From 5bbaa63e98308a4ad6065aa89f9c93d3fb99054f Mon Sep 17 00:00:00 2001 From: zefie Date: Thu, 24 Jul 2025 12:24:04 -0400 Subject: [PATCH] change initial shared key to "minisrv!" --- zefie_wtvp_minisrv/includes/ServiceVault/wtv-chat/home.js | 6 +++--- zefie_wtvp_minisrv/includes/classes/WTVSec.js | 6 ------ zefie_wtvp_minisrv/includes/config.json | 2 +- zefie_wtvp_minisrv/unroll_rc4.js | 4 ++-- 4 files changed, 6 insertions(+), 12 deletions(-) diff --git a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-chat/home.js b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-chat/home.js index 542f211e..d4decc9a 100644 --- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-chat/home.js +++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-chat/home.js @@ -11,7 +11,7 @@ var irc_nick = session_data.getSessionData("subscriber_irc_nick") || session_dat data = ` -Chat Home (Testing) +Chat Home @@ -109,12 +109,12 @@ Chat Home (Testing) - + - + diff --git a/zefie_wtvp_minisrv/includes/classes/WTVSec.js b/zefie_wtvp_minisrv/includes/classes/WTVSec.js index 49ef766e..e957d561 100644 --- a/zefie_wtvp_minisrv/includes/classes/WTVSec.js +++ b/zefie_wtvp_minisrv/includes/classes/WTVSec.js @@ -14,12 +14,6 @@ var WTVShared = require("./WTVShared.js")['WTVShared']; */ class WTVSec { - // Initial Shared Key, in Base64 Format - // You can change this but it doesn't mean much for security. Just make sure its static. 8 bytes base64 encoded. - // If you intend to link multiple minisrv's together, they must all share the same Initial Shared Key. - - initial_shared_key_b64 = "CC5rWmRUE0o="; - initial_shared_key = null; current_shared_key = null; challenge_key = null; diff --git a/zefie_wtvp_minisrv/includes/config.json b/zefie_wtvp_minisrv/includes/config.json index f7c1302a..5e74bbbb 100644 --- a/zefie_wtvp_minisrv/includes/config.json +++ b/zefie_wtvp_minisrv/includes/config.json @@ -121,7 +121,7 @@ "password": "MySeqRetKey1" // change this in user_config.json }, "keys": { - "initial_shared_key": "CC5rWmRUE0o=", // Used for the initial RC4 rolling key. Changing this is untested and unsupported. + "initial_shared_key": "bWluaXNydiE=", // Used for the initial RC4 rolling key. Changing this is untested and unsupported. "user_data_key": "PNa$WN7gz}!T=t6X7^=|Ii##CEB~p\\EP" // Currently used to cipher user passwords in configs. Changing this while there are registered accounts will make it impossible to decrypt existing account passwords }, "passwords": { diff --git a/zefie_wtvp_minisrv/unroll_rc4.js b/zefie_wtvp_minisrv/unroll_rc4.js index 92c22d0e..6d7c3250 100644 --- a/zefie_wtvp_minisrv/unroll_rc4.js +++ b/zefie_wtvp_minisrv/unroll_rc4.js @@ -274,7 +274,7 @@ parser.on('packet', (packet) => { const srcPort = packet.data.readUInt16BE(tcpHeaderBase); const dstPort = packet.data.readUInt16BE(tcpHeaderBase + 2); - if (srcIP != serverIP && dstIP !== serverIP) { + if (srcIP !== serverIP && dstIP !== serverIP) { return; } @@ -290,7 +290,7 @@ parser.on('packet', (packet) => { } else { isClientToServer = dstIP === serverIP; } - + console.log(`[INFO] New connection detected: ${currentKey} (Client to Server: ${isClientToServer})`); connections.set(currentKey, new ConnectionState()); connections.set(oppositeKey, new ConnectionState()); connections.get(currentKey).isClient = isClientToServer;
Server:
Port: