Post-Reply Pre-Login Ping (0x25 Ping Spoof => 0 Ping)

Securify · August 26, 2005, 02:30 PM

Ok I understand I can accomplish -1 ping by using the following code:

Case &H25
If Val(GetStuff("Other", "Spoof -1 Ping")) = 1 Then
Exit Sub

And I get normal ping by this code:

Else
With PBuffer
.InsertNonNTString Mid(Data, 5, 4)
.SendPacket &H25
End With
End If

That is my 0x25 Packet sending and receiving. Now how do I go about getting 0 ping? I read, and have interpreted in my own words, the title "Post-Reply Pre-Login Ping" to "Reply After the Pre-Login Ping as been sent". To get -1 is "Ignore Pre-Login Ping" as you see above. It just ignores it completely. How do you reply to the packet after it has already been sent? By a timer?

Any help is appreciated.

Hdx · August 26, 2005, 02:46 PM

-1 = Ignoring it
Normal = Normal
0 = Sending it before you get it
You can get 0 by sending packet 0x25 (SID_PING) before you recive it. Send it with a value of 0 right after you send 0x50 (SID_AUTH_INFO)
~-~(HDX)~-~

Securify · August 26, 2005, 02:55 PM

.SendPacket 0?

Because that gets me IPBanned.

Hdx · August 26, 2005, 02:56 PM

.InsertDWORD 0
.SendPacket &H25
~-~(HDX)~-~

Securify · August 26, 2005, 03:04 PM

I sent that packet in my &H50, after the rest of the coding, and I also put changed it to this in the above coding:

If Val(GetStuff("Other", "Spoof 0 Ping")) = 1 Then
Else

So it doesn't do anything in the &H25, it moves to &H50 and then sends the packet with a value of 0.

Result: Normal Ping.

I even put it in my &H25 Packet.

If Val(GetStuff("Other", "Spoof 0 Ping")) = 1 Then
With PBuffer
.InsertDWORD 0
.SendPacket &H25
End With

Same result, normal ping.

Hdx · August 26, 2005, 03:08 PM

Send it when you send 0x50, not when you recive 0x50.
~-~(HDX)~-~

Securify · August 26, 2005, 03:16 PM

There we go, thanks man. I appreciate it much!

Spht · August 26, 2005, 04:23 PM

Quote from: Securify on August 26, 2005, 02:30 PMI read, and have interpreted in my own words, the title "Post-Reply Pre-Login Ping" to "Reply After the Pre-Login Ping as been sent". To get -1 is "Ignore Pre-Login Ping" as you see above. It just ignores it completely.

No. Isn't it obvious? "Ignore Pre-Login Ping," pre-logon ping being the SID_PING message Battle.net sends before login (hence, "pre login") to determine your "ping time." The bot will ignore that message, but respond to all future requests. This gives you what people tend to call "-1 ping"(?)

"Post-Reply Pre-Login Ping," again referring to the ping that is sent before login ("pre-login ping"). But here instead of ignoring the request, the bot will now reply before it even receives the message (hence, "post reply"). This sort of tricks Battle.net allowing you to achieve an extraordinary low ping time--usually zero.

There you have it.

Yegg · August 26, 2005, 04:50 PM

Spht, I have a question. After I've received 0x25, can I echo back a different value? If I can echo back a different value would this mean that I can make up my own ping timestamp?

Blaze · August 26, 2005, 05:10 PM

You can echo back any 4 bytes you want. It doesn't make a change in the ping though.

Securify · August 26, 2005, 05:14 PM

Quote from: Spht on August 26, 2005, 04:23 PM
Quote from: Securify on August 26, 2005, 02:30 PMI read, and have interpreted in my own words, the title "Post-Reply Pre-Login Ping" to "Reply After the Pre-Login Ping as been sent". To get -1 is "Ignore Pre-Login Ping" as you see above. It just ignores it completely.

No. Isn't it obvious? "Ignore Pre-Login Ping," pre-logon ping being the SID_PING message Battle.net sends before login (hence, "pre login") to determine your "ping time." The bot will ignore that message, but respond to all future requests. This gives you what people tend to call "-1 ping"(?)

"Post-Reply Pre-Login Ping," again referring to the ping that is sent before login ("pre-login ping"). But here instead of ignoring the request, the bot will now reply before it even receives the message (hence, "post reply"). This sort of tricks Battle.net allowing you to achieve an extraordinary low ping time--usually zero.

There you have it.

I appreciate you going, kind of, in depth about this subject. I was a bit confused on the true meaning, but I got it now.

Again, thanks.

Warrior · August 26, 2005, 05:34 PM

Quote from: Yegg on August 26, 2005, 04:50 PM
Spht, I have a question. After I've received 0x25, can I echo back a different value? If I can echo back a different value would this mean that I can make up my own ping timestamp?

You can however time your response to SID_PING and get an approximate ping that you want.

Yegg · August 26, 2005, 07:17 PM

Quote from: Warrior on August 26, 2005, 05:34 PM
Quote from: Yegg on August 26, 2005, 04:50 PM
Spht, I have a question. After I've received 0x25, can I echo back a different value? If I can echo back a different value would this mean that I can make up my own ping timestamp?

You can however time your response to SID_PING and get an approximate ping that you want.

I see. Thanks Warrior.

FrOzeN · August 27, 2005, 01:35 AM

You can also add to your ping time.
Eg. Let's say you normal ping is 172ms.

By doing:

Code Select

Case &H25
    'Code to Pause for 3 seconds
    With PBuffer
        .InsertNonNTString Mid(Data, 5, 4)
        .SendPacket &H25
    End With

Your ping will be: 3172ms.
However it's very hard to make it do this accurately, and by causing your ping to exceed 59999ms you won't establish a connection to Battle.net.

Yet, not sure how but people have exceeded Battle.net pings over 60 seconds.. but there unstable and usually only last 2-10 minutes.

Blaze · August 27, 2005, 01:57 AM

Quote from: FrOzeN on August 27, 2005, 01:35 AM
Yet, not sure how but people have exceeded Battle.net pings over 60 seconds..

They still send the keepalive packet, which keeps the connection alive.

Quote
but there unstable and usually only last 2-10 minutes.

Where did you get that from?