Protocols/OSCAR/SNAC/BUCP LOGIN REQUEST: Difference between revisions

From Toxi's Wiki
Jump to navigationJump to search
No edit summary
Line 3: Line 3:
This is the final SNAC sent by the client when authorizing via BUCP, and contains a hashed password among other things. After this is sent, the server should respond with a [[Protocols/OSCAR/SNAC/BUCP__LOGIN_RESPONSE|BUCP__LOGIN_RESPONSE]] SNAC. Whether the client were authorized or not shows in the TLVs of the aforementioned SNAC.
This is the final SNAC sent by the client when authorizing via BUCP, and contains a hashed password among other things. After this is sent, the server should respond with a [[Protocols/OSCAR/SNAC/BUCP__LOGIN_RESPONSE|BUCP__LOGIN_RESPONSE]] SNAC. Whether the client were authorized or not shows in the TLVs of the aforementioned SNAC.


=== SNAC Header ===
{{Template:Protocols/OSCAR/SNAC/Header
{{Template:Protocols/OSCAR/SNAC/Header
|foodgroup=00 17
|foodgroup=00 17
Line 10: Line 9:
|request_id=00 00 00 00}}
|request_id=00 00 00 00}}


=== SNAC Data ===
{{Template:Protocols/OSCAR/SNAC/TLV
The SNAC data is a list of TLVs in this order:
|tlv_type=00 01
|tlv_type_desc=TLV Type (0x0001) - screen name
|tlv_length=xx xx
|tlv_data_length=xx xx
|tlv_data_val=xx ..
|tlv_data_type=string
|tlv_data_desc=Screen name}}


{| class="wikitable"
{{Template:Protocols/OSCAR/SNAC/TLV
|-
  |tlv_type=00 25
! Type !! Length !! Value
  |tlv_type_desc=TLV Type (0x0025) - password hashed in MD5
|-
  |tlv_length=xx xx
  | 00 01 || xx xx || The screen name as given by the client.
  |tlv_data_length=00 10
  |-
  |tlv_data_val=xx ..
| 00 25 || 00 10 || The password, hashed in MD5 in a specific format. See below this table on how to do so.
  |tlv_data_type=array
  |-
  |tlv_data_desc=MD5-hashed password (see below on how to do so)}}
| 00 03 || xx xx || The client ID string (with the name and version - i.e., "AOL Instant Messenger (SM), version 4.8.2540/WIN32")
|-
  | 00 16 || 00 02 || The client's ID number.
  |-
| 00 17 || 00 02 || The client's major version (i.e., "4")
  |-
| 00 18 || 00 02 || The client's minor version (i.e., "8")
  |-
| 00 19 || 00 02 || The client's lesser version.
|-
| 00 1A || 00 02 || The client's build number (i.e., 2540)
|-
| 00 14 || 00 04 || The client's distribution number.
|-
| 00 0F || 00 02 || The client's language (i.e., "en")
|-
| 00 0E || 00 02 || The client's country (i.e., "us")
|-
| 00 0F || 00 02 || Whether to use SSI or not (1 - SSI only, 0 - family 0x03)
|}


''May also contain other [[Protocols/OSCAR/TLV#Common_TLVs|common TLVs]].''
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 03
|tlv_type_desc=TLV Type (0x0003) - client ID string
|tlv_length=xx xx
|tlv_data_val=xx ..
|tlv_data_type=string
|tlv_data_desc=Client ID string with the name and version (i.e., "AOL Instant Messenger (SM), version 4.8.2540/WIN32")}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 16
|tlv_type_desc=TLV Type (0x0016) - client ID number
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=word
|tlv_data_desc=Client ID number}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 17
|tlv_type_desc=TLV Type (0x0017) - client major version
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=word
|tlv_data_desc=Client major version (i.e., "4" in "4.8.2540")}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 18
|tlv_type_desc=TLV Type (0x0018) - client minor version
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=word
|tlv_data_desc=Client minor version (i.e., "8" in "4.8.2540")}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 19
|tlv_type_desc=TLV Type (0x0019) - client lesser version
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=word
|tlv_data_desc=Client lesser version}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 1A
|tlv_type_desc=TLV Type (0x001A) - client build number
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=word
|tlv_data_desc=Client build number (i.e., "2540" in "4.8.2540"}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 14
|tlv_type_desc=TLV Type (0x0014) - client distribution number
|tlv_length=00 04
|tlv_data_val=xx xx xx xx
|tlv_data_type=dword
|tlv_data_desc=Client distribution number}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 0F
|tlv_type_desc=TLV Type (0x000F) - client language
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=string
|tlv_data_desc=Client language (i.e., "en")}}
 
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 0E
|tlv_type_desc=TLV Type (0x000E) - client country
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=string
|tlv_data_desc=Client country (i.e., "us")}}
 
<!-- I'm not sure what the flag values really mean -->
{{Template:Protocols/OSCAR/SNAC/TLV
|tlv_type=00 0F
|tlv_type_desc=TLV Type (0x000F) - SSI flag
|tlv_length=00 02
|tlv_data_val=xx xx
|tlv_data_type=word
|tlv_data_desc=SSI flag; 1 - use SSI only, 2 - foodgroup 0x03}}
 
{{Template:Protocols/OSCAR/SNAC/CommonTLV}}
{{Template:Protocols/OSCAR/SNAC/Footer}}


==== Password Hashing ====
Hashing the password, in some older AIM versions implementing BUCP authentication, hashes via MD5 in the following format (old_hash):
Hashing the password, in some older AIM versions implementing BUCP authentication, hashes via MD5 in the following format (old_hash):
* Challenge  
* Challenge  
Line 63: Line 129:
''Note to server developers: You will have to hash the password in both formats, and compare both the hashes with what the client hashed to verify the password in order to support the full range of BUCP clients.''
''Note to server developers: You will have to hash the password in both formats, and compare both the hashes with what the client hashed to verify the password in order to support the full range of BUCP clients.''


=== SNAC Dump ===
 
Example dump (sent by a AIM 4.8.2540 client - dump contains a FLAP header):
Example dump (sent by a AIM 4.8.2540 client - dump contains a FLAP header):
<pre>
<pre>
0000  2a 02 17 8b 00 99 00 17 00 02 00 00 00 00 00 00  *...............
0000  2a 02 17 8b 00 99 00 17 00 02 00 00 00 00 00 00  *...............
0010  00 01 00 0a 74 6f 78 69 64 61 74 69 6f 6e 00 25  ....toxidation.%
0010  00 01 00 0a 74 6f 78 69 64 61 74 69 6f 6e 00 25  ....toxidation.%
0020  00 10 xx xx xx xx xx xx xx xx xx xx xx xx xx xx   ................
0020  00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0030  xx xx 00 03 00 32 41 4f 4c 20 49 6e 73 74 61 6e  .....2AOL Instan
0030  00 00 00 03 00 32 41 4f 4c 20 49 6e 73 74 61 6e  .....2AOL Instan
0040  74 20 4d 65 73 73 65 6e 67 65 72 20 28 53 4d 29  t Messenger (SM)
0040  74 20 4d 65 73 73 65 6e 67 65 72 20 28 53 4d 29  t Messenger (SM)
0050  2c 20 76 65 72 73 69 6f 6e 20 34 2e 38 2e 32 35  , version 4.8.25
0050  2c 20 76 65 72 73 69 6f 6e 20 34 2e 38 2e 32 35  , version 4.8.25
Line 77: Line 143:
0090  00 02 65 6e 00 0e 00 02 75 73 00 4a 00 01 01      ..en....us.J...
0090  00 02 65 6e 00 0e 00 02 75 73 00 4a 00 01 01      ..en....us.J...
</pre>
</pre>
''The hashed password TLV's data as seen above in the hex dump is replaced by "xx xx .." because underneath the hash, more or less, is my actual NINA password.''

Revision as of 19:21, 21 July 2024

OSCAR Protocol
IntroductionTermsClients
Basic
TODO
Tutorials
Sign On
Foodgroups
OSERVICE (0x0001)
BUCP (0x0017)

This is the final SNAC sent by the client when authorizing via BUCP, and contains a hashed password among other things. After this is sent, the server should respond with a BUCP__LOGIN_RESPONSE SNAC. Whether the client were authorized or not shows in the TLVs of the aforementioned SNAC.

 00 17   word   SNAC foodgroup
 00 02   word   SNAC subgroup
 00 00   word   SNAC flags
 00 00 00 00   dword   SNAC request ID
 00 01   word   TLV Type (0x0001) - screen name
 xx xx   word   TLV Length
 xx ..   string   Screen name
 00 25   word   TLV Type (0x0025) - password hashed in MD5
 xx xx   word   TLV Length
 xx ..   array   MD5-hashed password (see below on how to do so)
 00 03   word   TLV Type (0x0003) - client ID string
 xx xx   word   TLV Length
 xx ..   string   Client ID string with the name and version (i.e., "AOL Instant Messenger (SM), version 4.8.2540/WIN32")
 00 16   word   TLV Type (0x0016) - client ID number
 00 02   word   TLV Length
 xx xx   word   Client ID number
 00 17   word   TLV Type (0x0017) - client major version
 00 02   word   TLV Length
 xx xx   word   Client major version (i.e., "4" in "4.8.2540")
 00 18   word   TLV Type (0x0018) - client minor version
 00 02   word   TLV Length
 xx xx   word   Client minor version (i.e., "8" in "4.8.2540")
 00 19   word   TLV Type (0x0019) - client lesser version
 00 02   word   TLV Length
 xx xx   word   Client lesser version
 00 1A   word   TLV Type (0x001A) - client build number
 00 02   word   TLV Length
 xx xx   word   Client build number (i.e., "2540" in "4.8.2540"
 00 14   word   TLV Type (0x0014) - client distribution number
 00 04   word   TLV Length
 xx xx xx xx   dword   Client distribution number
 00 0F   word   TLV Type (0x000F) - client language
 00 02   word   TLV Length
 xx xx   string   Client language (i.e., "en")
 00 0E   word   TLV Type (0x000E) - client country
 00 02   word   TLV Length
 xx xx   string   Client country (i.e., "us")
 00 0F   word   TLV Type (0x000F) - SSI flag
 00 02   word   TLV Length
 xx xx   word   SSI flag; 1 - use SSI only, 2 - foodgroup 0x03
 May contain other common TLVs

Hashing the password, in some older AIM versions implementing BUCP authentication, hashes via MD5 in the following format (old_hash):

  • Challenge
  • Password
  • "AOL Instant Messenger (SM)"

However, in some newer AIM versions, they hash via MD5 in the following format (new_hash):

  • Challenge
  • md5(password)
  • "AOL Instant Messenger (SM)"

For example:

old_hash = md5(challenge + password + "AOL Instant Messenger (SM)")
new_hash = md5(challenge + md5(password) + "AOL Instant Messenger (SM)")

Note to server developers: You will have to hash the password in both formats, and compare both the hashes with what the client hashed to verify the password in order to support the full range of BUCP clients.


Example dump (sent by a AIM 4.8.2540 client - dump contains a FLAP header):

0000   2a 02 17 8b 00 99 00 17 00 02 00 00 00 00 00 00   *...............
0010   00 01 00 0a 74 6f 78 69 64 61 74 69 6f 6e 00 25   ....toxidation.%
0020   00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0030   00 00 00 03 00 32 41 4f 4c 20 49 6e 73 74 61 6e   .....2AOL Instan
0040   74 20 4d 65 73 73 65 6e 67 65 72 20 28 53 4d 29   t Messenger (SM)
0050   2c 20 76 65 72 73 69 6f 6e 20 34 2e 38 2e 32 35   , version 4.8.25
0060   34 30 2f 57 49 4e 33 32 00 16 00 02 01 09 00 17   40/WIN32........
0070   00 02 00 04 00 18 00 02 00 08 00 19 00 02 00 00   ................
0080   00 1a 00 02 09 ec 00 14 00 04 00 00 00 af 00 0f   ................
0090   00 02 65 6e 00 0e 00 02 75 73 00 4a 00 01 01      ..en....us.J...