• Welcome to Valhalla Legends Archive.
 

To those of you contemplating converting the lockdown SHA1 to language of choice

Started by warz, May 01, 2007, 08:04 PM

Previous topic - Next topic
Print
|
Go Down Pages1 2
User actions

warz

May 01, 2007, 08:04 PM
You might want to rethink that, and save yourself some time. A method I've recently been playing around with, and have found to work quite nicely, doesn't involve converting their code at all. If you're able to load one of their lockdown files into your app's address space, and are able to create function pointers, then you might want to put two and two together. :P

Here's a quick example app, and ida database for one of the lockdown files.

Download

MyndFyre

#2
May 02, 2007, 11:25 AM
Quote from: betawarz on May 01, 2007, 08:04 PM
You might want to rethink that, and save yourself some time. A method I've recently been playing around with, and have found to work quite nicely, doesn't involve converting their code at all. If you're able to load one of their lockdown files into your app's address space, and are able to create function pointers, then you might want to put two and two together. :P

Here's a quick example app, and ida database for one of the lockdown files.

Download
Is lockdown's SHA-1 nonstandard?

And whose code are you talking about?
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Sorc.Polgara

#3
May 02, 2007, 11:42 AM
Quote from: MyndFyre[vL] on May 02, 2007, 11:25 AM
Quote from: betawarz on May 01, 2007, 08:04 PM
You might want to rethink that, and save yourself some time. A method I've recently been playing around with, and have found to work quite nicely, doesn't involve converting their code at all. If you're able to load one of their lockdown files into your app's address space, and are able to create function pointers, then you might want to put two and two together. :P

Here's a quick example app, and ida database for one of the lockdown files.

Download
Is lockdown's SHA-1 nonstandard?
That's what I was wondering too.

UserLoser

#4
May 02, 2007, 12:17 PM
Did anyone even look at the code I posted or take a hint from the filenames?

MyndFyre

#5
May 02, 2007, 12:50 PM
Quote from: UserLoser on May 02, 2007, 12:17 PM
Did anyone even look at the code I posted or take a hint from the filenames?
Sorry, I don't know SHA-1 well enough to determine whether the implementation is standard just by taking a look at your code.  I mean, if I sat down and spent 15-20 minutes comparing it against the RFC I'm sure I could.  But if that's your question, no, I haven't.

As to the filenames as "hints" why would you bother posting a standard, well-known algorithm?  Hence why I asked. :P
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

UserLoser

#6
May 02, 2007, 01:02 PM
Quote from: MyndFyre[vL] on May 02, 2007, 12:50 PM
Quote from: UserLoser on May 02, 2007, 12:17 PM
Did anyone even look at the code I posted or take a hint from the filenames?
Sorry, I don't know SHA-1 well enough to determine whether the implementation is standard just by taking a look at your code.  I mean, if I sat down and spent 15-20 minutes comparing it against the RFC I'm sure I could.  But if that's your question, no, I haven't.

As to the filenames as "hints" why would you bother posting a standard, well-known algorithm?  Hence why I asked. :P

The question should be, why is warz wasting his time loading a library, searching for the address of a function, and calling it when he could just get the open source free code off the internet (or write his own).

I figured posting it would save everyone the time, stress and effort

warz

#7
May 02, 2007, 02:29 PM
Could have sworn somewhere down the road I was told it wasn't a standard implementation, so I never spent time looking at it. I just figured whoever told me was correct, because it was from a reliable source, which sort of confuses me. After looking at it though, for a few minutes, it does use all the same constant values, and looks to be a regular sha1.

UserLoser

#8
May 02, 2007, 03:23 PM
Quote from: betawarz on May 02, 2007, 02:29 PM
Could have sworn somewhere down the road I was told it wasn't a standard implementation, so I never spent time looking at it. I just figured whoever told me was correct, because it was from a reliable source, which sort of confuses me. After looking at it though, for a few minutes, it does use all the same constant values, and looks to be a regular sha1.

Who told you this?

MyndFyre

#9
May 02, 2007, 05:25 PM
OK, so this has nothing to do with actually implementing Lockdown, just SHA-1 for it?
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Barabajagal

#10
May 02, 2007, 05:41 PM
Most of bnet uses a Broken SHA that LShifts instead of RShifts and uses different values. Lockdown uses the original SHA-1. Apparently, it's in the DLLs, and it's being noted you can call it instead of doing it yourself. Not sure why you'd want to...
This reminds me... I can't seem to find a good copy of the Broken SHA-1 function in VB6. The one copy I found on here uses some odd functions that aren't explained.

Warrior

#11
May 02, 2007, 05:41 PM
Why not find a version in another language and convert that to *shudder* VB?
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

Sorc.Polgara

#12
May 02, 2007, 06:03 PM Last Edit: May 02, 2007, 06:10 PM by Sorc.Polgara
I was under the impression that Lockdown had a non-standard implementation of SHA-1, like Blizzard's BrokenSHA-1 because IIRC when I looked at warz's incomplete work it consisted of him converting the file hashing functions from ASM to C++.  Heh.

But anyways, if it's just the standard SHA-1 algorithm I guess I'll take another crack at lockdown after I finish this goddamn week... finals blow.

UserLoser

#13
May 02, 2007, 06:19 PM
No, it is standard.  The only thing wrong with the "broken" SHA1 is they swapped the values for the bitwise rotations to the left, otherwise it's the same thing--a standard SHA1.

To MyndFyre: to implement lockdown you need to use SHA1  :o

Barabajagal

#14
May 02, 2007, 06:33 PM
Quote from: UserLoser on May 02, 2007, 06:19 PM
No, it is standard.  The only thing wrong with the "broken" SHA1 is they swapped the values for the bitwise rotations to the left, otherwise it's the same thing--a standard SHA1.
I'm fairly certain they changed at least one of the four values at the beginning, too...
Quote from: Warrior on May 02, 2007, 05:41 PM
Why not find a version in another language and convert that to *shudder* VB?
Cause I haven't found a good copy that doesn't use some other functions. Found a Java copy that used some Packet buffer class that I couldn't find, and all the C++ copies I find use some functions I don't know.
Print
|
Go Up Pages1 2
User actions