• Welcome to Valhalla Legends Archive.
 

Lockdown Checkrevisions

Started by Ante, February 04, 2007, 04:57 PM

Previous topic - Next topic

Ante

several weeks ago i found that there are only about 2000 different checksum formulas sent by the server. for some reason, they decided not to make it fully random.

about a week after i found that out, they increased it to about 50k-100k different checksum formulas sent by the server. it is still limited.

If they coulda done this in the first place, could someone whos got a good idea of the lockdown mpqs explain why they originally only stayed with 2000 checksum formulas?

and wouldn't it be more efficient if they made it took advantage of all values possible? (10^20-50s)

what do you think is limiting blizzard's checksum formulas?
Efficiency is the Key to Productivity, and
Productivity is the Key to Success.

Barabajagal

My guess is that it has something to do with making sure the values are correct, which might mean they use a database list of values that they check against.

brew

Wouldn't it be most efficient (as in acual work done by the processor) to randomly generate a checksum formula and have the server hash the expected result on-the-spot then compare it with the client? Unless, ofcourse Blizzard is just cycling through a list of checksum formulas which was randomized after being initally created. (which would explain why Ante never got a repeated checksum formula until now)
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Barabajagal

That's what I thought they did at first, but how does the server hash the results? That's sort of the key, isn't it? If they have a big database, they can get the results from the game. If they have a different function that gets the same results somehow, then there's another way to crack this thing.

l2k-Shadow

Quote from: [RealityRipple] on February 04, 2007, 08:05 PM
That's what I thought they did at first, but how does the server hash the results? That's sort of the key, isn't it? If they have a big database, they can get the results from the game. If they have a different function that gets the same results somehow, then there's another way to crack this thing.

It's already been done. BNLS has been functional right after the release of new hash values by Battle.net, therefore BNLS does not use a large database, but rather has a function to calculate the correct results, or forces lockdown dlls to return the correct results.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

Barabajagal

I know, bnls will return any request you give it, I've written a program that does that. the question is, is there another way to get values?

topaz

If you generate a new one all the time, it all ends up being very processor intensive. Better to just have a massive hashtable to look up every time you want a result
RLY...?

Hdx

you have to find the happy midpoint.
If you have 1 user connecting every second, then doing it on the fly is fine.
But if the function takes 500MS, and you have 100 people connecting every second.. it would be logical to have 2-4 'seeds' or w/e you wana call it. And have them be newly generated every 500ms or so.
It all depends on how much of a load you have both for the function and useage wise.
~Hdx

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

warz

hdx is right. the algorithm used by checkrevision skips through the main game files as loaded into the address space, adding segments of data to the SHA1 information. this is a hefty process to do every time a user logs into battlenet. i think ive already told you this - caching this information is nothing new. battlenet has been doing this for a while. you're not onto something, you're just running in circles. but, from a client perspective, it's fine to run through the selective memory hashing routines once every connection, since it's only being performed once.

Barabajagal

Final answer: There's no special function to get the values without memory hashes, otherwise the values would be randomly generated and the server wouldn't have a problem checking if the result was correct. It's probably a big cache database. Nothing accomplished!

warz

Quote from: [RealityRipple] on February 05, 2007, 01:32 PM
Final answer: There's no special function to get the values without memory hashes, otherwise the values would be randomly generated and the server wouldn't have a problem checking if the result was correct. It's probably a big cache database. Nothing accomplished!

No, you're completely wrong. There is a function that creates the digest values and returns them. That function is called checkrevision. And, on the server's side, I'm sure there's even a function that grabs their cached values, too! :P

Barabajagal

i said there is no function to get it without the memory hashes. checkrevision uses memory values from the client's memory, hashes them, runs them through a function, and returns the result string and checksum

brew

So, where are we? There's still one huge question: is there any signifcance at all to the new so-called checksum "formulas?" Or are they just originally randomly generated seed values put into a hash value with the expected checksum?
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Barabajagal

Quote from: BreW on February 05, 2007, 03:14 PM
So, where are we? There's still one huge question: is there any signifcance at all to the new so-called checksum "formulas?" Or are they just originally randomly generated seed values put into a hash value with the expected checksum?

the new values are just like the old values...

brew

They are...? How would the checkrevision function parse the values within the checksum formula? I've never really looked into them... Or, better yet. Are the values within the checksum formula used at all for anything besides as a seed to be hashed with the other values of the CR?
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P