[CEntrilo] no support for ventrilo v3.0 for now

hi again.

just want to let you know that i will not support ventrilo v3.0.
the reason is, the ventrilo guys are authenticating the server against some of their servers.
just have a look at port 6100 when you start ventrilo…

as stated on: http://ventrilo.com/forums/showthread.php?t=23257
they require you to let the client authenticate the server.
if you are behind a firewall, so u’re fucked.

  • server calculates some seed (?) and sends this to the client (UDP)
  • client contacts flagship-servers and gets some other token (UDP)
  • client calculates encryption keys from this
  • server sends 0x34 command during TCP-handshake
  • client receives 0x34 command
  • server modifies encryption lookup tables using the keys from above
  • client modifies encryption lookup tables using the keys from above
  • both communicate with modified tables now

i hate that “we want control everything”-way everyone goes.

well, i was able to let the win32 client authenticate my server and then use that authentication token to decode the protocol without any problems.
that token seems just to change when the server is restarted – but neither i want to make a dumper for that token nor do i want to re-implement their authentication procedure.
maybe i’ll find another way like bruteforcing the encryption while the server sends pings and information blocks, but i dont think its the right way.

P.S.: these guys really suck!

 

[ad]

One Response to “[CEntrilo] no support for ventrilo v3.0 for now”

  1. bsmtich Says:

    I am wondering if you know how the server and the client modify their encryption tables. I am really interested in knowing that and how they calculate their encryption keys.

Leave a Reply

You must be logged in to post a comment.


We are using cookies on our website

Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.