As some of you might already know, I haveve been developing a JJ2 add-on for mIRC.
Now I'm trying to introduce the possibility of joining private servers provided the password.
However, there is a problem I cannot overcome. In oder to check the whether the password is correct or not, jazz sends one UDP packet which comprehends not only the password the user writes but also a byte which varies according to the length of the password, a byte whose value is always (?) x0a AND two bytes whose value depend upon the password but not in some obvious way. Examples:

Pass Byte1 Byte2
a 6d 85
b 6e 86
c 6f 87
1 3d 55
2 3e 56
aa CF 5B
ab d0 5c
ca d1 5f
cb d2 60
bb d1 5e
aaa 36 94
baa 37 97
caa 38 9a
bda 3a 9f
aaaa 98 35
baaa 99 39

Some regularities are easy to deprehend, for instance:
1. It takes into account the ASCII values of each character:
For 'a' (CHR 97), since x6a (1st check byte) = 109 --> 109 - 97 = _12_
For '1' (CHR 49), since x3d = 61 --> 61 - 49 = _12_

Sth similar occurs to the second byte.
2. If we change a byte into the next value (e.g.: an 'a' (x6d) into a 'b' (x6e), the first check byte increments 1 and the second increments according to their position (for the last +1, for the one before the last +2, etc.).

However, this is not enough to comprehend the values those two bytes assume, and I do need to know that so I can reproduce it for any password. Because, unless those two bytes have the correct value the JJ2 server ignores the packet.

So... Help would be welcome.

Thanks in advance,
Cataphract

You've lost me already, heheheh

Well it's a checksum, because UDP doesn't really have error correcting like TCP does. I think I'm on to something for this pattern, but it might not be it.

On a side note: Have you considered joining J2HG? We are really looking for people like you (with packet\network abilities). We're actually working on a program like this (that can join passworded servers properly), but haven't gotten nearly as much figured out for the passwords as you have. http://link.idlegames.com/j2hg

Yea. We have some good programming people so far. Maybe we can solve your problem together. I hope to release the VCR soon so I can start working on that common program.

Link: That site is down most of the time.

it isnt Now :-P


J2HG Could Use you,

Thanks for your reply, Link.
Let's try a checksum with the 'ba' password:

we would have 0x0A 02 61 61



Checksum:



10 02     00001010 00000010

97 97     01100001 01100001 +

          -----------------

          01101011 01100011



1's com. 10010100 10011100



10010100 = 0x94

10011100 = 0x9c



Let's confirm...



148 157 10010100 10011100

10 02     00001010 00000010 +

          -----------------

          10011110 10011110

97 97     01100001 01100001 +

          -----------------

          11111111 11111111



So it's correct.

HOWEVER, the actual value (the one which is sent by JJ2) is not 0x949C. It's 0xCF5B...

Well there are lots of different ways to do checksums. That isn't the only way to do it.

I've been pretty busy these past few days so I'll have more time to look at it soon.