SMF Forum login using webclient [modified]
-
I'm working on loging into an SMF based message board using a WebClient with a cookie collection. So far I've been able to use existing cookies to connect and download pages as needed, however I have to hard code the cookies to do it. Obviously not a good option. The problem I'm running in to is that in order to have the server generate credentials I have to give it a log in name and a hashed password. The forum login generates them using sha1 hashing with this code:
doForm.hash_passwrd.value = hex_sha1(hex_sha1(doForm.user.value.php_to8bit().php_strtolower() + doForm.passwrd.value.php_to8bit()) + cur_session_id);I've been trying to useprivate void btnLogin_Click(object sender, EventArgs e) { String sName = "test"; String sPassword = "login"; String sSessionID = "3d847dffa233343cc5065a82b73d566e"; SHA1 sha = new SHA1CryptoServiceProvider(); byte[] sResult = sha.ComputeHash(StrToByteArray(sName + sPassword)); sResult = sha.ComputeHash(StrToByteArray(ByteArrayToStr(sResult) + sSessionID)); } public static byte[] StrToByteArray(string str) { return Encoding.UTF8.GetBytes(str); //encoding.GetBytes(str); } public static string ByteArrayToStr(byte[] bytes) { return BitConverter.ToString(bytes).Replace("-", "").ToLower(); }To generate the same hash as the php version...however it's obviously failing. Somewhere in there I'm missing some encoding or particular formatting that I don't know about. Can anyone point me in the right direction here? EDIT:String sName = "test"; String sPassword = "login"; String sSessionID = "8000e537c2a7a31547ffa779fab7a1e2"; String sTemp; SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider(); sTemp = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(sName + sPassword))).Replace("-", "").ToLower(); textBox2.Text = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(sTemp + sSessionID))).Replace("-", "").ToLower();After beating my head against a wall long enough I was able to come up with this, and it does spit out the exact same hash as the existing php code. This should allow anyone to generate a hash for logging into most SMF powered message boards (They seem to have a niche market in games and mods on a global scale -
I'm working on loging into an SMF based message board using a WebClient with a cookie collection. So far I've been able to use existing cookies to connect and download pages as needed, however I have to hard code the cookies to do it. Obviously not a good option. The problem I'm running in to is that in order to have the server generate credentials I have to give it a log in name and a hashed password. The forum login generates them using sha1 hashing with this code:
doForm.hash_passwrd.value = hex_sha1(hex_sha1(doForm.user.value.php_to8bit().php_strtolower() + doForm.passwrd.value.php_to8bit()) + cur_session_id);I've been trying to useprivate void btnLogin_Click(object sender, EventArgs e) { String sName = "test"; String sPassword = "login"; String sSessionID = "3d847dffa233343cc5065a82b73d566e"; SHA1 sha = new SHA1CryptoServiceProvider(); byte[] sResult = sha.ComputeHash(StrToByteArray(sName + sPassword)); sResult = sha.ComputeHash(StrToByteArray(ByteArrayToStr(sResult) + sSessionID)); } public static byte[] StrToByteArray(string str) { return Encoding.UTF8.GetBytes(str); //encoding.GetBytes(str); } public static string ByteArrayToStr(byte[] bytes) { return BitConverter.ToString(bytes).Replace("-", "").ToLower(); }To generate the same hash as the php version...however it's obviously failing. Somewhere in there I'm missing some encoding or particular formatting that I don't know about. Can anyone point me in the right direction here? EDIT:String sName = "test"; String sPassword = "login"; String sSessionID = "8000e537c2a7a31547ffa779fab7a1e2"; String sTemp; SHA1CryptoServiceProvider sha = new SHA1CryptoServiceProvider(); sTemp = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(sName + sPassword))).Replace("-", "").ToLower(); textBox2.Text = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(sTemp + sSessionID))).Replace("-", "").ToLower();After beating my head against a wall long enough I was able to come up with this, and it does spit out the exact same hash as the existing php code. This should allow anyone to generate a hash for logging into most SMF powered message boards (They seem to have a niche market in games and mods on a global scaleMaybe it should be
byte[] sResult = sha.ComputeHash(StrToByteArray(sName + sPassword));
byte[] sSessionResult =sha.ComputeHash(StrToByteArray(sSessionID));
byte[] returnResult = bew byte[sResult.length + sSessionResult.length];
Array.Copy(sResult, returnResult , 0, sResult.length);
Array.Copy(sSessionResult, returnResult , sResult.length, sSessionResult.length);
sResult = returnResult ;Fix the compile errors because I just typed this in but I don't think your .NET code matches the PHP code.
Need custom software developed? I do custom programming based primarily on MS tools with an emphasis on C# development and consulting. I also do Android Programming as I find it a refreshing break from the MS. A man said to the universe: "Sir I exist!" "However," replied the universe, "The fact has not created in me