|
Re: Should Stars! files structures be publically available? |
Thu, 28 August 2014 14:41 |
|
platon79 | | Chief Warrant Officer 3 | Messages: 185
Registered: February 2004 Location: Norway | |
|
m.a@stars wrote on Thu, 09 February 2012 14:08
That is to some extent already solved, since there's tools for guessing/changing passwords.
Is this tool available anywhere? Me and my friends started up a game recently, with races we created about a month ago (one of them was not available to start for a while after all), and naturally one of them has forgot his password. I guess we could just start over, but I'm playing joat, and my scanners show a habitable planet just inside my penscanning range in year one... would have been great to continue that game. And this has happened before too, that one of them forgot their password. It would be great to have a tool to extract passwords available, I guess stars passwords are mostly not used on autohost anyway, since we use the autohost passwords instead. And it would also be great if the encryption became available knowledge. After all, there are not that many players left. Having the options to build tools would be much better than hiding the encryption for the few players that are left. I don't think the few dedicated players that are left are cheaters, I just think they love the game, and everything that can improve the game is good.
Report message to a moderator
|
|
|
|
|
|
Re: Should Stars! files structures be publically available? |
Sun, 31 August 2014 04:11 |
|
m.a@stars | | Commander | Messages: 2765
Registered: October 2004 Location: Third star to the left | |
|
platon79 wrote on Sat, 30 August 2014 13:1050 50 50 15 15 15 85 85 85
That's the Hab info (center, lower, upper). Pop GR and techs must be there too. Since it's a race file, I guess 99% of it is just numbers defining the race itself.
(note) From the RW code:
//positions related to racefile positions
STAT_RES_PER_COL =0;
STAT_TEN_FAC_RES =1;
STAT_FAC_COST =2;
STAT_FAC_OPERATE =3;
STAT_TEN_MINES_PROD =4;
STAT_MINE_COST =5;
STAT_MINE_OPERATE =6;
STAT_SPEND_LEFTOVER =7;
STAT_ENERGY_COST =8; //0 if expensive, 1 if normal, 2 if cheap
STAT_WEAP_COST =9;
STAT_PROP_COST =10;
STAT_CONST_COST =11;
STAT_ELEC_COST =12;
STAT_BIO_COST =13;
STAT_PRT =14;
GRBIT_TECH75_LVL3 =29;
GRBIT_FACT_GER_LESS =31;
// values for the PRT byte
PRT_HE =0;
PRT_SS =1;
PRT_WM =2;
PRT_CA =3;
PRT_IS =4;
PRT_SD =5;
PRT_PP =6;
PRT_IT =7;
PRT_AR =8;
PRT_JT =9;
// bits inside the LRT byte
GRBIT_LRT_IFE =0;
GRBIT_LRT_TT =1;
GRBIT_LRT_ARM =2;
GRBIT_LRT_ISB =3;
GRBIT_LRT_GR =4;
GRBIT_LRT_UR =5;
GRBIT_LRT_MA =6;
GRBIT_LRT_NRSE =7;
GRBIT_LRT_CE =8;
GRBIT_LRT_OBRM =9;
GRBIT_LRT_NAS =10;
GRBIT_LRT_LSP =11;
GRBIT_LRT_BET =12;
GRBIT_LRT_RS =13;
So,
Quote:10 10 10 10 10 5 10
means "1 res per 10 (*100) cols", vanilla Facs and Mines
and
Quote:1 1 1 1 1 1 9
mean "all techs Normal", PRT = JOAT.
So I reckon the decryption is working.
[Updated on: Sun, 31 August 2014 04:38]
So many Stars, so few Missiles!
In space no one can hear you scheme! Report message to a moderator
|
|
|
|
|
|
|
|
Re: Should Stars! files structures be publically available? |
Mon, 01 September 2014 14:49 |
|
platon79 | | Chief Warrant Officer 3 | Messages: 185
Registered: February 2004 Location: Norway | |
|
raptor wrote on Mon, 01 September 2014 05:35
The password is hashed as a 32 bit integer at index 12 of the data: [67 18 14 0]. When read as a little-endian integer, this is the number 922179.
Your password is 'aaaaa'
I'll post the algorithm and brute-forcing code to my repo soon.
Before you posted this, I started pounding on the hashing algorithm myself. And after a couple of hours I managed to solve it!
It is strange that you should be so certain that my password is aaaaa. It actually is, but due to the hashing into just 4 bytes it could also be something completely different. In fact, my own password-routine that I have now written suggests aaba instead of aaaaa And my race with password AAAA it suggested a902 for. And both passwords worked in stars.
Unfortunately, I have not been able to find the password I actually wanted to find yet My own brute-force-approach is a little bit too brute-force, calculating all permutations of [abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456 789] , starting with 1 characters, then advancing to 2, then 3 etc. For each permutation I calculate a hash and compares with the decrypted number.
4 characters takes up to 2458 ms, 5 characters up to 130136 ms. It is still calculating for 6 characters..
It would probably be more speedy if I wrote it in C or something instead of Java, and I should probably try it out on my stationary computer instead of my laptop, maybe give the java-process a bit more memory for the recursion etc. But I guess the code could also be optimized also somehow. I'll have a look into your code when you publish it
Report message to a moderator
|
|
|
|
|
|
|
|
|
|
|
|
Re: Should Stars! files structures be publically available? |
Fri, 05 September 2014 15:44 |
|
platon79 | | Chief Warrant Officer 3 | Messages: 185
Registered: February 2004 Location: Norway | |
|
raptor wrote on Wed, 03 September 2014 17:02Hi,
You just have to do a 'pull request' from within github and it'll then shoot a notice off to me to accept,reject. Your code looks fine to me, but does your hashing code correctly handle the integer overflow? (I'm not sure how Java would handle it)
This is exciting... someone is contributing!
P.S. Is there a reason you've decided to do the Java instead of the python?
No I have not looked at the integer overflow. But my code only worked ok on small passwords anyway, it took way too much time on larger ones. I wrote the code in Java because it is a language I know by heart, and I have not coded in python before.
Report message to a moderator
|
|
|