Category Archives: TCP

How to secure an Executeable (Server-Client-Authentication)

Posted on by

first of let me explain what is given:

Client:

  • A C++ Executeable (.dll)
  • Running on a XBOX 360 => Individual Console Key [32 chars]

Server:

  • Windows VPS
  • TCP Server Module (C# Console Application)
  • MySQL Database

An User registers by submitting his Console Key on a Website, which is then stored in the Database on the Server. When the .dll is loaded a TCP connection to the Server is established. The Server then sends a random generated 25 char token to the client. The client then encrypts the following into one string:

  • The memory (can be spoofed remotely) and fuse key (can’t be spoofed remotely) => to check if the user tried to manipulate the auth and ban him as a result
  • The current version (double value) => f.e. 2.7
  • The Module Hash of the file (40 chars) => to check if the file was tampered

The encrypted string is then send to the server, which decrypts the string using the generated token. If file wasn’t tampered, memory key isn’t spoofed, version is up to day and the fuse key exists in the database, some addresses and strings are sent back to the client. These addresses and strings are required to run the .dll correctly. I do this to prevent an attacker from just noping the internet connection and then gaining access.

I see a few problems in the way i currently do it:

  • If someone tampers the file, he could just place a correct file hash/fuse key in the file, which would make the tampered and spoof key check redundant.
  • The adresses sent over could be sniffed out and then be placed in the file, which combined with noping the internet connection would also result in the .dll being cracked

That’s it for the Server-Client-Auth. For protecting the executeable itself by now i only used a simple XOR Encryption to encrypt strings like the domain name or important commands. A friend told me that he heard that i should encrypt the whole executeable besides the entry point and when the entry point is entered decrypt the file. He couldn’t tell me how to do that and i don’t even know if it can be done. The problem with my .dll is that it is for XBOX 360 meaning i can’t use 3rd party libaries or anything, just plain C++. If you have any ideas for the Encryption/Obfuscation of the file be sure to leave them down below, aswell as what you think about my current auth approach and what you would do better.

Thanks for your time and thanks in advance!

Continue reading How to secure an Executeable (Server-Client-Authentication)

Is it possible to scan the top X UDP ports and the top Y (X!=Y) TCP ports in Nmap using a single command?

Posted on by

Given X!=Y, is there any way to scan the top (–top-ports) X TCP ports and the top Y UDP ports using a simple Nmap command?

The –top-ports parameter affects both the TCP and UDP scans (e.g., when -sSU is used).

If exists, … Continue reading Is it possible to scan the top X UDP ports and the top Y (X!=Y) TCP ports in Nmap using a single command?