i attach some part of the server so maybe you can help me to
understand :
Packet description (before encryption)
Messages sent back and forth between newcamd and a cardserver always
consist of
a three byte header and (optional) data bytes. The header always
starts with a
command tag byte. This is always the first byte (byte 1) of a message.
In case of an ECM or EMM this is simply the table id of the ECM (0x80,
0x81)
or EMM (0x82 - 0x8f). Other commands use cmd tags starting from 0xe0
like this:
#define CWS_FIRSTCMDNO 0xe0
typedef enum
{
MSG_CLIENT_2_SERVER_LOGIN = CWS_FIRSTCMDNO,
MSG_CLIENT_2_SERVER_LOGIN_ACK,
MSG_CLIENT_2_SERVER_LOGIN_NAK,
MSG_CARD_DATA_REQ,
MSG_CARD_DATA,
MSG_SERVER_2_CLIENT_NAME,
MSG_SERVER_2_CLIENT_NAME_ACK,
MSG_SERVER_2_CLIENT_NAME_NAK,
MSG_SERVER_2_CLIENT_LOGIN,
MSG_SERVER_2_CLIENT_LOGIN_ACK,
MSG_SERVER_2_CLIENT_LOGIN_NAK,
MSG_ADMIN,
MSG_ADMIN_ACK,
MSG_ADMIN_LOGIN,
MSG_ADMIN_LOGIN_ACK,
MSG_ADMIN_LOGIN_NAK,
MSG_ADMIN_COMMAND,
MSG_ADMIN_COMMAND_ACK,
MSG_ADMIN_COMMAND_NAK,
MSG_KEEPALIVE = CWS_FIRSTCMDNO + 0x1d,
} net_msg_type_t;
Client to Server Login
This describes how to login . Remember each card has its
own dedicated TCP port, this is how you choose, which card you want.
Client <- Server 1/5 - 090f - Thu Jan 8 17:20:17 CET 2004
encryption: none
----------------------------------------------------------
00: 77 9d cc 5d d2 0d 59 2e dc ed b8 17 c1 ab w ] Y. (this
are the bites that i receive ofter the connection)
After opening a TCP connection to the server, the client first
receives 14
random bytes. These bytes are to be XORed to the Triple-DES key from
the config
file. (cardserver: DESKEY = 0102030405060708091011121314). The result
forms the
Triple DES key to be used to send Username and Password to the
cardserver, I
call it the login key.
for make this i do :
import socket,crypt, itertools
sock = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
sock.connect(('192.168.1.11',11502))
ricevo = sock.recv(8192)
stringa = '0102030405060708091011121314'
ricevo = map(ord, ricevo)
print ricevo
#print '\n'
#luca= []
stringa = map(ord, stringa)
print stringa
plain_chars = []
for cypher_char, key_char in zip(ricevo, itertools.cycle(stringa)):
plain_char = (cypher_char) ^ (key_char)
plain_chars.append(plain_char)
print plain_chars
i get:
[133, 234, 201, 215, 129, 130, 252, 113, 15, 226, 29, 193, 67, 103]
Client -> Server 1/5 - 090f - Thu Jan 8 17:20:18 CET 2004
encryption: login
----------------------------------------------------------
00: e0 00 29 64 75 6d 6d 79 00 24 31 24 61 62 63 64 )dummy $1$abcd
10: 65 66 67 68 24 6e 70 53 45 54 51 73 72 49 6d 33 efgh$npSETQsrIm3
20: 35 4d 51 66 69 55 49 41 64 6e 2e 00 5MQfiUIAdn.
Next the client has to send a packet with cmd =
MSG_CLIENT_2_SERVER_LOGIN (e0)
including username and password in the data field.
The username is sent as a C-String (NULL terminated), the password
follows directly after the zero termination byte of the username. The
password has to be put through the glibc crypt() function, using salt
$1$abcdefgh$. The password in the data field has to be NULL terminated
and the
packet encrypted with the login key.
cryptPw = crypt(plainPw, "$1$abcdefgh$");
If i understand right i have to do this :
ris = cript.crypt(password,"$1$abcdefgh$")
than
sock.send('e0'+password+ris)
and than read again
is this correct?
--
http://mail.python.org/mailman/listinfo/python-list
