[CEntrilo] no support for ventrilo v3.0 for now

hi again.

just want to let you know that i will not support ventrilo v3.0.
the reason is, the ventrilo guys are authenticating the server against some of their servers.
just have a look at port 6100 when you start ventrilo…

as stated on: http://ventrilo.com/forums/showthread.php?t=23257
they require you to let the client authenticate the server.
if you are behind a firewall, so u’re fucked.

  • server calculates some seed (?) and sends this to the client (UDP)
  • client contacts flagship-servers and gets some other token (UDP)
  • client calculates encryption keys from this
  • server sends 0x34 command during TCP-handshake
  • client receives 0x34 command
  • server modifies encryption lookup tables using the keys from above
  • client modifies encryption lookup tables using the keys from above
  • both communicate with modified tables now

i hate that “we want control everything”-way everyone goes.

well, i was able to let the win32 client authenticate my server and then use that authentication token to decode the protocol without any problems.
that token seems just to change when the server is restarted – but neither i want to make a dumper for that token nor do i want to re-implement their authentication procedure.
maybe i’ll find another way like bruteforcing the encryption while the server sends pings and information blocks, but i dont think its the right way.

P.S.: these guys really suck!



Leave a Reply