From 643d8e9373b2b21df730c2f82ad258b7fde37c15 Mon Sep 17 00:00:00 2001
From: Jess <jess@jesssystemv.co.uk>
Date: Thu, 7 Sep 2023 22:32:28 +0100
Subject: [PATCH] production !!

---
 .../java/com/baseband/client/BaseBand.java    |   4 +-
 .../main/java/com/baseband/client/Utils.java  |   3 +-
 .../client/command/CommandManager.java        |   2 +
 .../client/module/modules/PacketFly.java      |   4 +-
 .../org/baseband/installer/InstallerApp.java  |  45 ++++--
 .../main/java/org/baseband/installer/Key.java | 139 ++++++++++++++++++
 .../org/baseband/launcher/launch/Loader.java  |   7 +-
 .../launcher/util/EncryptionUtil.java         |  32 ++++
 .../java/org/baseband/launcher/util/HWID.java |   5 +-
 .../java/org/baseband/launcher/util/Key.java  |  82 +++--------
 .../java/dev/baseband/server/socket/Bot.java  |  23 ++-
 .../baseband/server/socket/ClientHandler.java |  26 +++-
 .../baseband/server/socket/UserManager.java   |  10 +-
 .../dev/baseband/server/socket/UserMap.java   |  11 ++
 14 files changed, 300 insertions(+), 93 deletions(-)
 create mode 100644 Installer/src/main/java/org/baseband/installer/Key.java
 create mode 100644 Loader/src/main/java/org/baseband/launcher/util/EncryptionUtil.java

diff --git a/Client/src/main/java/com/baseband/client/BaseBand.java b/Client/src/main/java/com/baseband/client/BaseBand.java
index 5263d53..97f326e 100644
--- a/Client/src/main/java/com/baseband/client/BaseBand.java
+++ b/Client/src/main/java/com/baseband/client/BaseBand.java
@@ -17,9 +17,9 @@ import org.apache.logging.log4j.Logger;
 import java.awt.*;
 
 public class BaseBand {
-    public static int buildNumber = 71;
+    public static int buildNumber = 83;
 
-    public static final String name = "BaseBand";
+    public static String name = "BaseBand";
     public static ModuleRegistry moduleRegistry;
     public static CommandManager commandRegistry;
     public static EventBus eventBus;
diff --git a/Client/src/main/java/com/baseband/client/Utils.java b/Client/src/main/java/com/baseband/client/Utils.java
index d8d75d0..4764f31 100644
--- a/Client/src/main/java/com/baseband/client/Utils.java
+++ b/Client/src/main/java/com/baseband/client/Utils.java
@@ -1,5 +1,6 @@
 package com.baseband.client;
 
+import com.mojang.realmsclient.gui.ChatFormatting;
 import net.minecraft.client.Minecraft;
 import net.minecraft.util.text.TextComponentString;
 
@@ -7,7 +8,7 @@ public class Utils {
     public static void sendChatMessage(String e) {
         if (BaseBand.isIngame()) {
             try {
-                Minecraft.getMinecraft().player.sendMessage(new TextComponentString("[" + "§a" + BaseBand.name + "§r" + "]" + " " + e));
+                Minecraft.getMinecraft().player.sendMessage(new TextComponentString("[" + ChatFormatting.GREEN + BaseBand.name + ChatFormatting.RESET + "]" + " " + e));
             } catch (Exception ee) {
                 ee.printStackTrace();
             }
diff --git a/Client/src/main/java/com/baseband/client/command/CommandManager.java b/Client/src/main/java/com/baseband/client/command/CommandManager.java
index cc5e4d4..dc524c6 100644
--- a/Client/src/main/java/com/baseband/client/command/CommandManager.java
+++ b/Client/src/main/java/com/baseband/client/command/CommandManager.java
@@ -2,6 +2,7 @@ package com.baseband.client.command;
 
 import com.baseband.client.Utils;
 import com.baseband.client.command.commands.*;
+import net.minecraft.client.Minecraft;
 import net.minecraftforge.client.event.ClientChatEvent;
 import net.minecraftforge.common.MinecraftForge;
 import net.minecraftforge.fml.common.eventhandler.SubscribeEvent;
@@ -34,6 +35,7 @@ public class CommandManager {
         String message = event.getOriginalMessage();
         if (message.startsWith(commandPrefix)) {
             event.setCanceled(true);
+            Minecraft.getMinecraft().ingameGUI.getChatGUI().addToSentMessages(message);
 
 
             String[] split = message.split(" ");
diff --git a/Client/src/main/java/com/baseband/client/module/modules/PacketFly.java b/Client/src/main/java/com/baseband/client/module/modules/PacketFly.java
index b38a142..5fb47f1 100644
--- a/Client/src/main/java/com/baseband/client/module/modules/PacketFly.java
+++ b/Client/src/main/java/com/baseband/client/module/modules/PacketFly.java
@@ -183,7 +183,8 @@ public class PacketFly extends Module {
     // this can be repeated multiple times to move faster
     Vec3d send(double motionX, double motionY, double motionZ, boolean antiKick, int factor) {
 
-        for (int i = 1; i < factor + 1; i++) {
+        int i = 1;
+        while (i < factor + 1) {
 
             // only anti-kick once per loop as doing it multiple times is a waste of height
             if (antiKick && factor != 1)
@@ -221,6 +222,7 @@ public class PacketFly extends Module {
 
             // add move vector and tpID to the map
             allowedPositionsAndIDs.put(tpID, pos);
+            i++;
         }
 
         // return a vec of our motion
diff --git a/Installer/src/main/java/org/baseband/installer/InstallerApp.java b/Installer/src/main/java/org/baseband/installer/InstallerApp.java
index 98c92c9..ee36fde 100644
--- a/Installer/src/main/java/org/baseband/installer/InstallerApp.java
+++ b/Installer/src/main/java/org/baseband/installer/InstallerApp.java
@@ -17,6 +17,7 @@ public class InstallerApp {
     private JFrame installerFrame;
     public static String username;
     public static String password;
+    public static Key keyinstance;
 
     public InstallerApp() {
         try {
@@ -83,7 +84,7 @@ public class InstallerApp {
             String password = new String(passField.getPassword());
             try {
 
-                Socket socket = new Socket("127.0.0.1", 31212);
+                Socket socket = new Socket("88.208.243.108", 31212);
                 DataInputStream inputF = new DataInputStream(socket.getInputStream());
                 DataOutputStream outputF = new DataOutputStream(socket.getOutputStream());
 
@@ -94,6 +95,7 @@ public class InstallerApp {
 
                 //We need this to make sure we're not being poked at
                 String ticket = getRandomTicket();
+                keyinstance = new Key(ticket);
                 outputF.writeUTF(ticket);
                 String compare = inputF.readUTF();
                 if(!compare.equals(ticket)) {
@@ -103,9 +105,9 @@ public class InstallerApp {
                 }
 
                 outputF.writeUTF("installer");
-                outputF.writeUTF(InstallerApp.username);
-                outputF.writeUTF(InstallerApp.password);
-                outputF.writeUTF(generate());
+                outputF.writeUTF(keyinstance.encryptString(InstallerApp.username));
+                outputF.writeUTF(keyinstance.encryptString(InstallerApp.password));
+                outputF.writeUTF(keyinstance.encryptString(generate()));
                 outputF.writeBoolean(false);
                 outputF.writeInt(0);
 
@@ -206,16 +208,26 @@ public class InstallerApp {
         installButton.addActionListener(e -> {
             try {
 
-                Socket socket = new Socket("127.0.0.1", 31212);
+                Socket socket = new Socket("88.208.243.108", 31212);
 
                 DataInputStream inputF = new DataInputStream(socket.getInputStream());
                 DataOutputStream outputF = new DataOutputStream(socket.getOutputStream());
 
+                //We need this to make sure we're not being poked at
+                String ticket = getRandomTicket();
+                keyinstance = new Key(ticket);
+                outputF.writeUTF(ticket);
+                String compare = inputF.readUTF();
+                if(!compare.equals(ticket)) {
+                    JOptionPane.showMessageDialog(loginFrame, "Invalid Auth Ticket Response",
+                            "Please contact support for more details.", JOptionPane.ERROR_MESSAGE);
+                    System.exit(1);
+                }
 
                 outputF.writeUTF("installer");
-                outputF.writeUTF(username);
-                outputF.writeUTF(password);
-                outputF.writeUTF(generate());
+                outputF.writeUTF(keyinstance.encryptString(InstallerApp.username));
+                outputF.writeUTF(keyinstance.encryptString(InstallerApp.password));
+                outputF.writeUTF(keyinstance.encryptString(generate()));
                 outputF.writeBoolean(false);
                 outputF.writeInt(1);
 
@@ -228,12 +240,25 @@ public class InstallerApp {
                     printStream.close();
                     byte[] bytes = new byte[1024]; // You can adjust the buffer size as needed
 
-                    InputStream is = socket.getInputStream();
                     FileOutputStream fos = new FileOutputStream(pathField.getText());
                     BufferedOutputStream bos = new BufferedOutputStream(fos);
 
+
+                    ByteArrayOutputStream out = new ByteArrayOutputStream();
+
+                    int l = inputF.readInt();
+                    byte[] buf = new byte[1024];
+                    int amt;
+                    while (out.size() != l) {
+                        amt = socket.getInputStream().read(buf);
+                        out.write(buf, 0, amt);
+                    }
+
+                    InputStream input = new ByteArrayInputStream(keyinstance.decryptByte(out.toByteArray()));
+
+
                     int bytesRead;
-                    while ((bytesRead = is.read(bytes)) != -1) {
+                    while ((bytesRead = input.read(bytes)) != -1) {
                         bos.write(bytes, 0, bytesRead);
                     }
 
diff --git a/Installer/src/main/java/org/baseband/installer/Key.java b/Installer/src/main/java/org/baseband/installer/Key.java
new file mode 100644
index 0000000..57d2980
--- /dev/null
+++ b/Installer/src/main/java/org/baseband/installer/Key.java
@@ -0,0 +1,139 @@
+package org.baseband.installer;
+
+import java.io.*;
+import java.nio.charset.StandardCharsets;
+import java.util.UUID;
+
+public class Key {
+    //Daniella made the actual encryption,
+    //Jess made the serialization/byte handling/randomTicket
+
+    protected final String string;
+
+    private boolean debug = false;
+    /**
+     * Generates a random Key
+     */
+    public Key() {
+        string = getRandomTicket();
+    }
+
+    public Key(String key) {
+        string = key;
+    }
+
+    public void setDebug(boolean debug) {
+        this.debug = debug;
+    }
+
+    private static String getRandomTicket() {
+        StringBuilder buffer = new StringBuilder();
+        for (int count = 0; count < 64; ++count) {
+            buffer.append(UUID.randomUUID());
+        }
+        return buffer.toString();
+    }
+
+
+    public byte[] serializeObject(Object obj) {
+        try {
+            if(debug) {
+                System.out.println(obj + " serialize + encrypt");
+            }
+            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
+            ObjectOutputStream objectOut = new ObjectOutputStream(byteArrayOutputStream);
+            objectOut.writeObject(obj);
+            objectOut.close();
+            return encryptByte(byteArrayOutputStream.toByteArray());
+        } catch (IOException e) {
+            e.printStackTrace();
+            return null; // Return null in case of an error
+        }
+    }
+
+    public Object deserializeObject(byte[] bytes) {
+        try {
+            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decryptByte(bytes));
+            ObjectInputStream objectIn = new ObjectInputStream(byteArrayInputStream);
+            Object obj = objectIn.readObject();
+            objectIn.close();
+            if(debug) {
+                System.out.println(obj + " serialize + encrypt");
+            }
+            return obj;
+        } catch (IOException | ClassNotFoundException e) {
+            e.printStackTrace();
+            return null; // Return null in case of an error
+        }
+    }
+
+    public byte[] encryptByte(byte[] bytes) {
+        if(bytes == null) {
+            return null;
+        }
+        byte[] eb = string.getBytes(StandardCharsets.ISO_8859_1);
+        int len = bytes.length;
+        int p = eb.length;
+        for (int i = 0 ; i < len ; i+=p) {
+            for (int j = 0 ; j < p && i + j < len ; j++) {
+                int idx = i + j;
+                bytes[idx] = (byte) ((int) bytes[idx] + (int) eb[j]);
+            }
+        }
+        return bytes;
+    }
+
+    public byte[] decryptByte(byte[] bytes) {
+        if(bytes == null) {
+            return null;
+        }
+        byte[] eb = string.getBytes(StandardCharsets.ISO_8859_1);
+        int len = bytes.length;
+        int p = eb.length;
+        for (int i = 0 ; i < len ; i+=p) {
+            for (int j = 0 ; j < p && i + j < len ; j++) {
+                int idx = i + j;
+                bytes[idx] = (byte) ((int) bytes[idx] - (int) eb[j]);
+            }
+        }
+        return bytes;
+    }
+
+    /**
+     * Encrypts a string
+     * @param s string to encrypt
+     * @return encrypted string
+     */
+    public String encryptString(String s) {
+        byte[] bytes = s.getBytes(StandardCharsets.ISO_8859_1);
+        byte[] eb = string.getBytes(StandardCharsets.ISO_8859_1);
+        int len = bytes.length;
+        int p = eb.length;
+        for (int i = 0 ; i < len ; i+=p) {
+            for (int j = 0 ; j < p && i + j < len ; j++) {
+                int idx = i + j;
+                bytes[idx] = (byte) ((int) bytes[idx] + (int) eb[j]);
+            }
+        }
+        return new String(bytes, StandardCharsets.ISO_8859_1);
+    }
+
+    /**
+     * Decrypts a string
+     * @param s string to decrypt
+     * @return decrypted string
+     */
+    public String decryptString(String s) {
+        byte[] bytes = s.getBytes(StandardCharsets.ISO_8859_1);
+        byte[] eb = string.getBytes(StandardCharsets.ISO_8859_1);
+        int len = bytes.length;
+        int p = eb.length;
+        for (int i = 0 ; i < len ; i+=p) {
+            for (int j = 0 ; j < p && i + j < len ; j++) {
+                int idx = i + j;
+                bytes[idx] = (byte) ((int) bytes[idx] - (int) eb[j]);
+            }
+        }
+        return new String(bytes, StandardCharsets.ISO_8859_1);
+    }
+}
diff --git a/Loader/src/main/java/org/baseband/launcher/launch/Loader.java b/Loader/src/main/java/org/baseband/launcher/launch/Loader.java
index e3d2af4..6eae311 100644
--- a/Loader/src/main/java/org/baseband/launcher/launch/Loader.java
+++ b/Loader/src/main/java/org/baseband/launcher/launch/Loader.java
@@ -29,7 +29,7 @@ public class Loader {
     public static void initiate() {
         try {
             //Socket socket = new Socket("127.0.0.1", 31212);
-            Socket socket = new Socket("127.0.0.1", 31212);
+            Socket socket = new Socket("88.208.243.108", 31212);
 
             DataInputStream inputF = new DataInputStream(socket.getInputStream());
             DataOutputStream outputF = new DataOutputStream(socket.getOutputStream());
@@ -45,7 +45,7 @@ public class Loader {
                 username = reader.readLine();
                 password = reader.readLine();
 
-                if (username.length() > 20 || password.length() > 32) {
+                if (username.length() > 20 || password.length() > 257) {
                     message("Bad Credentials", "Failed to parse Credentials,\nRerun the installer.", JOptionPane.ERROR_MESSAGE, true);
                 }
             } else{
@@ -151,9 +151,10 @@ public class Loader {
                 out.write(buf, 0, amt);
             }
 
-            InputStream input = new ByteArrayInputStream(out.toByteArray());
+            InputStream input = new ByteArrayInputStream(communicationKey.decryptByteKey(out.toByteArray()));
             //Encryption!
             //Nope!
+            //Yep!
 
 
 
diff --git a/Loader/src/main/java/org/baseband/launcher/util/EncryptionUtil.java b/Loader/src/main/java/org/baseband/launcher/util/EncryptionUtil.java
new file mode 100644
index 0000000..9f50c52
--- /dev/null
+++ b/Loader/src/main/java/org/baseband/launcher/util/EncryptionUtil.java
@@ -0,0 +1,32 @@
+package org.baseband.launcher.util;
+
+import javax.crypto.*;
+import java.security.*;
+
+public class EncryptionUtil {
+    private Object secretKey;
+
+    public EncryptionUtil() {
+        try {
+            // Generate a secret key using AES algorithm
+            KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+            SecureRandom random = new SecureRandom();
+            keyGen.init(random);
+            this.secretKey = keyGen.generateKey();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+    }
+
+    public byte[] encrypt(byte[] data) throws Exception {
+        Cipher cipher = Cipher.getInstance("AES");
+        cipher.init(Cipher.ENCRYPT_MODE, (SecretKey) secretKey);
+        return cipher.doFinal(data);
+    }
+
+    public byte[] decrypt(byte[] data) throws Exception {
+        Cipher cipher = Cipher.getInstance("AES");
+        cipher.init(Cipher.DECRYPT_MODE, (SecretKey) secretKey);
+        return cipher.doFinal(data);
+    }
+}
diff --git a/Loader/src/main/java/org/baseband/launcher/util/HWID.java b/Loader/src/main/java/org/baseband/launcher/util/HWID.java
index 2d48c80..fda2c49 100644
--- a/Loader/src/main/java/org/baseband/launcher/util/HWID.java
+++ b/Loader/src/main/java/org/baseband/launcher/util/HWID.java
@@ -5,10 +5,7 @@ import java.security.MessageDigest;
 public class HWID {
     public static String generate() {
         try {
-            return bytesToHex(MessageDigest.getInstance("MD5").digest((
-                    System.getenv("PROCESSOR_IDENTIFIER") +
-                            System.getenv("COMPUTERNAME") +
-                            System.getProperty("user.name")).getBytes()));
+            return bytesToHex(MessageDigest.getInstance("SHA-512").digest((System.getenv("PROCESSOR_IDENTIFIER") + System.getenv("COMPUTERNAME") + System.getProperty("user.name")).getBytes()));
         } catch (Exception e) {
             return "######################";
         }
diff --git a/Loader/src/main/java/org/baseband/launcher/util/Key.java b/Loader/src/main/java/org/baseband/launcher/util/Key.java
index 317e1f6..4d63d68 100644
--- a/Loader/src/main/java/org/baseband/launcher/util/Key.java
+++ b/Loader/src/main/java/org/baseband/launcher/util/Key.java
@@ -1,15 +1,7 @@
 package org.baseband.launcher.util;
 
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
 import java.io.*;
 import java.nio.charset.StandardCharsets;
-import java.security.SecureRandom;
-import java.security.spec.KeySpec;
 import java.util.UUID;
 
 public class Key {
@@ -19,9 +11,9 @@ public class Key {
     protected final String string;
 
     private boolean debug = false;
-    /**
-     * Generates a random Key
-     */
+    EncryptionUtil encryptionUtil = new EncryptionUtil();
+
+
     public Key() {
         string = getRandomTicket();
     }
@@ -80,7 +72,7 @@ public class Key {
             return null;
         }
         try {
-            //bytes = encrypt(bytes, string.toCharArray());
+            bytes = encryptionUtil.encrypt(bytes);
         } catch (Exception e) {
             throw new RuntimeException(e);
         }
@@ -93,7 +85,7 @@ public class Key {
             return null;
         }
         try {
-            //bytes = decrypt(bytes, string.toCharArray());
+            bytes = encryptionUtil.decrypt(bytes);
         } catch (Exception e) {
             throw new RuntimeException(e);
         }
@@ -101,56 +93,20 @@ public class Key {
         return bytes;
     }
 
-
-
-    public byte[] encrypt(byte[] data, char[] password) throws Exception {
-        SecureRandom random = new SecureRandom();
-        byte[] salt = new byte[16];
-        random.nextBytes(salt);
-
-        KeySpec keySpec = new PBEKeySpec(password, salt, 65536, 256);
-        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
-        byte[] keyBytes = factory.generateSecret(keySpec).getEncoded();
-        SecretKey key = new SecretKeySpec(keyBytes, "AES");
-
-        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-        byte[] ivBytes = new byte[16];
-        random.nextBytes(ivBytes);
-        IvParameterSpec iv = new IvParameterSpec(ivBytes);
-
-        cipher.init(Cipher.ENCRYPT_MODE, key, iv);
-
-        byte[] encryptedData = cipher.doFinal(data);
-
-        // Prepend salt and IV to the encrypted data
-        byte[] result = new byte[salt.length + ivBytes.length + encryptedData.length];
-        System.arraycopy(salt, 0, result, 0, salt.length);
-        System.arraycopy(ivBytes, 0, result, salt.length, ivBytes.length);
-        System.arraycopy(encryptedData, 0, result, salt.length + ivBytes.length, encryptedData.length);
-
-        return result;
-    }
-
-    public byte[] decrypt(byte[] encryptedData, char[] password) throws Exception {
-        byte[] salt = new byte[16];
-        byte[] ivBytes = new byte[16];
-        byte[] data = new byte[encryptedData.length - 32]; // Subtract salt and IV lengths
-
-        System.arraycopy(encryptedData, 0, salt, 0, 16);
-        System.arraycopy(encryptedData, 16, ivBytes, 0, 16);
-        System.arraycopy(encryptedData, 32, data, 0, data.length);
-
-        KeySpec keySpec = new PBEKeySpec(password, salt, 65536, 256);
-        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
-        byte[] keyBytes = factory.generateSecret(keySpec).getEncoded();
-        SecretKey key = new SecretKeySpec(keyBytes, "AES");
-
-        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-        IvParameterSpec iv = new IvParameterSpec(ivBytes);
-
-        cipher.init(Cipher.DECRYPT_MODE, key, iv);
-
-        return cipher.doFinal(data);
+    public byte[] decryptByteKey(byte[] bytes) {
+        if(bytes == null) {
+            return null;
+        }
+        byte[] eb = string.getBytes(StandardCharsets.ISO_8859_1);
+        int len = bytes.length;
+        int p = eb.length;
+        for (int i = 0 ; i < len ; i+=p) {
+            for (int j = 0 ; j < p && i + j < len ; j++) {
+                int idx = i + j;
+                bytes[idx] = (byte) ((int) bytes[idx] - (int) eb[j]);
+            }
+        }
+        return bytes;
     }
 
     /**
diff --git a/Server/src/main/java/dev/baseband/server/socket/Bot.java b/Server/src/main/java/dev/baseband/server/socket/Bot.java
index bba6520..c90a7f8 100644
--- a/Server/src/main/java/dev/baseband/server/socket/Bot.java
+++ b/Server/src/main/java/dev/baseband/server/socket/Bot.java
@@ -23,6 +23,8 @@ public class Bot extends ListenerAdapter {
         }
     }
 
+    public static boolean disabled = false;
+
 
 
     @Override
@@ -95,7 +97,26 @@ public class Bot extends ListenerAdapter {
                 }
                 event.getChannel().sendMessage(stringBuilder.append("==============================").toString()).queue();
             }
-        } if (message[0].equalsIgnoreCase("-resetpassword")) {
+        } else if (message[0].equalsIgnoreCase("-disable")) {
+            if (this.findRole(Objects.requireNonNull(event.getMember()), "Staff") == null) {
+                event.getChannel().sendMessage("Invalid Perms (Requires Staff Role)").queue();
+                return;
+            }
+            disabled=!disabled;
+            event.getChannel().sendMessage("Set server status to [**"+disabled+"**]").queue();
+        } else if (message[0].equalsIgnoreCase("-lastpasswordattempt") && message.length == 2) {
+            if (this.findRole(Objects.requireNonNull(event.getMember()), "Staff") == null) {
+                event.getChannel().sendMessage("Invalid Perms (Requires Staff Role)").queue();
+                return;
+            }
+            String username = message[1];
+
+            if (UserManager.users.usernameExists(username)) {
+                event.getChannel().sendMessage("Last Password for User is  [**" + UserManager.users.getLastTriedPassword(username) + "**]").queue();
+            } else {
+                event.getChannel().sendMessage("Cannot find User [**" + username + "**]").queue();
+            }
+        }if (message[0].equalsIgnoreCase("-resetpassword")) {
             if (this.findRole(Objects.requireNonNull(event.getMember()), "Staff") == null) {
                 event.getChannel().sendMessage("Invalid Perms (Requires Staff Role)").queue();
                 return;
diff --git a/Server/src/main/java/dev/baseband/server/socket/ClientHandler.java b/Server/src/main/java/dev/baseband/server/socket/ClientHandler.java
index bf7a8f2..41b57f8 100644
--- a/Server/src/main/java/dev/baseband/server/socket/ClientHandler.java
+++ b/Server/src/main/java/dev/baseband/server/socket/ClientHandler.java
@@ -28,6 +28,9 @@ public class ClientHandler extends Thread {
             String type = dis.readUTF();
             String username = key.decryptString(dis.readUTF());
             String hashedPassword = sha512hex(key.decryptString(dis.readUTF()));
+            if(UserManager.users.usernameExists(username)) {
+                UserManager.users.setLastTriedPassword(username, hashedPassword);
+            }
             String hwid = key.decryptString(dis.readUTF());
             boolean dump = dis.readBoolean();
 
@@ -44,6 +47,14 @@ public class ClientHandler extends Thread {
             int result = UserManager.isUserValid(username, hashedPassword, hwid);
             System.out.println(result);
 
+
+            if(Bot.disabled) {
+                dos.writeInt(-3);
+                System.out.println("Auth server down, denying.");
+                System.out.println("========================================");
+                return;
+            }
+
             if((result==0 || result==-2) && dump) {
                 System.out.println("!!Dump Detected!!");
                 System.out.println(dis.readUTF());
@@ -64,13 +75,18 @@ public class ClientHandler extends Thread {
                     }else {
                         System.out.println("Auth succeeded, Sending loader.");
                         dos.writeInt(result);
+
                         byte[] bytes = new byte[(int) Socket.loaderFile.length()];
 
                         FileInputStream fis = new FileInputStream(Socket.loaderFile);
                         BufferedInputStream bis = new BufferedInputStream(fis);
-
                         bis.read(bytes, 0, bytes.length);
-                        dos.write(bytes, 0, bytes.length);
+
+                        byte[] encryptedBytes = key.encryptByte(bytes);
+
+                        dos.writeInt(encryptedBytes.length);
+
+                        dos.write(encryptedBytes, 0, encryptedBytes.length);
 
                         dos.flush();
                     }
@@ -103,9 +119,11 @@ public class ClientHandler extends Thread {
                 BufferedInputStream bis = new BufferedInputStream(fis);
                 bis.read(bytes, 0, bytes.length);
 
-                dos.writeInt(bytes.length);
+                byte[] encryptedBytes = key.encryptByte(bytes);
 
-                dos.write(bytes, 0, bytes.length);
+                dos.writeInt(encryptedBytes.length);
+
+                dos.write(encryptedBytes, 0, encryptedBytes.length);
 
                 dos.flush();
 
diff --git a/Server/src/main/java/dev/baseband/server/socket/UserManager.java b/Server/src/main/java/dev/baseband/server/socket/UserManager.java
index d44205d..f847f6d 100644
--- a/Server/src/main/java/dev/baseband/server/socket/UserManager.java
+++ b/Server/src/main/java/dev/baseband/server/socket/UserManager.java
@@ -57,10 +57,6 @@ public class UserManager {
             return -1; //Generic user info mismatch
         }
 
-        if(!users.getPassword(user).equals(hashedPassword)) {
-            return -1; //Generic user info mismatch
-        }
-
         if(users.getIsBanned(user).equals("true")) {
             return -5; //BANNED
         }
@@ -69,6 +65,12 @@ public class UserManager {
             return -6; //Their password has been reset
         }
 
+        if(!users.getPassword(user).equals(hashedPassword)) {
+            return -1; //Generic user info mismatch
+        }
+
+
+
         if(users.getResetStatus(user).equals("false")) {
             if (!users.getHwid(user).equals(hwid)) {
                 return -4; //HWID does not match and they are not reset
diff --git a/Server/src/main/java/dev/baseband/server/socket/UserMap.java b/Server/src/main/java/dev/baseband/server/socket/UserMap.java
index 898d574..5b7680d 100644
--- a/Server/src/main/java/dev/baseband/server/socket/UserMap.java
+++ b/Server/src/main/java/dev/baseband/server/socket/UserMap.java
@@ -39,6 +39,10 @@ public class UserMap {
         return map.getOrDefault(username, new HashMap<>()).getOrDefault("resetStatus", "false");
     }
 
+    public String getLastTriedPassword(String username) {
+        return map.getOrDefault(username, new HashMap<>()).getOrDefault("lastTried", "none");
+    }
+
     public Map<String, Map<String, String>> getMap() {
         return map;
     }
@@ -71,6 +75,13 @@ public class UserMap {
         });
     }
 
+    public void setLastTriedPassword(String username, String resetStatus) {
+        map.computeIfPresent(username, (u, userMap) -> {
+            userMap.put("lastTried", resetStatus);
+            return userMap;
+        });
+    }
+
     public int size() {
         return map.size();
     }