• Welcome to Valhalla Legends Archive.
 
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - PunK

#1
I'm writing a listening server in .NET but in the process, having some issues. So hopefully someone can clear it up.

I've gotten as far as accepting the client, passing the TCP client to a class to separately handle the socket. But what has me stumped is reading the data coming from the actual client. It's pulling the data from the stream, however, I'm afraid the data is incorrect ??

I'm connecting a battle.net bot to the server, so I should see 0x50, right? But I don't... it's outputting that the packet as 0x80? I'm getting frustrated with this.


   Private Sub ClientDataArrival()
       Dim i As Int32
       Dim bytes(1024) As [Byte]
       Dim data As String

       While (True)

           Dim socketStream As NetworkStream = clientSocket.GetStream()
           i = socketStream.Read(bytes, 0, bytes.Length)

           While (i <> 0)
               data = System.Text.Encoding.ASCII.GetString(bytes, 0, i)

               printf(Asc(Mid(data, 2, 1)))            '0x80??? wtf

               Dim msg As [Byte]() = System.Text.Encoding.ASCII.GetBytes(data)

               'send data back to client for shits
               socketStream.Write(msg, 0, msg.Length)

               i = socketStream.Read(bytes, 0, bytes.Length)

           End While

       End While
   End Sub


Here is a packet dump of what I am getting from the stream...

0000:  01 3F 50 3A 00 00 00 00 00 36 38 58 49 56 44 32   ?P:.....68XIVD2
0010:  44 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00   D ..............
0020:  00 00 00 00 00 00 00 00 00 55 53 41 00 55 6E 69   .........USA.Uni
0030:  74 65 64 20 53 74 61 74 65 73 00                  ted States......


Btw, if someone could kindly move this to general programming forum, that would be great :)
#2
I've never really messed around with this except for the profile / system keys. I've been helping a friend out and he asked about the record values.

However, I get ip banned immediately after making the request. Maybe I am doing something wrong?

I tried the client tag vice versa as well, no luck.

Public Sub Send_26Ex(Username As String)
With b
    .i_dword &H69
    .i_dword &H5
    .i_dword &H1
    .i_ntstring Username
    .i_ntstring "record\SEXP\0\wins"
    .i_ntstring "record\SEXP\0\losses"
    .i_ntstring "record\SEXP\0\disconnects"
    .i_ntstring "record\SEXP\0\last GAME"
    .i_ntstring "record\SEXP\0\last GAME result"
    .s_packet &H26, BNCS
End With
End Sub
#3
I'm looking for some information on the 0x50 128-bit signature that battle.net includes at the end of the packet. I've done countless hours of trying to find documentation on this, but have found close to none. I talked this over with brew and we came to the conclusion that the signature is generated by the servers ipaddress in conjuction with powmod.

I'm relatively new to encryption so right now I'm stuck at a brick wall. I'm trying to write a gateway (in C or VB6, haven't decided yet) for Warcraft III. Unfortunately, in order to do this, I have to update the signature battle.net sends to the client, else wise, the Warcraft III client will pop an error informing me that the server I am trying to connect to doesn't appear to be a battle.net server.

So, ultimately, I need a way to generate the 128-bit signature.
#4
Well it appears Warcraft III requires the same warden response as Starcraft directly after login.
#5
Battle.net Bot Development / Verbyte
April 10, 2009, 11:44 PM
I'm not 100% but I was looking through Warcraft 2 in hex editor and noticed similarities between Starcraft and Warcraft with the whole verbyte theory.

Since unfortunately I don't have any previous versions of warcraft 2, I can't really verify this.

C7 46 10 ** 00 00 00 C7 46 18 08 00 00 00 C7

Warcraft III and Diablo II's verbyte are actually located in the file version. 1.[23].214.
#6
C/C++ Programming / Couple questions
April 08, 2009, 01:38 AM
Well, I'm returning to C++. It's roughly been a year so I am going to brush up and tune up my knowledge (which isn't much).

I've had some unanswered questions that I've googled and haven't found the best of results.

First..

I've noticed in C++ that you don't need to declare the function in the preprocessor but at the same time, you can.

Example:


#include <iostream>
using namespace std;

void testing()            //optional???

int main ()
{
     testing;
}

void testing ()
{
     cout << "Oh my";
}


But if I don't declare testing, it still compiles error-free and runs just fine...




Second question is when I delete an array, it completely halts the console.

Example

int main ()
{
   char tit_sag[] = "Tits dangle";
   delete [] tit_sag;
}


The console just freezes. I have a couple more questions, but ultimately these 2 kind of intrigue me.
#7
Battle.net Bot Development / Bad ping
April 05, 2009, 02:14 AM
I'm not sure if it's the way I am handling BNCS but it seems when I local hash, it logs in with a bad ping. I usually get 31ms on client and when I use my bot, I am usually pinging around 150-300ms. Not that it effects me in anyway, but I would like to see if there is a way to fix this.

I've noticed the longer it takes to build 0x51, the higher your ping will be. So maybe it's my computer? I'm running a 3.2ghz P4 hyper threaded.. so idk what could be causing the problem. I've used local hashing on bots like stealth and haven't ever had this issue.
#8
Advanced Programming / Hooking Again =x
January 20, 2009, 12:29 PM
I would post this in CupHeads original post but I doubt anyone would look at that.

Anyways, I've already injected the dll but I want to redirect the socket data back to my application via the injected dll. I'm not quite sure about how to go about this and I am doing this in VB6 to get a good understanding then eventually I will port it into C++. I don't quite have a great grasp on C++ which is why I'm doing this in VB6 first.

Does anyone have any good documentation (being any language at this point, I don't care) that I could refer to?

Second question.
Let's say I write a DLL and name it winsock32.dll. The application I inject the DLL into is already using a library named winsock32.dll.. Will it write over the existing dll that the application is already using?


Thanks.
#9
General Programming / Sending third party packets?
January 12, 2009, 04:05 PM
I don't know if there is any term for this but I was wondering if there was a way to send REAL packets however, from another application.

For example.... Let's say I load a bot on useast. Instead of requesting 0x65 (friends list) from the actual bot, another program sends it BUT windows assigns the packet to the actual bot when battle.net replies to 0x65. So it appears that the application (the bot) is sending 0x65 but a third party program is doing that instead.

Anyone?
#10
If a packet is broken into segments, such as the 0x09 packet, what would be a good way of assosiating the broken segments into 0x09 when the first packet is the only one with the 0x09 header.

So basically, after I recieve the first segment (labeled 0x09), it's passed the the 0x09 handler - however, the segments after that aren't labeled.
#11
General Discussion / Favorite packet logger
December 10, 2008, 02:59 PM
I use to use WPE but it doesn't quite work with logging any blizzard games... So I am using AnalogX now and it's alright. You can set your own rules and what not but I would like to individually packet log separate PID's instead of just certain parameters on the whole machine... If you get what I am trying to say.. Anyone have a better packet sniffer?
#12
Battle.net Bot Development / Warcraft III GS
December 09, 2008, 03:36 PM
Okay, I wanted to do something similar to Ringo's SCGS Bot. However, I have a couple of questions =o


Okay, I saw on bnetdocs.com that it says 0x09 is used by every other client other then Warcraft III... So I went along and packet logged the game request in warcraft III and noticed that it was also using 0x09..

C->S

FF 09 17 00 00 E0 7F 00 00 00 00 00 00 00 00 00  ................
14 00 00 00 00 00 00                                     .......       


S->C

FF 09 7A 0A 14 00 00 00 01 28 49 00 09 04 00 00  ..z......(I.....
02 00 AF C8 44 96 BA B7 00 00 00 00 00 00 00 00  ....D...........
10 00 00 00 06 00 00 00 4E 69 6E 74 65 6E 44 6F  ........NintenDo
20 54 6F 77 65 72 20 44 21 21 55 73 61 00 00 62   Tower D!!Usa..b
31 30 30 30 30 30 30 30 01 03 49 07 01 01 75 01  10000000..I...u.
A1 75 01 93 95 49 0D 4D CB 61 71 73 5D 45 6F 77  .u...I.M.aqs]Eow
19 6F 6D 6F 61 65 5D 4F 93 69 6F 75 65 6F 65 6F  .omoae]O.ioueoeo
41 21 55 45 21 77 37 2F 19 33 2F 77 33 79 01 45  A!UE!w7/.3/w3y.E
2B 69 6F 6F 43 6F 75 35 01 33 31 01 01 00 01 20  +iooCou5.31....
49 00 0C 0C 00 00 02 00 17 E0 42 83 52 41 00 00  I.........B.RA..
00 00 00 00 00 00 10 00 00 00 00 00 00 00 33 72  ..............3r
64 20 53 57 20 2D 61 72 75 73 6D 21 21 00 00 62  d SW -arusm!!..b
33 30 30 30 30 30 30 30 01 03 49 07 01 01 95 01  30000000..I.....
91 75 01 6F 13 EB 61 4D CB 61 71 73 5D 45 6F 77  .u.o..aM.aqs]Eow
99 6F 6D 6F 61 65 5D 53 53 57 33 2F 33 2F 31 2F  .omoae]SSW3/3/1/
E7 77 33 79 01 61 77 61 07 77 61 01 01 00 09 C0  .w3y.awa.wa.....
48 00 09 04 00 00 02 00 17 E0 63 F6 C7 DD 00 00  H.........c.....
00 00 00 00 00 00 10 00 00 00 5B 00 00 00 42 49  ..........[...BI
47 20 46 46 41 20 58 58 58 00 00 62 31 30 30 30  G FFA XXX..b1000
30 30 30 30 41 03 49 07 01 01 A9 01 AB A9 01 57  0000A.I........W
19 D5 BF 4D 4B 61 71 73 5D 29 31 33 AB 29 45 69  ...MKaqs])13.)Ei
77 69 65 65 B3 41 6F 65 43 6F 6F 71 E7 75 65 73  wiee.AoeCooq.ues
2F 77 33 6D A5 01 61 7B 6F 73 71 69 07 6B 65 01  /w3m..a{osqi.ke.
01 00 09 40 49 00 09 08 00 00 02 00 17 E0 51 9B  [email protected].
D0 5B 00 00 00 00 00 00 00 00 10 00 00 00 10 00  .[..............
00 00 66 75 6E 6E 79 20 62 75 6E 6E 79 20 65 67  ..funny bunny eg
67 20 68 75 6E 74 20 62 79 20 72 79 61 6E 20 00  g hunt by ryan .
00 39 33 30 30 30 30 30 30 30 01 03 49 07 01 01  .930000000..I...
75 01 F9 95 01 D1 3D 8F DB 4D 8B 61 71 73 5D 47  u.....=..M.aqs]G
73 6F 85 7B 65 6F 55 69 73 6F 75 6F 65 5D 53 63  so.{eoUisouoe]Sc
65 6F 1B 61 73 69 6F 5D 29 39 4B 29 47 75 6F 6F  eo.asio])9K)Guoo
79 43 F3 75 6F 6F 79 73 45 67 8B 67 49 75 6F 75  yC.uooysEg.gIuou
2F 77 E3 33 79 01 43 49 47 4D 13 41 4F 45 41 4F  /w.3y.CIGM.AOEAO
01 01 00 01 20 49 00 09                          .... I..       


I'm kind of thrown off...
#13
Battle.net Bot Development / CDKey Location
August 19, 2008, 03:31 PM
I couldn't really find a more appropriate place to put this topic. But anyways, does anyone know where the CDKey for warcraft III is stored? I searched regedit and no luck.
#14
Thing-O-Rama ™ / Drug paraphernalia =[
August 15, 2008, 09:39 PM
August 7, 2008 @ 3:15 AM.

On the way back from a friends and I was on the main state road and I get to a light. The light took about... 4 minutes to change and there was absolutely nobody on the road. I guess a faulty timer? I don't know, however. I look in my review mirror and I see one car on the road heading behind me and began to halt to the red light. Then I looked again and noticed it was a cop car... For those who don't drive, that's the shittiest feeling you will ever endure; at least for me. Anyways, the light turns green and I begin to drive... Not even 20 feet down he turns his sirens on and pulls me over.

He walks up to my car and I roll the window down. He follows procedure and asks for license/registration. I hand it to him, he looks at it, puts it down, looks at me, and says, "When is the last time you smoked in your car?". And I do not smoke anything in my car PERIOD. I told the officer that I do not smoke in my car. He then asks me if he could search the vehicle and I said, "Why, I don't see any reason to.". He says, "I smell dope son, good enough reason for me". Of course... I was stupid and felt intimidated and allowed him to search... I had an ounce under my gear box (located under the stick shift).

He told me to sit down on his car hood aside the other patrol officer. My friend apparently left his scale, his steam roller, AND his pill bottle all in the back seat behind the driver. However, he did not find the pot!

He wrote me a court hearing citation and told me to show up to court. I tried asking the officer to heed me a warning because I have college and I really don't want to screw it up. He asked what college I was attending and I said UCF. He was a dick and replied, "hah! that's not something to be proud about. sit in your car and wait while I finish this.".

I hate the po po =[
#15
Unfortunately, I would do this myself but I lost my warcraft II CD so I don't have the installer. I was hoping somebody knew what the statstring would look like or maybe a refrence?


1 Unknown
2 Unknown
3 Game Speed
    0x00: Slowest
    0x01: Slower
    0x02: Slow
    0x03: Normal
    0x04: Fast
    0x05: Faster
    0x06: Fastest
4 Approval
    0x00: Not Approved
    0x01: Blizzard Approved
    0x02: Ladder Approved
    0x03: PGL Approved
    0x04: KBK Approved
    0x05: CompUSA Approved
5 Game Type
    0x02: Melee
    0x03: FFA
    0x04: 1v1
    0x09: Ladder
    0x0A: UMS
    0x0F: TvB
    0x10: Iron man ladder
6 Parameter; The value of this parameter depends on the game type.
7 Checksum; This is a checksum of the map file.
8 Starting Resources
9 Creator/Map name
    These two values are separated by a 0x0D byte


edit;

I'm trying to create a ladder game but it has been nothing but an epic fail.

Thanks.
#16
I was wondering if the method I'm using to parse statistics is correct.

PX3W 3H3W 16

    Select Case Race
        Case "H"
            Select Case Num
                Case 1: HandleStat = 44 'Footman
                Case 2: HandleStat = 45 'Knight
                Case 3: HandleStat = 46 'Archmage
                Case 4: HandleStat = 47 'Medivh
                Case Else: HandleStat = ICON_WAR3
            End Select

This would mean he has the Archmage icon with 16 wins, correct?

My second question. What does the stat string look like for a user with a Tournament record?