Jump to content

Recommended Posts

Posted
10 minutes ago, .Elfocrash said:

What's the password hashing setting you are using?

I'm not at home now, but I think i left it as default.  Where can I confirm it ?

Im getting error 501 Invalid Password.

Posted (edited)
22 hours ago, .Elfocrash said:

What's the password hashing setting you are using?

I'ts base64, the default.

 

"PasswordHashType": "Default",


I've tried to debug the code, on login, the password verification, runs this method:
 

        public static string ToL2Password(this string str)
        {
            if (Startup.Configuration.GetValue<string>("TargetServerType") == "L2OFF")
            {
                if (Startup.Configuration.GetValue<string>("PasswordHashType") == "Default")
                {
                    return L2OffCrypto.EncryptLegacyL2Password(str);
                }
                else
                {
                    return L2OffCrypto.EncryptMD5(str);
                }
            }
              /* and it always ends in choosing else, since the server is L2j, login works, change password doesnt*/
            else
            {
                SHA1 shA1 = SHA1.Create();
                byte[] bytes = new ASCIIEncoding().GetBytes(str);
                str = Convert.ToBase64String(shA1.ComputeHash(bytes));
                return str;
            }
        }

and it works for the login, but when it comes to changing the password, it always ends up in error 501 :
 

[HttpPost]
        [Route("changepass")]
        public async Task<IActionResult> ChangePassword([FromBody] ChangePassViewmodel model)
        {
            if (User.Identity.IsAuthenticated)
            {
                var accountName = HttpContext.GetUsername();

                var response = await _requestService.ChangePassword(accountName, model.CurrentPassword.ToLegacyL2Password(), model.NewPassword.ToL2Password());
                switch (response.ResponseCode)
                {
                    case 200:
                        return Content("ok");
                    case 500:
                        return Content(_localizer["Something went wrong!"]);
                    case 501:
                        return Content(_localizer["Invalid password!"]);
                }
            }
            return Unauthorized();
        }

And I don't get any error messages on the console either from the API or from the website.

Edited by abumini
extra content ^^
  • 2 months later...
Posted

help me please when I try to log on the site of an error in the game server I'll post it here:

 

Exception in thread "Thread-9" java.lang.NoClassDefFoundError: com/google/gson/JsonParser
        at com.elfocrash.l2acp.L2ACPServer$RequestHandler.handle(L2ACPServer.java:71)
        at com.sun.net.httpserver.Filter$Chain.doFilter(Unknown Source)
        at sun.net.httpserver.AuthFilter.doFilter(Unknown Source)
        at com.sun.net.httpserver.Filter$Chain.doFilter(Unknown Source)
        at sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(Unknown Source)
        at com.sun.net.httpserver.Filter$Chain.doFilter(Unknown Source)
        at sun.net.httpserver.ServerImpl$Exchange.run(Unknown Source)
        at sun.net.httpserver.ServerImpl$DefaultExecutor.execute(Unknown Source)
        at sun.net.httpserver.ServerImpl$Dispatcher.handle(Unknown Source)
        at sun.net.httpserver.ServerImpl$Dispatcher.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.ClassNotFoundException: com.google.gson.JsonParser
        at java.net.URLClassLoader.findClass(Unknown Source)
        at java.lang.ClassLoader.loadClass(Unknown Source)
        at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
        at java.lang.ClassLoader.loadClass(Unknown Source)
        ... 11 more

Posted
16 hours ago, kslobaosp said:

help me please when I try to log on the site of an error in the game server I'll post it here:

You didn't reference the gson library.

  • 3 weeks later...
Posted (edited)
On 1/8/2019 at 10:23 PM, kslobaosp said:

Elfocrash Я поместил gson в lib игрового сервера и решил ее больше, теперь у меня проблема в сети :(

 

image.thumb.png.d403a5b69a41895969c41481980b821d.png

 

У меня похожая проблема.

 

P.S. I solved the problem using commit 5527abef518d665a4c3be89ca91a3ff57e423609.

The problem appeared after the transition to NetCore2.1

Edited by webdes27
  • 2 weeks later...
Posted (edited)
On 5/2/2017 at 7:39 AM, Elfocrash said:


Security
L2ACP uses symmetric encryption for the payloads and an api key validation.
As long as they are changed you will have no problem with security. 
If you want to be 100% secure, make the server accept requests only from the ip that the site is hosted.
If you want to be 101% secure, then host them together and don't expose the api port.
 

 

@Elfocrash Thanks you for the beatiful code. But i have a question to you, and i hope not to offend you. Is the code still secure? i ask because the code was writed a few years ago and i must know if is secure. My apoligies if i offended you. Thanks

Edited by matiasf
Posted
5 hours ago, matiasf said:

 

@Elfocrash Thanks you for the beatiful code. But i have a question to you, and i hope not to offend you. Is the code still secure? i ask because the code was writed a few years ago and i must know if is secure. My apoligies if i offended you. Thanks

It is, however I would advice you to change the api key to one of your own. On top of that, I would advice you use SSL on the l2 webserver but this is optional.

Posted (edited)

Hello, amazing feature, is it possible to use with l2jsunrise or does the coding vary too much from acis?

Would I only need to adjust imports or need decent java skills to adapt?

Edited by lixxit
  • 1 month later...
  • 2 months later...
Posted
On 16/2/2019 at 11:26, rutake said:

Hola chicos. He instalado L2ACP en mi servidor también. Pero ahora tengo un problema. 

Capture.PNG

 

Same problem, any solution for this?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



  • Posts

    • MICROTEXT AND WATERMARKS BREAK MOST RENDERINGS Microtext and watermarks aren’t just small decorative details. They are one of the most common reasons a document fails verification, even when it looks decent at first glance. The issue is that these elements are almost impossible to reproduce “by eye.” Microtext requires precise geometry and legibility at a very small size, while a watermark needs the correct density, transparency, and accurate placement relative to other security features. Any deviation becomes obvious during detailed inspection. ▪ What’s most often done wrong: - microtext is drawn too thick or blurry - the watermark is made either too visible or almost invisible - the positioning between microtext and watermark is ignored - the original printing technology isn’t taken into account when choosing density and shape - The stronger the document’s security features, the less room there is for approximation. What matters here isn’t visual similarity, but accurate reproduction of the original technical characteristics. If your document contains microtext and watermarks, this is always an area that requires extra attention. Write to us in DMs. We’ll review your case and point out exactly which details need the highest precision during rendering. › TG: @mustang_service_ms ( https:// t.me/ mustang_service_ms ) › Channel: Mustang Service ( https:// t.me/ +JPpJCETg-xM1NjNl ) #drawing #microtext #photoshop #editing #watermarks
    • GoldRush launches tomorrow! July 18 16:00 GMT+3 Europe / International Register your account in the website, connect wallet and be ready to dominate!
    • 🏰 L2EXALTA LEGACY — Interlude x45 📅 Grand Opening: 31/07/2026 — 21:30 (GMT+3) 🌐 Website: https://l2exalta.org/ 💬 Discord: https://discord.gg/zNTCZD4AcT 📌 Wiki: https://l2exalta.org/en/wiki.html#progression   ⚙️ MAIN INFO Chronicle : Interlude Rates : x45 Adena : x50 Spoil : x1 Drop : x5 Safe Enchant : +3 Files : L2OFF   💰 ECONOMY EX Coin : dynamic market currency, mined from monsters, Raid Bosses and Grand Bosses value fluctuates over time Exalta Vouchers : premium currency used for store, donations and EX Coin exchange Exchange : convert EX Coin into Exalta Vouchers Investment options : choose safer or riskier market strategies with EX Coin   ⚔️ PROGRESSION & GEAR Exalta Armors : signature top-tier gear line Forge System : upgrade weapons, armor and jewels with risk/reward mechanics Raid Boss progression tied to materials and prestige   🤖 AUTOFARM Access : Auto Hunting button, bottom-right UI Duration : controlled via tickets or in-game currency Route Mode : record custom farm routes Support Mode : healer/support builds auto-follow, heal and assist party Smart targeting logic with class-specific behavior (mage/archer/melee/support) Captcha designed not to interrupt legitimate AutoFarm sessions   🧪 BUFFER Exalta Buffer NPC/interface Scheme Buffer : save multiple buff loadouts Class presets for mage, fighter, support, PvP   🛠️ SMART GADGETS / QOL Autoloot filter Drop value tracker Boss timer tools Farm stats tracker Auto-consume system In-game server assistant   🗺️ DUNGEON FINDER / PVE Party matching with roles (Tank / Healer / DPS) Ready-check before teleport Monastery of Silence custom PvE zone Party-based reward structure   🎟️ DAILY PROGRESS / EXALTA PASS Daily and weekly tasks (farm, PvP, boss, check-in) Premium Pass track with extra rewards Monastery Daily Quest Reward boards for claiming progress   🏠 HOUSING & EXPEDITIONS Player residences with service NPCs Exalta Spirit Expeditions to themed territories Rewards vary by territory Owner-only access   🏆 PVP / TOURNAMENT Scheduled Tournament system Ranking points from wins/participation Spectator Mode for watching live matches PvP Statues for top-ranked players Anti-feed protections   🛡️ CLAN CONTENT Clan Civil War battlefield event Clan Dungeon Raid content DPS Meter for contribution tracking Support Credit system Classic siege/clan politics preserved   🏪 AUCTION / SHOPS Auction House with seller fee Black Market Dealer (limited-time special offers) Custom shops and multisells Confirmation prompts on purchases/sales   💳 DONATIONS / VIP Donation rewards linked to Exalta Vouchers VIP tiers with comfort/cosmetic bonuses Premium store Gift/promo codes for events   🎥 STREAMER / COMMUNITY Streamer Panel with visible stream links Viewer rewards system Streamer Points for cosmetics/vouchers In-game voice chat (global/party/clan/alliance/command)   🔒 FAIR PLAY Strong Anti-Bot protection Reward protection tied to valid client state Captcha on suspicious activity Staff investigation tools No bots, packet tools or modified clients allowed   👑 GRANDBOSS SPAWNS Orfen : 1 day + 1h random Core : 1 day + 1h random Queen Ant : 1 day 6h + 1h random Zaken : 2 days 12h + 1h random Baium : 5 days + 1h random Antharas : 8 days + 1h random Valakas : 11 days + 1h random   🏅 OLYMPIAD Runs Thursday, Friday, Saturday Heroes change monthly Balanced and fair matchmaking
    • yup basically another one just in case https://drive.google.com/file/d/1UtccbD9e50x3WEnQBab2PTZnBHwpcGYM/view?usp=sharing LineageWarrior.FMagic (CollideActors = True; > False) LineageWarrior.FOrc (CollideActors = True; > False) LineageWarrior.FShaman (CollideActors = True; > False) LineageWarrior.MDarkElf (CollideActors = True; > False) LineageWarrior.MDwarf (CollideActors = True; > False) LineageWarrior.MElf (CollideActors = True; > False) LineageWarrior.MFighter (CollideActors = True; > False) LineageWarrior.MMagic (CollideActors = True; > False) LineageWarrior.MOrc (CollideActors = True; > False) LineageWarrior.MShaman (CollideActors = True; > False) LineageWarrior.FDwarf (CollideActors = True; > False) LineageWarrior.FElf (CollideActors = True; > False) LineageWarrior.FFighter (CollideActors = True; > False)
  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..