• Welcome to Valhalla Legends Archive.
 

CalcHashBuf??

Started by XTRB, April 30, 2003, 11:22 AM

Previous topic - Next topic

XTRB

I'm trying to create accounts using

SendPacket &H3D, CalcHashBuf(Password) & UserName & Chr(0)


but, I don't have the calchashbuf function. I've been trying to hash the password using my function for when just logging on normally. Someone wanna tell me what I'm doing wrong?

Function PassHashed(ByVal password As String, ByVal Seed As Long)
Dim lngKey As Long, lngSeed As Long, lngValue1 As Long, lngValue2 As Long, lngValue3 As Long
   lngKey = GetTickCount
   lngSeed = Seed
       PassHashed = PassHashed & GetDW(lngKey)
       PassHashed = PassHashed & GetDW(lngSeed)
       HashPass LCase(password), Len(password), lngKey, lngSeed, lngValue1, lngValue2, lngValue3
       PassHashed = PassHashed & GetDW(lngKey)
       PassHashed = PassHashed & GetDW(lngSeed)
       PassHashed = PassHashed & GetDW(lngValue1)
       PassHashed = PassHashed & GetDW(lngValue2)
       PassHashed = PassHashed & GetDW(lngValue3)
End Function


Camel

#1
why do you have LCase(password) ?
what if a user's password actually has capital letters in it?

[edit] use X from bnetauth.dll instead of calchashbuf

Tazo

Quote from: Camel on April 30, 2003, 03:29 PM
why do you have LCase(password) ?
what if a user's password actually has capital letters in it?


Because Battle.Net Passwords Aren't Case Sensative.

tA-Kane

#3
Quote from: laurion on April 30, 2003, 03:40 PMBecause Battle.Net Passwords Aren't Case Sensative.
Actually, because of the nature of the hashing algorithm, they are case sensative.
Macintosh programmer and enthusiast.
Battle.net Bot Programming: http://www.bash.org/?240059
I can write programs. Can you right them?

http://www.clan-mac.com
http://www.eve-online.com

Camel

how could they possibly not be case sensitive? they're stored post-encryption. last time i checked, one way encryption only went one way.
besides, even if they weren't case sensitive, there would still be no point in using LCase(), because they wouldn't be case-sensitive

dxoigmn

#5
Quote from: Camel on April 30, 2003, 03:55 PM
how could they possibly not be case sensitive? they're stored post-encryption. last time i checked, one way encryption only went one way.
besides, even if they weren't case sensitive, there would still be no point in using LCase(), because they wouldn't be case-sensitive

From Diablo II BnClient.dll:

.text:6FF06ABC                 push    esi             ; cchPasswordLength
.text:6FF06ABD                 push    edx             ; lpszPassword
.text:6FF06ABE                 call    ds:CharLowerBuffA


From Starcraft Battle.snp:

.text:1901A5F1                 push    edi             ; cchPasswordLength
.text:1901A5F2                 push    ecx             ; lpszPassword
.text:1901A5F3                 call    ds:CharLowerBuffA


From Warcraft II BNE Battle.snp:

.text:19019A2A                 push    edi             ; cchPasswordLength
.text:19019A2B                 push    eax             ; lpszPassword
.text:19019A2C                 call    ds:CharLowerBuffA


Sigh...please be more informed.

As for Warcraft III, I wouldn't know.

Edit: each of those were taken from either SID_LOGON2 or SID_LOGONRESPONSE

Arta

Just in case assembler breaks your fragile mind: Battle.net usernames & passwords are NOT case sensitive.

In fact, I can't think of anything on Battle.net that is.

XTRB

#7
Quote from: Camel on April 30, 2003, 03:29 PM
why do you have LCase(password) ?
what if a user's password actually has capital letters in it?

[edit] use X from bnetauth.dll instead of calchashbuf

use X from bnetauth.dll instead of calchashbuf?
This...

Public Declare function X Lib "bnetauth.dll" Alias "X" (strHash as string) as string  ????

Returns "Dll entry point X can't be found" or w/e

Since I'm questioning this, could someone perhaps also tell me how to get a list of functions out of a dll? I know using a hex editor I can find the function/sub names, but having problems with the variables included within the functions/subs.

XTRB

#8
Quote from: Maddox on May 01, 2003, 12:23 AM
X is not calchashbuf, although it may use it. You can find the declarations for bnetauth.dll in the EthBot source.

Not sure where you got EthBot's source, but I got mine from http://zorm.phactorx.com/downloads.html and all I found regarding bnetauth.dll was

Public Declare Function CreateAccount Lib "bnetauth.dll" (ByVal outbuf As String, ByVal Password As String) As Long

Is that what i need to use instead of calchashbuf? and if so, what is the outbuf variable for?

Camel

Quote from: Maddox on May 01, 2003, 12:23 AM
X is not calchashbuf, although it may use it. You can find the declarations for bnetauth.dll in the EthBot source.

my calchashbuf is the same as X

Etheran

Quote from: Arta[vL] on April 30, 2003, 08:41 PM
Just in case assembler breaks your fragile mind: Battle.net usernames & passwords are NOT case sensitive.

In fact, I can't think of anything on Battle.net that is.
It's not battle.net that's not case sensitive to your password, but rather, it's the clients.

dxoigmn

Quote from: Etheran on May 01, 2003, 05:33 PM
It's not battle.net that's not case sensitive to your password, but rather, it's the clients.

I think he realizes that.  Point is however, the client makes the password lowercase, therefore if you wish to emulate the client it would be best to make the password lowercase as well.  Otherwise, if you create an account (provided you hash it with uppercase characters) with your bot and try to logon with a client you'll get an invalid password.  Always best to emulate what the real client does.

Arta

I do indeed realise that, but it's perhaps an elusive point. I think I'll add a clarification @ bnetdocs.

Camel

Quote from: Arta[vL] on May 01, 2003, 07:06 PM
I do indeed realise that, but it's perhaps an elusive point. I think I'll add a clarification @ bnetdocs.

good idea. i had to explain to like, three people how blizzard actually has no idea what your pre-hashed password is (and for this reason, it is impossible for them to restore lost password).

Yoni

Not impossible, but would take a large amount of months.