• Welcome to Valhalla Legends Archive.
 

Syncing

Started by fuzan, February 25, 2007, 04:38 AM

Previous topic - Next topic

fuzan

Hey,

I'd like to introduce myself a little and mention after spending a few hours coding / reading / researching what I know. Hopefully I can be corrected where needed.

I'm currently dabbling in the bot-arena and thought to implement a Battle.net chatbot (SEXP) in Haskell. After perusing the bnetdocs page a bit and feeling pretty comfortable I began implementing some core code. After looking at some packet dumps and noticing messages  {0x33, 0x4c} I became aware of lockdown. (These are the result of lockdown, correct? )

I also became aware of BNLS, which seems to be a server that assists bot developers in performing the difficult work associated with lockdown. I am not aware of other methods of negotiating past the lockdown, do any exist?

And finally, I couldn't seem to find any open-source examples of current functional bots. Do any of these exist either?

Thanks!

fuzan

After further reading it seems I understand that the client is required to correctly perform some hash over a requested file. It seems that people have generated large lookup tables for this process and that they're no longer public. True?

Barabajagal

Lockdown is a harder than a simple hash of a file. It's a hash of memory values of the game. A full public list does not yet exist, however, I have an incomplete list which you can view at http://rcb.realityripple.com/CRev/ . I'm working on getting a more complete list, though. BNLS returns all the values you will need for SEXP's connection, and you can find the information for using BNLS on BNetDocs as well (it's at the bottom). The bot I have written (Ripple Chat Bot) is an open-source program, though it's written in Visual Basic 6.0. You can find it at http://rcb.realityripple.com . It's a bit messy, and I use BNCSUtil for the CDKey and Password hashing, BNLib for D2/W3 hashing, BNLS for everything BNLS can handle (or JBLS, depending on the user's selection) and my CRev Database as a cache system.

Also, Please use the Modify feature instead of double-posting if it can be avoided.

brew

#3
This "lockdown" as you call it is nothing but a new(er) version of the Checkrevision function MPQs. Historically, the acual dlls would be extracted from these mpqs and called to create a checksum which is sent to Battle.net in the C > S 0x51. However, what this value of this checksum is was originally the hash of the three core files of the game (for ex. starcraft.exe, battle.snp, storm.dll) to verify if the game isn't corrupted, by say, hacks or any other 3rd party programs. With the new lockdown mpqs, it makes a hash of the game's memory using an alogothram according to the mpq it downloads from battle.net's ftp if it doesn't already have. It then processes that with other information including the checksum formula the client receives in the S > C 0x50, creates a checksum then sends it to battle.net.

Your best bet on making a bot right now is by using BNLS. I recommend using the 0x09, however many of the other members on this board prefer the 0x1a. So use the 0x1a, because I'm always wrong and they're always right, even though I can name at least 20 disadvantages the 0x1a has over the 0x09. *sigh*
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Ante

Currently the most reliable way to get past the lockdown mpqs is with BNLS, because Skywing developped a reliable method that he will not release.

however, if you really need speed and don't want another connection, you can use the caching system that we came up with, and some people have most of the values needed, but they won't release them.
Efficiency is the Key to Productivity, and
Productivity is the Key to Success.

fuzan

RealityRipple,  how up-to-date is your CRev repo? I've been trying to match a ValueString from the s>0x50 with any of the values from your CRev unsuccessfully.

Perhaps I'm using the wrong 32 bytes. The 32 bits after the MPQ are correct, eh?

Barabajagal

As I said, my list is quite small, with only around 5000 values for all the games. Use BNLS as your connection system, and you can use my DataBase as a cache system if you want (or if you plan to add DRTL support, as mine's the only public list of DRTL values out there as of now). The estimate is that there are 10,000 values for STAR, so ya...

brew

You should (really) go with bnls.
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Ante

there is about 1000 values for each mpq for sexp. that adds up to 20000 values for sexp. Star has a similarly high amount of values. unless you have at least 20000 of the 40000 values, it is suggestted that you use BNLS.
Efficiency is the Key to Productivity, and
Productivity is the Key to Success.

Barabajagal

STAR and SEXP have the same amount of values... Ringo posted the value count somewhere or other on here.

brew

...
QuoteStar has a similarly high amount of values.
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P