Fixed autorization

RSA encryption fix
Maxx53 · Feb 13, 2017 · d2284ab · d2284ab
1 parent 386bbc2
commit d2284ab
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 34 deletions.
diff --git a/scr/SCMBot/SteamSite.cs b/scr/SCMBot/SteamSite.cs
@@ -387,7 +387,8 @@ private void reqThread_DoWork(object sender, DoWorkEventArgs e)
 
         private RespRSA GetRSA()
         {
-            return JsonConvert.DeserializeObject<RespRSA>(SendPost("username=" + UserName, _getrsa, _ref, true));
+          var rsaJson = SendPost(string.Format(rsaReq, GetNoCacheTime(), UserName), _getrsa, _ref, true);
+          return JsonConvert.DeserializeObject<RespRSA>(rsaJson);
         }
 
         private void LoginProgr(string value)
@@ -418,7 +419,7 @@ private void loginThread_DoWork(object sender, DoWorkEventArgs e)
 
             string mailCode = string.Empty;
             string guardDesc = string.Empty;
-            string capchaId = string.Empty;
+            string capchaId = "-1";
             string capchaTxt = string.Empty;
             string mailId = string.Empty;
             string twoFactorCode = string.Empty;
@@ -450,7 +451,7 @@ private void loginThread_DoWork(object sender, DoWorkEventArgs e)
             string finalpass = EncryptPassword(Password, rRSA.Module, rRSA.Exponent);
 
             string MainReq = string.Format(loginReq, finalpass, UserName, mailCode, guardDesc, capchaId,
-                                                                          capchaTxt, mailId, rRSA.TimeStamp, twoFactorCode);
+                                                                          capchaTxt, mailId, rRSA.TimeStamp, twoFactorCode, GetNoCacheTime());
             string BodyResp = SendPost(MainReq, _dologin, _ref, true);
 
             LoginProgr("60");
@@ -475,7 +476,7 @@ private void loginThread_DoWork(object sender, DoWorkEventArgs e)
 
                     Dialog guardCheckForm = new Dialog();
 
-                    if ((rProcess.isCaptcha) && (rProcess.Message.Contains("humanity")))
+                    if (rProcess.isCaptcha)
                     {
                         //Verifying humanity, loading capcha
                         guardCheckForm.capchgroupEnab = true;

diff --git a/scr/SCMBot/SteamUtils.cs b/scr/SCMBot/SteamUtils.cs
@@ -44,8 +44,8 @@ public partial class SteamSite
         const string _lang_chg = _mainsite + "/actions/SetLanguage/";
         const string _lang_req = "language={0}&sessionid={1}";
 
-        //Request fix for 02/05/15
-        const string loginReq = "password={0}&username={1}&twofactorcode={8}&emailauth={2}&loginfriendlyname={3}&captchagid={4}&captcha_text={5}&emailsteamid={6}&rsatimestamp={7}&remember_login=true";
+        const string loginReq = "donotcache={9}&password={0}&username={1}&twofactorcode={8}&emailauth={2}&loginfriendlyname={3}&captchagid={4}&captcha_text={5}&emailsteamid={6}&rsatimestamp={7}&remember_login=true";
+        const string rsaReq = "donotcache={0}&username={1}";
 
         //Currency FIX
         //1 = USD, 2 = GBP, 3 = EUR, 5 = RUB
@@ -455,32 +455,22 @@ private string SendGet(string url, CookieContainer cok, bool UseHost)
             return res;
         }
 
-        static byte[] HexToByte(string hex)
+        public static byte[] HexStringToByteArray(string hex)
         {
-            if (hex.Length % 2 == 1)
+            int hexLen = hex.Length;
+            byte[] ret = new byte[hexLen / 2];
+            for (int i = 0; i < hexLen; i += 2)
             {
-                Main.AddtoLog("HexToByte: The binary key cannot have an odd number of digits");
-                return null;
-            }
-
-            byte[] arr = new byte[hex.Length >> 1];
-            int l = hex.Length;
-
-            for (int i = 0; i < (l >> 1); ++i)
-            {
-                arr[i] = (byte)((GetHexVal(hex[i << 1]) << 4) + (GetHexVal(hex[(i << 1) + 1])));
+                ret[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
             }
-
-            return arr;
+            return ret;
         }
 
-        static int GetHexVal(char hex)
+        public static long GetNoCacheTime()
         {
-            int val = (int)hex;
-            return val - (val < 58 ? 48 : 55);
+            return ((long)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds);
         }
 
-
         public static string GetSweetPrice(string input)
         {
             input = input.Trim();
@@ -519,17 +509,19 @@ public static string GetSweetPrice(string input)
 
         public static string EncryptPassword(string password, string modval, string expval)
         {
-            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
-            RSAParameters rsaParams = new RSAParameters();
-            rsaParams.Modulus = HexToByte(modval);
-            rsaParams.Exponent = HexToByte(expval);
-            rsa.ImportParameters(rsaParams);
-
-            byte[] bytePassword = Encoding.ASCII.GetBytes(password);
-            byte[] encodedPassword = rsa.Encrypt(bytePassword, false);
-            string encryptedPass = Convert.ToBase64String(encodedPassword);
+            RNGCryptoServiceProvider secureRandom = new RNGCryptoServiceProvider();
+            byte[] encryptedPasswordBytes;
+            using (var rsaEncryptor = new RSACryptoServiceProvider())
+            {
+                var passwordBytes = Encoding.ASCII.GetBytes(password);
+                var rsaParameters = rsaEncryptor.ExportParameters(false);
+                rsaParameters.Exponent = HexStringToByteArray(expval);
+                rsaParameters.Modulus = HexStringToByteArray(modval);
+                rsaEncryptor.ImportParameters(rsaParameters);
+                encryptedPasswordBytes = rsaEncryptor.Encrypt(passwordBytes, false);
+            }
 
-            return Uri.EscapeDataString(encryptedPass);
+            return Uri.EscapeDataString(Convert.ToBase64String(encryptedPasswordBytes));
         }