file +# to a newer Visual Studio version. Backup files are not needed, +# because we have git ;-) +_UpgradeReport_Files/ +Backup*/ +UpgradeLog*.XML +UpgradeLog*.htm +ServiceFabricBackup/ +*.rptproj.bak + +# SQL Server files +*.mdf +*.ldf +*.ndf + +# Business Intelligence projects +*.rdl.data +*.bim.layout +*.bim_*.settings +*.rptproj.rsuser +*- [Bb]ackup.rdl +*- [Bb]ackup ([0-9]).rdl +*- [Bb]ackup ([0-9][0-9]).rdl + +# Microsoft Fakes +FakesAssemblies/ + +# GhostDoc plugin setting file +*.GhostDoc.xml + +# Node.js Tools for Visual Studio +.ntvs_analysis.dat +node_modules/ + +# Visual Studio 6 build log +*.plg + +# Visual Studio 6 workspace options file +*.opt + +# Visual Studio 6 auto-generated workspace file (contains which files were open etc.) +*.vbw + +# Visual Studio LightSwitch build output +**/*.HTMLClient/GeneratedArtifacts +**/*.DesktopClient/GeneratedArtifacts +**/*.DesktopClient/ModelManifest.xml +**/*.Server/GeneratedArtifacts +**/*.Server/ModelManifest.xml +_Pvt_Extensions + +# Paket dependency manager +.paket/paket.exe +paket-files/ + +# FAKE - F# Make +.fake/ + +# CodeRush personal settings +.cr/personal + +# Python Tools for Visual Studio (PTVS) +__pycache__/ +*.pyc + +# Cake - Uncomment if you are using it +# tools/** +# !tools/packages.config + +# Tabs Studio +*.tss + +# Telerik's JustMock configuration file +*.jmconfig + +# BizTalk build output +*.btp.cs +*.btm.cs +*.odx.cs +*.xsd.cs + +# OpenCover UI analysis results +OpenCover/ + +# Azure Stream Analytics local run output +ASALocalRun/ + +# MSBuild Binary and Structured Log +*.binlog + +# NVidia Nsight GPU debugger configuration file +*.nvuser + +# MFractors (Xamarin productivity tool) working folder +.mfractor/ + +# Local History for Visual Studio +.localhistory/ + +# BeatPulse healthcheck temp database +healthchecksdb + +# Backup folder for Package Reference Convert tool in Visual Studio 2017 +MigrationBackup/ + +# Ionide (cross platform F# VS Code tools) working folder +.ionide/ + +# Fody - auto-generated XML schema +FodyWeavers.xsd \ No newline at end of file diff --git a/hacktv_updsrv.sln b/hacktv_updsrv.sln new file mode 100644 index 00000000..4ccad737 --- /dev/null +++ b/hacktv_updsrv.sln @@ -0,0 +1,25 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.31424.327 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{9092AA53-FB77-4645-B42D-1CCCA6BD08BD}") = "hacktv_updsrv", "hacktv_updsrv\hacktv_updsrv.njsproj", "{31B77D0C-F03D-43A7-BF7F-FAD7174728BF}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {31B77D0C-F03D-43A7-BF7F-FAD7174728BF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {31B77D0C-F03D-43A7-BF7F-FAD7174728BF}.Debug|Any CPU.Build.0 = Debug|Any CPU + {31B77D0C-F03D-43A7-BF7F-FAD7174728BF}.Release|Any CPU.ActiveCfg = Release|Any CPU + {31B77D0C-F03D-43A7-BF7F-FAD7174728BF}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {294F0468-66F1-4FBC-9412-DA873AAB72A6} + EndGlobalSection +EndGlobal diff --git a/hacktv_updsrv/README.md b/hacktv_updsrv/README.md new file mode 100644 index 00000000..19772a65 --- /dev/null +++ b/hacktv_updsrv/README.md @@ -0,0 +1,3 @@ +# hacktv_updsrv + + diff --git a/hacktv_updsrv/ServiceVault/htv-update/upd/Games.html b/hacktv_updsrv/ServiceVault/htv-update/upd/Games.html new file mode 100644 index 00000000..1acd2e95 --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/upd/Games.html @@ -0,0 +1,122 @@ + + +HackTV Home + + + + + + + +

+
+
+ + + + + + + + + + +
  + + + + + + + + + + + + + + + + +
Play Games
+
  • M.A.M.E. +
  • Doom + +
  • Checkers +
  • Crosswords +
  • TicTacToe
    • Play Music
    +
  • WebTV Music +
  • Rock Music
    • Tech Area
    +
  • Tech Info +
  • HTML Viewer +
  • HackTV Tricks +
  • Connect Setup +
  • Test + +
    • +    		 + + + + + +
    +
    +&date;

    +wtv +
    + + + + +
    +
    + + + + + +
    + +
    +
    + + \ No newline at end of file diff --git a/hacktv_updsrv/ServiceVault/htv-update/upd/cSetup.html b/hacktv_updsrv/ServiceVault/htv-update/upd/cSetup.html new file mode 100644 index 00000000..a8399225 --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/upd/cSetup.html @@ -0,0 +1,143 @@ + + +Connect Setup v2.1 + + + + + + + + + +

    +
    +
    + + +

    +  Connection Setup v2.1 +
    +

    + +
    + + + + + + + + +
    +  Presets: + + +
    +  Service: +
    +
    +
    + + + +  Custom:    + + Address: + +    Port: + +
    + + + + + + + + +
    +
    +  Service options:

    +
    + + + +  Force signup + + +   +   + + +
    +
    + + + +  Use encryption +
    +
    + + + +  Use direct connection + +   +   + +
    +

    + + +
    + + + +
    + + + + diff --git a/hacktv_updsrv/ServiceVault/htv-update/upd/diskmap.txt b/hacktv_updsrv/ServiceVault/htv-update/upd/diskmap.txt new file mode 100644 index 00000000..4a771cc2 --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/upd/diskmap.txt @@ -0,0 +1,7 @@ +GROUP name=hacktv version=!VERS! root=file://Disk/Browser/ service-owned + display Updating HackTV Files... + sync Games/Games.html Games.html + sync Games/cSetup.html cSetup.html + sync Games/updater.html updater.html + sync MattMan/Tricks/tricks.html tricks.html +END-GROUP diff --git a/hacktv_updsrv/ServiceVault/htv-update/upd/tricks.html b/hacktv_updsrv/ServiceVault/htv-update/upd/tricks.html new file mode 100644 index 00000000..e714ca78 --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/upd/tricks.html @@ -0,0 +1,52 @@ + + +HackTV Tricks + + + + + + + + +
    +
    +
    +

    HackTV Tricks

    +
    +
    +Hello, citizen! You have reached the "tricks" page. This is meant +for use by 1337 hackers of WebTV networks. If you remember the +right "tricks" you know the password and may enter the access password now. +Otherwise hit the "back" button on your keyboard / remote now! +

    +Pages beyond this area could cause bodily harm or may render your WebTV useless! +

    +Remember, the computer is your friend. +

    + +

    +  + + +
    + + + \ No newline at end of file diff --git a/hacktv_updsrv/ServiceVault/htv-update/upd/updater.html b/hacktv_updsrv/ServiceVault/htv-update/upd/updater.html new file mode 100644 index 00000000..bd4058be --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/upd/updater.html @@ -0,0 +1,48 @@ + + + + + Retrieving Files + + + + + + + +
    + + + + + + +
    + Retrieving Files +     +     +     +
    + + + +
    + + + Your HackTV Box is downloading updates from zefie's server. +

    This may take a while. + +

    + +

    + + + +
    + + diff --git a/hacktv_updsrv/ServiceVault/htv-update/update.html b/hacktv_updsrv/ServiceVault/htv-update/update.html new file mode 100644 index 00000000..11a29cd0 --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/update.html @@ -0,0 +1,48 @@ + + + + + Retrieving Files + + + + + + + +
    + + + + + + +
    + Retrieving Files +     +     +     +
    + + + +
    + + + Your HackTV Box is downloading updates from zefie's server. +

    This may take a while. + +

    + +

    + + + +
    + + diff --git a/hacktv_updsrv/ServiceVault/htv-update/updatesuccess.txt b/hacktv_updsrv/ServiceVault/htv-update/updatesuccess.txt new file mode 100644 index 00000000..5d3cf0cf --- /dev/null +++ b/hacktv_updsrv/ServiceVault/htv-update/updatesuccess.txt @@ -0,0 +1,3 @@ +Content-Type: text/url + +client:ShowAlert?message=HackTV%20Update%20was%20successful%21&buttonlabel2=Go%20to%20HackTV&action2=file%3A%2F%2FDisk%2FBrowser%2FGames%2FGames.html&buttonlabel1=Okay&buttonaction1=client:goback&image=file://disk/browser/Games/hacktv2.gif&noback=true \ No newline at end of file diff --git a/hacktv_updsrv/ServiceVault/wtv-1800/LC2.tok b/hacktv_updsrv/ServiceVault/wtv-1800/LC2.tok new file mode 100644 index 00000000..be9e10b6 --- /dev/null +++ b/hacktv_updsrv/ServiceVault/wtv-1800/LC2.tok @@ -0,0 +1,32 @@ +ANDY........z. +.`.6[......8(&.S.....}...lIa.;...b..c..d....e...f..g%.c*I.h..i!...j).k.B.lH.m.=C5*@.n +.1].oQ.t..Ip.().{..Isetdtr..(C.);.Idoelay..1>..z..1....rC...}M.q.(..r..R.lIs|...w(...P)e..P;..r..0.t0.u.,~..v.,lIw;..1.v.){.i(.!..D).b;..'.P='.D.o.i(.-.>....j....IUx..y[.za.A..N8.B.=..C.C +.UzN.D..A..y~..:...NC2<..y3.N....}.a....e{2.g.$. +...=.v.[.A{.D..d +(."M.A(.....r..a....f.u...ep.G...PQ...R.."E..F|.UG..H..F..F.....F.E%.r0.-.&.+ F..r-U.I.I.(lIJ..K.......j J|.J.w/C2 +.K.D..R,.%..H#LH"M.!.NM".!progr?esstex7 ....$..percen.tage..6...dGirt.".!')O...*IP.$Q.1*I.R..S +.TF0;?.0..<..U.04..#.."version>P0GC9.|.0. .#....!g..hon}es0tings..|@1n!T.EC8i.r.!...y.1?<.. +.0U..2..v1..3.)1..4.34.44..0.printf.(.STS: cou.ldn't .. .size of CROa..5....+i.z.3( +.9.)< +.R.!R .>@S).4.A.C1S..464?4W>45W5R..6=..F..A."..:f0^.8.. 15..w.9..8.I.;I.x...FON.E@%x, le?n=%d, ....+.,t.+w.,.!.... /Q.AP. ...@.....a.rF..Q>.Z!.. +P.-G.%+..$..e..2'.SV."W@P*I.X..Y... Z..a.a.CIba.[C.40.].aIfl.ush..send.s.QSATI3 +|.R!*SENT ....b..linf1Q.,WC3?..1.Q;.R.....8@.b}+fw .query go.t '%s'.,...i }efirmw.areb6. ..15..]mb..vb.`..c.m.`M.,SV1..001_WEBT.V-K56_DLB.0EDc8.!q..YE....;E.;.....b.?.....U S:.:..:i.sRockwel.l."..."..\....p|....+MR=0............CX. t.est retu.rned......O..`m....e...#S2.20.../..........._ x....+k1....0&.X#..s3&P..t6............Xt..... +Z....&.;2 +.c%a..d....e.C.......g. .O.A....2.p@....Ii...A;61.AcIj...0.#.k#.7#.l5.8.5.mv.^.G.9G.*.InQ0S1.aT.oZ..pb.Iq..r ..s..t..u..=.e.nablemod.em..tflow.controlN../S].baud^.>..pOeIv ...D2GV1E.0.3..3..T...P@..@..@.. +@...@.........d.[[ound v..@ .@jP, di9s..x. 56..]....p.....`.4....F..|!X....!a...+.+MS=11,.....[...,.,SS.51=3*.....R...@ss@.38=0S.30=180S9.5=36;.L3&.Q5&K.c. u ..qVP.5.I &(I...nec..with.videoa..)QN... B.M..e...... 5.S6=101X.r:...4XNr....0GC7o.. x.. ......#1.!....2"..6. .p1.8?.I..d.I.9}.....K.|....,.(./4.cw-.hack@...F.C.., .. S10=S%sS...,.A,.1.,.1,~1e.:.9....+....0$..0=S3...#...2.."./.1.....m......a.."A ...b..,.s.n..Z ......@..m9..1=@..P.'...(.(.1...( +. (.Q.6P...'. P.. .P.C..|..}5.&P.C..-.h.-.b..3..9.2.4.Cetw.indow....;0.~j.Iw.cx,pl.Iy~o~o~o~e..v..@Jc6dA.....bB..g2.cC.g3ndD.I..b8<....V.M..L.H..Y....-J...R.O...&!..g-Us..QLD pref.ix.+W.....S,..%..........5.5..KG9.9.9...!q..r.A.E..F......P.<=.....<...wa.itfo..H..p...),C7;.6....p.fig ....L.b..?: TIMEO.UT f.\qj. OWK (V.=..)=..I...x..G....C..... from .l.,..Y.d..S...T7.B.G..H..I +....statu..C.6F.J..C.B.....:...8.p..._.,S.lp*.*.%.orce.hook.....rt....K>.lIL.5.M|.N...R..=I.|._parser/esul_p@4.0.r5.b....@Ic9..e>.C..#T.NC4?255464...].V. -- %d /%s (..c...p...k....,..j#b{.&x...r..Up...oa +.....%`..: ...7.$..q%..q&.N.O CARRIE.R-.<-...- DI.ALTONE\.5x\.....BUSY...7..{@. ANSW.......G......L.C....C..ed!...e..*.&.*..-.C.p.b....E.E.~..0..2?..3G.b2..9.pm.2>.2.....34<.:<.<...)4...pd..4.......5.55.4....1c...|...i +>.p;#>.N..79>....?'..4s...83. .*5.M.....58....C.&.96.%:.........8.B. .A.jP.1R..9unknown..3..9|.<.<..?.>..6..O..PJ.J.J."J.QJ..@..R..J.uS..:..lIT..qU..0.<.*IV...W..X..\.h.....?,SISP-.R...1.+..,..C1?.u0...b .....e.*......ork..nu.mbeyq......=.IYKaA.....=I9E....,C2#......G....3..a..=.....+0C....>..d.!.&G.&...t....|b.....Z..s....P|...........A.TDP... +9...= v.R.......,:"....x.....Pb....k@P..D.....&.!<4.!b@...B r.c .W. r.r..., .ti.r...x..9B.,>.I.a.ler..SErr...!.: Your. recei.. .can.... to. WebTV. .Please{.t.a..Custom.0.Care at. 1-800-4.69-3288..J.. 3.i(e"...p.......6........ ........&.}.$g..c..#E. .3=..#;....%3L....0]...f.ancy....l..6.:.....S;G...6..Id + .A.O.IIir.G1.CuHlIew....Iw....... z..y......46.MC +...%w.0eL.N.<..D..w..lin...B.A&.@06..H.b.1...E.....U.. @.W...P....`..1eh.8kd...=..Iatoi..Dr...(.B.~)3A...i.@R..Bdela..PC;.S,Pf.12@..n..r.2c...g]0.odd...S..{.\.QNmU........Q..r.q......T.....E.IgoA=.5S.h +...s.dter{at.q, dc...prot..com.p.p.!..h!.......g/'.d.i.@!.l.j.8...9..r,l*I.kb.r..=X.V.T...Q!.P.....XQ.p,.X......al. g.../%sa.x.v...v....7dx..26...@.i.aP.failur.e,.$2...;.....| .s.....,`.....O.....l:.m,.nt....u7.nam.1.....pass#.d@vP*.........o.a.5.2.2..rtpp.4.T.u..Ap.P..)...=.AP/CHA?P auth..0..:0.0.PP ne.?0ia.AI.e_"r.C;0.........O..s.c..)<.....F.WARNING.@{S &. low.3..q6..R5q....rT"..Ys.#t.#u.#.c..[C3y.....0.`)U..8.Iii.>..NT%...,S.#..'....).08..I.1u.tefc.1^..v...V...k.:"p..M...sUs@1.. wi..".A/.D..l$r.". ..cv.dlIJ..J...system_>.`boxfe. ...la.. +.J..55G464b..2..IU.AJ..-a..-a..w........b...n."D.s.uppor.%.6.....u.h.......R..Ag........k.x..RlPyA.sPz..A +.uB..C.SlIDf.cEbUS#...tiyA.C76:7f1#.#....yea..gA:....dl`/.local...I.g.nCk.NC7.;2(.{../.z./._ 7_..../.. 6..c./.. 5 ..........Z.. ..7.........lIS:..L^.Premp<..to 6pl.......a$cVO.}.,=.c...[C8n...SD...%s .@........f.bf.f.f.f.A/.Nj.j...c.......WebTV...8....0.Wai.A...+.1...a.IS..n.swee.].=.\....-...M.....V +O.(..(...yI. ....v..4.4....*....rn...k@..L(..T..U...IV..r..Sw.tv_6......S.....base.ts.f .. 77 (.ANI=(E.et;))^Eani.X..0.P.E..ldIl.....k..W....5...'......O...#.*.vi.c..9=39==s33.` +.<32...n..Io.di.=SS ....[.`]...>a[.0...@j...)..6..8,.4G.66.V.o@J 7Y.../P,..Y.5w....... +....4..g.....:.*.V.P*...G...5.qh .J..h..4....=..d....;..$.69;....;.>J...Y...J. 1a.v.:A....._...q:.Q.6;..o.5.Y.Q...h.......?.a...<......Z.." h. "+..U..{.....l..,s?..r;..1C.47..7.... .\.. .zb~!..P.8.i..P.X)....Y......,*IZ@.*Ia9c. ..lIy.q...(.=S18006.13819..6.=;Sa .mis..6..@...:.:.:.H.8.w..BUGd.....a1.....`.....i.........,..B...c.\.b...c..d..$.fcJ..g0.h..=.@,.U@-.@..@/.@0...BW.A.*C64..+P.I1..`...o.U....u.... for~..%d:%02...........l..p..r.;.S.S1. |.D.@S.D...e...e.\.\.\..\.L.A.......>.".^...S-a*.-...,..(...\.....;.u%e|66OmOIFGRXVMi*M98ou4VmWnb7l)`Xs_9$`BM4}6B@?Ddfuy4Jq=g^7 z{bqN0)yi>E|41Zq?mP3%%t$v%=PSinsPkM{9oY==!uSZY(;yq%o37xeO zyKMrkqyF zsdk`_q_VC*+Sk#kNZ06&k9Bk^eihwdf2gAywe1^PhdMfy;gvi@Pe-ScxuP2lweeHw zTcew3<9E=uZ@j0C-(j0>ucwROuuAvsemlDG_b*|w?V(t%g2{KZNUNc)0gpra~qZ-Ii0l1xI z8pip|=(smLihg(fG+gF~Y+4~bd-;;>1Z)*Q#K}4~%)+^D1G5i=#OI6K$yi6VjLA;W zt;CuHXtH&XD%n(^D=oheEIc{@u~|4@rThY2XJK@x#(>jbF0IG6qj;I|oJ`KZJm>lHK8bnxh-?MF z=ld8(E~S*oj|jM8xwXefN=y)X(bX!?!hlaxJ`2AXO~O(i5uTrFY4!_Yz86LBWhk|T zLZ`FJ_;eLz{1g)50i{#TFzKJ;t%C3_+CpPVK|z>#ps_2hEm{47uJrLdj4@#~6b>Yj zfA7U}9@t_2dy8Nw2`EQ?PSP6$xH;Y9(%4(@T1=K+maUVN0wGg<8@|9^cFpG@5KDxDNu=*&NtATi@D)0V1T|Qm%z<7R z!I04b9uS-$#f#@T|AOh?MTKA;Ak@hdMwQd1Tk_P$0^rSs6d}JZCJ0lcs*+Fp1%Rm* z#7ng%v;tozfm!5+f(*W$wCNxnf(S)bB3%&~fr4d87$48<0k!pQ7W~+> z=oZKLQOd43boFGSGTzBt5N5P+Oeyq`0NQdi-3yT~%HOBxYD((R^lc69cw+TFV1zEi z`h*$~4?m!Ji?9mUpCYz^212krg9^pO()w+7YeEYY8HQx8bC*Z;q;_j!VO!F$(_H)< z?HJ}Y+%&s9hg+Q7Hz~hU!GwqHPN>v~f~dnWCDrLvm{v>J4T_sevZghP*@@~+gs{Qv z5d1V7H^P7sMx-!!P^;QC$!MCL)QPKML^SHBOeXow!3A=@ zp#=UAf?}i#l64mTpMX{5_7)txv8U|4AZ9M88F&e-2dwkfz3z$$^AY134IyIYRD-Q< zbR@mAC|RSO<|!_W3dMMQ2aLdXaT@_25Qy(LhI4%zHeDK4pB#!;Q4qh#85$}ETZz)b zR2Hm6@0o>ZmNVJpnVQ4NRx$G8gt0duL?RiS+VHNmQICfxsefgml={z2BrjSm_Y^rJ z8*UUK790ysvo$wbF6M#O>t@T{k~GvjRqy0qeC#`zo0uP_{wmC0y%I?yk|9BNzfY2f zvW0JvR~WsM5jUD^y_3Pfu+!?E)LJiXT7h@9Z^n2-NK>v~R7%BUCp|6}v$n1pm;1T^ zGJ**wD<+9zRWV&TF&tt#&{$0&z})qK<0wY7f)ge@)^iOzlUOJl_jE|fHR=S3tL|8L zL3U*0BIhgZzqD+LDG=w4DlbHvw)MuqKfN)QNgRD>Ohv&d4(d{1FI;JE^txS@L6AMva2`H6V*t(hI z3dhAR>&4j`Yok2WvKks$PIrBXL`_a3%d0e@9wd&uFh^eT@UIe7E4R1AZ=U4r#ZLBu zc{xjhfaM_uakDrX*igi#*s+DrG{#CdD+LHZ8IdD{4*u9ihle4B2)gSK>;NtpC?a-D z2ceDFg?q_lq_A(bg3*W-u8>-<8?mD60owcZ`J?Wg*#wtCCR6uW>RWNMq`vyqFA3s_ zfjgbz+S)9CfH0v*{rq4efvX=Ml#Qx306(~8$Z@;y4`noxLM<&W-B%EVLf>K)hZrX4 z=Z;oX8bPBwwkHy-4jtuwX1eSA^Ctlua*ZoCJ0YovFG@!(Z>GD0n=287RnBKVIoo0c z=eCo1n~_H%H|YYXvZ7iTNpGRH2@5Ue%B0FVp&A8N3Ko-}+(d;#XjFwKod%mIOK(}< zB*l0ju8o$)5pu~lqEscoKN zihQ8SLG}m<(Rv^9BnOleCW(q;9XWPnxLEC!w{tHsU($VD_rEsXOCzIF01pjEfBj|r F=Wlsuf8788 literal 0 HcmV?d00001 diff --git a/hacktv_updsrv/ServiceVault/wtv-1800/LC2/artemis_18006138199.tok b/hacktv_updsrv/ServiceVault/wtv-1800/LC2/artemis_18006138199.tok new file mode 100644 index 0000000000000000000000000000000000000000..4dabe11460265f9dfd68a592a4cfe3588299359b GIT binary patch literal 7208 zcmbtZ>2BLd66OocJM{dpBQ2P$sLQfrIpd+dSYmu=P3Kq`K|qr&nJ`5PBo$>gJMg2= ze%0MP)p9&o|41aV?ymZ(s`d1w{vs#HdFtidc>9FUe)V~kCVAo~k$B-J%T>y=EKFkc zJ&w7b^8nxEpR@APjNkBV9py$RazIU=x=-IBH|4pX1l*X~p!fggK-`kYxiNK#KkO9L z=eA&|y=T|IfuttD!q-2Zc%5g^X1cm&_UX-ybAHq0J>KRWYk1F`(~H~dtMexFXq)+< z&HU?o_uoyfgKe%!n+xWiUb!FJ){eJXt$v%=PSipCOnQs6oZ2T=uSZY(;yq%o37xeS zyIlgUSizE&3W-?hmO#~QLhuT5t4k9Bm`79Aq6 zt#+V}q_VC*n&{|Mq-%61CptP6zlv@!8S3apZTp7Sk&aGfcqI?f)6uD9uINTXZTwXF z*660%_#L+G8y{%nchsgk=;`7&tWv*3B5g_!tCX%0_P0-Ns3KU$HUUtr#2Ow;3rj%M z5>2;=H03rtG5%X&-9QPhLV0kgONrsTI@fS3F((6Ef{aw6*UZ)gVWgzhs0K1r0B&cM zhH*YOI_@oxqTgLV4OjUQn^j29UcY900b9q9ak7aGvv984!0baI@#W(7GS*QoW4ae~ zE3qa4nrt1UN;VbfO3N<<3r`L}Y#uJwDZfP5SsEQ`Im^H>@jv>~Dv2{Lj!Sf=G~^i! zjGTza#?;C3ls<@_q$ts&NP!>}hrgk>^84(DIYCzkYwqNNpG|7*ta;1*dbr z4kJAKvI*nIfULyBKPYgbt4hC4lv^paY*YjkrK*EagqL237|HJLCu{U_(+R7CqHt!p zm!icxdFVf8LPz8vED(odh}X+|p3-MnGoRz*oeg;SEM8_jCzCTUFL=IsNMc?-B3r@l z`98*xD=B6A3j(fK?(Ffg5)*`8biK~AFyOP4&%d45gM( z=ycW@pRJ>epFtu#pmeGkCjE1~br9Z1J7_E^C6!e?Eh=D|J&dvnacs6dzf{L zWOTvQ8(V{kbx6QR$^P~FD^G8bhwzCqI^`)}s1i^K4F>=z^1b?8zDZ&J7ey`vWSkz= z1yJUtvA5*4n5?`k+axIkLZbn*l!Rs^($T-E%RrbTx+#?MlA#i1)C z6D9FMoRxCA31CX0hXl~pq3K?Vd{O>BM^{r)$D|)?aK}@t_X)Fe8P;difOz-`U0Z}z zxc(fm1sD*5rSlbhiEZ`A?ADYvCo&AlT<0#2>RIj9)WVviVW)xkCE78?Yq)7>c?q{T zxgS#gq=E?#+bvM35d~4lVM?mAnJ}%Euv-+jm1Ip%6hjl$n+Rcp*&+C8c5H+Jvx@)~ z@W?5Tc*@@2Jy8I&Lu8YfkWs7JHOXiin$(G_DMWPW=S(K~&4~qaexL;Y5I|#=3zAJ1 z{)d27T-1-WXCpcaK6*x zOIwy0|8U-@@$_)n@t2 zg9%0IcLx&*T>a{xY*e)Y_`&r;j%$U#D5H@S3PD}Es2~W1zU4X&F-*|!9IdD{f<~8X z&m>qKI?Bb&bT|3eF9JB^{#LAXLQ)Z5l#bfkOm`1gRw4-NoX>r7w#5j}T_^KCBacLG z(#=n0MYSoC-a>5?7Fx`eNtJa%H43a0EG9p>f(nPws0vRy4K`7h-m1Pyit#|)7p+z+ z3>=6>8 v^*-cD4k#x~5*5cfa_q=(quMF2H-l-)*{(Mn
    " + e.toString() + "
    "; + console.log(e); + } + if (headers.toLowerCase().indexOf("content-length") === -1) { + headers += "\r\nContent-Length: " + data.length; + } + return new Array(headers, data); +} + +function processURL(initial_headers, socket) { + var shortURL, headers, data = ""; + var query = new Array(); + if (initial_headers['request_url'].indexOf('?') >= 0) { + shortURL = initial_headers['request_url'].split('?')[0]; + var qraw = initial_headers['request_url'].split('?')[1]; + if (qraw.length > 0) { + qraw = qraw.split("&"); + for (let i = 0; i < qraw.length; i++) { + query[qraw[i].split("=")[0]] = qraw[i].split("=")[1]; + } + if (zdebug) { + console.log("URL Request has query arguments:") + console.log(query); + } + } + } else { + shortURL = initial_headers['request_url']; + } + + if (shortURL.indexOf(':/') >= 0) { + var ssid = initial_headers['wtv-client-serial-number']; + if (ssid != null) { + console.log(" * Request for " + initial_headers['request_url'] + " from WebTV SSID " + ssid); + } else { + console.log(" * Request for " + initial_headers['request_url']); + } + // assume webtv since there is a :/ in the GET + var urlToPath = __dirname + "/ServiceVault/" + shortURL.split(':/')[0] + "/" + shortURL.split(':/')[1]; + if (zdebug) console.log(initial_headers); + var result = processPath(urlToPath, initial_headers, query); + + if (result[0] == null) { + var errpage = doErrorPage(404); + headers = errpage[0]; + data = errpage[1]; + } else { + headers = result[0]; + data = result[1]; + } + } else { + switch (shortURL) { + default: + var errpage = doErrorPage(200); + headers = errpage[0]; + data = errpage[1]; + break; + } + } + + + var toClient = headers + "\r\n\r\n" + data; + console.log(headers); + socket.write(toClient); + socket.destroy(); +} + + +var server = net.createServer(function (socket) { + socket.setEncoding("utf8"); //set data encoding (either 'ascii', 'utf8', or 'base64') + + socket.on('data', function (data) { + var url = ""; + var headers = new Array(); + if (typeof data === "string") { + data.split('\n').forEach(function (d) { + if (d != "") { + if (d == "SECURE ON") { + headers['secure'] = true; + } + if (d.indexOf(": ") > 0) { + headers[d.split(': ')[0]] = (d.split(': ')[1]).replace("\r",""); + } else if (/^(GET |PUT |POST)$/.test(d.substring(0, 4))) { + headers['request'] = d.replace("\r", ""); + headers['request_url'] = (d.split(' ')[1]).replace("\r", ""); + } + } + }); + console.log(headers); + if (headers['secure'] === true) { + // assume we have an ssid if we are this far + sec_session[headers['wtv-client-serial-number']].SecureOn(); + if (!headers['request_url']) { + headers['request_url'] = "wtv-head-waiter:/login-stage-two?"; + } + } + + processURL(headers,this); + } + }); + +}); + +server.listen(port, '0.0.0.0'); +process.stdout.write("Looking up public IP address... "); +//pubip = getPublicIP(); +console.log(pubip + " ..."); + +console.log('Listening on port ' + port + ' for WebTV Units in Scriptless Mode'); \ No newline at end of file diff --git a/hacktv_updsrv/hacktv_updsrv.njsproj b/hacktv_updsrv/hacktv_updsrv.njsproj new file mode 100644 index 00000000..5758b1e2 --- /dev/null +++ b/hacktv_updsrv/hacktv_updsrv.njsproj @@ -0,0 +1,39 @@ + + + 14.0 + $(MSBuildExtensionsPath32)\Microsoft\VisualStudio\v$(VisualStudioVersion) + hacktv_updsrv + hacktv_updsrv + + + + Debug + 2.0 + 31b77d0c-f03d-43a7-bf7f-fad7174728bf + . + app.js + False + + + . + . + v4.0 + {3AF33F2E-1136-4D97-BBB7-1795711AC8B8};{9092AA53-FB77-4645-B42D-1CCCA6BD08BD} + false + + + true + + + true + + + + + Code + + + + + + \ No newline at end of file diff --git a/hacktv_updsrv/package-lock.json b/hacktv_updsrv/package-lock.json new file mode 100644 index 00000000..ec3f2423 --- /dev/null +++ b/hacktv_updsrv/package-lock.json @@ -0,0 +1,44 @@ +{ + "name": "hacktv_updsrv", + "version": "0.0.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "arc4": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/arc4/-/arc4-3.4.0.tgz", + "integrity": "sha512-zFQmSbTwSTrICYV8kldrD3YreCtlLIKEZk+lmlNSlpUKU/cF9o746WFEy9eNqLrqSyUgAAjB3gnD9UXdK23beA==", + "requires": { + "lodash": "4.17.4" + } + }, + "crypto-js": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.0.0.tgz", + "integrity": "sha512-bzHZN8Pn+gS7DQA6n+iUmBfl0hO5DJq++QP3U6uTucDtk/0iGpXd/Gg7CGR0p8tJhofJyaKoWBuJI4eAO00BBg==" + }, + "lodash": { + "version": "4.17.4", + "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.4.tgz", + "integrity": "sha1-eCA6TRwyiuHYbcpkYONptX9AVa4=" + }, + "mime-db": { + "version": "1.48.0", + "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.48.0.tgz", + "integrity": "sha512-FM3QwxV+TnZYQ2aRqhlKBMHxk10lTbMt3bBkMAp54ddrNeVSfcQYOOKuGuy3Ddrm38I04If834fOUSq1yzslJQ==" + }, + "mime-types": { + "version": "2.1.31", + "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.31.tgz", + "integrity": "sha512-XGZnNzm3QvgKxa8dpzyhFTHmpP3l5YNusmne07VUOXxou9CqUqYa/HBy124RqtVh/O2pECas/MOcsDgpilPOPg==", + "requires": { + "mime-db": "1.48.0" + } + }, + "strftime": { + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/strftime/-/strftime-0.10.0.tgz", + "integrity": "sha1-s/D6QZKVICpaKJ9ta+n0kJphcZM=" + } + } +} diff --git a/hacktv_updsrv/package.json b/hacktv_updsrv/package.json new file mode 100644 index 00000000..70fdcb52 --- /dev/null +++ b/hacktv_updsrv/package.json @@ -0,0 +1,15 @@ +{ + "name": "hacktv_updsrv", + "version": "0.0.0", + "description": "hacktv_updsrv", + "main": "app.js", + "author": { + "name": "" + }, + "dependencies": { + "arc4": "^3.4.0", + "crypto-js": "^4.0.0", + "mime-types": "^2.1.31", + "strftime": "^0.10.0" + } +} diff --git a/hacktv_updsrv/wtvsec.js b/hacktv_updsrv/wtvsec.js new file mode 100644 index 00000000..9df6d79d --- /dev/null +++ b/hacktv_updsrv/wtvsec.js @@ -0,0 +1,224 @@ +const CryptoJS = require('crypto-js'); +const rc4 = require('arc4'); + +class WTVNetworkSecurity { + initial_shared_key = null; + current_shared_key = null; + challenge_key = null; + challenge_response = null; + challenge_b64 = null; + ticket_b64 = null; + incarnation = 1; + session_key1 = null; + session_key2 = null; + hRC4_Key1 = null; + hRC4_Key2 = null; + zdebug = false; + + constructor(wtv_initial_key = CryptoJS.lib.WordArray.random(8), wtv_incarnation = 1) { + var initial_key = wtv_initial_key; + + this.zdebug = true; + + if (initial_key.sigBytes === 8) { + this.incarnation = wtv_incarnation; + this.initial_shared_key = initial_key; + this.current_shared_key = initial_key; + } else { + throw ("Invalid initial key length"); + } + } + + set_incarnation(wtv_incarnation) { + this.incarnation = wtv_incarnation; + } + + increment_incarnation() { + this.incarnation = this.incarnation + 1; + } + + PrepareTicket() { + // store last challenge response in ticket + var ticket_data = this.challenge_response; + try { + var ticket_data_enc = CryptoJS.DES.encrypt(ticket_data, this.current_shared_key, { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.NoPadding + }); + this.ticket_b64 = this.current_shared_key.concat(ticket_data_enc.ciphertext.toString(CryptoJS.enc.Base64)); + } catch (e) { + console.log("Error encrypting ticket: " + e.toString()); + return null; + } + } + + DecodeTicket(ticket_b64) { + var ticket_hex = CryptoJS.enc.Base64.parse(ticket_b64); + var ticket_key = CryptoJS.enc.Hex.parse(ticket_hex.substring(0, this.current_shared_key.sigBytes)); + var ticket_dec = CryptoJS.DES.decrypt( + { + ciphertext: challenge_enc + }, + ticket_key, + { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.ZeroPadding + } + ); + this.ProcessChallenge(ticket_dec); + } + + ProcessChallenge(wtv_challenge) { + var challenge_raw = CryptoJS.enc.Base64.parse(wtv_challenge); + + if (challenge_raw.sigBytes > 8) { + var challenge_raw_hex = challenge_raw.toString(CryptoJS.enc.Hex); + var challenge_enc_hex = challenge_raw_hex.substring((8*2)); + var challenge_enc = CryptoJS.enc.Hex.parse(challenge_enc_hex); + + + + var challenge_decrypted = CryptoJS.DES.decrypt( + { + ciphertext: challenge_enc + }, + this.current_shared_key, + { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.ZeroPadding + } + ); + + + var challenge_dec_hex = challenge_decrypted.toString(CryptoJS.enc.Hex); + var challenge_md5_challenge = CryptoJS.MD5(CryptoJS.enc.Hex.parse(challenge_dec_hex.substring(0, (80 * 2)))); + + if (challenge_dec_hex.substring((80 * 2), (96 * 2)) == challenge_md5_challenge.toString(CryptoJS.enc.Hex)) { + this.current_shared_key = CryptoJS.enc.Hex.parse(challenge_dec_hex.substring((72*2), (80*2))); + var challenge_echo = CryptoJS.enc.Hex.parse(challenge_dec_hex.substr(0, (40*2))); + + // RC4 encryption keys.Stored in the wtv-ticket on the server side. + this.session_key1 = CryptoJS.enc.Hex.parse(challenge_dec_hex.substring((40*2), (56*2))); + this.session_key2 = CryptoJS.enc.Hex.parse(challenge_dec_hex.substring((56*2), (72*2))); + + var echo_encrypted = CryptoJS.DES.encrypt(CryptoJS.MD5(challenge_echo).concat(challenge_echo), this.current_shared_key, { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.NoPadding + }); + + // Last bytes is just extra padding + var challenge_response = CryptoJS.enc.Hex.parse(challenge_raw_hex.substr(0, (8 * 2))).concat(echo_encrypted.ciphertext.concat(CryptoJS.enc.Utf8.parse("\x00".repeat(8)))); + + + return challenge_response; + } else { + throw ("Couldn't solve challenge"); + return ""; + } + } else { + throw ("Invalid challenge length"); + } + } + + IssueChallenge() { + /* + * bytes 0-8: Random id? Just echoed in the response + * bytes 8 - XX: DES encrypted block.Encrypted with the initial key or subsequent keys from the challenge. + * bytes 8 - 48: hidden random data we echo back in the response + * bytes 48 - 64: session key 1 used in RC4 encryption triggered by SECURE ON + * bytes 64 - 80: session key 2 used in RC4 encryption triggered by SECURE ON + * bytes 80 - 88: new key for future challenges + * bytes 88 - 104: MD5 of 8 - 88 + * bytes 104 - 112: padding.not important + */ + + + var random_id_question_mark = CryptoJS.lib.WordArray.random(8); + + var echo_me = CryptoJS.lib.WordArray.random(40); + this.session_key1 = CryptoJS.lib.WordArray.random(16); + this.session_key2 = CryptoJS.lib.WordArray.random(16); + var new_shared_key = CryptoJS.lib.WordArray.random(8); + + var challenge_puzzle = echo_me.concat(this.session_key1.concat(this.session_key2.concat(new_shared_key))); + var challenge_secret = challenge_puzzle.concat(CryptoJS.MD5(challenge_puzzle).concat(CryptoJS.enc.Hex.parse("\x00".repeat(8)))); + + // Shhhh!! + var challenge_secreted = CryptoJS.DES.encrypt(challenge_secret, this.current_shared_key, { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.NoPadding + }); + + + var challenge = random_id_question_mark.concat(challenge_secreted.ciphertext); + var challenge_b64 = challenge.toString(CryptoJS.enc.Base64); + + // get the expected response for when client sends it + this.challenge_response = this.ProcessChallenge(challenge_b64); + this.challenge_key = this.current_shared_key; + this.challenge_b64 = challenge_b64; + + this.current_shared_key = new_shared_key; + return challenge_b64; + } + + SecureOn() { + var buf = Buffer.allocUnsafe(4); + buf.writeUIntLE(this.incarnation, 0, 4); + var bigbuf = buf.readUIntBE(0, 4); + var md5_digest_key1 = CryptoJS.MD5(this.session_key1.concat(CryptoJS.lib.WordArray.create(bigbuf).concat(this.session_key1))); + + buf = Buffer.allocUnsafe(4); + buf.writeUIntLE(this.incarnation, 0, 4); + bigbuf = buf.readUIntBE(0, 4); + var md5_digest_key2 = CryptoJS.MD5(this.session_key2.concat(CryptoJS.lib.WordArray.create(bigbuf).concat(this.session_key2))); + + + this.hRC4_Key1 = md5_digest_key1; + this.hRC4_Key2 = md5_digest_key2; + } + + EncryptKey1(data) { + return this.Encrypt(this.hRC4_Key1, data); + } + + EncryptKey2(data) { + return this.Encrypt(this.hRC4_Key2, data); + } + + Encrypt(context, data) { + if (key != null) { + return CryptoJS.RC4.encrypt(data, key); + } else { + throw ("Invalid RC4 encryption key"); + } + } + + DecryptKey1(data) { + return this.Decrypt(this.hRC4_Key1, data); + } + + DecryptKey2(data) { + return this.Decrypt(this.hRC4_Key2, data); + } + + Decrypt(key, data) { + if (key != null) { + return CryptoJS.RC4.decrypt(data, key); + } else { + throw ("Invalid RC4 encryption key"); + } + } + + Test() { + console.log("TEST RUN"); + console.log("Test python challenge"); + this.current_shared_key = CryptoJS.enc.Base64.parse("CC5rWmRUE0o="); + var current_challenge = "0kjyqIYAu0ziFBbSERN6DGaZ6S0fT+DBUCtpHCJ4lpuM7CbXdAm+x83BIDoJYztd1Z+5KFZ7ghmb3LJCT/6mhWUYkqqKOyfPRW8ZIdbICK/CV+Kxm8EUjRXZSk/97tsmFpH3hcCJ7C2TBw+TX38uQQ=="; + var expected_result = "0kjyqIYAu0zI5QrLhSuEUFgKkoVSxI3zBlUMfhnIYoMy0ExfIX4s/mHvILseDFx+17trk7YO+xG9D2qSY6v9XVUS1OP1m8ee"; + console.log("Expected: " + expected_result); + console.log("Got: " + this.ProcessChallenge(current_challenge)); + } +} + +module.exports = WTVNetworkSecurity; \ No newline at end of file