• Welcome to Valhalla Legends Archive.
 

Account upgrading

Started by iago, February 02, 2006, 06:03 PM

Previous topic - Next topic
Print
|
Go Down Pages 1 2
User actions

Ribose

#15
April 15, 2008, 04:23 PM
Quote from: Andy on April 15, 2008, 04:18 PM
Oh, my IP was cause I sent LogonResponse2 right after createaccount2...
And... what do you mean it's not implemented?
I meant WarCraft III doesn't attempt to upgrade it, so obviously the whole upgrade system doesn't seem to be enabled (so then the Battle.net side not responding wouldn't be surprising).
~Ribose

[ Homepage ]

Barabajagal

#16
April 15, 2008, 04:32 PM
Just cause the client doesn't work doesn't mean the server can't do it. Have you tried packet logging to see what the client actually does?

Ribose

#17
April 15, 2008, 05:27 PM
Quote from: Andy on April 15, 2008, 04:32 PM
Just cause the client doesn't work doesn't mean the server can't do it. Have you tried packet logging to see what the client actually does?
Since WPE doesn't recognize WarCraft III I can't =[.  When I tried Ethereal (someone directed me to it) the installer is corrupt or something.  But, I'd assume that WarCraft III just recieves response 0x05 and says oops! and gives me the message box I described.  If you have a packet logger that works, link me. :/

Sending 0x58 doesn't IPBan me (my other bot stays online) or give me an error code or simply disconnect me when it's in this format:

(DWORD) client token
(BYTE[20]) old password hash
(BYTE[32]) NLS salt (s)
(BYTE[32]) NLS verifier (v)

but why wouldn't it respond (iago's question as well).
~Ribose

[ Homepage ]

Barabajagal

#18
April 15, 2008, 05:33 PM Last Edit: April 15, 2008, 05:55 PM by Andy
Mm.. Then ya, it's probably disabled. Still, I'd like to add support for it. How are the salt and verifier generated? I don't know much of anything about NLS. Nevermind. Stupid question. And Ethereal's always worked for me... I dunno.

Ribose

#19
April 15, 2008, 06:00 PM Last Edit: April 15, 2008, 06:02 PM by Ribose
Quote from: Andy on April 15, 2008, 05:33 PM
Mm.. Then ya, it's probably disabled. Still, I'd like to add support for it. How are the salt and verifier generated? I don't know much of anything about NLS. And Ethereal's always worked for me... I dunno.
The salt and verifier is the (BYTE[64]) (or (DWORD[16])) that you send in SID_AUTH_ACCOUNTCREATE, or SID_AUTH_ACCOUNTCHANGEPROOF.
Looking at BNETDocs' documentation on BNLS, I'd do:
[BNLS] C -> S 0x04  BNLS_CREATEACCOUNT  (since it appears to return the s + v)
[BNLS] S -> C 0x04 (store the 64 bytes)
[BNET] C -> S 0x58
    (DWORD) Client token
    (BYTE[20]) old password hash
    (BYTE[64]) NLS s + v (the 64 bytes)

lol, you answered it yourself before I posted I guess...
~Ribose

[ Homepage ]

Barabajagal

#20
April 15, 2008, 06:04 PM Last Edit: April 15, 2008, 06:11 PM by Andy
Wait, is it for the new password or the old one? Seems like it should be the new one to me...

And just in case anyone else happens to be doing this in the future, here's some easy-to-steal example code:
Code Select
Public Sub SID_Send_AUTH_ACCOUNTUPGRADEPROOF(ByVal SToken As Long)
Dim UpNLS  As Long
Dim BufLen As Long
Dim Buffer As String
Dim S      As String
Dim V      As String
  BufLen = &H41 + Len(Config.Username)
  Buffer = String$(BufLen, vbNullChar)
  UpNLS = nls_init(UCase$(Config.Username), UCase$(Config.Password))
  nls_account_create UpNLS, Buffer, BufLen
  nls_free UpNLS
  S = Left$(Buffer, &H20)
  V = Mid$(Buffer, &H21, &H20)
  BNCSPacket.ClearOutbound
  BNCSPacket.InsertDWORD ClientToken
  BNCSPacket.InsertString DoubleHashPassword(LCase$(Config.Password), ClientToken, SToken)
  BNCSPacket.InsertString S
  BNCSPacket.InsertString V
  AddQueue BNCSPacket.SendBNCSPacket(SID_AUTH_ACCOUNTUPGRADEPROOF)
End Sub

Ribose

#21
April 15, 2008, 06:36 PM
Quote from: Andy on April 15, 2008, 06:04 PM
And just in case anyone else happens to be doing this in the future, here's some easy-to-steal example code:
Code Select
Public Sub SID_Send_AUTH_ACCOUNTUPGRADEPROOF(ByVal SToken As Long)
Dim UpNLS  As Long
Dim BufLen As Long
Dim Buffer As String
Dim S      As String
Dim V      As String
  BufLen = &H41 + Len(Config.Username)
  Buffer = String$(BufLen, vbNullChar)
  UpNLS = nls_init(UCase$(Config.Username), UCase$(Config.Password))
  nls_account_create UpNLS, Buffer, BufLen
  nls_free UpNLS
  S = Left$(Buffer, &H20)
  V = Mid$(Buffer, &H21, &H20)
  BNCSPacket.ClearOutbound
  BNCSPacket.InsertDWORD ClientToken
  BNCSPacket.InsertString DoubleHashPassword(LCase$(Config.Password), ClientToken, SToken)
  BNCSPacket.InsertString S
  BNCSPacket.InsertString V
  AddQueue BNCSPacket.SendBNCSPacket(SID_AUTH_ACCOUNTUPGRADEPROOF)
End Sub
Lol... you leave easy-to-steal stuff everywhere. :P
And, yea, that's basically my code (except that is VB, and uses BNLS).
~Ribose

[ Homepage ]

Barabajagal

#22
April 15, 2008, 06:51 PM
Hmm? It doesn't use BNLS.

iago

#23
April 15, 2008, 09:06 PM
iirc, I documented the packet:

http://www.javaop.com/~ron/documents/SRP.html

Never tested it, but me and Maddox reversed it.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Barabajagal

#24
April 15, 2008, 09:15 PM
Might wanna add (for new password) next to s and v for ACCOUNTUPGRADEPROOF then. And it doesn't matter anyway cause the packet isn't responded to... Except maybe on private servers.

Ribose

#25
April 20, 2008, 08:46 PM
Quote from: iago on April 15, 2008, 09:06 PM
iirc, I documented the packet:

http://www.javaop.com/~ron/documents/SRP.html

Never tested it, but me and Maddox reversed it.
Oh, well, it's not documented in BnetDocs (it looks like someone just was too lazy to finish that part/left it with only the server response), and I didn't know where your notes were. :o
~Ribose

[ Homepage ]

Barabajagal

#26
April 20, 2008, 09:38 PM
Mm... speaking of Documentation, I think I'll add SID_ACCOUNTUPGRADEPROOF C>S to Bnetdocs.org.
Print
|
Go Up Pages 1 2
User actions