Jump to content
MaxCheaters Official Group on Discord
Top.MaxCheaters.com is now OPEN – Lineage 2 Top Listing

Pin Code For H5

Napster321

By Napster321
in Server Shares & Files [L2J]

 Share

Recommended Posts

Napster321 Newbie

Napster321

Posted
Posted

I think it will need a small addaption to l2j or the pack that you use..I found that on a russian forum .

39794700.png

 

 

 

SecondaryPasswordAuth.java

package l2p.gameserver.network;

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.Calendar;
import java.util.logging.Level;
import java.util.logging.Logger;

import jonelo.sugar.util.Base64;
import l2p.commons.dbutils.DbUtils;
import l2p.gameserver.Config;
import l2p.gameserver.database.DatabaseFactory;
import l2p.gameserver.model.Player;
import l2p.gameserver.network.GameClient;
import l2p.gameserver.serverpackets.Ex2ndPasswordAck;
import l2p.gameserver.serverpackets.Ex2ndPasswordCheck;
import l2p.gameserver.serverpackets.Ex2ndPasswordVerify;
import l2p.gameserver.utils.Log;
import l2p.gameserver.utils.Util;

public class SecondaryPasswordAuth
{
private final Logger _log = Logger.getLogger(SecondaryPasswordAuth.class.getName());
private final GameClient _activeClient;

private String _password;
private int _wrongAttempts;
private boolean _authed;

private static final String VAR_PWD = "secauth_pwd";
private static final String VAR_WTE = "secauth_wte";

private static final String SELECT_PASSWORD = "SELECT var, value FROM character_secondary_password WHERE account_name=? AND var LIKE 'secauth_%'";
private static final String INSERT_PASSWORD = "INSERT INTO character_secondary_password VALUES (?, ?, ?)";
private static final String UPDATE_PASSWORD = "UPDATE character_secondary_password SET value=? WHERE account_name=? AND var=?";
private static final String INSERT_ATTEMPT = "INSERT INTO character_secondary_password VALUES (?, ?, ?) ON DUPLICATE KEY UPDATE value=?";
// private static final String BAN_ACCOUNT = "UPDATE accounts SET banExpires=? WHERE login=?";

/**
* @param activeClient
*/
public SecondaryPasswordAuth(GameClient activeClient)
{
_activeClient = activeClient;
_password = null;
_wrongAttempts = 0;
_authed = false;
loadPassword();
}

private void loadPassword()
{
String var, value = null;

Connection con = null;
PreparedStatement statement = null;
ResultSet rset = null;
try
{
con = DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement(SELECT_PASSWORD);
statement.setString(1, _activeClient.getLogin());
ResultSet rs = statement.executeQuery();
while(rs.next())
{
var = rs.getString("var");
value = rs.getString("value");

if(var.equals(VAR_PWD))
_password = value;
else if(var.equals(VAR_WTE))
_wrongAttempts = Integer.parseInt(value);
}
statement.close();
}
catch(Exception e)
{
_log.log(Level.SEVERE, "Error while reading password.", e);
}
finally
{
DbUtils.closeQuietly(con, statement, rset);
}
}

public boolean savePassword(String password)
{
if(passwordExist())
{
_log.warning("[secondaryPasswordAuth]" + _activeClient.getLogin() + " forced savePassword");
_activeClient.closeNow(true);
return false;
}

if(!validatePassword(password))
{
_activeClient.sendPacket(new Ex2ndPasswordAck(Ex2ndPasswordAck.WRONG_PATTERN));
return false;
}

password = cryptPassword(password);

Connection con = null;
PreparedStatement statement = null;
ResultSet rset = null;
try
{
con = DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement(INSERT_PASSWORD);
statement.setString(1, _activeClient.getLogin());
statement.setString(2, VAR_PWD);
statement.setString(3, password);
statement.execute();
statement.close();
}
catch(Exception e)
{
_log.log(Level.SEVERE, "Error while writing password.", e);
return false;
}
finally
{
DbUtils.closeQuietly(con, statement, rset);
}
_password = password;
return true;
}

public boolean insertWrongAttempt(int attempts)
{
Connection con = null;
PreparedStatement statement = null;
ResultSet rset = null;
try
{
con = DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement(INSERT_ATTEMPT);
statement.setString(1, _activeClient.getLogin());
statement.setString(2, VAR_WTE);
statement.setString(3, Integer.toString(attempts));
statement.setString(4, Integer.toString(attempts));
statement.execute();
statement.close();
}
catch(Exception e)
{
_log.log(Level.SEVERE, "Error while writing wrong attempts.", e);
return false;
}
finally
{
DbUtils.closeQuietly(con, statement, rset);
}
return true;
}

public boolean changePassword(String oldPassword, String newPassword)
{
if(!passwordExist())
{
_log.warning("[secondaryPasswordAuth]" + _activeClient.getLogin() + " forced changePassword");
_activeClient.closeNow(true);
return false;
}

if(!checkPassword(oldPassword, true))
return false;

if(!validatePassword(newPassword))
{
_activeClient.sendPacket(new Ex2ndPasswordAck(Ex2ndPasswordAck.WRONG_PATTERN));
return false;
}

newPassword = cryptPassword(newPassword);

Connection con = null;
PreparedStatement statement = null;
ResultSet rset = null;
try
{
con = DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement(UPDATE_PASSWORD);
statement.setString(1, newPassword);
statement.setString(2, _activeClient.getLogin());
statement.setString(3, VAR_PWD);
statement.execute();
statement.close();
}
catch(Exception e)
{
_log.log(Level.SEVERE, "Error while reading password.", e);
return false;
}
finally
{
DbUtils.closeQuietly(con, statement, rset);
}
_password = newPassword;
_authed = false;
return true;
}

public boolean checkPassword(String password, boolean skipAuth)
{
password = cryptPassword(password);

if(!password.equals(_password))
{
_wrongAttempts++;
if(_wrongAttempts < Config.SECOND_AUTH_MAX_ATTEMPTS)
{
_activeClient.sendPacket(new Ex2ndPasswordVerify(Ex2ndPasswordVerify.PASSWORD_WRONG, _wrongAttempts));
insertWrongAttempt(_wrongAttempts);
}
else
{
if(Config.SECOND_AUTH_BAN_ACC)
banAccount(_activeClient.getActiveChar());
Log.add(_activeClient.getLogin() + " - (" + _activeClient.getIpAddr() + ") has inputted the wrong password " + _wrongAttempts + " times in row.", "banned_accounts");
insertWrongAttempt(0);
_activeClient.close(new Ex2ndPasswordVerify(Ex2ndPasswordVerify.PASSWORD_BAN, Config.SECOND_AUTH_MAX_ATTEMPTS));
}
return false;
}
if(!skipAuth)
{
_authed = true;
_activeClient.sendPacket(new Ex2ndPasswordVerify(Ex2ndPasswordVerify.PASSWORD_OK, _wrongAttempts));
}
insertWrongAttempt(0);
return true;
}

private void banAccount(Player plyr)
{
long banTime = Config.SECOND_AUTH_BAN_TIME;

try
{
plyr.setAccessLevel(-100);
ban(plyr, banTime);
plyr.kick();
}
catch(Exception e)
{
_log.log(Level.SEVERE, "Error while banning account.", e);
}
}

private void ban(Player actor, long time)
{
long date = Calendar.getInstance().getTimeInMillis();
long endban = date / 1000 + time * 60;
String msg = "Secondary Password Auth ban Player" + actor.getName() + " on " + time + " sec";

Connection con = null;
PreparedStatement statement = null;
try
{
con = DatabaseFactory.getInstance().getConnection();
statement = con.prepareStatement("INSERT INTO bans (account_name, obj_id, baned, unban, reason, GM, endban) VALUES(?,?,?,?,?,?,?)");
statement.setString(1, actor.getAccountName());
statement.setInt(2, actor.getObjectId());
statement.setString(3, "SU");
statement.setString(4, "SU");
statement.setString(5, msg);
statement.setString(6, "SU");
statement.setLong(7, endban);
statement.execute();
}
catch(Exception e)
{
_log.warning("could not store bans data:" + e);
}
finally
{
DbUtils.closeQuietly(con, statement);
}
}

public boolean passwordExist()
{
return _password == null ? false : true;
}

public void openDialog()
{
if(passwordExist())
_activeClient.sendPacket(new Ex2ndPasswordCheck(Ex2ndPasswordCheck.PASSWORD_PROMPT));
else
_activeClient.sendPacket(new Ex2ndPasswordCheck(Ex2ndPasswordCheck.PASSWORD_NEW));
}

public boolean isAuthed()
{
return _authed;
}

private String cryptPassword(String password)
{
try
{
MessageDigest md = MessageDigest.getInstance("SHA");
byte[] raw = password.getBytes("UTF-8");
byte[] hash = md.digest(raw);
return Base64.encodeBytes(hash);
}
catch(NoSuchAlgorithmException e)
{
_log.severe("[secondaryPasswordAuth]Unsupported Algorythm");
}
catch(UnsupportedEncodingException e)
{
_log.severe("[secondaryPasswordAuth]Unsupported Encoding");
}
return null;
}

private boolean validatePassword(String password)
{
if(!Util.isDigit(password))
return false;

if(password.length() < 6 || password.length() > 
return false;

if(Config.SECOND_AUTH_STRONG_PASS)
{
for(int i = 0; i < password.length() - 1; i++)
{
char curCh = password.charAt(i);
char nxtCh = password.charAt(i + 1);

if(curCh + 1 == nxtCh)
return false;
else if(curCh - 1 == nxtCh)
return false;
else if(curCh == nxtCh)
return false;
}
for(int i = 0; i < password.length() - 2; i++)
{
String toChk = password.substring(i + 1);
StringBuffer chkEr = new StringBuffer(password.substring(i, i + 2));

if(toChk.contains(chkEr))
return false;
else if(toChk.contains(chkEr.reverse()))
return false;
}
}
_wrongAttempts = 0;
return true;
}
}

 

Config.java

 

find that

 

HTM_CACHE_MODE

 

and add bellow

public static boolean SECOND_AUTH_ENABLED;
public static boolean SECOND_AUTH_BAN_ACC;
public static boolean SECOND_AUTH_STRONG_PASS;
public static int SECOND_AUTH_MAX_ATTEMPTS;
public static long SECOND_AUTH_BAN_TIME;
public static String SECOND_AUTH_REC_LINK;

 

after find that

 

HTM_CACHE_MODE = serverSettings.getProperty("HtmCacheMode", HtmCache.LAZY);

 

 

and add bellow

SECOND_AUTH_ENABLED = serverSettings.getProperty("SAEnabled", false);
SECOND_AUTH_BAN_ACC = serverSettings.getProperty("SABanAccEnabled", false);
SECOND_AUTH_STRONG_PASS = serverSettings.getProperty("SAStrongPass", false);
SECOND_AUTH_MAX_ATTEMPTS = serverSettings.getProperty("SAMaxAttemps", 5);
SECOND_AUTH_BAN_TIME = serverSettings.getProperty("SABanTime", 480);
SECOND_AUTH_REC_LINK = serverSettings.getProperty("SARecoveryLink", "http://www.my-domain...harPassRec.php");

 

 

open Util.java go to the bottom and insert

 

Public static Boolean isdigit (String text) 
{ 
if (text == null | | text.isEmpty ()) 
return false; 
for (char C: text.toCharArray ()) 
if (! Character.isDigit ©) 
return false; 
return true ; 
} 
}

 

 

open server.properties and add

 

# ============================ ============ 
# Settings to set a password on your character SA (Secondary Auth) 
# Pre-include this option in the client (UseSecondaryAuth = true) 
# ============== ========================== 
# include whether the system SA 
SAEnabled = True 
# ban account after a user has exceeded the number of password attempts? 
SABanAccEnabled = True 
# Enhanced password system, combined with the odd even sure! 
SAStrongPass = False 
# The maximum number of password attempts 
SAMaxAttemps = 5 
# Banlength Chara for failure password (min) 
SABanTime = 480
# link to the password recovery page 
SARecoveryLink = http://www . My-Domain ... charPassRec.php
# ======================================= =

 

 

SQL Part

 

DROP TABLE IF EXISTS `character_secondary_password`; 
CREATE TABLE `character_secondary_password` ( 
  `account_name` VARCHAR (45) NOT NULL DEFAULT'', 
  `var` VARCHAR (20) NOT NULL DEFAULT'', 
  `value` VARCHAR (255), 
  PRIMARY KEY (account_name ``, `var`) 
) ENGINE = MyISAM DEFAULT CHARSET = utf8;

 

credits : kick

Fizo Newbie

Fizo

Posted
Posted

thats looks great i will test it right now man ! thanks for share

 

also fix this line in your config's

 

# Banlength Chara for failure password (min)

= 480 SABanTime

 

i think this must be like

 

# Banlength Chara for failure password (min)

SABanTime = 480

Napster321 Newbie

Napster321

Posted
  • Author
Posted

thats looks great i will test it right now man ! thanks for share

 

also fix this line in your config's

 

# Banlength Chara for failure password (min)

= 480 SABanTime

 

i think this must be like

 

# Banlength Chara for failure password (min)

SABanTime = 480

fixed topic updated
  • 9 months later...
xdem Proficient

xdem

Posted
Posted

make it for interlude and send me from message :P

 

OKAY BOSS, NOW IM GONNA DECOMPILE INTERLUDE CLIENT AND CREATE THIS PACKET FOR YOU, GIMME A SEC PLZ

Guest
This topic is now closed to further replies.
 Share
Go to topic listing


  • Posts

    • L2Aurum
      L2Aurum

      By L2Aurum · Posted

      Website: https://l2aurum.com/ Discord: https://discord.gg/ngaD9DJRjE   Dear Players, We are excited to announce that the x300 Summer Season Beta server will open on 19‑06‑2026 at 20:00 GMT+2. As previously mentioned, there will be no wipe and no account deletion. All accounts, characters, items, and progress from Season 1 will remain completely safe. To ensure a fair and competitive start for new players, all Season 1 accounts will be temporarily locked. The official Summer Season launch will take place on 26‑06‑2026 at 20:00 GMT+2. A few weeks after the official launch, Season 1 accounts will be unlocked so previous players can access their characters and continue their journey. This approach allows new players to enjoy a fresh start while preserving the progress and achievements of our long-term community. Thank you for your continued support, and we look forward to welcoming everyone to the new Summer Season. L2Aurum Team   Explore L2 Aurum Features Discover the Enhancements that set us apart!   Information Server Version: Interlude - PvP Server Client Interface: Unique Interface   Rates     Additional Features and changes When you create a new character, you will start in Giran Harbor at Level 1, equipped with full No-Grade items. Auto Farm is available for free for 2 hour daily without VIP. VIP players receive 4 hours of Auto Farm per day. The Auto Farm time resets with the server restart at 5:30 AM. Status Noblesse: Last hit Barakiel. Player Spawn Protection: 7 seconds. Geodata + Pathnodes: Enabled. All commands are available in the Community Board. Maximum 3 Bishops Per Party: Enabled. Boss Protect - Anti-Zerg: Enabled. Shift + click on monsters to see the droplist. Offline shop. Mana Potion Restores 1000 MP with a cooldown of 8 seconds. Inventory Slots: 250.   Weapon Information Lv1 Black Chaotic Weapons. Lv2 Aurum Weapons.   Armor Information Lv1 Blue Apella Armor. Lv2 Aurum Apella Armor. Misc additions Accessories +50 and +150 pdef|mdef. Tattoos: Resolve | Soul | Avadon. Agathions: Cosmetic only (no stats).   Buffs / Dances / Songs / Prophecies Duration: 2 hours. Total Buff Slots: 32 + 4 (Divine Inspiration). Vote Buff: You must vote on 3 of 6 vote sites to get the vote buff blessing. Castle Reward Every clan that captures a castle receives the castle owner clan blessing buff. To receive it, the clan leader must be online.   Events   Raid Bosses Epic Bosses Final Bosses     For full server information please visit website PvP: Server Features   Website: https://l2aurum.com/ Discord: https://discord.gg/ngaD9DJRjE      
    • VPSLab
      — VPSLAB — Fast & Private RDP/VPS | 100% Instant Setup

      By VPSLab · Posted

      Active & Taking orders!
    • RMTgold
      Buying & Selling Wynncraft Stx

      By RMTgold · Posted

      PAYPAL& BINANCE
    • RMTgold
      Buying & Selling WOW Gold

      By RMTgold · Posted

      PAYPAL& BINANCE
    • RMTgold
      Buying & Selling Torn City Cash

      By RMTgold · Posted

      PAYPAL& BINANCE

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..