• Welcome to Valhalla Legends Archive.
 

Help password hashing with BnetAuth

Started by Goran, April 14, 2007, 05:10 PM

Previous topic - Next topic

Hell-Lord

Yep thats true. Anyway have you got anywhere after some of the suggestions?

l2k-Shadow

yeah but don't confuse what the data type string is in the first place.. it is a character array terminated by a null character.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

Goran

Dim ClientToken As Long
Dim Password As String
Dim NewHash As Long
ClientToken = GetTickCount()
Password = LCase(BotVar.NewPassword)
X NewHash, Password
With pBuffer
.InsertDWORD ClientToken
.InsertDWORD BotVar.ServerTokenMCP
.InsertDWORD BotVar.PasswordHash
.InsertDWORD NewHash
.InsertNTString BotVar.UserNameLAP
.SendPacketLAP &H31
End With

Getting type mismatch at BotVar.PasswordHash
When i put my mouse over it I see the hash info, strange characters blah blah.. sooo.. I guess I don't really know what type mismatch means.  If someone would kindly explain as I am a novice :)

l2k-Shadow

Type mismatch means that you are trying to assign a value to a variable which is unfit to be assigned to that variable or that you are trying to pass a variable to a function which accepts different variable type.

Ex:


Option Explicit

Sub Form_Load()
Dim a As String
    a = "SHIT"
    Call ExampleFunction(a)
End Sub

Sub ExampleFunction(ByVal a As Integer)
    MsgBox a
End Sub


You will get a type mismatch error on the function call line.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

Spilled

Quote from: Goran on April 14, 2007, 08:34 PM
Dim ClientToken As Long
Dim Password As String
Dim NewHash As Long
ClientToken = GetTickCount()
Password = LCase(BotVar.NewPassword)
X NewHash, Password
With pBuffer
.InsertDWORD ClientToken
.InsertDWORD BotVar.ServerTokenMCP
.InsertDWORD BotVar.PasswordHash
.InsertDWORD NewHash
.InsertNTString BotVar.UserNameLAP
.SendPacketLAP &H31
End With

Getting type mismatch at BotVar.PasswordHash
When i put my mouse over it I see the hash info, strange characters blah blah.. sooo.. I guess I don't really know what type mismatch means.  If someone would kindly explain as I am a novice :)

(DWORD)       Client Token
(DWORD)       Server Token
(DWORD[5])    Old password hash
(DWORD[5])    New password hash
(STRING)     Account name

Hrmm well lets see. DWORD[5], first off do you know what this means? Second off your passing a string to and sub that's expecting a long. Same with the new password hash. Alot of people handle this as a Non Null Terminated string because its eazier then 5 DWORDS, So put InsertNonNTString Oldhash and InsertNonNTSting newhash

And see what it gets you ;)

"BotVar.ServerTokenMCP" lmao?

Goran

No more Type Mismatch but now I'm getting ByRef Argument Type Mismatch and its highlighting NewHash.

Public Sub ChangePassword()
Dim ClientToken As Long
Dim NewPassword As Long
Dim NewHash As Long
ClientToken = GetTickCount()
NewPassword = LCase(BotVar.NewPassword)
X NewHash, NewPassword
With pBuffer
.InsertDWORD ClientToken
.InsertDWORD BotVar.ServerTokenMCP
.InsertNonNTString BotVar.PasswordHash
.InsertNonNTString NewHash <--- Highlighted :\
.InsertNTString BotVar.UserNameLAP
.SendPacketLAP &H31
End With
End Sub

Oh and the ServerTokenMCP is a long story and I don't feel like telling it...

Yegg

I've thought about this before, but I have no desire to create such a thing. With relative ease, someone could create a simple program that grabs the client and server token and the hash of a password and easily obtain the password correct? Of course, they would have to write a reverse of the hashing function, but that shouldn't really be too difficult. This idea is very practical, is it?

l2k-Shadow

Quote from: Yegg on April 14, 2007, 09:28 PM
I've thought about this before, but I have no desire to create such a thing. With relative ease, someone could create a simple program that grabs the client and server token and the hash of a password and easily obtain the password correct? Of course, they would have to write a reverse of the hashing function, but that shouldn't really be too difficult. This idea is very practical, is it?

no, it's a hash, not an encryption.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

brew

Quote from: l2k-Shadow on April 14, 2007, 07:51 PM

you're clueless about what you're attempting to achieve.

Quote
(DWORD)       Client Token
(DWORD)       Server Token
(DWORD[5])    Old password hash
(DWORD[5])    New password hash
(STRING)     Account name

    "If CreateHash <> "" Then
        InsertNonNTString CreateHash
        InsertNTString Username
        SendPacket &H3D"
- l2uthless ops
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Barabajagal

Yegg: the point of a hash is that it's not supposed to be reversible. That's the entire point of them. If a hash can be reversed, it should no longer be used.

Goran: the hashes are DWORD[5]'s, which means they are an array of 5 dwords (20 bytes of pure data). "String", "Non-Null Terminated String", etc... just means pure data. It's a bit misleading. A better name for the type would be Null, I guess. Your function looks like it expects a string. So what do you do? Set the hashes to Strings equal to 20 bytes of empty data (strHash = String$(20,0))

Hell-Lord


brew

Quote from: Yegg on April 14, 2007, 09:28 PM
I've thought about this before, but I have no desire to create such a thing. With relative ease, someone could create a simple program that grabs the client and server token and the hash of a password and easily obtain the password correct? Of course, they would have to write a reverse of the hashing function, but that shouldn't really be too difficult. This idea is very practical, is it?
Uh... Reality is right. It's not ment to be reversed. Please, TRY to find the original value of ANY md5 hash without using a rainbow table. Also another hole in your theory: How would the person "decoding" the hash know the client token and server token? Now please tell me, HOW the hell is decoding a double broken sha-1 hash pratical at all?
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Goran

Public Sub ChangePassword()
Dim ClientToken As Long
Dim NewPassword As String
Dim NewHash As String
NewHash = String$(20, 0)
ClientToken = GetTickCount()
NewPassword = LCase(BotVar.NewPassword)
X NewHash, NewPassword
With pBuffer
.InsertDWORD ClientToken
.InsertDWORD BotVar.ServerTokenMCP
.InsertNonNTString BotVar.PasswordHash
.InsertNonNTString NewHash
.InsertNTString BotVar.UserNameLAP
.SendPacketLAP &H31
End With
End Sub

Ok so this is what I got, it seems to be loading and connecting without errors but I'm getting IP banned so I assume I'm building the packet incorrectly.  Any ideas?

brew

Make sure your client/server tokens AREN'T 0, and make sure the length of your hashes are both 20 characters long. Other then that, I have no idea how you can possibly get ipbanned.
<3 Zorm
Quote[01:08:05 AM] <@Zorm> haha, me get pussy? don't kid yourself quik
Scio te esse, sed quid sumne? :P

Explicit

Quote from: Goran on April 14, 2007, 10:19 PM
Public Sub ChangePassword()
Dim ClientToken As Long
Dim NewPassword As String
Dim NewHash As String
NewHash = String$(20, 0)
ClientToken = GetTickCount()
NewPassword = LCase(BotVar.NewPassword)
X NewHash, NewPassword
With pBuffer
.InsertDWORD ClientToken
.InsertDWORD BotVar.ServerTokenMCP
.InsertNonNTString BotVar.PasswordHash
.InsertNonNTString NewHash
.InsertNTString BotVar.UserNameLAP
.SendPacketLAP &H31
End With
End Sub

Ok so this is what I got, it seems to be loading and connecting without errors but I'm getting IP banned so I assume I'm building the packet incorrectly.  Any ideas?

This is where everyone says "packet log."
I'm awake in the infinite cold.

[13:41:45]<@Fapiko> Why is TehUser asking for wang pictures?
[13:42:03]<@TehUser> I wasn't asking for wang pictures, I was looking at them.
[13:47:40]<@TehUser> Mine's fairly short.

|