I couldn't really find a more appropriate place to put this topic. But anyways, does anyone know where the CDKey for warcraft III is stored? I searched regedit and no luck.
None of the keys are stored in the registry. They're stored in the MPQs. For Warcraft 3, it's in War3.mpq. I never bothered to find out exactly where, though.
Yeah I read up about it. But uh... How would I read it?
Quote from: PunK on August 19, 2008, 07:59 PM
Yeah I read up about it. But uh... How would I read it?
Well, you'd need to be able to read a file from the MPQ....
I got an MPQ extractor. It extractor somewhere from 10,000 files. I wrote a quicky that checked multiple file contents. No luck =[
It's encrypted, too.
Best thing is to load the game, connect to Battle.net, and search memory. Of course, you kind of have to know where to look.. :)
Quote from: PunK on August 20, 2008, 11:10 AM
I got an MPQ extractor. It extractor somewhere from 10,000 files. I wrote a quicky that checked multiple file contents. No luck =[
Yeah, i tried that too, except for starcraft. No luck, it must be encrypted or something. Reversing is the only way to find out for sure...
Dunno if this'll help
you, but the second param to storm!SNetInitializeProvider is the address of the struct passed through to the main SNP initialization function at 19014310h (note: not DllMain) which contains a bunch of goodies, namely
typedef struct _snpstruct {
int structlen; //0x3C
char *gamename;
char *verstring;
int gamecode;
int verbyte;
int unk00; //value 0
int unk01; //value 8
int unk02; //value 0
int unk03; //value 0
int unk04; //value 0
int unk05; //value 0xFF
char *cdkey; //01D50088h
char *cdkeyowner;
int unk06; //value 0
int langid; //value 1033
} SNPSTRUCT, *LPSNPSTRUCT;
Hope this helps!
Thanks brew. Looks like I have a project at hand...
Good luck!
easiest way to find out would be to use some tools from sysinternals (http://technet.microsoft.com/en-us/sysinternals/default.aspx) or ollydbg and check out what the cd-key changer (http://www.elitegrounds.net/scUtilities/sckeychanger.zip) does
(both links on your own risk, i just googled them in a few seconds)
greetings
That one is specificially for Starcraft products, when he mentioned he needed the location of the Warcraft 3 CDKey. I checked it out a while ago in IDA- it looks like it's an official Blizzard installer which cuts off on writing the CDKey files in the game's main MoPaQ.
On another note, it seems nobody took a decent stab at the CDKey encryption but me. I spent a few hours dabbling around on the Starcraft implementation, but I got bored and realized there's no need to reverse this.
Pretty much, the decryption fills a 20 byte buffer with random bytes and does some nice crypto stuff involving SHA1 (not sure if it's standard, probably not though) and two other easy bit twiddler functions which somehow decrypt two 0x48 sized blocks whos addresses are stored in 0051CE60 0051CE68, the cdkey and cdkey owner, respectively.
481B90 is the function you want to really look at. I'm pretty sure (but not positive) that all of blizzard's other products are close if not the same, since it's secure through obscurity, mostly due to the lack of interest among developers.
I'm suprised nobody ever cared enough to look at it within the 10 years of Starcraft being around- it'll make for an interesting project :-P