Trying my hand at implementing desktop voice, magic packets courtesy of that one reverse engineering discord medium post

util/src/entities/Member.ts

@@ -85,8 +85,8 @@ export class Member extends BaseClassWithoutId {
 	@Column()
 	joined_at: Date;
 
-	@Column()
+	@Column({ type: "bigint", nullable: true })
-	premium_since?: Date;
+	premium_since?: number;
 
 	@Column()
 	deaf: boolean;
@@ -245,7 +245,7 @@ export class Member extends BaseClassWithoutId {
 			nick: undefined,
 			roles: [guild_id], // @everyone role
 			joined_at: new Date(),
-			premium_since: new Date(),
+			premium_since: (new Date()).getTime(),
 			deaf: false,
 			mute: false,
 			pending: false,

webrtc/package.json

@@ -19,7 +19,10 @@
 		"typescript": "^4.3.2"
 	},
 	"dependencies": {
+		"@types/libsodium-wrappers": "^0.7.9",
 		"dotenv": "^12.0.4",
+		"libsodium": "^0.7.10",
+		"libsodium-wrappers": "^0.7.10",
 		"mediasoup": "^3.9.5",
 		"node-turn": "^0.0.6",
 		"sdp-transform": "^2.14.1",

webrtc/src/Server.ts

@@ -5,8 +5,8 @@ import OPCodeHandlers, { Payload } from "./opcodes";
 import { setHeartbeat } from "./util";
 import * as mediasoup from "mediasoup";
 import { types as MediasoupTypes } from "mediasoup";
-
 import udp from "dgram";
+import sodium from "libsodium-wrappers";
 
 var port = Number(process.env.PORT);
 if (isNaN(port)) port = 3004;
@@ -47,19 +47,59 @@ export class Server {
 			});
 		});
 
-		// this.testUdp.bind(50001);
+		this.testUdp.bind(50001);
-		// this.testUdp.on("message", (msg, rinfo) => {
+		this.testUdp.on("message", (msg, rinfo) => {
-		// 	if (msg[0] === 0 && msg[1] === 1 && msg[2] === 0) { //idk stun?
+			//random key from like, the libsodium examples on npm lol
+			const decryptKey = sodium.from_hex("724b092810ec86d7e35c9d067702b31ef90bc43a7b598626749914d6a3e033ed");
 
-		// 	}
+			//give me my remote port?
-		// })
+			if (sodium.to_hex(msg) == "0001004600000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000") {
+				this.testUdp.send(Buffer.from([rinfo.port, 0]), rinfo.port, rinfo.address);
+				console.log(`got magic packet to send remote port? ${rinfo.address}:${rinfo.port}`);
+				return;
+			}
+
+			//Hello
+			if (sodium.to_hex(msg) == "0100000000000000") {
+				console.log(`[UDP] client helloed`);
+				return;
+			}
+
+			const nonce = Buffer.concat([msg.slice(-4), Buffer.from("\x00".repeat(20))]);
+			console.log(`[UDP] nonce for this message: ${nonce}`);
+
+			console.log(sodium.to_hex(msg));
+			if (sodium.to_hex(msg).indexOf("80c8000600000001") == 0) {
+				//call status
+				const encrypted = msg.slice(8, -4);
+				const currentPacket = msg.slice(-4);
+				console.log(`[UDP] Current packet: ${currentPacket}`);
+				try {
+					console.log(`[UDP] Encrypted bytes: ${encrypted.toString("base64")}`);
+					const decrypted = sodium.crypto_secretbox_open_easy(encrypted, nonce, decryptKey);
+					console.log("[UDP] [ call status ]" + decrypted);
+				}
+				catch (e) {
+					console.error(`[UDP] decrypt failure\n${e}\n${encrypted.toString("base64")}`);
+				}
+				return;
+			}
+
+			try {
+				const decrypted = sodium.crypto_secretbox_open_easy(msg, nonce, decryptKey);
+				console.log("[UDP] " + decrypted);
+			}
+			catch (e) {
+				console.error(`[UDP] decrypt failure\n${e}\n${msg.toString("base64")}`);
+			}
+		});
 	}
 
 	async listen(): Promise<void> {
 		// @ts-ignore
 		await initDatabase();
 		await Config.init();
-		await this.createWorkers();
+		//await this.createWorkers();
 		console.log("[DB] connected");
 		console.log(`[WebRTC] online on 0.0.0.0:${port}`);
 	}
@@ -86,17 +126,17 @@ export class Server {
 
 					transport.on('dtlsstatechange', (dtlsstate) => {
 						console.log(dtlsstate);
-					})
+					});
 
 					transport.on("sctpstatechange", (sctpstate) => {
-						console.log(sctpstate)
+						console.log(sctpstate);
-					})
+					});
 
 					router.observer.on("newrtpobserver", (rtpObserver: MediasoupTypes.RtpObserver) => {
 						console.log("new RTP observer created [id:%s]", rtpObserver.id);
 
 						// rtpObserver.observer.on("")
-					})
+					});
 
 					transport.on("connect", () => {
 						console.log("transport connect");

webrtc/src/opcodes/Identify.ts

@@ -33,18 +33,18 @@ export async function onIdentify(this: Server, socket: WebSocket, data: Identify
 	if (!guild.members.find(x => x.id === user.id))
 		return socket.close(CLOSECODES.Invalid_intent);
 
-	var transport = this.mediasoupTransports[0] || await this.mediasoupRouters[0].createWebRtcTransport({
+	// var transport = this.mediasoupTransports[0] || await this.mediasoupRouters[0].createWebRtcTransport({
-		listenIps: [{ ip: "10.22.64.63" }],
+	// 	listenIps: [{ ip: "10.22.64.56" }],
-		enableUdp: true,
+	// 	enableUdp: true,
-	});
+	// });
-
+7
 	socket.send(JSON.stringify({
 		op: VoiceOPCodes.READY,
 		d: {
-			streams: [...data.d.streams.map(x => ({ ...x, rtx_ssrc: Math.floor(Math.random() * 10000), ssrc: Math.floor(Math.random() * 10000), active: false, }))],
+			streams: data.d.streams ? [...data.d.streams.map(x => ({ ...x, rtx_ssrc: Math.floor(Math.random() * 10000), ssrc: Math.floor(Math.random() * 10000), active: false, }))] : undefined,
 			ssrc: Math.floor(Math.random() * 10000),
-			ip: transport.iceCandidates[0].ip,
+			ip: "127.0.0.1",//transport.iceCandidates[0].ip,
-			port: transport.iceCandidates[0].port,
+			port: 50001,//transport.iceCandidates[0].port,
 			modes: [
 				"aead_aes256_gcm_rtpsize",
 				"aead_aes256_gcm",

webrtc/src/opcodes/SelectProtocol.ts

@@ -5,6 +5,7 @@ import { Server } from "../Server";
 import * as mediasoup from "mediasoup";
 import { RtpCodecCapability } from "mediasoup/node/lib/RtpParameters";
 import * as sdpTransform from 'sdp-transform';
+import sodium from "libsodium-wrappers";
 
 /*
 
@@ -70,42 +71,66 @@ import * as sdpTransform from 'sdp-transform';
 */
 
 export async function onSelectProtocol(this: Server, socket: WebSocket, data: Payload) {
-	const rtpCapabilities = this.mediasoupRouters[0].rtpCapabilities;
+	// const rtpCapabilities = this.mediasoupRouters[0].rtpCapabilities;
-	const codecs = rtpCapabilities.codecs as RtpCodecCapability[];
+	// const codecs = rtpCapabilities.codecs as RtpCodecCapability[];
 
-	const transport = this.mediasoupTransports[0];	//whatever
+	if (data.d.sdp) {
+		// const transport = this.mediasoupTransports[0];	//whatever
 
-	const res = sdpTransform.parse(data.d.sdp);
+		// const res = sdpTransform.parse(data.d.sdp);
 
-	const videoCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "video");
+		// const videoCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "video");
-	const audioCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "audio");
+		// const audioCodec = this.mediasoupRouters[0].rtpCapabilities.codecs!.find((x: any) => x.kind === "audio");
 
-	const producer = this.mediasoupProducers[0] || await transport.produce({
+		// const producer = this.mediasoupProducers[0] || await transport.produce({
-		kind: "audio",
+		// 	kind: "audio",
-		rtpParameters: {
+		// 	rtpParameters: {
-			mid: "audio",
+		// 		mid: "audio",
-			codecs: [{
+		// 		codecs: [{
-				clockRate: audioCodec!.clockRate,
+		// 			clockRate: audioCodec!.clockRate,
-				payloadType: audioCodec!.preferredPayloadType as number,
+		// 			payloadType: audioCodec!.preferredPayloadType as number,
-				mimeType: audioCodec!.mimeType,
+		// 			mimeType: audioCodec!.mimeType,
-				channels: audioCodec?.channels,
+		// 			channels: audioCodec?.channels,
-			}],
+		// 		}],
-			headerExtensions: res.ext?.map(x => ({
+		// 		headerExtensions: res.ext?.map(x => ({
-				id: x.value,
+		// 			id: x.value,
-				uri: x.uri,
+		// 			uri: x.uri,
-			})),
+		// 		})),
-		},
+		// 	},
-		paused: false,
+		// 	paused: false,
-	});
+		// });
 
-	console.log("can consume: " + this.mediasoupRouters[0].canConsume({ producerId: producer.id, rtpCapabilities: rtpCapabilities }));
+		// console.log("can consume: " + this.mediasoupRouters[0].canConsume({ producerId: producer.id, rtpCapabilities: rtpCapabilities }));
 
-	// const consumer = this.mediasoupConsumers[0] || await transport.consume({
+		// // const consumer = this.mediasoupConsumers[0] || await transport.consume({
-	// 	producerId: producer.id,
+		// // 	producerId: producer.id,
-	// 	paused: false,
+		// // 	paused: false,
-	// 	rtpCapabilities,
+		// // 	rtpCapabilities,
-	// });
+		// // });
 
+		// socket.send(JSON.stringify({
+		// 	op: VoiceOPCodes.SESSION_DESCRIPTION,
+		// 	d: {
+		// 		video_codec: videoCodec?.mimeType?.substring(6) || undefined,
+		// 		// mode: "xsalsa20_poly1305_lite",
+		// 		media_session_id: transport.id,
+		// 		audio_codec: audioCodec?.mimeType.substring(6),
+		// 		secret_key: sodium.from_hex("724b092810ec86d7e35c9d067702b31ef90bc43a7b598626749914d6a3e033ed").buffer,
+		// 		sdp: `m=audio ${50001} ICE/SDP\n`
+		// 			+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
+		// 			+ `c=IN IP4 ${transport.iceCandidates[0].ip}\n`
+		// 			+ `t=0 0\n`
+		// 			+ `a=ice-lite\n`
+		// 			+ `a=rtcp-mux\n`
+		// 			+ `a=rtcp:${50001}\n`
+		// 			+ `a=ice-ufrag:${transport.iceParameters.usernameFragment}\n`
+		// 			+ `a=ice-pwd:${transport.iceParameters.password}\n`
+		// 			+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
+		// 			+ `a=candidate:1 1 ${transport.iceCandidates[0].protocol.toUpperCase()} ${transport.iceCandidates[0].priority} ${transport.iceCandidates[0].ip} ${50001} typ ${transport.iceCandidates[0].type}`
+		// 	}
+		// }));
+		return;
+	}
 	/*
 		{
 			"video_codec":"H264",
@@ -125,24 +150,25 @@ export async function onSelectProtocol(this: Server, socket: WebSocket, data: Pa
 		}
 	*/
 
+
+	/*
+		{
+			"video_codec": "H264",
+			"secret_key": [36, 80, 96, 53, 95, 149, 253, 16, 137, 186, 238, 222, 251, 180, 94, 150, 112, 137, 192, 109, 69, 79, 218, 111, 217, 197, 56, 74, 18, 41, 51, 140],
+			"mode": "aead_aes256_gcm_rtpsize",
+			"media_session_id": "797575a97a87b63e81e2399348b97ad1",
+			"audio_codec": "opus"
+		};
+	*/
+
 	socket.send(JSON.stringify({
-		op: VoiceOPCodes.SESSION_DESCRIPTION,
+		op:VoiceOPCodes.SESSION_DESCRIPTION,
 		d: {
-			video_codec: videoCodec?.mimeType?.substring(6) || undefined,
+			video_codec: "H264",
-			// mode: "xsalsa20_poly1305_lite",
+			secret_key: [...sodium.from_hex("724b092810ec86d7e35c9d067702b31ef90bc43a7b598626749914d6a3e033ed")],
-			media_session_id: transport.id,
+			mode: "aead_aes256_gcm_rtpsize",
-			audio_codec: audioCodec?.mimeType.substring(6),
+			media_session_id: "blah blah blah",
-			sdp: `m=audio ${transport.iceCandidates[0].port} ICE/SDP\n`
+			audio_codec: "opus",
-				+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
-				+ `c=IN IP4 ${transport.iceCandidates[0].ip}\n`
-				+ `t=0 0\n`
-				+ `a=ice-lite\n`
-				+ `a=rtcp-mux\n`
-				+ `a=rtcp:${transport.iceCandidates[0].port}\n`
-				+ `a=ice-ufrag:${transport.iceParameters.usernameFragment}\n`
-				+ `a=ice-pwd:${transport.iceParameters.password}\n`
-				+ `a=fingerprint:sha-256 ${transport.dtlsParameters.fingerprints.find(x => x.algorithm === "sha-256")?.value}\n`
-				+ `a=candidate:1 1 ${transport.iceCandidates[0].protocol.toUpperCase()} ${transport.iceCandidates[0].priority} ${transport.iceCandidates[0].ip} ${transport.iceCandidates[0].port} typ ${transport.iceCandidates[0].type}`
 		}
 	}));
 }