I've been out of it for a while; what are the major differences between lockdown and the ix86ver check system?
Lockdown hashes memory values from the directx buffer as well as the original three values. I think that's about it for the basics.
Basically, it's completely different. The hash is done differently, and on different data (ddraw buffer + memory of the classic three programs, plus the CR .dll itself), and is seeded differently.
wait a second...you're saying that lockdown checks the state of the entire app? how is the server supposed to know that?
Quote from: Banana fanna fo fanna on May 24, 2007, 12:39 AM
wait a second...you're saying that lockdown checks the state of the entire app? how is the server supposed to know that?
yeah, it sure does. the server can know this because the checks it performs should always produce the same results, if there has been no tampering with the files in memory.
The server stores a cache of a set amount of results (1000 for DRTL, DSHR, SSHR, 10000 for STAR, SEXP, JSTR, W2BN). It doesn't check the ENTIRE app, just the three hash files, the dll, and the buffer.
Quote from: Banana fanna fo fanna on May 24, 2007, 12:39 AM
wait a second...you're saying that lockdown checks the state of the entire app? how is the server supposed to know that?
Sorry, what I said was a bit unclear. It hashes a select part of the memory of the classic 3 hashfiles.
okay, but what about the ddraw buffer?
Quote from: Sachen on May 24, 2007, 01:05 AM
just the three hash files, the dll, and the buffer.
i mean...it knows exactly what the screen looks like (in essence)?
It uses a static chunk of screen data. The data will always be the same for the client, and I'm sure that Blizzard knows what the data is.
Yes, it knows the exact values for every pixle.
If you know where to look, take a look at how the games make screenshots. It uses the same functionality.
The reason it is the same at the time is because lockdown is executed at the same place every time, and it actually removes the cursor so that it wont get in the way.
~Hdx
Quote from: Sachen on May 24, 2007, 01:05 AM
The server stores a cache of a set amount of results (1000 for DRTL, DSHR, SSHR, 10000 for STAR, SEXP, JSTR, W2BN). It doesn't check the ENTIRE app, just the three hash files, the dll, and the buffer.
20000* for STAR/SEXP. and by the way did anyone find the new number of checksum formulas for STAR? It's supposed to be 40-50k now, however I estimate there may be many more.
well, it may not be too important to explain why the client is able to dump a data representation of the current screen state, as opposed to the fact that it just does. sure, hdx's explanation is basically true, but if you know where it looks, and the length, who cares why? all you need is to be is rested assured that your implementation works. :)
0.o I just assumed they added it to:
Catch any ui editing hacks.
Make sure the game is running under normal circumstances. (Non-minimized)
(This is lockdown specific)
As for why it is able to dump the screen in the 1st place.. Screen shots are a good thing in games! Everybody loves screen shots.
As I said above, they use the same exact method in lockdown for getting the screen data as they do when you hit print screen. The only difference is that when you hit print screen, they convert/save the data to disk. In lockdown they just use the raw data.
I try and not define WHY Blizzard does what it does. Most of the crap it does makes no sense whatsoever >.<
~Hdx
well, in certain situations it may be nice to know why they're doing something, but in lockdown's case why really just isn't. heh
errrr.... yeah...
aren't taking a screenshot, and taking binary data from the direct draw buffer two different things?
i'm also pretty sure there are absolutely no hacks that edit the ui at the logon screen. that'd just be retarded.
also.... i was able to log on just fine using oblivion starcraft map-hack, with Brood War. And guess what, it didn't edit the ui at the battle.net logon screen. I really don't think blizzard could be that stupid. There must be a different reason for this...
Quote from: brew on May 25, 2007, 08:52 AMaren't taking a screenshot, and taking binary data from the direct draw buffer two different things?
As I said above, NO.
Its just what happens AFTER that data is retrieved that differs.
And I know quite a few mods to SC that edit the login/connecting screen. Which are now dead due to lockdown. (Mainly the space mod which made the Bnet interface 2x as big, to allow easier chatting)
And yes, I do believe that it was stupid of them NOT to look for Oblivion.dll... It's the most popular hack I know of, and they could of easily put it into lockdown. But whatever.
Once again, nobody knows WHY Blizzard does what they do, and doesn't do what they don't!
~Hdx
I don't know very much about this but.... in a screenshot, doesn't windows just take the bit block which is the screen and dumps it into a file? where a direct draw buffer more the less contains cpu instructions for drawing the image instead of actually being the image? ....errr.. whatever.
So what kind of hacks did modify the UI logon screen? and how? it's pretty easy to avoid. and by the way, oblivion.dll makes no such ui modifications to the logon screen, which is what it dumps the buffer of anyways. it's basically useless. people can either just load their h4x after the logon, or the hack maker just doesn't modify the ui out-of-game at all, like oblivion.
It uses similar functions to a screenshot, likely to get the data to where it belongs.
The reason for the screenshot is likely to make bot-writer more difficult. It raised the bar a bit, in terms of calling the .dll function from a bot's code, but is extremely easy to circumvent. It probably seemed like a great idea at the time.
yeah, it's probably the easiest of the hurdles presented in lockdown. :p
Only portions of the video buffer are used.