• Welcome to Valhalla Legends Archive.
 

[Resolved]0x51 Help Needed (its driving me bonkers)

Started by MysT_DooM, February 23, 2006, 10:01 PM

Previous topic - Next topic

MysT_DooM

Firstly, i did lots of searching through this forum yet my problem was still a problem :\
I set up break points and all that mumbo jumbo and included error handlers to see wat was goin on. yet couldnt figure it out :(
Alright the situation is, that once 0x51 is sent I get Ip Banned. Even though the setup is correct and all the data is there including checksum etc.. Also im sending 0x51 after 0x50 gets parsed.  So do you guys see why I am getting Ip Banned after sending it? or is there something wrong ( I have a feeling it has to do with the Hashed Key Data but maybe not).


Public Sub Send0x51(tmpFormula As String, tmpFileName As String)
Dim Product, PublicValue, PrivateValue As String
Product = frmScan.txtProduct.Text
PublicValue = frmScan.txtPublic.Text
PrivateValue = frmScan.txtPrivate.Text
Dim ClientToken As Long
ClientToken = GetTickCount 'any old number (cant be 0)
Dim MPQNumber As Long
MPQNumber = extractMPQNumber(tmpFileName)
Dim checksum As Long
Dim Check As Long
Check = checkRevisionFlat(tmpFormula, App.Path & "C:\Program Files\Starcraft\Starcraft.exe", App.Path & "C:\Program Files\Starcraft\Battle.snp", App.Path & "C:\Program Files\Starcraft\Storm.dll", extractMPQNumber(tmpFileName), checksum)
Dim KeyHash As String
KeyHash = ClientToken & ServerToken & frmScan.txtProduct & frmScan.txtPublic & vbNullChar & frmScan.txtPrivate
If Dir$("C:\Program Files\Starcraft\Starcraft.exe") = "" Then
MsgBox "hash files not found, aborting check revision"
  Exit Sub
End If
If Check_Revision(tmpFormula, tmpFileName, checksum) = False Then
MsgBox "Check FAILED"
Exit Sub
End If



With buf
.InsertDWORD ClientToken 'GetTickCount()
.InsertDWORD &H101030B 'version of the exe file
.InsertDWORD checksum  'EXE hash
.InsertDWORD &H1 '1 cdkey
.InsertDWORD &H0 'no spawning
.InsertDWORD 13 'length of key
.InsertDWORD Product  'Product Value of Key i.e 01 or 02
.InsertDWORD PublicValue  'Public Value of Cd Key 7digit number
.InsertDWORD &H0 'Null
.InsertNonNTString KeyHash  'Hashed Key Data
.InsertNTString "Day of Destruction" 'Exe Info
.InsertNTString "Thieves" 'Owner Name
.InsertHEADER &H51
.sendPacket frmScan.sckBnet
End With
End Sub


Packet Log of my Program

SEND-> 0000   01                                                 .
SEND-> 0000   FF 50 3B 00 00 00 00 00 36 38 58 49 52 41 54 53    .P;.....68XIRATS
SEND-> 0010   CD 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................
SEND-> 0020   00 00 00 00 00 00 00 00 47 42 52 00 55 6E 69 74    ........GBR.Unit
SEND-> 0030   65 64 20 4B 69 6E 67 64 6F 6D 00                   ed Kingdom.
RECV-> 0000   FF 25 08 00 1E D8 11 70 FF 50 63 00 00 00 00 00    .%.....p.Pc.....
RECV-> 0010   25 2C 53 6A B1 61 19 00 00 AC 41 43 25 0B C5 01    %,Sj.a....AC%...
RECV-> 0020   49 58 38 36 76 65 72 35 2E 6D 70 71 00 41 3D 39    IX86ver5.mpq.A=9
RECV-> 0030   37 34 39 39 30 37 32 39 20 42 3D 33 32 36 38 31    74990729 B=32681
RECV-> 0040   38 30 33 32 20 43 3D 35 35 30 32 39 30 31 37 33    8032 C=550290173
RECV-> 0050   20 34 20 41 3D 41 5E 53 20 42 3D 42 5E 43 20 43     4 A=A^S B=B^C C
RECV-> 0060   3D 43 5E 41                                        =C^A
SEND-> 0000   FF 25 08 00 1E D8 11 70                            .%.....p
SEND-> 0000   FF 51 62 00 2B 6B B2 01 0B 03 01 01 08 FF 58 CE    .Qb.+k........X.
SEND-> 0010   01 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00    ................
SEND-> 0020   90 28 1F 00 00 00 00 00 32 38 34 37 30 30 35 39    .(......28470059
SEND-> 0030   31 37 38 33 38 33 35 36 38 35 30 31 32 30 34 32    1783835685012042
SEND-> 0040   30 30 30 00 30 30 30 44 61 79 20 6F 66 20 44 65    000.000Day of De
SEND-> 0050   73 74 72 75 63 74 69 6F 6E 00 54 68 69 65 76 65    struction.Thieve
SEND-> 0060   73 00                                              s.


vb6, something about that combination of numbers and letters is sexy

MysT_DooM

Resolved By Me :P
You guys can delete this

I fixed the key hash data, i dont know why i put vbNullChar
so i switched it to &H0 and boom it worked :)


vb6, something about that combination of numbers and letters is sexy

iago

Inicidentally, a comment on your code. 

All your variable definitions should occur together, at the top.  And there should be at least one blank line to separate the variable declarations from your executable code.  That makes things much easier to read. 

This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


UserLoser

Quote from: Crappy Code

Check = checkRevisionFlat(tmpFormula, App.Path & "C:\Program Files\Starcraft\Starcraft.exe", App.Path & "C:\Program Files\Starcraft\Battle.snp", App.Path & "C:\Program Files\Starcraft\Storm.dll", extractMPQNumber(tmpFileName), checksum)


I don't get how that works out...

MysT_DooM

yeah it might be hard to read all bunched up like that, ill make it nicer when i get back home, but at least it works perfectly now :)

Public Declare Function checkRevisionFlat Lib "bncsutil.dll" (ByVal ValueString As String, ByVal File1 As String, ByVal File2 As String, ByVal File3 As String, ByVal MPQNumber As Long, ByRef checksum As Long) As Long


Check = checkRevisionFlat(tmpFormula, App.Path & "C:\Program Files\Starcraft\Starcraft.exe", App.Path & "C:\Program Files\Starcraft\Battle.snp", App.Path & "C:\Program Files\Starcraft\Storm.dll", extractMPQNumber(tmpFileName), checksum)

that is the check revesion tmpFormula aka MPQFormula and the app paths all point to where the specific hash is. and tmpFileName is the MPQFileName.


vb6, something about that combination of numbers and letters is sexy

PaiD

Userloser is talking about the locations for the hash files and doesnt see how that would work for your function

App.Path & "C:\Program Files\Starcraft\Starcraft.exe"
App.Path & "C:\Program Files\Starcraft\Battle.snp"
App.Path & "C:\Program Files\Starcraft\Storm.dll"

iago

Quote from: MysT_DooM on February 24, 2006, 05:57 AM
yeah it might be hard to read all bunched up like that, ill make it nicer when i get back home, but at least it works perfectly now :)
Keeping code clean should be an ongoing process, not an afterthought. 
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


rabbit

Quote from: iago on February 23, 2006, 10:41 PM
Inicidentally, a comment on your code. 

All your variable definitions should occur together, at the top.  And there should be at least one blank line to separate the variable declarations from your executable code.  That makes things much easier to read. 


Don't forget the tab button!
Grif: Yeah, and the people in the red states are mad because the people in the blue states are mean to them and want them to pay money for roads and schools instead of cool things like NASCAR and shotguns.  Also, there's something about ketchup in there.

MysT_DooM

thx for the input, will do cleaner code on future code


vb6, something about that combination of numbers and letters is sexy

Joe[x86]

Quote from: UserLoser on February 24, 2006, 01:58 AM
Quote from: Crappy Code

Check = checkRevisionFlat(tmpFormula, App.Path & "C:\Program Files\Starcraft\Starcraft.exe", App.Path & "C:\Program Files\Starcraft\Battle.snp", App.Path & "C:\Program Files\Starcraft\Storm.dll", extractMPQNumber(tmpFileName), checksum)


I don't get how that works out...

When you specify a drive, the path before that drive is nullified (for lack of a better word). Think of the DOS cd command. You can do cd .., because .. is relative of pwd, or you can do cd C:, and have it not be relative.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

iago

Quote from: Joe on February 25, 2006, 06:10 PM
Quote from: UserLoser on February 24, 2006, 01:58 AM
Quote from: Crappy Code

Check = checkRevisionFlat(tmpFormula, App.Path & "C:\Program Files\Starcraft\Starcraft.exe", App.Path & "C:\Program Files\Starcraft\Battle.snp", App.Path & "C:\Program Files\Starcraft\Storm.dll", extractMPQNumber(tmpFileName), checksum)


I don't get how that works out...

When you specify a drive, the path before that drive is nullified (for lack of a better word). Think of the DOS cd command. You can do cd .., because .. is relative of pwd, or you can do cd C:, and have it not be relative.

it's relative of the "print working directory"?

I think you probably meant cwd, "current working directory"
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


UserLoser

Quote from: Joe on February 25, 2006, 06:10 PM
Quote from: UserLoser on February 24, 2006, 01:58 AM
Quote from: Crappy Code

Check = checkRevisionFlat(tmpFormula, App.Path & "C:\Program Files\Starcraft\Starcraft.exe", App.Path & "C:\Program Files\Starcraft\Battle.snp", App.Path & "C:\Program Files\Starcraft\Storm.dll", extractMPQNumber(tmpFileName), checksum)


I don't get how that works out...

When you specify a drive, the path before that drive is nullified (for lack of a better word). Think of the DOS cd command. You can do cd .., because .. is relative of pwd, or you can do cd C:, and have it not be relative.

?

That code is llike saying: "C:\Blah\WhateverProject\C:\Program Files\Starcraft\Starcraft.exe"

Mystical

I see a comma in there...

still looks all kinda konfuzzed up..

MysT_DooM


Public Declare Function checkRevisionFlat Lib "bncsutil.dll" (ByVal ValueString As String, ByVal File1 As String, ByVal File2 As String, ByVal File3 As String, ByVal MPQNumber As Long, ByRef checksum As Long) As Long


App.Path & "C:\Program Files\Starcraft\Starcraft.exe"

That would be the direct location of the Hash File, which the check revision needs. so in this case   App.Path & "C:\Program Files\Starcraft\Starcraft.exe" would be File1. file2 and 3 would be the battle and storm files.  and the commas are there to seperate each string.


vb6, something about that combination of numbers and letters is sexy

l2k-Shadow

Quote from: MysT_DooM on February 26, 2006, 09:19 AM

Public Declare Function checkRevisionFlat Lib "bncsutil.dll" (ByVal ValueString As String, ByVal File1 As String, ByVal File2 As String, ByVal File3 As String, ByVal MPQNumber As Long, ByRef checksum As Long) As Long


App.Path & "C:\Program Files\Starcraft\Starcraft.exe"

That would be the direct location of the Hash File, which the check revision needs. so in this case   App.Path & "C:\Program Files\Starcraft\Starcraft.exe" would be File1. file2 and 3 would be the battle and storm files.  and the commas are there to seperate each string.

I hope that you do realize that App.Path is the directory where you application is. So if my application was in "C:\Projects\Bot", App.Path & "C:\Program Files\Starcraft\Starcraft.exe", would be "C:\Projects\BotC:\Program Files\Starcraft\Starcraft.exe". I doubt that's a valid path to the hash files.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.