BNLS "authorizer"

MyndFyre · January 10, 2005, 10:19 PM

Quote from: R.a.B.B.i.T on January 10, 2005, 08:31 PM
Quote from: tA-Kane on January 10, 2005, 03:05 PMEdit: On a side note, I had tried using JBLS to remedy the problem, and it had seemed to work. Then I tried to logon my WarCraft III account with it, and it always got stuck at the logon sequence (Specifically, I think it was the LogonProof msg that it didn't seem to like), so I figured that this would be the best alternative.
JBLS is only the basic logon pieces of the BNLS protocol, and doesn't handle all of the packets. This is one of the reasons some bots don't work (such as SphtBot): they require other packets before they logon.

Last time I used JBLS I modified it slightly to handle 0x0e and 0x0f.

Mephisto · January 11, 2005, 12:04 AM

As UserLoser pointed out to me JBLS assumes things it shouldn't. It seems that if using BNLS to connect with WAR3 you *must* send BNLS_CHOOSENLSREVISION (not sure if that macro is entirely accurate) and with JBLS it is not necessary. Perhaps the author should change this?

tA-Kane · January 11, 2005, 02:25 AM

BNLS seems to be back online, and I have fixed (finished?) the program to be able to work.

Download the new (latest and likely final) version (executable and source) here:
http://linkware.clan-mac.com/kanebot/misc/bnls_authorizerV1.0.zip

MyndFyre · January 11, 2005, 03:29 AM

Quote from: tA-Kane on January 11, 2005, 02:25 AM
BNLS seems to be back online, and I have fixed (finished?) the program to be able to work.

I don't think it's back online..... I don't know that it ever went "offline" per se, but I'm still getting the response code of 1.

tA-Kane · January 11, 2005, 02:24 PM

I too still get a response code of 1, but the BNLS authorizer changes it to 0.

dxoigmn · January 11, 2005, 06:27 PM

Quote from: R.a.B.B.i.T on January 10, 2005, 08:31 PM
Quote from: tA-Kane on January 10, 2005, 03:05 PMEdit: On a side note, I had tried using JBLS to remedy the problem, and it had seemed to work. Then I tried to logon my WarCraft III account with it, and it always got stuck at the logon sequence (Specifically, I think it was the LogonProof msg that it didn't seem to like), so I figured that this would be the best alternative.
JBLS is only the basic logon pieces of the BNLS protocol, and doesn't handle all of the packets. This is one of the reasons some bots don't work (such as SphtBot): they require other packets before they logon.

It's probably BNLS_CONFIRMLOGON. That packet just contains a boolean value. You could probably implement a dummy handler in JBLS for this packet that always returns true since I don't one would really care to verify the server.

dxoigmn · January 11, 2005, 06:34 PM

Quote from: Mephisto on January 11, 2005, 12:04 AM
As UserLoser pointed out to me JBLS assumes things it shouldn't. It seems that if using BNLS to connect with WAR3 you *must* send BNLS_CHOOSENLSREVISION (not sure if that macro is entirely accurate) and with JBLS it is not necessary. Perhaps the author should change this?

Doesn't seem necessary. As long as it assumes 2 for that value for WAR3 connections, then all is fine as long as this is documented. If however JBLS doesn't implement BNLS_CHOOSENLSREVISION, then that would be bad.

tA-Kane · January 12, 2005, 11:53 AM

Quote from: EviL_MarinE on January 12, 2005, 01:58 AM
Or you could not use BNLS and try using hashes? so every time bnls goes down your bot will still work, and if it is made public people wont be annoyed cos there bot wont stop working...

You're not paying attention. That's not the goal of this program.

Zakath · January 12, 2005, 04:50 PM

Quote from: EviL_MarinE on January 12, 2005, 04:02 PM
Use Hashes and not bnls, then your bot wont die!

True enough.

EviL_MarinE · January 13, 2005, 12:15 PM

Somebody deleted my posts

Was it because i said "if u dont use BNLS your bot will stay alive" ?

Well if i hurt somebodys feeling for apparantly saying something bad about bnls, then im sorry, but its my opinion and im only helping others...

Falcon[anti-yL] · January 13, 2005, 03:10 PM

If you're already connected to B.net then it doesn't matter if BNLS is down.

Blaze · January 13, 2005, 04:19 PM

Quote from: EviL_MarinE on January 13, 2005, 12:15 PM
Well if i hurt somebodys feeling for apparantly saying something bad about bnls, then im sorry, but its my opinion and im only helping others...

It was because the program is about by passing 0x0E/F, which is not relevent to local hashing. It was made for bots that don't have/support Local hashing I assume.

tA-Kane · January 14, 2005, 05:15 PM

Quote from: Blaze on January 13, 2005, 04:19 PM
Quote from: EviL_MarinE on January 13, 2005, 12:15 PM
Well if i hurt somebodys feeling for apparantly saying something bad about bnls, then im sorry, but its my opinion and im only helping others...
It was because the program is about by passing 0x0E/F, which is not relevent to local hashing. It was made for bots that don't have/support Local hashing I assume.

Indeed, 0x0E/F isn't about hashing at all really, it's about making sure your bot is "authorized" to connect to BNLS. But since BNLS no longer requires bots to be authorized to work, it's now used to make sure that your bot has the latest password. If it doesnt, a bot can then assume that it's too old to function (perhaps a necessary security fix, or disabling leaked versions). But this program changes the result returned from BNLS from "password too old" to "good password". You might think that it would affect what BNLS allows and doesn't, but that's the thing, BNLS no longer cares about the password, so it does the same thing whether or not you have the latest password, or even if you don't provide a password. It's the bot itself that decides to not function if the password is too old.

I hope this makes sense to you, because I've dumbed it down a lot. :\