How to hook "password failed"

kalash1k · **Author**

Hello.
I have a great idea. So here is a small description:

The server has sv_password "123". Then client is connecting to the server from his server menu (like Favorites). Then there is appears prompt window to enter a pass. And then if client type wrong password like "111" server kicks the client with log message like:

Quote:

0.0.0.0:27005: password failed

How can I hook this event? I need exactly the moment when the server is checking the password client sent.

What I need it for? I want to check client typed password with my own database (like forum DB or something) and NOT with sv_password. But I need sv_password cvar for that prompt window appearing when client tries to connect to the server.

I.e. here is an algorithm:

Client connects and he dont know real sv_password.
Password window appears.
Client types his FORUM USER password (or site user pw etc.). NOT a sv_password.
Server check his password NOT with sv_password but with my own database.
If client password == DB password then continue.
Else kick with message like "Wrong password. Register here http://google.com".

I tried to use client_connect(), tried to hook forwards (like FM_ClientConnect), events, messages. So there is no effect. These hooks works after the server has checked the client password.

I searched about it in Orpheu threads. Like here. But I'm not so pro scripter and dont know how to use it.
I found the thread How to hook "Bad Rcon" command?. But I dont know how to use it for sv_password.

Please help.

Thanks. And sry for my english.

jim_yang · 09-09-2011 , 22:24 Re: How to hook "password failed"

the check is in SV_CheckUserInfo
swds

Code:

if ( !sub_1D61AF0(v20) )
  {
    if ( *(_BYTE *)off_1E620CC )
    {
      if ( sub_1D355F0((signed int *)off_1E620CC, (signed int *)"none") )
      {
        v21 = (int)sub_1D562B0((int)v5, (int)"password");
        if ( sub_1D35500((int)off_1E620CC, v21) )
        {
          v22 = a1;
          memcpy(&v20, (const void *)a1, 0x14u);
          v28 = sub_1D615E0(a1, v23, v24, v25, v26, v27);
          sub_1D38880("%s:  password failed\n", v28);
          sub_1D97A00(v22, (const void *)v22);
          return 0;
        }
      }
    }
  }

engine_i686

Code:

if ( !NET_IsLocalAddress(v27) )
  {
    v7 = *((_DWORD *)loc_51BBC + 110811);
    if ( **(_BYTE **)(v7 + 4) )
    {
      if ( Q_stricmp(*(char **)(v7 + 4), (char *)loc_51BBC + 389326) )
      {
        v28 = Info_ValueForKey(v6, (char *)loc_51BBC + 389331);
        if ( Q_strcmp(*(_DWORD *)(v7 + 4), v28) )
        {
          memcpy(&v29, (const void *)a1, 0x14u);
          v34 = NET_AdrToString(v29, v30, v31, v32, v33);
          Con_Printf((char *)loc_51BBC + 389340, v34);
          SZ_Clear(*((_DWORD *)loc_51BBC + 110793));
          MSG_WriteLong(*((_DWORD *)loc_51BBC + 110793), -1);
          MSG_WriteByte(*((_DWORD *)loc_51BBC + 110793), 56);
          MSG_WriteString(*((_DWORD *)loc_51BBC + 110793), (char *)loc_51BBC + 388512);
          memcpy(&v35, (const void *)a1, 0x14u);
          NET_SendPacket(
            1,
            *(_DWORD *)(*((_DWORD *)loc_51BBC + 110793) + 16),
            *(_DWORD *)(*((_DWORD *)loc_51BBC + 110793) + 8),
            v35,
            v36,
            v37,
            v38,
            v39);
          SZ_Clear(*((_DWORD *)loc_51BBC + 110793));
          return 0;
        }
      }
    }
  }

jim_yang · 09-09-2011 , 22:39 Re: How to hook "password failed"

if you know asm, you'd better jump from where the if check to your own check function, that's the proper way.
if ( sub_1D35500((int)off_1E620CC, v21) ) //windows
if ( Q_strcmp(*(_DWORD *)(v7 + 4), v28 ) ) //linux
also you should force them use the forum name and check if their forum name matches password, or it become non sense because you just make your server password from one to many.

kalash1k · *Last edited by kalash1k; 09-09-2011 at 22:51.*

Thanks. But, it tells me nothing how to use it to write amxx pluging. I dont know how to write signature file for orpheu. And I use linux engine.

Quote:

you should force them use the forum name and check if their forum name matches password

Yes. It is exactly what I want to do. But now I need a help just with sv_password checking.
So, It would be great if there will be an amxx plugin (with orpheu i guess). It would be helpfull for many people.

I think It must be like this. But, how to make signature file? What offsets must be there?

jim_yang · 09-09-2011 , 22:58 Re: How to hook "password failed"

I think the whole sentence is quite clear to show you that I understand, why u just quote the second half.
Besides I don't think you can do this well with amxx script, orpheu hook from the entry of a function, the hook above is in the function. so you should code a module and use assemble to set a jump from that "if" to your function. aslo you need a call "Info_ValueForKey(id, "name") to get their name

kalash1k · 09-10-2011 , 00:02 Re: How to hook "password failed"

I can't write metamod plugin.

What do you think about hooking SV_ConnectClient and SV_RejectConnection like in this thread ?

**Arkshine** · 09-10-2011 , 03:16 Re: How to hook "password failed"

With Orpheu you still can hook SV_CheckUserInfo and inside hooking Con_Printf.

kalash1k · 09-10-2011 , 09:36 Re: How to hook "password failed"

Quote:

Originally Posted by Arkshine

With Orpheu you still can hook SV_CheckUserInfo and inside hooking Con_Printf.

Can you give some examples?

**Arkshine** · 09-10-2011 , 09:42 Re: How to hook "password failed"

Yes, but not now.

**Bugsy** · 09-10-2011 , 11:16 Re: How to hook "password failed"

You will need more than just hooking the functions to check for data printed by Con_Printf(), no? Here he wants to replace the password being checked (sv_password) with his forum user password. Is it possible to hook the string comparison function and replace the sv_password arg with the forum password and let the engine do the rest?