Author Topic: Oscar Protocol Question  (Read 6828 times)

0 Members and 1 Guest are viewing this topic.

Offline dynobird

  • Newbie
  • *
  • Posts: 26
  • I'm new here!
    • View Profile
Oscar Protocol Question
« on: October 03, 2005, 08:28:38 pm »
I'm making an aim bot in java and i have a question about oscar protocol relating to the login. It requires you to roast your password, and I get the concept of this, but I have no idea how to do it. Probably because when I read the explanation explained in the documentation (and on every other site I've googled, which just copies some documentation that aol released) it's in GREEK!. Like, I don't understand this:

Code: [Select]
"Roasting is performed by first xoring each byte in the password with the equivalent modulo byte in the roasting array ( 0xF3, 0x26, 0x81, 0xC4, 0x39, 0x86, 0xDB, 0x92, 0x71, 0xA3, 0xB9, 0xE6, 0x53, 0x7A, 0x95, 0x7C )"
xoring rings a bell, from something I've read, but it doesn't make sense to me in this context. What does the above quote mean? It's taken out of context from here.
 

Offline dynobird

  • Newbie
  • *
  • Posts: 26
  • I'm new here!
    • View Profile
Re: Oscar Protocol Question
« Reply #1 on: October 03, 2005, 08:36:56 pm »
Sorry, I think I'm just going to do an MD5 login. But, to keep this thread from being a useless waste of memory...

Oscar Protocol, MD5 Login
Likes/Dislikes?

Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: Oscar Protocol Question
« Reply #2 on: October 04, 2005, 04:15:25 am »
"Roasting" means something like this:
Password: blah
'b' xor 0xf3
'l' xor 0x26
'a' xor 0x81
'h' xor 0xc4

Those bytes are sent over the network.  That's why it's trival to decode.

MD5 is far superior.
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Oscar Protocol Question
« Reply #3 on: October 04, 2005, 06:25:10 am »
Hm, does trivial mean hard or easy? I keep forgetting. Anyhow, it is easy, even I can do it =p.

joe@JoeMomma:~/dev/cpp/helloworld $ g++ -Wno-deprecated roast.cpp -o passroast && ./passroast
Enter password: testroast
74 65 73 74 72 6F 61 73 74                              testroast
87 43 F2 B0 4B E9 BA E1 05                              ‡Cò°Kéºá
74 65 73 74 72 6F 61 73 74                              testroast


Code: [Select]
// AIM Password Roaster
// Author: Joe[e2]

#include <iostream.h>
#include <stdio.h>
#include <stdlib.h>
using namespace std;

string doRoast(string data);
string debugOutput(string data);

int main() {
  string data;
  cout << "Enter password: ";
  cin >> data;
  cout << debugOutput(data);
  data = doRoast(data);
  cout << debugOutput(data);
  data = doRoast(data);
  cout << debugOutput(data);
  return 0;
}

string debugOutput(string out) {
  string returnString;
  char TempString[4];
  long i, j; // Loop variables
  for(i = 0; i < out.length(); i++) {
    if(i && (i % 16 == 0)) {
      // If it's a multiple of 16 and i isn't null, show the ascii
      returnString += '\t';
      for(j = i - 16; j < i; j++) {
        returnString += out[j];
      }
    // Add a linefeed after the string
    returnString += '\n';
    }

    // Put the next 2 hex values into a string and add them to the returnString
    sprintf(TempString, "%02X ", 0xFF & out[i]);
    returnString += TempString;
  }

  // Add padding spaces if it's not a multiple of 16
  if(i % 16 != 0) {
    for(j = 0; j < ((16 - (i % 16)) * 3); j++) {
      returnString += ' ';
    }
  }
  // Add the tab for alignment
  returnString += '\t';

  // Add final chararacters at right, after padding

  // If it was at the end of a line, print out the full line
  if((i % 16) == 0) {
j = i - 16;
  } else {
    j = (i - (i % 16));
  }

  for(; j < i; j++) {
    returnString += out[j];
  }

  // Finally, tidy it all up with a newline
  returnString += '\n';

  return returnString;
}

string doRoast(string data) {
  string roastValues = "\xF3\x26\x81\xC4\x39\x86\xDB\x92\x71\xA3\xB9\xE6\x53\x7A\x95\x7C";
  string returnString;
  long i; int a;
  for(i = 0; i < data.length(); i++) {
    a = data[i] ^ roastValues[i];
    returnString = returnString + (char)a;
  }
  return returnString;
}

Thanks to iago for debugOutput().
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: Oscar Protocol Question
« Reply #4 on: October 04, 2005, 08:27:29 pm »
Hm, does trivial mean hard or easy? I keep forgetting. Anyhow, it is easy, even I can do it =p.
Yeah, trivial means easy.  We should coin a term... maybe, "joevial" that means it's super-easy.  :P
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Oscar Protocol Question
« Reply #5 on: October 04, 2005, 09:17:06 pm »
Let's go issue a patent on 'joerivial'.  I lie it more than 'joevial'.  :)

Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: Oscar Protocol Question
« Reply #6 on: October 04, 2005, 09:41:14 pm »
I thought trivial ment insignifficant. Like... trivial details on a sketch or something..
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: Oscar Protocol Question
« Reply #7 on: October 05, 2005, 01:12:37 am »
I thought trivial ment insignifficant. Like... trivial details on a sketch or something..
It means that too.  When in the context of discussing something's simplicity, a task can be trivial (a simple task).
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Oscar Protocol Question
« Reply #8 on: October 05, 2005, 06:16:10 pm »
I keep mixing it up with its (seemingly) root word, trivia, which is usually stuff nobody ever gets. =p
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline MyndFyre

  • Boticulator Extraordinaire
  • x86
  • Hero Member
  • *****
  • Posts: 4540
  • The wait is over.
    • View Profile
    • JinxBot :: the evolution in boticulation
Re: Oscar Protocol Question
« Reply #9 on: October 05, 2005, 08:06:12 pm »
I keep mixing it up with its (seemingly) root word, trivia, which is usually stuff nobody ever gets. =p

Yeah but trivia is also pointless.
I have a programming folder, and I have nothing of value there

Running with Code has a new home!

Our species really annoys me.