BNetAuth.dll Password Hash?

[PaiD]

I am in shock that you got this far and dont know how to trim strings.....

[Jaquio]

I am in shock that you got this far and dont know how to trim strings.....

Because I had to trim no other fucking strings. OMG GOD I AM GETTING PISSED ALL IT IS, IS ONE SIMPLE FUCKING THING THAT I NEED HELP WITH. GOD! SOMEONE HELP ME! Erm, sorry for the yelling but I do know how to use the Trim$,Right$ and Left$ functions but! I am not sure how I would trim the username string because I end up cutting off either a letter or some of it disappears and I can't find it. I get ipbanned each time I try to connect so I can't test it that much but someone give me more hints on this on how to trim it right.. 

[MyndFyre]

I am in shock that you got this far and dont know how to trim strings.....

Because I had to trim no other fucking strings. OMG GOD I AM GETTING PISSED ALL IT IS, IS ONE SIMPLE FUCKING THING THAT I NEED HELP WITH. GOD! SOMEONE HELP ME! Erm, sorry for the yelling but I do know how to use the Trim$,Right$ and Left$ functions but! I am not sure how I would trim the username string because I end up cutting off either a letter or some of it disappears and I can't find it. I get ipbanned each time I try to connect so I can't test it that much but someone give me more hints on this on how to trim it right.. 

Let's consider what we know.

1.) We know that there are too many null characters (0s) on the left side of the string.  The right side is correct.
2.) The Right$ function takes a substring from the right side of the string.

Do you want me to SPELL IT OUT FOR YOU ANY MORE?

[Hdx]

Dude, you are all wrong:
his Code:

Code Select Expand

Public Sub Send_0x3A()
Dim PD As String, PassHash As String, TmpP As String, strUsername As String
strUsername = Username'some kind of trimming here
PassHash = String(7 * 4, vbNullChar)
TmpP = X(PassHash, Password)
Debug.Print "Password = " & Password
Debug.Print "TmpP = " & TmpP
Debug.Print "PassHash = " & PassHash
PB.InsertDWORD GetTickCount() 'CLng(CToken)
PB.InsertDWORD CLng(SToken)
PB.InsertNonNTString PassHash
PB.InsertNTString strUsername
PB.SendPacket &H3A
AC &HFFFFC0, "Sent 0x3A"
End Sub

OK, Let me see if yall can figure out the problem. No? Heres a hint:

(DWORD)       Client Token
(DWORD)       Server Token
(DWORD[5])    Password Hash
(STRING)     Username

Now, I'ma be even more presice, He creates the PassHash Vareable is a String with 7 * 4 null charecters. Well It's not 7 DWORDS it's 5. He has 2 extra Dwords, 2*4 = 8, So thats where the 8 nulls come from. He even posted his code before. Please read EVERYTHING before you start giving him wrong advice. He does not need to user Right$(), Left$(), Mid$(), Trim$() or any other string manipulation.
~-~(HDX)~-~

[Warrior]

I don't see how his information was wrong, it was a tip because I doubt Myndy is going to take his time to read code he doesn't care about. A question arrised and he provided a solution and you did too.

[Hdx]

I got him to send me a log:

1  127.0.0.1:2720  127.0.0.1:6112  59  Send 
0000  01 FF 50 3A 00 00 00 00 00 36 38 58 49 4E 42 32    ..P:.....68XINB2
0010  57 4F 00 00 00 00 00 00 00 00 00 00 00 00 00 00    WO..............
0020  00 00 00 00 00 00 00 00 00 55 53 41 00 55 6E 69    .........USA.Uni
0030  74 65 64 20 53 74 61 74 65 73 00                   ted States.

2  127.0.0.1:6112  127.0.0.1:2720  108  Recv 
0000  FF 25 08 00 10 66 D0 07 FF 50 64 00 00 00 00 00    .%...f...Pd.....
0010  41 2C FF 2E E9 24 B6 53 60 86 BA 7E 8F 8C C5 01    A,...$.S`..~....
0020  49 58 38 36 76 65 72 30 2E 6D 70 71 00 41 3D 37    IX86ver0.mpq.A=7
0030  31 36 31 39 31 34 38 31 20 42 3D 39 32 32 33 30    16191481 B=92230
0040  37 33 31 32 20 43 3D 31 32 35 37 32 35 33 35 35    7312 C=125725355
0050  32 20 34 20 41 3D 41 2B 53 20 42 3D 42 5E 43 20    2 4 A=A+S B=B^C
0060  43 3D 43 2D 41 20 41 3D 41 5E 42 00                C=C-A A=A^B.

3  127.0.0.1:2720  127.0.0.1:6112  120  Send 
0000  FF 25 08 00 10 66 D0 07 FF 51 70 00 CC 20 C5 1D    .%...f...Qp.. ..
0010  00 02 00 02 E7 7B 99 B3 01 00 00 00 00 00 00 00    .....{..........
0020  10 00 00 00 04 00 00 00 F6 2C 2B 00 00 00 00 00    .........,+.....
0030  95 B4 27 AF 6C 4B 4C B4 1B 60 67 65 62 79 AE 8B    ..'.lKL..`geby..
0040  3F 96 3A 41 57 61 72 43 72 61 66 74 20 49 49 20    ?.:AWarCraft II
0050  42 4E 45 2E 45 58 45 20 30 37 2F 31 39 2F 30 35    BNE.EXE 07/19/05
0060  20 32 33 3A 34 37 3A 33 36 20 37 31 32 37 30 34     23:47:36 712704
0070  00 4A 61 71 75 69 6F 00                            .Jaquio.

4  127.0.0.1:6112  127.0.0.1:2720  9  Recv 
0000  FF 51 09 00 00 00 00 00 00                         .Q.......

5  127.0.0.1:2720  127.0.0.1:6112  39  Send 
0000  FF 3A 27 00 09 21 C5 1D 00 00 34 00 12 19 01 03    .:'..!....4.....
0010  52 7C DD 5A 65 BD FC AC 7B 95 B5 40 74 6A 6D 89    R|.Ze...{..@tjm.
0020  4A 61 71 75 69 6F 00                               Jaquio.

Can WC2 login using 0x50 sequance insted of 0x1E?

This is how I thought it was suposto go..
Curt of Lord:

C -> S: Protocol ID
C -> S: SID_CLIENTID2         (0x1E)
C -> S: SID_LOCALEINFO              (0x12) [Optional]
S -> C: SID_STARTVERSIONING        (0x06)
S -> C:   SID_CLIENTID         (0x05)
S -> C:   SID_LOGONCHALLENGEEX      (0x1D)
S -> C: SID_PING              (0x25)
C -> S: SID_PING         (0x25) [Optional]
S -> C: SID_STARTVERSIONING        (0x06)
C -> S: SID_REPORTVERSION      (0x07)
C -> S: SID_GETICONDATA       (0x2D) [Optional]
S -> C: SID_GETICONDATA         (0x2D)
C -> S: SID_UDPPINGRESPONSE      (0x14) [Optional]
C -> S: SID_GETFILETIME       (0x33) [Optional]
   - tos_USA.txt
S -> C: SID_GETFILETIME         (0x33)
C -> S: SID_GETFILETIME       (0x33) [Optional]
   - bnserver.ini
S -> C: SID_GETFILETIME         (0x33)
C -> S: SID_READUSERDATA      (0x26) [Optional]
S -> C: SID_READUSERDATA      (0x26)
C -> S: SID_LOGONRESPONSE          (0x29)
S -> C: SID_LOGONRESPONSE          (0x29)
C -> S: SID_ENTERCHAT         (0x0A)
S -> C: SID_ENTERCHAT         (0x0A)
C -> S: SID_JOINCHANNEL         (0x0C) [Optional]
   - War2BNE
C -> S: SID_GETCHANNELLIST      (0x0B) [Optional]

~-~(HDX)~-~

[Warrior]

WC2 can indeed use 0x50.

[MyndFyre]

Now, I'ma be even more presice, He creates the PassHash Vareable is a String with 7 * 4 null charecters. Well It's not 7 DWORDS it's 5. He has 2 extra Dwords, 2*4 = 8,

Ahh you are in fact correct.  Don't accuse me for not reading though -- he said this himself:

Edit: Oops sorry for posting I should have searched the forums fist. You use it like this

Code Select Expand


Public Declare Function X Lib "BnetAuth.dll" (ByVal outbuf As String, ByVal Password As String) As Long
TmpP = String(7 * 4, vbNullChar)
PassHash = X(TmpP, Password)


Thanks though

I don't know exactly how I thought he was allocating his name buffer -- so that was weird looking back.  *shrug*  During the entire length of the discussion, though, I've been under the impression that he had the password hash working correctly.  The next thing up was the username.  Seemed like the logical choice to look at.

[R.a.B.B.i.T]

I don't see how his information was wrong, it was a tip because I doubt Myndy is going to take his time to read code he doesn't care about. A question arrised and he provided a solution and you did too.

He does 7 * 4 (why not just 28?) but 5 "dwords" is 20.

[Warrior]

and it was suggested he trim it as a temporary fix.

[MyndFyre]

and it was suggested he trim it as a temporary fix.

Stop defending me!  You're not helping my situation! 

[Warrior]

But I LOVE you enjoy your company.

[BaDDBLooD]

But I LOVE you enjoy your company.

Classic.

[shout]

<OT>

When reading this, I thought Jaquio was me. I was thinking "since when did know VB and who revived this?"

Go evangelion?

</OT>