Dark Age of Camelot public security advisory

Dark Age of Camelot (Mythic Entertainment) security advisory:

Weak encryption in Dark Age of Camelot game client exposed customer billing and authentication information during transmission.

Public Advisory (2003-12-11)
Format	URL
PDF	http://capnbry.net/daoc/advisory20031211/daoc-billinginfo-exploit.pdf
HTML	http://capnbry.net/daoc/advisory20031211/daoc-billinginfo-exploit.html
TXT	http://capnbry.net/daoc/advisory20031211/daoc-billinginfo-exploit.txt

Code Samples
Name	Description
oe.u.diff	The following patch causes Odin's Eye to recognize the authentication and billing packets and write their contents to the console.

mythicc.c	Basic C program using libpcap, libnids (for packet reassembly) and daoccrypt.h & daoccrypt.so from Odin's Eye for packet decryption. gcc -o mythicc mythicc.c -lnids -lpcap -ldl

Later advisory of similar exposure

Last modified: June 23, 2004