freecome 发表于 2004-11-29 02:54:21
我们用的是校园网要使用一个dr.com的软件来认证,才能上网RouterOS能够做吗?下面有些资料,看不懂,希望有高手能帮忙一下freecome 发表于 2004-11-29 02:54:31
我是校园网的用户,用Dr.COM等陆。可惜Dr.COM登陆程序只有windows的客户端,而我想在linux下也能上网。于是用sniffer抓了些登陆时的UDP数据,打算自己编程“模拟”登陆过程,发现登陆过程挺简单,4条UDP数据,类似下面的(16进制):第一条,客户端发送条请求信息给登陆服务器,请求加密密码:01 00 00 04 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00第二条,服务器发回加密密码:02 00 00 08 06 14 00 00 00 00第三条,这条关键啦,客户端发送回加密过的帐号,密码,MAC地址?……等信息给服务器,请求登陆。03 01 00 1d 12 79 b2 b4 9a bb 74 2f 4e fa cb e1 c7 09 f5 43 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1f 01 12 d9 7e 61 96 bb a7 2c 15 ac d6 34 7f d8 d5 c3 11 f2 bc f1 0c dd 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 b4 78 c1 d4 1e 55 f0 95 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 01第四条,服务器发回信息,表明核对帐户密码信息正确,就可以上网啦,这条没什么用。04 00 00 05 03 93 45 00 00 69 41 ae 04 ff ff ff ff ff 00 00 00 00 00 44 72 63 6f 3d 8e 72 4a 60 03 ac 13 08 77 00 00 b0 05 02 00 00 00 00 00 d2 26 e6 3d ff ff ff ff 01 00 00 00 00 00 00 00 00 00 00 00 00现在发现第一条请求密码信息是不变的,关键第二条信息服务器给的加密密码会变,经过比较大概06 14就是密码了,而且大概90秒06就会变,而14可能是每天换一次。加密密码没变的时候第三条客户回的帐号信息就不会变,现在我想找出数据加密的算法。试过DES(前面加了RandomIV头),好像不行哦。第三条的一大串信息中也是只有其中的三段是加密过的数据(搞不懂,三段不同信息加密出来的?):12 79 b2 b4 9a bb 74 2f 4e fa cb e1 c7 09 f5 43 这里16位数据12 d9 7e 61 96 bb a7 2c 15 ac d6 34 7f d8 d5 c3 11 f2 bc f1 0c dd 这里22位数据b4 78 c1 d4 1e 55 f0 95 这里8位数据还有帐号是没有加密的。三段加密数据中包括有帐号的密码,可能有MAC地址,还有加密了什么就不知道了。上次看到有人提到过一下Dr.com的加密算法,可惜不记得了。搜论坛也找不到。希望大家帮我分析下数据的加密方式,本来还以为分析出登陆过程挺简单的……FC3就要出了…… le0n 编辑于 2004-11-01 14:01freecome 发表于 2004-11-29 02:55:17
借用老兄的数据分析做例子,可以吗?如果没问题,下次贴上 ---------------------------------------------------------------------02 00 00 08 64 48 00 00 00 0003 01 00 1d 3a 1c ad a5 05 d0 54 85 df 05 7a 42 19 bc 99 53 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1f 01 3a bc 61 70 09 d0 c9 9c c0 36 36 a3 91 16 04 10 ac 26 96 28 13 f1 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 94 ac 3c dc ec 42 9c ec 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0102 00 00 08 64 48 00 00 00 0003 01 00 1d 3a 1c ad a5 05 d0 54 85 df 05 7a 42 19 bc 99 53 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 3a bc 61 70 09 d0 c9 9c c0 36 36 a3 91 16 04 10 ac 26 96 28 13 f1 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 5e 11 d8 15 4a 10 55 4c 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:34:2702 00 00 08 65 48 00 00 00 0003 01 00 1d 28 3c ca 41 96 05 58 d1 52 47 60 e5 ab 7b c6 b2 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 28 9c 06 94 9a 05 fa 4f 3d 4e 79 47 74 9c 36 3c 4e 13 56 f2 9e f4 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 ec 08 8f 68 a1 fe 4e ae 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:37:3402 00 00 08 66 48 00 00 00 0003 01 00 1d 1f 19 c7 fe ac a4 d6 78 57 03 85 c1 a3 6f b8 76 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 1f b9 0b 2b a0 a4 72 8d 53 cd 1c e0 9a 8c e9 77 e5 24 22 35 2b db 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 6b 42 4f 16 c9 20 f1 0f 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:38:4202 00 00 08 67 48 00 00 00 0003 01 00 1d 7c 71 19 70 1c 4b 3f 59 ae cf 87 1f ac bd 35 b1 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 7c d1 d5 a5 10 4b 9a dd 8e 5a 9a 80 ad 2d f0 60 be fc 90 5f de c4 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 5e d3 1f 12 0d 32 02 66 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:40:1502 00 00 08 68 48 00 00 00 0003 01 00 1d 5f 5c 1f 7f 94 88 73 34 05 b2 33 4c a5 e4 d5 89 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 5f fc d3 aa 98 88 f4 05 8c cf 06 6a 48 a3 fb a2 56 a8 f3 a2 6f 6a 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 1e c8 b5 01 b3 fc b2 37 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:41:4602 00 00 08 6d 48 00 00 00 0003 01 00 1d 6c 31 dd c9 09 1c 84 a4 a1 83 c5 a8 3e 97 82 3b 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 6c 91 11 1c 05 1c 87 47 54 c8 24 26 83 a9 5e 08 15 4d 4e 46 79 b7 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 40 9e 14 b5 f4 6a da c9 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:42:2402 00 00 08 6e 48 00 00 00 0003 01 00 1d df 96 e9 52 0d 9c cb 19 70 01 7a 26 0f fc 47 4d 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 df 36 25 87 01 9c 0c bb 76 75 69 21 fe f8 c3 2d e9 1a 4d 79 73 61 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 7a 05 10 f4 a5 6b cd 4e 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:43:5602 00 00 08 73 48 00 00 00 0003 01 00 1d 7d 04 e0 15 f7 9d ab 5d 2d 12 5a bc eb a1 1b d3 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 7d a4 2c c0 fb 9d 33 10 5d c8 de 66 35 1e fc f3 21 c9 35 8f e8 53 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 ac aa 97 97 d9 e9 1b 45 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 0119:46:4302 00 00 08 79 48 00 00 00 0003 01 00 1d af 54 dc 27 17 2e 7a 43 d6 af a5 d5 ce ce 28 c6 7a 73 78 79 30 30 32 33 37 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1b 01 af f4 10 f2 1b 2e 4c 17 86 5e ba 86 35 6b f8 a4 60 58 94 f8 c1 de 01 ac 13 08 77 00 00 00 00 00 00 00 00 00 00 00 00 84 0d 2d 9c 82 85 5b 86 01 00 00 00 00 74 65 6f 6e 2d 77 63 6b 75 30 33 72 6f 64 6a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ca 60 80 8f 00 00 00 00 d2 26 e0 44 00 00 00 00 00 00 00 00 94 00 00 00 05 00 00 00 01 00 00 00 28 0a 00 00 02 00 00 00 53 65 72 76 69 63 65 20 50 61 63 6b 20 31 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 01 08 00 b0 43 25 2f 5b c4 01没附件发就不贴cap了。上面的数据都是第二和第三条的。有结果就告诉我哦。Dr.COM是采用专用的VPN加密方式进行密文传输的。freecome 发表于 2004-11-29 02:55:30
身份认证使用的算法是MD5 02数据包中包含了四个字节的salt,也就是中间的四个字节。 文章明天贴,当然我也只搞清楚了身份认证的部分,还有一些部分没做试验。 从身份认证的角度来看,结论让我很是失望,算法上没多大的漏洞。
页:
[1]