Diablo II

[l2k-Shadow]

I was just discussing this with Spht over MSN about 1 minute ago (literally).  You cannot use 0 as a client key for any kind of hashing in the logon

yeah, but to anyone else: note he's not using 0 for the hash, his hash is correct. the problem lies in the actual number sent. So then server does if hash(clienttoken & servertoken & hash("password")) = senthash then good login. his hash uses different token than the one he sends to the server to use.

[raylu]

o.0, but it's a cookie, not a client token... As far as I can tell, the first DWORD is a cookie.

Or is it actually the client token I'm doing the double hashing with?

[l2k-Shadow]

o.0, but it's a cookie, not a client token... As far as I can tell, the first DWORD is a cookie.

Or is it actually the client token I'm doing the double hashing with?

its not a cookie, i just explained what happens in the previous post...

[raylu]

Oh!

You could have just said "Yes" to my second question.

[raylu]

http://ersan.us/src/bnetdocs/contentafa6.html?Section=m&Code=93
So...what are the 16 DWORDs?

http://ersan.us/src/bnetdocs/content7515.html?Section=m&Code=15
says that

The first part of the MCP Chunk that must be sent to the MCP server includes the Status and Cookie DWORDS, making MCP Chunk 1 the first 4 DWORDS of the packet.

I assume that this actually means
"The first 4 DWORDS of the MCP Chunk that must be sent to the MCP server are the Status, Cookie, and MCP Chunk 1 DWORDs."

Does this mean that the 16 DWORDs are Status, Cookie, MCP 1, MCP 2?

It also says that

Any other value indicates failure.

with regard to the Status field. I assume this is a mistake?

And finally, even though I've used it before, I can't find the Win32 API for DWORD to IP conversion.

[l2k-Shadow]

Does this mean that the 16 DWORDs are Status, Cookie, MCP 1, MCP 2?

Yes, sent in the same order as received from 0x3E. You can always packet log the client and see exactly what goes on though.

And finally, even though I've used it before, I can't find the Win32 API for DWORD to IP conversion.

Clicky
if you are coding in VB and are using the mswinsck.ocx control, it is much easier to just write your own little function for it.

[raylu]

I'm going to assume I'm parsing the port wrong here.

Code Select Expand

rCookie = .GetDWORD
rStatus = .GetDWORD
MCP1 = .GetFixedString(8)

frmMain.sckMCP.RemoteHost = GetInetStrFromPtr(.GetDWORD)
frmMain.sckMCP.RemotePort = .GetDWORD
And since when is a port 4 bytes anyway?

[Barabajagal]

Try getword instead then? I'm fairly certain MCP uses 6112, so just debug.print the result and see what you get.

[l2k-Shadow]

I'm going to assume I'm parsing the port wrong here.

Code Select Expand

rCookie = .GetDWORD
rStatus = .GetDWORD
MCP1 = .GetFixedString(8)

frmMain.sckMCP.RemoteHost = GetInetStrFromPtr(.GetDWORD)
frmMain.sckMCP.RemotePort = .GetDWORD
And since when is a port 4 bytes anyway?

it's a 16-bit integer sent in TCP/IP byte order, which is big-endian, you have to convert it to little-endian first.

[raylu]

OK...got that working. Thanks for the help so far.

S->C

Code Select Expand

0000:  3A 00 19 08 00 01 00 00 00 01 00 A4 64 F8 46 72   :..
...
.¤døFr
0010:  54 77 6F 4D 75 6C 65 00 84 80 FF FF FF FF FF FF   TwoMule.,,€ÿÿÿÿÿÿ
0020:  FF FF FF FF FF 05 FF FF FF FF FF FF FF FF FF FF   ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
0030:  FF 01 E0 80 FF FF 03 FF FF 00                     ÿ
à€ÿÿÿÿ.......
And also

Code Select Expand

0000:  C9 00 19 08 00 04 00 00 00 04 00 18 4C 8C 46 72   É......LŒFr
0010:  61 79 6C 75 00 84 80 FF FF FF FF FF FF FF FF FF   aylu.,,€ÿÿÿÿÿÿÿÿÿ
0020:  FF FF 02 FF FF FF FF FF FF FF FF FF FF FF 01 E1   ÿÿÿÿÿÿÿÿÿÿÿÿÿ
á
0030:  80 80 80 03 FF FF 00 03 51 8C 46 74 6F 74 61 6C   €€€ÿÿ.QŒFtotal
0040:  72 65 67 00 84 80 FF FF FF FF FF FF FF FF FF FF   reg.,,€ÿÿÿÿÿÿÿÿÿÿ
0050:  FF 02 FF FF FF FF FF FF FF FF FF FF FF 01 81 80   ÿÿÿÿÿÿÿÿÿÿÿÿ
?€
0060:  80 80 FF FF FF 00 1B 51 8C 46 63 6C 61 73 73 69   €€ÿÿÿ.QŒFclassi
0070:  63 6C 61 64 00 84 80 FF FF FF FF FF FF FF FF FF   clad.,,€ÿÿÿÿÿÿÿÿÿ
0080:  FF FF 02 FF FF FF FF FF FF FF FF FF FF FF 01 C1   ÿÿÿÿÿÿÿÿÿÿÿÿÿ

0090:  80 80 80 03 FF FF 00 29 51 8C 46 65 78 70 68 61   €€€ÿÿ.)QŒFexpha
00A0:  72 64 63 6F 72 65 00 84 80 FF FF FF FF FF FF FF   rdcore.,,€ÿÿÿÿÿÿÿ
00B0:  FF FF FF FF 02 FF FF FF FF FF FF FF FF FF FF FF   ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
00C0:  01 A5 80 80 80 FF FF FF 00                       
¥€€€ÿÿÿ........

rTwoMule is an expansion ladder character.
raylu is exp ladder, totalreg is classic non-ladder, classiclad is classic ladder, and exphardcore is expansion and the only hardcore.

Correct me if I'm wrong, but all my flags are 0x8480...

[Barabajagal]

You're not wrong, BNetDocs is. That's not a flags field. See http://forum.valhallalegends.com/index.php?topic=16240.0

[Ringo]

You're not wrong, BNetDocs is. That's not a flags field. See http://forum.valhallalegends.com/index.php?topic=16240.0

I think it is a flag, its just no longer used afaik.
There is also another flag deeper in, stateing if the character is Lod, HC, Exp, etc and for the characters act.

[Barabajagal]

You're not wrong, BNetDocs is. That's not a flags field. See http://forum.valhallalegends.com/index.php?topic=16240.0

I think it is a flag, its just no longer used afaik.
There is also another flag deeper in, stateing if the character is Lod, HC, Exp, etc and for the characters act.

If it's a flag, why is it exactly the same as the StatStrings you receive in channels if you count the two bytes as part of the string? The beginning of every account is [CHARNAME], 0x84, 0x80, 0xFF...

[raylu]

In that case...where is the flag data?

[Barabajagal]

Where character flag data always is in Realm Character StatStrings.