• Welcome to Valhalla Legends Archive.
 
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - helpmeringo

Pages1
#1
Battle.net Bot Development / Re: SCGP Client (VB6 Open Source)
January 11, 2009, 02:42 PM
Quote from: Ringo on January 11, 2009, 02:21 PM
I would guess you're not passing the correct seed to wardeninit(), when you build 0x51.
It should be the 1st 4 bytes of the 1st cdkey's broken SHA1 hash.
If you're logging on via 0x06/0x07/0x36 etc, you will need to seed wardeninit() with 0x00000000.


I think I did something wrong at the warden init, gonna check

Ok here's part of my 0x51 send packet code

Code Select
   
Dim lngSeed     As Long

Call CopyMemory(lngSeed, ByVal AccountHash, 4)
   
    Call ModWarden.WardenInit(lngSeed)

'fast forward to see what accounthash is

           pk.InsertDWORD Len(CDKeyg)
            pk.InsertDWORD productvalue
            pk.InsertDWORD publicvalue
            pk.InsertDWORD Checksum
           
           
            pk.InsertNonNTString AccountHash



Am I doing it right?

accounthash works for 0x51


I FIXED IT!  Make sure INIT warden works!

After like 2 minutes my prog freezes?  Any ideas why?
#2
Battle.net Bot Development / Re: SCGP Client (VB6 Open Source)
January 11, 2009, 01:53 PM
Here's the problem that I've ran into.

The ENTIRE packet starting from "FF" is S.

Code Select

Public Function WardenOnData(S As String)
    Dim lngData         As Long
    Dim lngLengh        As Long
    Dim lngID           As Long
    lngLengh = (Len(S) - 4)
    If (lngLengh < 1) Then Exit Function
    lngData = malloc(lngLengh)
    Call RC4CryptStr(S, m_KeyIn(), 5)
    lngID = Asc(Mid$(S, 5, 1))
    If (lngID < 6) Then
        Call CopyMemory(ByVal lngData, ByVal Mid$(S, 5, lngLengh), lngLengh)
        Call CallWindowProcA(m_Parse(lngID), lngData, lngID, lngLengh, 0)
    End If
    Call free(lngData)
End Function

The problem that I run into is that lngID is never 5 or under.  RC4CryptStr is broken. 

Packet data before I run it into rc4cryptstr
FF 5E 29 00 D9 9A F8 69 D9 3D DC 1F EF 28 83 4D 07 9D D7 90 2C 3D C6 D2 0F 77 80 46 73 36 32 D1 CB 10 CC 38 32 B9 15 63 AD


The packet data after it's ran through rc4cryptstr
FF 5E 29 00 C5 6A F4 E2 AB E9 B4 56 0F FC 2F AD CA 40 7D 4D 69 BD 74 26 6C B7 78 51 C8 63 2A 8F E8 39 4A 98 1C C4 D5 45 52

As you can see.  the 5th hex string "C5" isn't below 6.  I'm clueless why this is happening!  I got warden init, everything else correct.  I can't even pass the FIRST warden packet.  Again I'm completely clueless I've been trying for hours!  It makes no sense why the rc4cryptstr works for SCGP and not another bot??

Here's my RC4CryptStr function

Code Select

Private Sub RC4CryptStr(ByRef S As String, ByRef bK() As Byte, ByVal Pos As Long)
    Dim A           As Long
    Dim B           As Long
    Dim C           As Byte
    Dim i           As Long
    A = bK(256)
    B = bK(257)
     Call WritetoFile("warden.txt", StrToHex(S))
    For i = Pos To Len(S)
        A = (A + 1) Mod 256
        B = (B + bK(A)) Mod 256
        C = bK(A)
        bK(A) = bK(B)
        bK(B) = C
        Mid(S, i, 1) = Chr$(Asc(Mid$(S, i, 1)) Xor bK((CInt(bK(A)) + bK(B)) Mod 256))
    Next i
    Call WritetoFile("warden.txt", StrToHex(S))
    bK(256) = A
    bK(257) = B
End Sub
Pages1