[robbinghood]

Hi,

So I took a look at UT's auth process, and have some questions about how it works.
First of all, I assume that no details about how the md5(?) auth key is generated will be given out, so I won't even ask (Would be pretty dumb if everyone could generate his own auth keys^^)

Yet, I would like to know what the CL:AUTH packet consists of.

Client->Server:

CL:AUTH 3 <some mysterious string, about 172 characters long>

Server client->:

AUTH:CL 3 <some mysterious string, about 135 characters long>

How is this string generated? I can't seem to find any pattern, neither do they have the same length for every log-in.

I'd greatly appreciate if any kind person would care to reply

Regards!

[Fenix]

some misterious string


It means that the string is encrypted. If FS wanted to let everyone understand the auth protocol why should they encrypt it?

This post has been edited by Fenix: 04 March 2014 - 10:24 PM

[robbinghood]

Fenix, on 04 March 2014 - 10:24 PM, said:

It means that the string is encrypted. If FS wanted to let everyone understand the auth protocol why should they encrypt it?

The reason why the auth process is encrypted is probably the chance of auth key theft (Else everyone on the network could capture the auth keys of other players and abuse them).

However, I believe that the encrypted string is not only based on the auth key, but also on at least one other component (e.g. user name, timestamp or whatever).

And that's the part where only someone with some knowledge of the protocol could help.

This post has been edited by robbinghood: 04 March 2014 - 10:58 PM

[FS Kalish]

« If FS wanted to let everyone understand the auth protocol why should they encrypt it? » was a perfect answer.

Sorry for you :D

[Qant]

security through obscurity.. aint that convenient EDIT: not that somebody should actually have to care about urt auths security tho, so nvm.. pointless post is pointless.

This post has been edited by Qant: 19 March 2014 - 07:16 PM