Valhalla Legends Archive

Is there any public info available on the wc3 login sequence?

http://www.valhallalegends.com/yoni/BNLSProtocolSpec.txt

PacketBuf.InsertNTString m_Username
PacketBuf.InsertNTString m_Password
PacketBuf.SendBNLSPacket wsBNLS, &H2

Using the bnls seems convenient enough. Dous any 1 here actually use it with there bot’s logon? Personally I would rather have all the calculations and crap built into my bot so it wouldn’t be so dependent on the stability of that server.

I think the whole point of skywing's BNLS is to force everybody to rely on his "monopoly" :-)

Of course, nobody's forcing you to use it.  However, last time I checked, there had been over 60000 connections (since August)... that should give you an idea about how many people use it.

Keep in mind that you don't need to use all of BNLS's features; for example, you could use it to run the version check, but do the CD-key proceessing locally.  The primary advantages of using BNLS are not having to port the code for the various algorithms needed to logon, and compatibilitiy with future game versions with no changes to your client needed.  For example, BNLS can tell your client the current version code for a product, and it can run the version check on the latest game binaries.

Additionally, nobody else has come up with an implementation for the Warcraft III logon system, so you'll either have to come up with that on your own or use BNLS.

Obviously, it's your choice whether or not to use BNLS, but I think it makes things a whole lot easier.

It has been said but some programmers that logging on with WAR3 using BNLS sends your cdkey away and it is not known if bnls logs your key or not. untill i am sure it doesnt log your key i will keep away from bnls using war3 personally.

also if using war3 with bnls would the client just be set to 3raw or what? please reply.

let's assume for a moment that bnls logs your key (even though it doesn't)
what would they possibly want to do with it? imagine, for example, if they have 5,000 cd keys (just a guess). even *if* they wanted to do something malicious (which would be incredibly stupid and probably would get their accounts banned), what is the chanse that you would even be affected? well, if they had 5,000 keys, there would be a 1/5000, or .02%, chanse that your key would be randomly selected. even flooders rarely use more than 20 or so keys. let's say a flooder has four ips and loads 8 bots on each (32 bots in total). assume said flooder is a leet haxor, and hacks valhallalegends.com bnls server to steal 32 keys (which by the way could never happen because bnls doesnt log cd keys). 32/5000 comes out to 0.64% of they keys being stolen. fortunately, a prerequisite of being leet is having the brain power to figgure some things out on one's own, and therefore most people who would be able to do such a thing (if it were possible, which it isn't) are mature enough to realise that flooding is lame. while not corroborated, i'd be willing to bet that any (public) flood bot you can find was written in vb with ripped off code (and probably is backdoored, at that).

besides, one could very easily get around this. cd key decoding (for sc and wc/d2 style keys at least) is public. one could decode one's key, and use the bnls broken sha-1 hashing function. that way, bnls wouldn't know that your cd key is a cd key. in fact, chanses are that even if somebody intercepted the packet, they wouldnt know what the hell you were sending because it would look like garbage.

i myself even plan on eventually adding bnls as a _feature_ in my bot. i've never used it and would probably never use it for password or cd key hashing (unless i decide to add war3 support and get lazy). i would use it more for the version checking stuff.

Actually, not to long ago 'c0ke' told me himself that he has completed a Warcraft III login doing all the hashing himself, he did say that it will get you 'IP-banned' about 20% of the time for the hashing being invalid.  I doubt this is actually true because I've never seen him on a Warcraft III client at all before, and also with all of his scamming and everything else him and his clan does...

Quote from: UserLoser on June 13, 2003, 11:23 AM
Actually, not to long ago 'c0ke' told me himself that he has completed a Warcraft III login doing all the hashing himself, he did say that it will get you 'IP-banned' about 20% of the time for the hashing being invalid.  I doubt this is actually true because I've never seen him on a Warcraft III client at all before, and also with all of his scamming and everything else him and his clan does...

...then why're you telling us?

c0ke doesn't know shit.

Quote from: Camel on June 13, 2003, 07:28 AM
let's assume for a moment that bnls logs your key (even though it doesn't)
what would they possibly want to do with it? imagine, for example, if they have 5,000 cd keys (just a guess). even *if* they wanted to do something malicious (which would be incredibly stupid and probably would get their accounts banned), what is the chanse that you would even be affected? well, if they had 5,000 keys, there would be a 1/5000, or .02%, chanse that your key would be randomly selected. even flooders rarely use more than 20 or so keys. let's say a flooder has four ips and loads 8 bots on each (32 bots in total). assume said flooder is a leet haxor, and hacks valhallalegends.com bnls server to steal 32 keys (which by the way could never happen because bnls doesnt log cd keys). 32/5000 comes out to 0.64% of they keys being stolen. fortunately, a prerequisite of being leet is having the brain power to figgure some things out on one's own, and therefore most people who would be able to do such a thing (if it were possible, which it isn't) are mature enough to realise that flooding is lame. while not corroborated, i'd be willing to bet that any (public) flood bot you can find was written in vb with ripped off code (and probably is backdoored, at that).

Would a leet haxor really need keys? I mean if he is so leet he probably has his own ways.

vL has been hacked before

Of course, it would probably be easier ddos'ing a router upstream from the backbone and vL, and taking that over and logging all traffic on the bnls port.

Quote from: St0rm.iD on June 14, 2003, 07:56 PM
vL has been hacked before

Yes, that's true!  And someday it will be hacked again.  As long as the server does all that it does it will be a target.

Quote from: St0rm.iD on June 14, 2003, 07:56 PMOf course, it would probably be easier ddos'ing a router upstream from the backbone and vL, and taking that over and logging all traffic on the bnls port.

Nah, too much work.  While I don't know how you plan to go from DDOS to "taking that over", the easiest thing would be to call the morons at Sprint and SE someone into giving you access.  Come up with any good sounding excuse, "this is Akheem Bulivar at NATUDEC computer alert systems advisory technical group. we are tracing a class 3 trinitron worm through block aut-41c-xp8 and you need to immediately set up a RipSub transponder log to prevent it from spreading further."  "uh, i dont know how to do that"  "damnit son, didn't you hear me? this is a class 3 worm and its in your block we don't have time for your games!  either start up the RipSub transponder 10.4E program now or give me access to 63.185.90.1 immediately before the window of opportunity is lost!!"

HTH,
Grok

Yes but I'd probably start laughing.

On older cisco routers, you can telnet in if they are experiencing a massive ping flood...and the passwd file algorithm has been cracked.