IX86MindVision.mpq?

[Ringo]

Code Select Expand


FF 4C 17 00 49 58 38 36 4D 69 6E 64 56 69 73 69       .L..IX86MindVisi
6F 6E 2E 6D 70 71 00                                  on.mpq.

Friend just got it on his bot, but doesnt seem to effect logging on?
Is it some kinda patch?

EDIT:

[23:28:28] <sdf(KiLLer)> It's an 0x4C from the packet SID_OPTIONALWORK, and starcraft auto extracts it and includes it into broodat.mpq
[23:28:38] <sdf(KiLLer)> it's just a warden anti hack update

Hm, thats warden? Never seen it on the older protocol before -- warden has been evading me i guess and doesnt it go in the cache file like all the rest?

[UserLoser]

it's required work, meaning game will execute it no matter what unlike 0x4a is optional work. kind of like ix86BlueDrake on war3.  ix86BlueDrake.dll patches disconnect hack.  this is antihack/blizzards way of patching something without releasing an official patch.

[UserLoser]

Five minute examination: Well, it writes memory stuff (probably patch hacks), then it connects to 63.240.202.115:6112, and sends stuff there.  Interesting, looks war3 related only since there's serveral game.dll references.

63.240.202.115 isn't listening on  6112, interesting

looks like it's always running in a loop while it's connected sending it info, not sure.  Mindvision immediately made me think it sees what's going on in the client's side, which appears to be true.

[Ringo]

Hmm, I was just doing somthing else, that involved my SC proxy and noticed the 0x4B so checked it with Bnetdocs.
They cant care to* much about 3rd party clients, because they could easy disconnect clients after X amount of seconds for not responding -- like with D2GS for example
Maybe that is what they are thinking

Full log:

Code Select Expand


[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 51 09 00 00 00 00 00 00                            .Q.......

[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 4C 17 00 49 58 38 36 4D 69 6E 64 56 69 73 69       .L..IX86MindVisi
6F 6E 2E 6D 70 71 00                                  on.mpq.

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 2D 04 00                                           .-..

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 33 1B 00 1D 00 00 00 00 00 00 00 69 63 6F 6E       .3..........icon
73 5F 53 54 41 52 2E 62 6E 69 00                      s_STAR.bni.

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 33 18 00 1A 00 00 00 00 00 00 00 74 6F 73 5F       .3..........tos_
55 53 41 2E 74 78 74 00                               USA.txt.

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 33 19 00 1B 00 00 00 00 00 00 00 62 6E 73 65       .3..........bnse
72 76 65 72 2E 69 6E 69 00                            rver.ini.

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 26 AA 01 01 00 00 00 13 00 00 00 FC 15 71 09       .&............q.
49 2E 43 72 79 2E 57 68 65 6E 2E 4C 6F 73 73 00       I.Cry.When.Loss.
70 72 6F 66 69 6C 65 5C 73 65 78 00 70 72 6F 66       profile\sex.prof
69 6C 65 5C 61 67 65 00 70 72 6F 66 69 6C 65 5C       ile\age.profile\
6C 6F 63 61 74 69 6F 6E 00 70 72 6F 66 69 6C 65       location.profile
5C 64 65 73 63 72 69 70 74 69 6F 6E 00 52 65 63       \description.Rec
6F 72 64 5C 53 45 58 50 5C 30 5C 77 69 6E 73 00       ord\SEXP\0\wins.
52 65 63 6F 72 64 5C 53 45 58 50 5C 30 5C 6C 6F       Record\SEXP\0\lo
73 73 65 73 00 52 65 63 6F 72 64 5C 53 45 58 50       sses.Record\SEXP
5C 30 5C 64 69 73 63 6F 6E 6E 65 63 74 73 00 52       \0\disconnects.R
65 63 6F 72 64 5C 53 45 58 50 5C 30 5C 6C 61 73       ecord\SEXP\0\las
74 20 67 61 6D 65 00 52 65 63 6F 72 64 5C 53 45       t game.Record\SE
58 50 5C 30 5C 6C 61 73 74 20 67 61 6D 65 20 72       XP\0\last game r
65 73 75 6C 74 00 52 65 63 6F 72 64 5C 53 45 58       esult.Record\SEX
50 5C 31 5C 77 69 6E 73 00 52 65 63 6F 72 64 5C       P\1\wins.Record\
53 45 58 50 5C 31 5C 6C 6F 73 73 65 73 00 52 65       SEXP\1\losses.Re
63 6F 72 64 5C 53 45 58 50 5C 31 5C 64 69 73 63       cord\SEXP\1\disc
6F 6E 6E 65 63 74 73 00 52 65 63 6F 72 64 5C 53       onnects.Record\S
45 58 50 5C 31 5C 72 61 74 69 6E 67 00 52 65 63       EXP\1\rating.Rec
6F 72 64 5C 53 45 58 50 5C 31 5C 68 69 67 68 20       ord\SEXP\1\high
72 61 74 69 6E 67 00 44 79 6E 4B 65 79 5C 53 45       rating.DynKey\SE
58 50 5C 31 5C 72 61 6E 6B 00 52 65 63 6F 72 64       XP\1\rank.Record
5C 53 45 58 50 5C 31 5C 68 69 67 68 20 72 61 6E       \SEXP\1\high ran
6B 00 52 65 63 6F 72 64 5C 53 45 58 50 5C 31 5C       k.Record\SEXP\1\
6C 61 73 74 20 67 61 6D 65 00 52 65 63 6F 72 64       last game.Record
5C 53 45 58 50 5C 31 5C 6C 61 73 74 20 67 61 6D       \SEXP\1\last gam
65 20 72 65 73 75 6C 74 00 00                         e result..

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 33 1F 00 06 00 00 80 00 00 00 00 49 58 38 36       .3..........IX86
4D 69 6E 64 56 69 73 69 6F 6E 2E 6D 70 71 00          MindVision.mpq.

[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 2D 16 00 00 08 16 BF E9 50 C3 01 69 63 6F 6E       .-.......P..icon
73 2E 62 6E 69 00                                     s.bni.

[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 33 23 00 1D 00 00 00 00 00 00 00 00 EF E1 E3       .3#.............
FE 26 C4 01 69 63 6F 6E 73 5F 53 54 41 52 2E 62       .&..icons_STAR.b
6E 69 00                                              ni.

[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 33 20 00 1A 00 00 00 00 00 00 00 00 DF 77 0F       .3 ...........w.
6C E8 C0 01 74 6F 73 5F 55 53 41 2E 74 78 74 00       l...tos_USA.txt.


[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 33 21 00 1B 00 00 00 00 00 00 00 00 7D 2B 85       .3!..........}+.
63 E8 C0 01 62 6E 73 65 72 76 65 72 2E 69 6E 69       c...bnserver.ini
00                                                    .

[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 33 27 00 06 00 00 80 00 00 00 00 00 0B CC DA       .3'.............
6D 3A C7 01 49 58 38 36 4D 69 6E 64 56 69 73 69       m:..IX86MindVisi
6F 6E 2E 6D 70 71 00                                  on.mpq.

[01:13:41] [Set 1] Filtering Unknown TCP Bnet Data
FF 26 3A 00 01 00 00 00 13 00 00 00 FC 15 71 09       .&:...........q.
00 00 00 00 00 00 00 32 39 38 32 33 32 31 35 20       .......29823215
33 37 39 39 34 33 33 33 36 30 00 44 52 41 57 00       3799433360.DRAW.
00 00 00 00 00 00 00 00 00 00                         ..........

[01:13:41] [Set 1] Filtering Unknown TCP Client Data
FF 4B 0C 00 03 00 04 00 00 00 00 5E                   .K.........^



Are you talking about somthing differnt, in terms of the data been sent to 63.240.202.115?
Hm out comes etheral

EDIT: Ah, i see it.
After checking the file, it sends 4 bytes to that udp server 63.240.202.115:6112, which then sends a byte back to the client, which then sends 0x4B to bnet, from what I can see here.
In this log, SC Sent: 3B 40 98 09 and got back 1C, then sent 00 00 00 5E

[Joe[x86]]

It's name, Mind Vision, is probably a reference to the WoW Priest spell. It can be cast on anyone, friendly or otherwise, anywhere in the world (assuming you can set them as your target) and see out of their eyes for a minute or so. Sounds like it's doing kind of just that.

[Hdx]

Looks like there is a new one,
IX86FarSight.mpq
Anyone feel like looking into that one?
~-~(HDX)~-~

[rabbit]

It's clearly a reference the the cheapest gun ever (from Perfect Dark 64, auto-locking-see-and-shoot-through-walls-one-hit-kill-sniper-rifle).

[Ersan]

No way, it's definitely named after the creators of the VISE installer.

But seriously, that gun was total bullshit.

[topaz]

Or it's a reference to Orcs of Warcraft III?

[SNiFFeR]

Far sight is a technique used by Shamans in WoW.

[UserLoser]

Far sight is a technique used by Shamans in WoW.

Also used by a Far Seer in Warcraft III.

[Hdx]

Anyone actually gona poke around on it? Or are you all jsut gona talk about old games? And yes that PD64 gun was cheap >.<
~-~(HDX)~-~

[UserLoser]

Looks like basically the same thing as IX86MindVision.dll

[iCe]

Is there even any reply for 0x4C or is it just sent to make sure it is run locally with no response from the client?

[warz]

BOTS N OPS.