Profile:Account: Difference between revisions
Jump to navigation
Jump to search
imported>Godzcheater (→Decrypted File: XUID) |
imported>Godzcheater m (→Decrypted File) |
||
Line 36: | Line 36: | ||
|- | |- | ||
| 8 | | 8 | ||
| | | 16 chars/32 bytes | ||
| Unicode | | Unicode | ||
| Gamertag | | Gamertag | ||
|- | |- | ||
| 40 | | 40 | ||
| | | 8 | ||
| ulong | | ulong | ||
| XUID | | XUID | ||
Line 53: | Line 53: | ||
| 0x1 | | 0x1 | ||
| byte | | byte | ||
| Membership type (Offline: 0, Silver: 0x30, Gold: 0x60) | | Membership type (Offline: 0, Silver: 0x30, Gold: 0x60, Gold Family: 0x90) | ||
|- | |- | ||
| 50 | | 50 | ||
Line 131: | Line 131: | ||
| Right Bumper | | Right Bumper | ||
|} | |} | ||
Note A and B are not valid for passwords. | |||
== XUID == | == XUID == | ||
public class XUID | public class XUID | ||
Line 146: | Line 147: | ||
} | } | ||
} | } | ||
public System.Boolean | public System.Boolean IsOnline | ||
{ | |||
get | |||
{ | |||
return (Value & 18446462598732840960L) == 2533274790395904L; | |||
} | |||
} | |||
public System.Boolean IsTeam//Guess this is todo with devs | |||
{ | { | ||
get | get | ||
{ | { | ||
return (Value & | return (Value & 18374686479671624000L) == 18302628885633696000L; | ||
} | } | ||
} | } |
Revision as of 16:14, 16 February 2012
The Account file is a HMAC-RC4 encrypted file stored in profiles to hold things such as the profiles gamertag, PUID (Passport User ID), online key and more.
Encryption
The file is encrypted with a custom form of HMAC-RC4, which is handled by the XeKeysUnobfuscate function. The key differs between retail and development consoles and is stored in key index 0x19.
- Retail key
0xE1 0xBC 0x15 0x9C 0x73 0xB1 0xEA 0xE9 0xAB 0x31 0x70 0xF3 0xAD 0x47 0xEB 0xF3
- Devkit key
0xDA 0xB6 0x9A 0xD9 0x8E 0x28 0x76 0x4F 0x97 0x7E 0xE2 0x48 0x7E 0x4F 0x3F 0x68
To decrypt the file:
- Copy the first 16 bytes of the file to a buffer. This is the HMAC-SHA1 hash of the file which is made using one of the keys above.
- Use HMAC-SHA1 on that buffer with a key from above to create the RC4 key, which is 0x10 bytes.
- Decrypt 8 bytes after the hash of the file (at offset 0x10) using RC4. This is the confounder.
- Decrypt 380 bytes after the confounder using RC4. This is the decrypted account data.
- Make a hash of the confounder and decrypted data using HMAC-SHA1 and a key above and compare it to the first 16 bytes of the file, if it doesn't match then the decryption failed.
To encrypt the file:
- Copy the decrypted data to offset 0x18
- Create a random 8 byte confounder and copy this to offset 0x10.
- Make a hash of the confounder and decrypted data using HMAC-SHA1 and a key above, resize it to 16 bytes and then copy that to the beginning of the file.
- Use HMAC-SHA1 on that hash with a key from above to create the RC4 key, which is 0x10 bytes.
- Encrypt 388 bytes from position 0x10 using RC4.
Decrypted File
Offset | Length | Type | Information |
---|---|---|---|
0 | 2 | ushort | Status (Recovering: 0, Offline: 0x1000, Online: 0x2000, Password Protected: 0x3000) |
8 | 16 chars/32 bytes | Unicode | Gamertag |
40 | 8 | ulong | XUID |
48 | 0x1 | byte | unknown |
49 | 0x1 | byte | Membership type (Offline: 0, Silver: 0x30, Gold: 0x60, Gold Family: 0x90) |
50 | 0x2 | ushort | unknown |
52 | 4 | ASCII string | Service |
56 | 4 | Bytes | Password |
60 | 20 | ASCII string | Server |
80 | 24 | ASCII string | Passport |
104 | 16 | Bytes | Online Key |
Passcode
The passcode is made up of these bytes:
Byte | Button |
---|---|
0 | Null |
1 | DPad Up |
2 | DPad Down |
3 | DPad Left |
4 | DPad Right |
5 | X |
6 | Y |
7 | A |
8 | B |
9 | Left Trigger |
10 | Right Trigger |
11 | Left Bumper |
12 | Right Bumper |
Note A and B are not valid for passwords.
XUID
public class XUID { public System.UInt64 Value; public XUID(System.UInt64 _Value) { Value = _Value; } public System.Boolean IsOfflineXuid { get { return (Value & 17293822569102704640L) == 16140901064495857664L; } } public System.Boolean IsOnline { get { return (Value & 18446462598732840960L) == 2533274790395904L; } } public System.Boolean IsTeam//Guess this is todo with devs { get { return (Value & 18374686479671624000L) == 18302628885633696000L; } } public System.Boolean IsValidXuid { get { return IsOfflineXuid != IsOnlineXuid; } } }