• Welcome to Valhalla Legends Archive.
 

lockdown-IX86-XX.mpq update?

Started by Ringo, October 31, 2006, 04:51 PM

Previous topic - Next topic
|

Zakath

Quote from: iago on February 02, 2005, 03:07 PM
Yes, you can't have everybody...contributing to the main source repository.  That would be stupid and create chaos.

Opensource projects...would be dumb.

Joe[x86]

#46
No, they did use a patch. They've done it before too. They refer to it as patching on the server-side, as opposed to what is a normal "patch" to us, a clientside patch. For those who don't know (none of you?), CheckRevision is done completely independant of the game itself, except for downloading and calling it, but from a DLL downloaded over Battle.net File Transfer Protocol.

I'm not sure where my old post went, but I feel this is still constructive to ask: UserLoser, does your bot work following this patch, still?

EDIT -
If someone can get me a few packet logs of S>C 0x50, and if available, the corresponding A, B, C values for the valuestrings after decoding, that'd be nice.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

Michael

#47
You guys think war3 is next?

MyndFyre

Quote from: Joex86] link=topic=15929.msg160467#msg160467 date=1162447573]
No, they did use a patch. They've done it before too. They refer to it as patching on the server-side, as opposed to what is a normal "patch" to us, a clientside patch. For those who don't know (none of you?), CheckRevision is done completely independant of the game itself, except for downloading and calling it, but from a DLL downloaded over Battle.net File Transfer Protocol.

I'm not sure where my old post went, but I feel this is still constructive to ask: UserLoser, does your bot work following this patch, still?

EDIT -
If someone can get me a few packet logs of S>C 0x50, and if available, the corresponding A, B, C values for the valuestrings after decoding, that'd be nice.
There is no more a, b, or c value and no more valuestring.  The string that used to be a value string is now a seed for a memory hash (basically).
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Eric

#49
Quote from: Joex86] link=topic=15929.msg160467#msg160467 date=1162447573]
No, they did use a patch. They've done it before too. They refer to it as patching on the server-side, as opposed to what is a normal "patch" to us, a clientside patch. For those who don't know (none of you?), CheckRevision is done completely independant of the game itself, except for downloading and calling it, but from a DLL downloaded over Battle.net File Transfer Protocol.

I'm not sure where my old post went, but I feel this is still constructive to ask: UserLoser, does your bot work following this patch, still?

EDIT -
If someone can get me a few packet logs of S>C 0x50, and if available, the corresponding A, B, C values for the valuestrings after decoding, that'd be nice.

You can't refer to an update as purely server-side if it requires updates be made on the client-side as well.

RealityRipple

So, basically the change is that it requests a value in memory and expects correct information from that memory location... Effectively destroying the ability to use hacking tools that edit memory and getting rid of bots... both seem to be temporary setbacks, since you can enable hack tools after logging in... and bots will eventually spoof this somehow (i hope)....

Also, I'm sure they'll eventually change all these over like they did for the old-new ver-ix86-# naming.

Also #2, it doesn't update on the client side. It just downloads different files than it did before. Since the files are never stored for longer than it takes to run them, they're not part of the program, thus, not updated. I guess it's actually a matter of opinion, and NOT IMPORTANT.

warz

It's an update, christ. The reason it does not require any physical changes to the game files is because they just incorporated it into the existing logon method. The a, b and c values, as well as the value string, are all gone like MyndFyre said. They took out the value string, and replaced it with this so called seed value. CheckRevision is still exported, and still called in the same manner that it used to be.

Eric

Quote from: RealityRipple on November 02, 2006, 12:37 AM
Also, it doesn't update on the client side. It just downloads different files than it did before. Since the files are never stored for longer than it takes to run them, they're not part of the program, thus, not updated. I guess it's actually a matter of opinion, and NOT IMPORTANT.

The client only downloads the checkrevision files if one does not currently exist in BNCache.dat or if the one that does exist is outdated.

RealityRipple

So we just need to spoof that CheckRevision correctly. Then if/when they change it again, we'll just wait around some more, have the same discussions on it again, and eventually spoof it correctly, too. Isn't there a more accurate way to spoof these things?

And like i said, IT'S NOT IMPORTANT IF IT'S AN UPDATE OR NOT.

RealityRipple

Some more things of note:
It would seem that No-CD cracks will no longer work, as they edit certain values in Storm.dll. These values are now checked as part of the CheckRevision, so they fail. The only way to play without a CD is with a mounted ISO.
Hacks can no longer be turned on until after you log in to Battle.net. Same reason as above.
It doesn't make sense that they'd only check on login, but it will hinder some people... SC supposedly has warden inside it now, and the new CheckRevision gets rid of the ability to disable warden through editing a value (similar to the no-cd). It follows that they most likely will update d2 and war3 soon.

It's interesting to log in and see how empty channels are...

FrOzeN

If I can throw my 2-cents in, when one of you do create a solution please don't open-source it. I'm not suggesting just keep it to yourself, but possibly hand it to trusted few or something (Hdx, Ringo, w/e). This has solved a lot of the flooding issues with battle.net and it would be nice to see that these bots do not come back.

@DeTails: ws2_32.dll is the library for Winsock 2. I'm not sure about the erroring.
~ FrOzeN

Zakath

Quote from: FrOzeN on November 02, 2006, 01:55 AM
If I can throw my 2-cents in, when one of you do create a solution please don't open-source it. I'm not suggesting just keep it to yourself, but possibly hand it to trusted few or something (Hdx, Ringo, w/e). This has solved a lot of the flooding issues with battle.net and it would be nice to see that these bots do not come back.

@DeTails: ws2_32.dll is the library for Winsock 2. I'm not sure about the erroring.

Yeesh, have I been absent from the bot 'market' so long that those are the examples of "trusted few?" Eeek.

Anyways, I think most if not all of the people I expect might be able to figure this out in a timely fashion share that sentiment. Although most of them probably don't care by this point. Or it was trivial enought that they've already solved it.
Quote from: iago on February 02, 2005, 03:07 PM
Yes, you can't have everybody...contributing to the main source repository.  That would be stupid and create chaos.

Opensource projects...would be dumb.

FrOzeN

Quote from: Zakath on November 02, 2006, 02:10 AM
Quote from: FrOzeN on November 02, 2006, 01:55 AM
..., but possibly hand it to trusted few or something (Hdx, Ringo, w/e). ...

Yeesh, have I been absent from the bot 'market' so long that those are the examples of "trusted few?" Eeek.

Anyways, I think most if not all of the people I expect might be able to figure this out in a timely fashion share that sentiment. Although most of them probably don't care by this point. Or it was trivial enought that they've already solved it.
I specifically picked two people who I'd considered would be trusted with it, and are probably* just short of the knowledge to be able to solve this themselves.

I just think it would be best, as a community we are able to share knowledge around as well as preventing the abuse of it. I'm avoiding listing all the names who'd I'd consider as I wouldn't consider myself as someone here in the position of making that decision, as many of you would probably agree with. I'm also trying to keep it concise without making it look as if I'm thinking too far ahead as we don't currently* have that knowledge, just trying to assure when it is attained that it doesn't popup everywhere suddenly and then lead to abuse.
~ FrOzeN

warz

#58
This thread went from being interesting, and productive, to being horribly off-topic and wasteful.

To get this back on the right track, anyone have some sample seed values to be passed to CheckRevision?

topaz

#59
Quote from: warz on November 02, 2006, 03:33 PM
To get this back on the right track, anyone have some sample seed values to be passed to CheckRevision?

I answered your question before you asked it

"\xff\xbe'\xb2\x8ft\x8e-\x9c\xb0\xd2^\xd6\x9f@\xc3"

Edit:

and here's some more, and the MPQ it corresponds to:

\x90_&}^\x1a\xd2\xcc\x1d6\xa9\xa7~o3] lockdown-IX86-02.mpq
\xd5\xf3\xf8G\xac)&\x04\xdd@\x98OS\xd1e\x1a lockdown-IX86-08.mpq
\xba}\xce\x01\x83\xb5\xe1\xec\x04u\xd3g\xcd\xb0S\xf6 lockdown-IX86-02.mpq
\xa9\x8c\xf7\xf7\xdbYu\xafdb\x8f\xdbt\xb7+ lockdown-IX86-04.mpq
\xf5\xaa\x9eTpv\xbe0\xd3\xeca\xbe\xb75\x9a\xca lockdown-IX86-12.mpq
\xef\xfc\xbc\xe1\xa1#\xbef)s|x`B\xd7\xcf lockdown-IX86-04.mpq
\x0f\xd6\xbd\xfb\x93\x0c\t\xf9r\x82\x10g\xaa\xca\xbfl lockdown-IX86-02.mpq
\xdc\x85\x06\x13a\xb9\xdf\xce\\v\x82\xf0}\x05\xbe\xc4 lockdown-IX86-18.mpq
RLY...?

|