• Welcome to Valhalla Legends Archive.
 

lockdown-IX86-XX.mpq update?

Started by Ringo, October 31, 2006, 04:51 PM

Previous topic - Next topic
|

warz

You surely do have some crazy looking string values there. :-P
These are the two I've been working with...

char seed00[] = { 0xAD, 0x09, 0xEA, 0xB3, 0x63, 0x41, 0x98, 0xA2, 0xF8, 0xE2, 0xA8, 0xB3, 0x99, 0xC2, 0xCB, 0xB2, 0x00 };
char seed13[] = { 0xD8, 0x85, 0xA8, 0x15, 0x91, 0x23, 0x10, 0x26, 0x2D, 0x22, 0x55, 0xC3, 0x91, 0x62, 0x37, 0xD9, 0x00 };

Ersan

#61
00
A3 10 AD 4F 97 A7 F6 A4 9B DE 5E F5 5B 3D B5 EF 00
CE 4F F8 EC 20 AC 60 D2 A3 63 A9 2A CA 80 A3 6B 00

05
3B 04 51 FF 6E 79 AF 9C EA 87 A7 8C ED A2 EB AB 00

06
B8 27 1E DD AD 58 26 1A 69 60 80 CD 3C 98 1B F0 00
82 7A 8B 92 A1 86 23 20 53 7F 71 93 21 B0 57 8E 00

08
5E C8 9C 82 92 3F 4A 83 AA 8F 25 93 91 38 CC 73 00
B7 1C 98 62 DC F9 E1 FC 38 35 D3 B6 B4 82 DD E3 00

10
3B EB 99 F4 B8 E1 09 0E 4C D6 BB 33 B2 EB 6B C4 00

14
AC 10 BB 6E 52 B3 36 C2 6E E4 16 C4 8F F0 64 2E 00

15
DC 98 46 72 D2 1F 11 E4 E1 EF 05 E5 92 EE DD 3A 00

19
5B 3F FF B0 7D 7D 8E F8 27 7B CF 81 08 31 CA 7F 00


I stopped getting values because it appears to be a waste of time.

warz, im me.

Yegg

Quote from: Ersan on November 02, 2006, 06:13 PM
Can you morons please shut the fuck about that crap, this thread is about reversing the new changes.

Yes, you can download the mpq from bnftp and extract the dll and run the function, but this requires starcraft to be running for you to connect your bot and is not good enough.

It requires Starcraft to be running? This also means that you could just hook starcraft.exe as Ringo did, correct? Or did something just fly right over my head?

rabbit

You can't hook Starcraft until after it logs in (old NBBot style, anyone?) because the new check revision examines the memory.  If you download, extract, and run the check revision from BNFTP with Starcraft open, it will work fine.  Then you can close Starcraft.  What would be nice is to find a way to just logon without needing Starcraft open at all.
Grif: Yeah, and the people in the red states are mad because the people in the blue states are mean to them and want them to pay money for roads and schools instead of cool things like NASCAR and shotguns.  Also, there's something about ketchup in there.

l)ragon

Quote from: rabbit on November 02, 2006, 07:02 PM
You can't hook Starcraft until after it logs in (old NBBot style, anyone?) because the new check revision examines the memory.  If you download, extract, and run the check revision from BNFTP with Starcraft open, it will work fine.  Then you can close Starcraft.  What would be nice is to find a way to just logon without needing Starcraft open at all.
Dump starcrafts memory to a file.
*^~·.,¸¸,.·´¯`·.,¸¸,.-·~^*ˆ¨¯¯¨ˆ*^~·.,l)ragon,.-·~^*ˆ¨¯¯¨ˆ*^~·.,¸¸,.·´¯`·.,¸¸,.-·~^*

warz

C'mon guys, think about this for a minute. If you're receiving this seed value from bnet, and it's known that the exact value from bnet is passed to checkrevision without being modified, and checkrevision returns values based on this seed - doesn't it sound probable that the problem here is not the seed value? The problem lies in what checkrevision does, and certain functions it calls to check certain things - what's storm 350, anyone?

The seed value most likely only affects the returned values. For example, it probably uses this seed for certain calculations within checkrevision.

UserLoser

Quote from: Ersan on November 02, 2006, 06:13 PM
Can you morons please shut the fuck about that crap, this thread is about reversing the new changes.

Yes, you can download the mpq from bnftp and extract the dll and run the function, but this requires starcraft to be running for you to connect your bot and is not good enough.

No...Starcraft does not have to be running.  There is a way to do this.

Ersan


l2k-Shadow

I tried calling the lib when starcraft was running but it didn't work. returned 0 for checksum
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

LordNevar

This is a packet log from the client.


HIDDEN  HIDDEN 62  Recv 
0000  FF 50 3E 00 00 00 00 00 C3 3E B8 E3 73 74 2F 00    .P>......>..st/.
0010  00 09 EF C0 72 FC C6 01 6C 6F 63 6B 64 6F 77 6E    ....r...lockdown
0020  2D 49 58 38 36 2D 30 33 2E 6D 70 71 00 CA 55 DB    -IX86-03.mpq..U.
0030  69 B3 E5 DA 54 D7 D9 5F 5B 2C D1 E4 B1 00          i...T.._[,....


This is a packet log from a bot.


HIDDEN  HIDDEN  62  Recv 
0000  FF 50 3E 00 00 00 00 00 EF E1 1D 69 75 76 05 00    .P>........iuv..
0010  00 09 EF C0 72 FC C6 01 6C 6F 63 6B 64 6F 77 6E    ....r...lockdown
0020  2D 49 58 38 36 2D 30 33 2E 6D 70 71 00 BF E9 2D    -IX86-03.mpq...-
0030  1E CF 67 D7 49 82 18 AF 46 23 F1 B7 29 00          ..g.I...F#..).


Not sure if this is helpful to anyone, but if it is than here ya go.


A good fortune may forbode a bad luck, which may in turn disguise a good fortune.
The greatest trick the Devil ever pulled, was convincing the world he didn't exsist.

warz

Quote from: Ersan on November 02, 2006, 10:50 PM
With a stock lockdown MPQ?

No, I think I've already mentioned hooking certain API calls. This checkrevision uses both unicode and ansi versions of getmodulefilename, and uses getmodulehandle.

Ersan

#71
You can logon using PMAC, in case anyone doesn't know...  This is the 'super secret solution' everyone is going on about.  This is also how SBFix.exe works.  You need mac hashes though, good luck finding them.

Whether they're going to patch pmac or not, I have no idea.  I don't think they're having big problems with cheaters on mac.

Newby

#72
Quote from: Ersan on November 03, 2006, 08:24 AM
You can logon using PMAC, in case anyone doesn't know...  This is the 'super secret solution' everyone is going on about.  This is also how SBFix.exe works.  You need mac hashes though, good luck finding them.

Whether they're going to patch pmac or not, I have no idea.  I don't think they're having big problems with cheaters on mac.

Yeah. I'm not surprised that all the "1337" bot building kiddies couldn't figure it out and decided to change the login to "PMAC"... nobody posted an open source solution yet!

Problem, Ersan: When they realize that the number of PMAC clients outnumber their X86 clients, they'll catch on and patch it! :P
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

NetNX

Quote from: Newby on November 03, 2006, 08:42 AM
Quote from: Ersan on November 03, 2006, 08:24 AM
You can logon using PMAC, in case anyone doesn't know...  This is the 'super secret solution' everyone is going on about.  This is also how SBFix.exe works.  You need mac hashes though, good luck finding them.

Whether they're going to patch pmac or not, I have no idea.  I don't think they're having big problems with cheaters on mac.

Yeah. I'm not surprised that all the "1337" bot building kiddies couldn't figure it out and decided to change the login to "PMAC"... nobody posted an open source solution yet!

Problem, Ersan: When they realize that the number of PMAC clients outnumber their X86 clients, they'll catch on and patch it! :P

O_o why not XMAC?

Ersan

Because I'd assume osx-x86 addresses memory in the same fashion that windows does so it'll be easier for them to patch.

|