Based on what you've said, I'm guessing it's 6 parts: The MD5, the spaces, the original authtoken, a 10 character upper case string, the original challenge, the MD5 from the beginning again. I'll try to find out more.
Authentication at Nintendo-Server
-
-
Maybe it's the server-side challenge (= the uppercase letters of the first packet)?
DevkitPro Archiv (alte Versionen / old versions): wii.leseratte10.de/devkitPro/
Want to donate for Wiimmfi and Wii-Homebrew.com? Patreon / PayPalDieser Beitrag wurde bereits 0 mal editiert, zuletzt von Leseratte ()
Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von Leseratte ()
-
Good call, yes, it probably is. The only unknown is what the two MD5 are of then. I'll concentrate on that. We can test with that sequence of packets above.
-
Would that first part be the "response" string sent by the Wii to the server after the initial challenge? I have a mock server up, but it seems the proof is the only thing be calculated wrong on my end. And somehow the server pulls some info out of the authtoken to get the corresponding profileid and userid. The openspy source doesn't used authtoken since the PS2 games used a user and pass login packet.
Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von soneek ()
-
Hi, I've been attacking this problem from the angle of the Pokemon Pearl authentication mechanism, which has many similarities. If it is similar, then the hashed value is the md5sum of the "challenge" response from naswii.nintendowifi.net.
That is, the md5sum is in a roughly Pythonic syntax.