vL still has noobs in it...reason its so stained, Invert still sucking dick for your spare change, I bin hustlin thats why I get paid, you bin writing code from the start but you just gettin played. First piece of code sold for a hundred back in the day, and that was a shitty old cs hack that I had just made. Moved into malware cause shit was gettin boring fast, who ever thought you could sell code for thousands in cash. More money mo problems the fbi getting serius, seeing more than 200 thousand zombie hosts on a server almost got you delirious but times have changed, i aint on the same shit, but people still bring me money so i stay spliff HOLLR
off to the trash can here we gooooooooo, its a cold world lets hope it snows
And the recent takedown of 5E...? You think they're just going to change the 16 bytes? Did you do any reversing of the previous one?
Generated in battle.snp. I'll post my results later.
Thank you for standing by your word, devcode. And thank you for contributing your work. It most certainly is appreciated.
Quote from: Andy on September 25, 2007, 02:55 AM
He's not posted anything new.... This is all known information so far.
This is new information to me and I'm sure I speak for others, too.
Thanks for sharing your findings, devcode.
Updated to include stage 1 key generation :)
I split off the shit. Stay on topic or we'll stop talking about it altogether.
Soo, Just curious if anyones got anything done on warden since i guess it's bypassed now, because im looking at a starcraft broodwar load on battle.net. =|
was the load during a time of which warden was disabled?
The rate of connection was high enough so that it would offset the loss of connections from warden. People dedicated to loading have been using this principle ever since warden was activated.
Yeah if you turn on join/leaves you will realise that bots are leaving and others are entering.
No... they idled for much more then 2 mins,
as well devcode's idled 5 bots in my channel on starcraft.
Quote from: devcode on September 24, 2007, 11:47 PM
off to the trash can here we gooooooooo, its a cold world lets hope it snows
Is this uncovering 0x51, 0x5E or somthing else all together?
Quote from: Andy on September 25, 2007, 12:17 AM
You think they're just going to change the 16 bytes?
*they*? :)
Those 16bytes will change, when one changes cdkey. (2 tokens + decoded cdkey block)
The 1st dword of the cdkey hash then relates to 0x5E encryption. I thought this was common knowledge.
I meant that they'll do more than change how those bytes are gathered if they need to. And "They" are Blizzard.
Here we go again (http://forums.clubrsx.com/images/smilies/spin.gif)
Could we please focus on the development aspect rather than debate on whether it's worth doing? :)
Quote from: Andy on November 09, 2007, 01:36 PM
I meant that they'll do more than change how those bytes are gathered if they need to. And "They" are Blizzard.
No. That would require a patch, and they're aiming for a no-starcraft-patch antihack system. Looks like they've got it. It'd take more effort then you'd think: We could easily find the encryption key values again. They can only patch oh-so-many times.
Speaking of which, did anyone find the address where battle.snp actually parses the warden packet? I can only find where it sends it. (19019C15)
Quote from: Andy on November 09, 2007, 01:36 PM
I meant that they'll do more than change how those bytes are gathered if they need to. And "They" are Blizzard.
huh? so what?
I think you missed the point, the 16 bytes inquestion, were the decoded cdkey.
If your saying that by pointing out that the 1st dword of the cdkey hash relates the warden traffic, that blizzard will change the way the client generates the key, then I dont think anyone cares. Its not rocket science to work out again, its very simple 1st step. ;)
You must embrace change, the future brings much of it.
CDKey? Warden's response is dependent on the CDKey now, too?
Quote from: Andy on November 10, 2007, 03:48 PM
CDKey? Warden's response is dependent on the CDKey now, too?
Now? It's always been based on the cdkey. And the client/server tokens.
EDIT*** Well, warden's response isn't dependent on the cdkey, I ment the key used to encrypt/decrypt it.
EDIT
I was looking into warden a bit more, and the send function is called by 03820078. Well, it's not called by that, but called a few bytes before that. That's just the ESI at the time of calling. I'm not exactly sure what module this thread is from, and nor does my debugger. It seems like this might be warden being executed? Am I on the right track, at least? And I'm still not able to find where it's being parsed at on receive :/... But I'm pretty sure it's not battle.snp anymore.
Quote from: brew on November 10, 2007, 04:08 PMAm I on the right track, at least?
Getting there. Keep at it.
Quote from: brew on November 10, 2007, 04:08 PM
I was looking into warden a bit more, and the send function is called by 03820078. Well, it's not called by that, but called a few bytes before that. That's just the ESI at the time of calling. I'm not exactly sure what module this thread is from, and nor does my debugger. It seems like this might be warden being executed? Am I on the right track, at least? And I'm still not able to find where it's being parsed at on receive :/... But I'm pretty sure it's not battle.snp anymore.
19019D90 is the warden handler function. Its called from the function @ 190200D0 which is responsible for receiving the data and dispatching each packet.
In your case, 03820078 would be the address space of the loaded warden module.
Quote from: Rob on November 13, 2007, 12:04 AM
19019D90 is the warden handler function. Its called from the function @ 190200D0 which is responsible for receiving the data and dispatching each packet.
Ah. so that's the packet parse function? I've looked at that before, but I concluded that it isn't the packet handler (packets like 0x01 and 0x03 were apparently parsed there, both of which i have never heard of, also i found it odd that nothing was passed as a parameter in the function called by the 0x0F handler). Thanks, Rob.
Can't we just hire a real "Eningeer" and have them solve this or something?
Quote from: moh.vze.com on November 13, 2007, 09:14 PM
Can't we just hire a real "Eningeer" and have them solve this or something?
Most of the people here are on par with, if not above a real "engineer" as you call it. Sure, I guess you can, but when you said "we", you meant "you". :)
Quote from: brew on November 13, 2007, 09:45 PM
Quote from: moh.vze.com on November 13, 2007, 09:14 PM
Can't we just hire a real "Eningeer" and have them solve this or something?
Most of the people here are on par with, if not above a real "engineer" as you call it. Sure, I guess you can, but when you said "we", you meant "you". :)
Uhhh no.
Not trying to break anything here, but once you guys eventually (if ever) figure out how to encrypt/decrypt the message, how are you going to handle the hundreds of different challenges? i.e. memory checks, loaded libraries checks, etc.
Quote from: UserLoser on November 13, 2007, 11:33 PM
Not trying to break anything here, but once you guys eventually (if ever) figure out how to encrypt/decrypt the message, how are you going to handle the hundreds of different challenges? i.e. memory checks, loaded libraries checks, etc.
are you saying its impossible? That's sad, the last 2 patches have only affected bots, and barley any hacks at all.
Quote from: Falcon[anti-yL] on November 13, 2007, 10:56 PM
Quote from: brew on November 13, 2007, 09:45 PM
Quote from: moh.vze.com on November 13, 2007, 09:14 PM
Can't we just hire a real "Eningeer" and have them solve this or something?
Most of the people here are on par with, if not above a real "engineer" as you call it. Sure, I guess you can, but when you said "we", you meant "you". :)
Uhhh no.
Oh please. Perhaps, you're talking about your own ability. (or lack thereof)
Quote
are you saying its impossible? That's sad, the last 2 patches have only affected bots, and barley any hacks at all.
No, it's not impossible. He's saying it'll take a while to figure out. Lockdown took about a year and a half, right? But we solved it. So why wouldn't we be able to solve warden as well?
Quote from: brew on November 14, 2007, 09:46 AMLockdown took about a year and a half, right? But we solved it.
No, lockdown didn't take a year and a half to solve. It came out towards the end of 2006, and we had fixes in a month, or two. I made our code public not long after that.
Quote from: brew on November 13, 2007, 09:45 PM
Quote from: moh.vze.com on November 13, 2007, 09:14 PM
Can't we just hire a real "Eningeer" and have them solve this or something?
Sure, I guess you can, but when you said "we", you meant "you". :)
Quote from: brew on November 14, 2007, 09:46 AMBut we solved it. So why wouldn't we...
While you're being a technical asshole, I'll take a moment to point out that you had nothing to do with the progression of either of the two lockdown projects that were eventually released, at all.
Quote from: betawarz on November 14, 2007, 11:22 AM
While you're being a technical asshole, I'll take a moment to point out that you had nothing to do with the progression of either of the two lockdown projects that were eventually released, at all.
I ment the fourm's members as a whole. I didn't really think of saying "warz, rob and iago" when I was making that statement.
brew you are so fucking stupid. please stop posting. people like you stop me from making constructive posts on this forum; policing is so much easier.
Quote from: Banana fanna fo fanna on November 14, 2007, 12:24 PM
brew you are so fucking stupid. please stop posting. people like you stop me from making constructive posts on this forum; policing is so much easier.
what the fuck did i do that makes me so stupid? that moh.vze.com guy was asking a question, and i answered him.
Quote from: brew on November 13, 2007, 09:45 PM
Quote from: moh.vze.com on November 13, 2007, 09:14 PM
Can't we just hire a real "Eningeer" and have them solve this or something?
Most of the people here are on par with, if not above a real "engineer" as you call it. Sure, I guess you can, but when you said "we", you meant "you". :)
I really, really, really don't get what's wrong with that statement.
Quote from: brew on November 14, 2007, 02:01 PM
I really, really, really don't get what's wrong with that statement.
Then theres no hope for you, just kill yourself.
Quote from: Falcon[anti-yL] on November 14, 2007, 03:29 PM
Quote from: brew on November 14, 2007, 02:01 PM
I really, really, really don't get what's wrong with that statement.
Then theres no hope for you, just kill yourself.
Really? Perhaps you or banana could explain what was wrong with that statement?
that your going off topic and soon about 6 of our posts will move into the trashcann woooo trash here i come!
Quote from: MyStiCaL on November 14, 2007, 01:07 AM
Quote from: UserLoser on November 13, 2007, 11:33 PM
Not trying to break anything here, but once you guys eventually (if ever) figure out how to encrypt/decrypt the message, how are you going to handle the hundreds of different challenges? i.e. memory checks, loaded libraries checks, etc.
are you saying its impossible? That's sad, the last 2 patches have only affected bots, and barley any hacks at all.
Not impossible, there's already a member here (who doesn't frequently post) that has accomplished and been around the Warden for probably almost two years now. I'm not revealing his name so he doesn't get pounded with messages (as I said before), but nobody wants to believe me.
Quote from: UserLoser on November 14, 2007, 07:40 PM
Quote from: MyStiCaL on November 14, 2007, 01:07 AM
Quote from: UserLoser on November 13, 2007, 11:33 PM
Not trying to break anything here, but once you guys eventually (if ever) figure out how to encrypt/decrypt the message, how are you going to handle the hundreds of different challenges? i.e. memory checks, loaded libraries checks, etc.
are you saying its impossible? That's sad, the last 2 patches have only affected bots, and barley any hacks at all.
Not impossible, there's already a member here (who doesn't frequently post) that has accomplished and been around the Warden for probably almost two years now. I'm not revealing his name so he doesn't get pounded with messages (as I said before), but nobody wants to believe me.
There's more than one person I can think of who could definitely have gotten around it around two years ago. None of which actively post anymore, but have in the past.
I bet I know one :)
Also, I just found this funny from
another thread from brew.
Quote
Quote from: brew on February 27, 2007, 09:00 PM
vL forums as a whole.
No, Not as a whole, I'm sure out of 499 members on here, at least 1/3 would not care about abusing battle.net