lockdown-IX86-XX.mpq update?

[Yegg]

eh, im such a cheater
Starcraft.exe = my BNLS atm ;o

Code Select Expand


[03:27:05] Connecting To Server..
[03:27:05] Connected To Server!
[03:27:05] Sending Client Check...
[03:27:05] Client Check Passed!
[03:27:05] Hooked Starcraft.exe...
[03:27:05] Waiting for Proxy connection to do revision...
[03:27:10] [PROXY] Accepted Connection! 0
[03:27:10] [PROXY] Client is game
[03:27:10] [PROXY] Accepted Connection! 1
[03:27:10] [PROXY] Client is ftp
[03:27:10] [PROXY] FTP Client is downloading lockdown-IX86-15.mpq (6.342kb)
[03:27:10] [PROXY] Got Revision Values Returned!
[03:27:10] Sending Revision Check...
[03:27:10] Revision Check Passed!

Eww hewlp!

Battle.net coding isn't my speciality by any means, but you sort of made it sound bad to use starcraft.exe to do the work for you. Is it a bad idea to do so? Or does it just defeat the purpose of emulating the client?

[Kp]

It has several disadvantages:

• It only works on Windows (or Wine if you're really determined)
  
• It requires actually running Blizzard's library, which means you're executing arbitrary code on your machine without the chance to review it.
  
• It requires either automating Starcraft's logon or having a user standing by to perform every logon.
  

[UserLoser]

pplug114.bwl <--- = what?
did this come with the latest bw patch?

Code Select Expand

S->C Dumps
0000:  FF 50 3E 00 00 00 00 00 51 1D C1 71 B1 B9 43 00   ÿP>.....QÁq±¹C.
0010:  00 55 2A BC 72 FC C6 01 6C 6F 63 6B 64 6F 77 6E   .U*¼rüÆ
lockdown
0020:  2D 49 58 38 36 2D 30 31 2E 6D 70 71 00 49 9F 62   -IX86-01.mpq.IŸb
0030:  4E 60 80 2B C9 06 31 CB 5C 6C 78 CA 4D 00         N`€+É1Ë\lxÊM...

0000:  FF 50 3E 00 00 00 00 00 C2 EC F9 F9 C5 B9 43 00   ÿP>.....ÂìùùŹC.
0010:  00 7C E3 E5 72 FC C6 01 6C 6F 63 6B 64 6F 77 6E   .|ãårüÆ
lockdown
0020:  2D 49 58 38 36 2D 31 38 2E 6D 70 71 00 7A 58 78   -IX86-18.mpq.zXx
0030:  5D D0 D3 B2 53 2E 6D F1 A0 67 C1 C4 5B 00         ]ÐÓ²S.mñ gÁÄ[...

0000:  FF 50 3E 00 00 00 00 00 E9 CE 8A F2 D1 B9 43 00   ÿP>.....éΊòѹC.
0010:  00 52 6E D0 72 FC C6 01 6C 6F 63 6B 64 6F 77 6E   .RnÐrüÆ
lockdown
0020:  2D 49 58 38 36 2D 30 39 2E 6D 70 71 00 CF 87 F2   -IX86-09.mpq.χò
0030:  49 5C A0 33 15 80 7F B7 5E D9 18 B8 28 00         I\ 3€·^Ù¸(...

Apparently they like that one single byte heh, 0x01 right befor the mpq name, I'm guessing its their way of telling which revision to use perhaps.
Are the values compressed or encrypted maybe?


Edit: added dumps.

No, the leading eight bytes infront of the MPQ name is the Win32 FILETIME structure of the filetime for the MPQ.

[warz]

In reference to the penguin plug file you see hardcoded in there, it's not referenced anywhere else withing the lockdown library. So, it might not be enabled yet, or might not ever get enabled. Just what a quick glance at the libraries provided by hdx looks like.

[UserLoser]

Technical overview of what CheckRevision is doing:

What has not changed:
- How it gets your version, checksum, executable information string.

What has changed:
- Everything else.

[l2k-Shadow]

Clients affected:
STAR, SEXP, SSHR, JSTR, DRTL, DSHR

Clients unaffected (for now):

D2DV, D2XP, W2BN, WAR3, W3XP


*sigh*

[l2k-Shadow]

ok some advanced programming theory but would this be even possible to do?:
load starcraft.exe into memory
get proc address of what loads dll/calls CheckRevision()
let starcraft.exe retrieve the checksum/exe info string
read the checksum/exe info string values from starcraft.exe's memory
send away

@ W2BN: I just think they don't care enough for W2BN. If you notice only the clients which have or could potentially have a flood/load/spam bot problem (like not using a cd key for connection) have been affected.

[UserLoser]

Honestly, I dont think there's an "easy way" around this...better start using War3 for your bots and don't be stupid and make a floodbot (for anyone out there)

I don't think that's really do-able, Shadow

[DeTaiLs]

This new update is gay when I try to login with the client it keeps giving me this gay error and I have nothing running where it would error out the checksum, I even reinstalled but it keeps giving me this error.

edit:I just looked at the starcraft error log to see what was going on and this error log is pretty werid also the verison is 1.0 because I tryed reinstalling sc.

PROGRAM VERSION: 1.0.0.0
COMPUTER NAME: Owner
TIME: 11/01/06 02:43:23
INFO:

Exception code: C000001E {Invalid Lock Sequence}
An attempt was made to execute an invalid lock sequence.

Fault address:   0A007D88 00:00000000 *unknown*

Registers:
EAX:0A007660
EBX:00B93E3C
ECX:0001C000
EDX:0A0001A0
ESI:00B93E24
EDI:1502E3E4
CS:EIP:001B:0A007D88
SS:ESP:0023:01E4FF06 EBP:01E4FF2F
DS:0023 ES:0023 FS:0038 GS:0000
Flags:00010206
Call stack:
Address  Frame    Logical addr  Module
0A007D88 01E4FF2F 0000:00000000 *unknown*
E4FF5C00 01E4FF5C 0000:00000000 *unknown*

Stack bytes:
0x01e4ff06: 00 2f ff e4  01 ff ff ff  7f ff ff ff  7f ff ff ff  ./..............
0x01e4ff16: 7f ff ff ff  7f 01 00 00  00 00 00 00  00 b0 b0 91  ................
0x01e4ff26: 0a 48 00 00  00 b9 00 6d  6f 5c ff e4  01 00 5c ff  .H.....mo\....\.
0x01e4ff36: e4 01 ff ff  ff 7f ff ff  ff 7f ff ff  ff 7f ff ff  ................
0x01e4ff46: ff 7f 01 00  00 00 00 00  00 00 b0 b0  91 0a 48 00  ..............H.
0x01e4ff56: 00 00 b9 00  6d 6f 20 3e  b9 00 84 19  01 15 60 76  ....mo >......`v
0x01e4ff66: 00 0a 00 c0  01 00 00 40  00 00 3c 3e  b9 00 4c 3e  .......@..<>..L>
0x01e4ff76: b9 00 00 00  00 00 00 00  00 00 00 00  00 00 e4 e3  ................
0x01e4ff86: 02 15 24 3e  b9 00 58 07  b9 00 00 00  00 00 53 07  ..$>..X.......S.
0x01e4ff96: 01 15 00 00  00 00 00 00  00 00 ec ff  e4 01 00 00  ................
0x01e4ffa6: 00 00 20 3e  b9 00 ce 05  00 00 20 3e  b9 00 74 f8  .. >...... >..t.
0x01e4ffb6: 7d 19 3b d3  e7 77 00 00  00 00 00 00  00 00 00 00  }.;..w..........
0x01e4ffc6: 00 00 00 00  00 00 1e 00  00 c0 00 c0  fd 7f c0 ff  ................
0x01e4ffd6: e4 01 34 fb  e4 01 ff ff  ff ff 09 48  e9 77 b8 3d  ..4........H.w.=
0x01e4ffe6: e8 77 00 00  00 00 00 00  00 00 00 00  00 00 60 06  .w............`.
0x01e4fff6: 01 15 00 00  00 00 00 00  00 00 00 00  00 00 b8 00  ................
0x01e50006: 00 00 b8 00  00 00 e5 01  6d 6f 01 00  00 00 13 00  ........mo......
0x01e50016: 00 00 99 9f  00 00 58 00  e5 01 b0 db  e5 01 58 d6  ......X.......X.
0x01e50026: e5 01 00 00  00 00 00 10  00 00 00 f0  00 00 00 00  ................
0x01e50036: 01 00 00 00  00 00 b8 00  00 00 55 3a  5c 53 57 61  ..........U:\SWa
0x01e50046: 72 5c 6c 61  6e 67 5c 63  75 72 2e 63  70 70 00 00  r\lang\cur.cpp..
0x01e50056: 00 00 58 05  05 00 e5 01  6d 6f 05 00  80 00 80 00  ..X.....mo......
0x01e50066: 3f 3f 14 15  8e 00 e5 01  3f 3f 14 15  93 01 e5 01  ??......??......
0x01e50076: 3f 3f 14 15  99 02 e5 01  3f 3f 14 15  a0 03 e5 01  ??......??......
0x01e50086: 3f 3f 14 15  a6 04 e5 01  2a 00 2d 00  31 00 36 00  ??......*.-.1.6.
0x01e50096: 3c 00 43 00  4a 00 53 00  5e 00 69 00  74 00 7f 00  <.C.J.S.^.i.t...
0x01e500a6: 8a 00 99 00  a9 00 bb 00  cd 00 dc 00  ea 00 f6 00  ................
0x01e500b6: ff 00 01 42  93 02 42 42  92 03 42 ba  42 91 04 42  ...B..BB..B.B..B
0x01e500c6: ba ba 42 90  05 42 ba ba  ba 42 8f 01  42 44 ba 01  ..B..B...B..BD..
0x01e500d6: 42 8e 07 42  ba ba 42 ba  ba 42 8d 03  42 ba ba 81  B..B..B..B..B...
0x01e500e6: 04 42 ba ba  42 8c 03 42  ba ba 82 04  42 ba ba 42  .B..B..B....B..B
0x01e500f6: 8b 03 42 ba  ba 83 04 42  ba ba 42 8a  03 42 ba ba  ..B....B..B..B..
0x01e50106: 84 04 42 ba  ba 42 89 03  42 ba ba 85  04 42 ba ba  ..B..B..B....B..
0x01e50116: 42 88 03 42  ba ba 83 02  42 42 81 04  42 ba ba 42  B..B....BB..B..B
0x01e50126: 87 03 42 ba  ba 82 09 42  ba ba 42 42  42 ba ba 42  ..B....B..BBB..B
0x01e50136: 86 03 42 ba  ba 81 0b 42  ba 42 42 ba  ba 42 42 ba  ..B....B.BB..BB.
0x01e50146: ba 42 85 06  42 ba ba 42  ba 42 82 08  42 42 ba ba  .B..B..B.B..BB..
0x01e50156: 42 ba ba 42  84 05 42 ba  ba 75 42 85  02 42 42 44  B..B..B..uB..BBD
0x01e50166: ba 01 42 83  04 42 75 75  42 88 06 42  42 ba ba 75  ..B..BuuB..BB..u
0x01e50176: 42 82 03 42  55 42 8b 05  42 42 ba 55  42 81 02 42  B..BUB..BB.UB..B
0x01e50186: 42 8e 04 42  42 55 42 01  42 91 02 42  42 2a 00 2d  B..BBUB.B..BB*.-
0x01e50196: 00 31 00 36  00 3c 00 43  00 4a 00 53  00 5e 00 69  .1.6.<.C.J.S.^.i
0x01e501a6: 00 74 00 7f  00 8a 00 99  00 a9 00 bb  00 cd 00 dd  .t..............
0x01e501b6: 00 eb 00 f7  00 00 01 01  42 93 02 42  42 92 03 42  ........B..BB..B
0x01e501c6: ba 42 91 04  42 ba ba 42  90 05 42 ba  ba ba 42 8f  .B..B..B..B...B.
0x01e501d6: 01 42 44 ba  01 42 8e 07  42 ba ba 42  ba ba 42 8d  .BD..B..B..B..B.
0x01e501e6: 03 42 ba ba  81 04 42 ba  ba 42 8c 03  42 ba ba 82  .B....B..B..B...
0x01e501f6: 04 42 ba ba  42 8b 03 42  ba ba 83 04  42 ba ba 42  .B..B..B....B..B

Code bytes:
0x0a007d88: f0 49 2b 0a  00 00 00 00  00 00 00 00  c0 00 00 00  .I+.............

[MyndFyre]

DeTaiLs, are you running as an administrator or less-privileged user?

[DeTaiLs]

DeTaiLs, are you running as an administrator or less-privileged user?

Lol if you looked at log it said my login name was owner which usally means admin access, but yes i am an admin account

[Kp]

DeTaiLs, are you running as an administrator or less-privileged user?

Lol if you looked at log it said my login name was owner which usally means admin access, but yes i am an admin account

You're intentionally running as an administrator when you know that Blizzard is deploying new code that none of us have analyzed yet?  Are you crazy?!  You could easily destroy that machine with one of these downloads...


Anyway, try manually patching Starcraft before signing on.  They may have finally broken the ability to properly upgrade a v1.0 client via battle.net.

[Scope]

Well, with my friends program, a multi-platform bot, seemed to not have a problem logging in. So, from my first look, it turns out Battle.Net is only trying to patch the 'majority' of the programs now. However, when he connected his program, it gave a weird checkrevision response, however it still logged in. I only have minor details at the moment, but this should set a basis as to how to get around this problem.

[NetNX]

Honestly, I dont think there's an "easy way" around this...better start using War3 for your bots and don't be stupid and make a floodbot (for anyone out there)

I don't think that's really do-able, Shadow

Well even if it was possible it would not be a practical method for distribution. The idea being that you would need to distribute 'Starcraft.exe' with your bot for it to work. I don't know if you remeber all that drama a few months back with stealthbot getting threatened for carrying and distributing hashes (known now to be a prank). Having a user written library that is not technically the property of blizzard.

@Kp, do you really think blizzard would do that too us? I mean they have never tried before... Worst i'd expect would be an account/cdkey ban.

[MyndFyre]

DeTaiLs, are you running as an administrator or less-privileged user?

Lol if you looked at log it said my login name was owner which usally means admin access, but yes i am an admin account

It said the Computer Name was Owner, not account name.  Very different things!