• Welcome to Valhalla Legends Archive.
 

[VB] Sending 0x51

Started by Fapiko, July 02, 2006, 11:56 PM

Previous topic - Next topic

Fapiko

Just guessing that somebody is going to complain about where I posted this because it has to do with the sending of a battle.net packet, or involves MBNCSUtil, or some other goofy thing like that, but I'm working with .NET so I chose to place it in the .NET forum.

The problem I am having is that I keep getting the 0x101 Invalid Version response to battle.net, and I cannot figure out what I am doing wrong.  I thought it might be the conversion from the byte array to messing up some of the characters in the key hash, but in the end I don't think that's the problem.  Here is my sub, if you can figure out what I may be doing wrong please reply.


Friend Sub Send0x51(ByVal Index As Byte, ByVal ServerToken As UInteger, ByVal HashCommand As String, ByVal MPQNumber As Byte)
        'see packet reference: http://bnetdocs.valhallalegends.com/content.php?Section=m&Code=4

        Dim CRevision As Long
        Dim ClientToken As UInteger
        Dim Files(2) As String
        Dim KeyHash As String
        Dim HashLength() As Byte
        Dim Decoder As MBNCSUtil.CdKey

        Files(0) = Application.StartupPath & "\Hashes\W2BN\Warcraft II Bne.exe"
        Files(1) = Application.StartupPath & "\Hashes\W2BN\storm.dll"
        Files(2) = Application.StartupPath & "\Hashes\W2BN\battle.snp"

        CRevision = MBNCSUtil.CheckRevision.DoCheckRevision(HashCommand, Files, MPQNumber)
        If CRevision = 0 Then
            QueueAddC(Index, Color.Red, "Hashes did not pass check revision.")
            Exit Sub
        End If

        ClientToken = Right(GetTickCount(), 5)

        Decoder = MBNCSUtil.CdKey.CreateDecoder(Profiles(Index)(3))

        HashLength = Decoder.GetHash(ClientToken, ServerToken)
        KeyHash = Decoder.GetHashCode()

        With PBuffer
            .InsertDWORD(ClientToken)
            .InsertDWORD(0)
            .InsertDWORD(CRevision)
            .InsertDWORD(1)
            .InsertDWORD(0)
            .InsertDWORD(Len(Profiles(Index)(3))) ' CDKey
            .InsertDWORD(Decoder.Product)
            .InsertDWORD(Decoder.Value1)
            .InsertDWORD(0)
            .InsertNonNTString(ASCII.GetString(HashLength))
            .InsertNTString("")
            .InsertNTString("Fapiko")
            .SendPacket(Index, &H51)
        End With
    End Sub


Also, here is the log:

Flappy Chat Bot v1.0
OUT [0x50]:
0000: 50 3A 00 00 00 00 00 36 38 58 49 4E 42 32 57 4F  P:.....68XINB2WO
0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
0020: 00 00 00 00 00 00 00 55 53 41 00 55 6E 69 74 65  .......USA.Unite
0030: 64 20 53 74 61 74 65 73 00                       d States.       

IN [0x25]:
0000: 25 08 00 0B 3F 2F 40                             %..?/@         

OUT [0x25]:
0000: 25 08 00 0B 3F 2F 40                             %..?/@         

IN [0x50]:
0000: 50 62 00 00 00 00 00 37 3F 3F 3F 3F 3F 24 00 00  Pb.....7?????$..
0010: 3F 41 43 25 0B 3F 01 49 58 38 36 76 65 72 34 2E  ?AC%.?IX86ver4.
0020: 6D 70 71 00 41 3D 31 30 31 32 34 33 34 32 31 38  mpq.A=1012434218
0030: 20 42 3D 31 33 39 37 36 35 39 37 31 20 43 3D 34   B=139765971 C=4
0040: 30 37 30 32 33 33 20 34 20 41 3D 41 5E 53 20 42  070233 4 A=A^S B
0050: 3D 42 2B 43 20 43 3D 43 2D 41 20 41 3D 41 2B 42  =B+C C=C-A A=A+B
0060: 00                                               .               

OUT [0x51]:
0000: 51 44 00 3F 67 00 00 00 00 00 00 3F 3F 3F 5E 01  QD.?g......???^
0010: 00 00 00 00 00 00 00 10 00 00 00 04 00 00 00 64  .............d
0020: 48 01 00 00 00 00 00 3F 6B 05 3F 7A 3F 2D 3F 43  H.....?k?z?-?C
0030: 3F 69 3F 3F 3F 4D 76 52 11 3F 3F 00 46 61 70 69  ?i???MvR??.Fapi
0040: 6B 6F 00                                         ko.             

IN [0x51]:
0000: 51 09 00 01 01 00 00 00                          Q.....


[MyndFyre edit: added code tags (to remove smileys), removed packet reference and replaced with link to BnetDocs]

Joe[x86]

The second DWORD you're sending is hardcoded to 0, but it should be a CheckRevison-related value.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

MyndFyre

Joe is correct; also, you're not including the EXE "description" string.  This is obtained via CheckRevision.GetExeInfo(string, &string)


Dim ExeVer As Integer
Dim ExeInfo As String

ExeVer = MBNCSUtil.CheckRevision.GetExeInfo(Files(0), ByRef ExeInfo)

' Your "with PBuffer" code is modified below:
        With PBuffer
            .InsertDWORD(ClientToken)
            .InsertDWORD(ExeVer)
            .InsertDWORD(CRevision)
            .InsertDWORD(1)
            .InsertDWORD(0)
            .InsertDWORD(Len(Profiles(Index)(3))) ' CDKey
            .InsertDWORD(Decoder.Product)
            .InsertDWORD(Decoder.Value1)
            .InsertDWORD(0)
            .InsertNonNTString(ASCII.GetString(HashLength))
            .InsertNTString(ExeInfo)
            .InsertNTString("Fapiko")
            .SendPacket(Index, &H51)
        End With


Also, you shouldn't use Encoding.ASCII.GetString(hash) to insert the string.  It's a byte array and should stay as such.  With Encoding.ASCII you risk losing values greater than 0x7f, and a cursory glance at your packet log indicates that all the bytes in the hash are less than 0x7f.  That's pretty surprising considering there are 20 bytes there!
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Fapiko

You don't need the EXE info to successfully achieve a hashed connection to battle.net.  Neither my VB6 bots nor my PHP bots ever include it, which leads me back to my previous belief that it may be the conversion from a byte array to a string that is causing the problem.  How should I convert it to a string without using Encoding.ASCII?  I tried Encoding.Unicode and Encoding.UTF8, but they got me IP'd.  From reading previous posts on these forums, I know that MyndFire insists on people using byte arrays for their packet buffers but I would prefer to keep this one as a string for now.

MyndFyre

I suppose you could convert each to a character then a byte:

For i = 0 To HashLength.Length
    .InsertByte(CByte(HashLength(i) And &Hff))
Next


Are you aware that MBNCSUtil also includes a packet buffer designed for Battle.net?
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Fapiko

Well, I think I finally got it working, but now it's sending me Invalid Key every time.  When I call Decoder.Key, it gives me some random string that is definatly not the key I put into it.  Isn't it supposed to give me the cdkey I initialized the decoder with?

MyndFyre

No, once the key is initialized, it gives you the decoded version of the key in the Key property.  I don't know any reason why you would need the physical key, though; the CdKey class gives you instance properties for the public/private/product.

I'll take it under advisement, though, that the Key property should be the original string and there should be a DecodedKey property.  Thanks for the feedback.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Fapiko

Well, I was really just checking to see if it was messing my key up once it got it into the decoder since I was getting the Invalid Key response from battle.net after changing my packet buffer to use a byte array.  Anyways, I suppose I'll do some more testing to make sure I'm doing everything like I'm supposed to, I was just curious as to what I was supposed to be getting back from the Key property because I didn't recall reading that it gave me the decoded key in the MBNCSUtil documentation.

MyndFyre

Yeah, you were right.  I forgot that I reassigned the backing store for the key property after decoding.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.