zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

full encrypted convo to splash

Browse Source
This commit is contained in:
zefie
2021-07-12 19:48:35 -04:00
parent e3c5c15a7c
commit 6229567272
15 changed files with 426 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
hacktv_updsrv/ServiceVault/htv-update/upd/diskmap.txt → hacktv_updsrv/ServiceVault/htv-update/upd/update.txt
View File

16
hacktv_updsrv/ServiceVault/htv-update/updatemenu.txt Normal file
View File

@@ -0,0 +1,16 @@
200 OK
Connection: Keep-Alive
wtv-expire-all: wtv-home:/splash
Content-type: text/html
<html>
<head>
<DISPLAY showwhencomplete noscroll>
</head>
<body bgcolor="black" link="gold" vlink="gold" alink="gold" text="gold">
<a href="htv-update:/update">Check for HackTV Updates</a><br>
<a href="wtv-home:/unlock">Unlock Full Client (Options, Goto, etc)</a><br>
<a href="wtv-home:/splash">Splash test</a>
</body>
</html>

17
hacktv_updsrv/ServiceVault/wtv-1800/offer-open-isp-suggest.js
View File

@@ -6,12 +6,13 @@ if (socket_session_data[socket.id].ssid != null && !sec_session[socket_session_d
headers = `200 OK
Connection: Close
wtv-initial-key: ` + sec_session[socket_session_data[socket.id].ssid].challenge_key.toString(CryptoJS.enc.Base64) + `
Content-Type: text/tellyscript
wtv-initial-key: ` + issueWTVInitialKey(socket) + `
Content-Type: text/html
wtv-service: reset
wtv-service: name=wtv-1800 host=` + pubip + ` port=1615 connections=1
wtv-service: name=wtv-head-waiter host=` + pubip + ` port=1615 flags=0x04 flags=0x00000001 connections=1
wtv-service: name=htv-update host=` + pubip + ` port=1615 flags=0x04
wtv-service: name=wtv-* host=` + pubip + ` port=`+port+` flags=0x00000007
wtv-service: name=wtv-head-waiter host=` + pubip + ` port=`+port+` flags=0x04 flags=0x00000001 connections=1
wtv-service: name=wtv-flashrom host=` + pubip + ` port=`+port+` flags=0x00000040
wtv-service: name=htv-update host=` + pubip + ` port=`+port+` flags=0x04
wtv-boot-url: wtv-head-waiter:/login?
wtv-visit: wtv-head-waiter:/login?
wtv-client-time-zone: GMT -0000
@@ -19,12 +20,12 @@ wtv-client-time-dst-rule: GMT
wtv-client-date: `+strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString()))+` GMT`;
/*
var romtype = socket_session_data[socket.id].romtype;
switch (romtype) {
case "US-LC2-disk-0MB-8MB":
data = fs.readFileSync(__dirname + "/ServiceDeps/LC2/artemis_18006138199.tok").buffer;
//data = fs.readFileSync(__dirname + "/ServiceDeps/LC2/LC2.tok").buffer;
data = getFile("LC2/artemis_18004653537.tok",true);
break;
default:
@@ -32,3 +33,5 @@ switch (romtype) {
break;
}
*/
data='';

5
hacktv_updsrv/ServiceVault/wtv-1800/preregister.js
View File

@@ -1,3 +1,8 @@
var gourl = "wtv-1800:/offer-open-isp-suggest?";
if (initial_headers['wtv-ticket']) {
gourl = "wtv-head-waiter:/login-stage-two?";
}
headers = `200 OK
Connection: Keep-Alive
wtv-open-isp-disabled: false

9
hacktv_updsrv/ServiceVault/wtv-1800/test.js Normal file
View File

@@ -0,0 +1,9 @@
var wtv = new WTVNetworkSecurity();
var test = CryptoJS.enc.Utf8.parse("this is a test");
var test2 = wtv.wordArrayToUint8Array(test);
var test3 = CryptoJS.lib.WordArray.create(test2);
headers = `200 OK
Connection: Close
Content-type: text/plain`
data = test3.toString(CryptoJS.enc.Utf8);

23
hacktv_updsrv/ServiceVault/wtv-head-waiter/finalize-security.js Normal file
View File

@@ -0,0 +1,23 @@
var challenge_response, challenge_header = '';
var gourl;
if (socket_session_data[socket.id].ssid !== null) {
if (initial_headers['wtv-ticket']) {
if (initial_headers['wtv-ticket'].length > 8) {
DecodeTicket(initial_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = initial_headers['wtv-ticket'];
//socket_session_data[socket.id].secure == true;
}
} else if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
// TODO: client should have a ticket and send it back by now, if not we should handle this correctly
}
}
headers = `200 OK
Connection: Keep-Alive
wtv-encrypted: true
wtv-ticket: `+sec_session[socket_session_data[socket.id].ssid].ticket_b64+`
wtv-expire-all: htv-
wtv-visit: wtv-home:/splash?
Content-Type: text/html
`;

60
hacktv_updsrv/ServiceVault/wtv-head-waiter/login-stage-two.js
View File

@@ -5,18 +5,21 @@ if (socket_session_data[socket.id].ssid !== null) {
if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
if (initial_headers['wtv-ticket']) {
if (initial_headers['wtv-ticket'].length > 8) {
DecodeTicket(initial_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].DecodeTicket(initial_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = initial_headers['wtv-ticket'];
socket_session_data[socket.id].secure == true;
//socket_session_data[socket.id].secure = true;
}
} else {
challenge_response = sec_session[socket_session_data[socket.id].ssid].challenge_response;
var client_challenge_response = initial_headers['wtv-challenge-response'] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
//if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
if (challenge_response.toString(CryptoJS.enc.Base64) == client_challenge_response) {
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
if (zdebug) console.log("Response Expected:",challenge_response.toString(CryptoJS.enc.Base64));
if (zdebug) console.log("Response Received:",client_challenge_response)
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
socket_session_data[socket.id].secure == true;
//socket_session_data[socket.id].secure = true;
} else {
gourl = "wtv-head-waiter:/login?reissue_challenge=true";
}
@@ -35,11 +38,58 @@ wtv-visit: `+gourl+`
Content-type: text/html`;
data = '';
} else {
var nickname = 'HackTVUsr_'+Math.floor(Math.random() * 100000);
headers = `200 OK
Connection: Keep-Alive
wtv-encrypted: true
wtv-ticket: `+sec_session[socket_session_data[socket.id].ssid].ticket_b64+`
wtv-client-time-zone: GMT -0000
wtv-client-date: `+strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString()))+` GMT
wtv-country: US
wtv-language-header: en-US,en
wtv-tv-zipcode: 90210
wtv-visit: client:closeallpanels
wtv-messagewatch-checktimeoffset: off
wtv-expire-all: client:closeallpanels
wtv-input-timeout: 14400
wtv-connection-timeout: 90
wtv-fader-timeout: 900
wtv-ssl-log-url: wtv-log:/log
wtv-smartcard-inserted-message: Contacting service
user-id: 1`+Math.floor(Math.random() * 1000000000000000000)+`
wtv-transition-override: off
wtv-bypass-proxy: true
wtv-allow-dsc: true
wtv-messenger-enable: 0
wtv-noback-all: wtv-
wtv-service: reset
wtv-service: name=wtv-1800 host=` + pubip + ` port=` + port + ` connections=1
wtv-service: name=wtv-head-waiter host=` + pubip + ` port=` + port + ` flags=0x04 flags=0x00000001 connections=1
wtv-service: name=htv-update host=` + pubip + ` port=` + port + ` connections=3
wtv-service: name=wtv-log host=` + pubip + ` port=` + port + ` connections=1
wtv-service: name=wtv-home host=` + pubip + ` port=` + port + ` flags=0x00000010
wtv-boot-url: wtv-1800:/preregister
wtv-user-name: `+nickname+`
wtv-human-name: `+nickname+`
wtv-irc-nick: `+nickname+`
wtv-home-url: htv-update:/update?
wtv-domain: wtv.zefie.com
wtv-inactive-timeout: 0
wtv-connection-timeout: 90
wtv-show-time-enabled: true
wtv-fader-timeout: 900
wtv-tourist-enabled: true
wtv-boot-url: wtv-head-waiter:/login
wtv-connection-timeout: 180
wtv-ssl-timeout: 240
wtv-login-timeout: 7200
wtv-open-isp-disabled: false
wtv-log-url: wtv-log:/log
wtv-demo-mode: 0
wtv-wink-deferrer-retries: 3
wtv-offline-mail-enable: true
wtv-visit: wtv-head-waiter:/finalize-security?
Content-Type: text/html`;
data = "hehe! stage two! <a href='wtv-head-waiter:/finalize-security'>test</a>";
data = '';
}

90
hacktv_updsrv/ServiceVault/wtv-head-waiter/login.js
View File

@@ -1,74 +1,58 @@
var initialChallenge, challenge_response, challenge_header = '';
var gourl = "wtv-head-waiter:/login-stage-two?";
var challenge_response, challenge_header = '';
if (socket_session_data[socket.id].ssid !== null) {
if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
if (initial_headers['wtv-ticket']) {
if (initial_headers['wtv-ticket']) {
if (sec_session[socket_session_data[socket.id].ssid].ticket_b64 == null) {
if (initial_headers['wtv-ticket'].length > 8) {
DecodeTicket(initial_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].DecodeTicket(initial_headers['wtv-ticket']);
sec_session[socket_session_data[socket.id].ssid].ticket_b64 = initial_headers['wtv-ticket'];
//socket_session_data[socket.id].secure = true;
}
}
} else {
challenge_response = sec_session[socket_session_data[socket.id].ssid].challenge_response;
var client_challenge_response = initial_headers['wtv-challenge-response'] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
//socket_session_data[socket.id].secure = true;
} else {
challenge_header = "wtv-challenge: "+issueWTVChallenge(socket);
}
} else {
challenge_response = sec_session[socket_session_data[socket.id].ssid].challenge_response;
var client_challenge_response = initial_headers['wtv-challenge-response'] || null;
if (challenge_response && client_challenge_response) {
if (challenge_response.toString(CryptoJS.enc.Base64).substring(0,85) == client_challenge_response.substring(0,85)) {
console.log(" * wtv-challenge-response success for "+socket_session_data[socket.id].ssid);
sec_session[socket_session_data[socket.id].ssid].PrepareTicket();
} else {
challenge_header = "wtv-challenge: "+sec_session[socket_session_data[socket.id].ssid].IssueChallenge();
}
} else {
challenge_header = "wtv-challenge: "+sec_session[socket_session_data[socket.id].ssid].IssueChallenge();
}
challenge_header = "wtv-challenge: "+issueWTVChallenge(socket);
}
}
}
if (sec_session[socket_session_data[socket.id].ssid].ticket_b64) {
headers = `200 OK
Connection: Keep-Alive
wtv-encrypted: true
wtv-ticket: `+sec_session[socket_session_data[socket.id].ssid].ticket_b64+`
wtv-client-time-zone: GMT -0000
wtv-client-date: `+strftime("%a, %d %b %Y %H:%M:%S", new Date(new Date().toUTCString()))+` GMT
wtv-country: US
wtv-language-header: en-US,en
wtv-visit: client:closeallpanels
wtv-expire-all: client:closeallpanels
wtv-noback-all: wtv-
wtv-service: reset
wtv-service: name=wtv-1800 host=` + pubip + ` port=1615 connections=1
wtv-service: name=wtv-head-waiter host=` + pubip + ` port=1615 flags=0x04 flags=0x00000001 connections=1
wtv-service: name=htv-update host=` + pubip + ` port=1615 flags=0x04
wtv-boot-url: wtv-head-waiter:/login?
wtv-input-timeout: 14400
wtv-connection-timeout: 90
wtv-fader-timeout: 900
wtv-ssl-log-url: wtv-log:/log
wtv-bypass-proxy: true
wtv-allow-dsc: true
wtv-messenger-enable: 0
wtv-nameserver: 1.1.1.1
wtv-phone-log-url: wtv-log:/log
wtv-visit: wtv-head-waiter:/login-stage-two?
Content-type: text/html`
data = '';
//data = fs.readFileSync(__dirname + "/ServiceDeps/splash.html");
} else {
if (initial_headers) {
var cookiedata = {};
Object.keys(initial_headers).forEach(function (k) {
switch (k) {
case "wtv-capability-flags":
case "wtv-system-version":
case "wtv-client-rom-type":
case "wtv-client-bootrom-version":
case "wtv-system-chipversion":
case "wtv-system-sysconfig":
case "wtv-system-cpuspeed":
cookiedata[k] = initial_headers[k];
break;
}
});
cookie_dat[socket_session_data[socket.id].ssid] = CryptoJS.enc.Utf8.parse(JSON.stringify(cookiedata)).toString(CryptoJS.enc.Base64);
}
headers = `200 OK
Connection: Keep-Alive
Expires: Wed, 09 Oct 1991 22:00:00 GMT
wtv-expire-all: wtv-head-waiter:
wtv-service: name=wtv-log host=` + pubip + ` port=1615 connections=1
wtv-service: name=wtv-log host=` + pubip + ` port=`+port+` connections=1
wtv-log-url: wtv-log:/log
`+challenge_header+`
wtv-relogin-url: wtv-1800:/preregister?relogin=true
wtv-reconnect-url: wtv-1800:/preregister?reconnect=true
wtv-visit: `+gourl+`
wtv-visit: wtv-head-waiter:/login-stage-two?
Content-type: text/html`;
data = '';
}

24
hacktv_updsrv/ServiceVault/wtv-home/splash.txt Normal file
View File

@@ -0,0 +1,24 @@
200 OK
Connection: Keep-Alive
wtv-expire-all: htv-
Content-type: text/html
<html>
<head>
<display nooptions nostatus skipback clearback fontsize=medium>
<meta
http-equiv=refresh
content="5; url=htv-update:/updatemenu"
>
</head>
<body bgcolor="#000000" text="#449944">
<bgsound src="file://ROM/Sounds/Splash.mid">
<center>
<img src="file://Disk/Browser/DiskFlash/HTMLs/hacktv.gif">
<br>
<spacer type=block height=98 width=21>
<br>
</center>
</body>
</html>

6
hacktv_updsrv/ServiceVault/wtv-log/log.js
View File

@@ -1,10 +1,8 @@
console.log(initial_headers);
// dummy page, we could handle the logs here.
headers = `200 OK
Connection: Keep-Alive
Expires: `+strftime("%a, %d %b %Y %H:%M:%S", new Date((new Date().toUTCString()) + 10))+` GMT
Content-length: 0
Content-type: text/html`;
Content-length: 0`;
data = '';