Ruijie Shared Assistant v1.3 Ruijie 4.63 Special Edition Source Code (Cropped according to mentohust, only the heartbeat and offline functions are retained)
What v3 algorithm or anything is not as versatile as this program, because Ruijie has the weakest heartbeat, so it is best to start.
This program is mainly very frustrating that the Mentohust Windows version does not have the v3 algorithm and cannot be shared over the network, so it is cropped.
You need to add filters according to wireshare to capture packets 0x888E and analyze them yourself.
The grab bag mainly analyzes the heartbeat (OxBF package), analyzes the heartbeat interval, and the middle one is changing and the one is fixed.
Of course, you can also change this program to a Ruijie heartbeat capturer, and keep printing the key no of the heartbeat sent out by the original Ruijie.
Then analyze the printed information by yourself, whether the school resets after 1 hour, key no, no,
You can change this project to be perfectly compatible with 4.6, 4.63, 4.8 and other high versions (note: 4.44 is also supported in the mentohust project homepage)
This source code has very few changes to Ruijie Shared Assistant v1.1, the only change is that the heartbeat of the function heartbeat is repeated twice, please see below:
int CProcess::sendEchoPacket()
Medium
/*心跳重复发两次*/
pcap_sendpacket(m_hPcap, m_sendPacket, 0x2D);
return pcap_sendpacket(m_hPcap, m_sendPacket, 0x2D);
There are almost no other changes (so I don't send v1.1), if your school doesn't jump twice according to the bag, then the annotation is a pcap_sendpacket.
For students who modify the source code, you only need to pay attention to the following 6 functions (all other certifications have been cropped, there is no need to look at them):
1,
BOOL FindAndKillProcessByName(LPCTSTR strProcessName) // Forcibly end the process according to the process name, and use it to kill 8021x.exe. Just know this function
2,
static void pcap_handle(u_char *user, const struct pcap_pkthdr *h, const u_char *buf) //pcap capture function, which can capture both self-emitting and server-sending to itself
Focus on what's inside
if (buf[0x0F]==0xbf&&memcmp(proc->m_localMAC, buf+6, 6)==0){ //This is the part of the heartbeat code that captures itself. 0xbf is the heartbeat.
3,
void CProcess::getEchoKeyFormEcho(const u_char *capBuf) ///*Get key no*/ based on the heartbeat packet sent by yourself (usually the original Ruijie)*/
4,
void CProcess::getEchoKey(const u_char *buf) ///* Get the key from the success package (the authentication success package sent by the server to itself)*/
5,
int CProcess::sendEchoPacket() // Send the heartbeat function
6,
int CProcess::sendLogoffPacket() // Send the offline function (this can be improved to be the same as the original Ruijie 0 offline package)
VC++6.0 project can also be compiled under win7, and the compatibility after compilation is very good, almost all the way from win8 to xp, eating all 64 bits and 32 bits.
There is a runnable one in the debug.
|
Posted on 10/23/2014 4:09:42 PM
|
|
|
Posted on 10/23/2014 11:49:25 PM