• Welcome to Valhalla Legends Archive.
 

Diablo II

Started by raylu, June 09, 2007, 12:19 PM

Previous topic - Next topic
Print
|
Go Down Pages1 2 3
User actions

raylu

June 09, 2007, 12:19 PM
I want to make a bot that joins Diablo II games.

Does warden apply to D2 in-game?
Is the data on the bnetdocs cache accurate/up-to-date?
What is the sequence for joining/creating a game? How do I get the IP of MCP?
Is this difficult?
Pie?

Ringo

#1
June 09, 2007, 01:05 PM
Clicky
And yeah, warden is in D2 game servers to.

Hope this helps

raylu

#2
June 09, 2007, 01:27 PM
Looks useful, but all the links are broken.
Pie?

iago

#3
June 09, 2007, 01:40 PM
Depends if you mean realm or open Battle.net. I rather doubt that Warden applies on open Battle.net, since there's no actual link to Battle.net servers.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

l)ragon

#4
June 09, 2007, 02:41 PM
Quote from: iago on June 09, 2007, 01:40 PM
Depends if you mean realm or open Battle.net. I rather doubt that Warden applies on open Battle.net, since there's no actual link to Battle.net servers.
Not only that but all the hacked characters that are on open, if there were much of the d2 players would be canned.
*^~·.,¸¸,.·´¯`·.,¸¸,.-·~^*ˆ¨¯¯¨ˆ*^~·.,l)ragon,.-·~^*ˆ¨¯¯¨ˆ*^~·.,¸¸,.·´¯`·.,¸¸,.-·~^*

raylu

#5
June 11, 2007, 08:52 AM
So, could someone answer the following again?

Do we have sufficient documentation for warden?
What is the sequence for joining/creating a game? How do I get the IP of MCP?
Is this difficult?

What if I only wanted to make a bot that listed games (no D2GS involvement)?
Pie?

l2k-Shadow

#6
June 11, 2007, 09:22 AM
Quote from: raylu on June 11, 2007, 08:52 AM
So, could someone answer the following again?

Do we have sufficient documentation for warden?
What is the sequence for joining/creating a game? How do I get the IP of MCP?
Is this difficult?

What if I only wanted to make a bot that listed games (no D2GS involvement)?

no sufficient public documentation for warden. (not sure about private)
look into packet SID_LOGONREALMEX (0x3E), that's where the MCP IP can be retreived.
no it's not difficult, just implement the protocol correctly.

warden for d2 is only enabled on the game servers, so you don't have to worry about it while in the chat room.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

raylu

#7
June 15, 2007, 09:48 AM
Code Select
[09:45:59]Attempting to connect...
[09:45:59]BNET: Connecting (213.248.106.204)...
[09:45:59]BNET: Connected!
[09:45:59][Bot] Using hardcoded VerByte (0xB)
[09:45:59]
0000:  FF 50 3A 00 00 00 00 00 36 38 58 49 50 58 32 44   ÿP:.....68XIPX2D
0010:  0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ...............
0020:  00 00 00 00 00 00 00 00 55 53 41 00 55 6E 69 74   ........USA.Unit
0030:  65 64 20 53 74 61 74 65 73 00                     ed States.......
[09:45:59]0000:  FF 25 08 00 00 00 00 00                           ÿ%.............
[09:45:59]0000:  FF 25 08 00 C1 01 E2 EE                           ÿ%.âî........
[09:45:59]
0000:  FF 50 68 00 00 00 00 00 B1 AF 31 21 33 00 AA 00   ÿPh.....±¯1!3.ª.
0010:  00 20 58 7D 99 CB C6 01 76 65 72 2D 49 58 38 36   . X}™ËÆver-IX86
0020:  2D 31 2E 6D 70 71 00 43 3D 31 30 33 32 36 38 39   -1.mpq.C=1032689
0030:  30 36 31 20 41 3D 31 32 35 38 31 37 35 32 34 39   061 A=1258175249
0040:  20 42 3D 34 30 38 34 31 37 30 30 32 38 20 34 20    B=4084170028 4
0050:  41 3D 41 2B 53 20 42 3D 42 2D 43 20 43 3D 43 2B   A=A+S B=B-C C=C+
0060:  41 20 41 3D 41 2B 42 00                           A A=A+B.........
[09:45:59]
0000:  FF 51 92 00 24 C2 3F 00 00 0B 00 01 EF 07 AC C6   ÿQ'.$Â?.. .ï¬Æ
0010:  02 00 00 00 00 00 00 00 10 00 00 00 06 00 00 00   .............
0020:  C9 58 A7 00 00 00 00 00 C9 52 B9 59 B6 30 E6 74   ÉX§.....ÉR¹Y¶0æt
0030:  87 E3 10 3C 2C 08 BF 95 1B 4F 2B F9 10 00 00 00   ‡ã<,¿•O+ù...
0040:  0A 00 00 00 F4 B2 69 00 00 00 00 00 20 2D C1 11   ....ô²i..... -
0050:  AF 86 9D 46 76 AE 32 8A FC 2B 4D 81 51 17 CC 61   ¯†?Fv®2Šü+M?QÌa
0060:  47 61 6D 65 2E 65 78 65 20 30 33 2F 31 39 2F 30   Game.exe 03/19/0
0070:  37 20 30 37 3A 32 32 3A 34 37 20 32 31 32 39 39   7 07:22:47 21299
0080:  32 30 00 46 4F 20 50 2E 41 2E 57 2D 52 61 79 4C   20.FO P.A.W-RayL
0090:  75 00                                             u...............
[09:46:00]
0000:  FF 51 09 00 00 00 00 00 00                        ÿQ..............
[09:46:00]BNET: Version and CD-key check passed! (0x51)
[09:46:00]0000:  FF 14 08 00 74 65 6E 62                           ÿ.tenb........
[09:46:00]
0000:  FF 3A 2C 00 24 C2 3F 00 B1 AF 31 21 5F FF 3F C0   ÿ:,.$Â?.±¯1!_ÿ?À
0010:  E3 0A CA B7 74 A7 09 F0 EE 3E 40 FB CF C2 DD 07   ã.Ê·t§.ðî>@ûÏÂÝ
0020:  50 2E 41 2E 57 2D 52 61 79 4C 75 00               P.A.W-RayLu.....
[09:46:00]0000:  FF 4C 16 00 49 58 38 36 4D 69 6E 64 53 69 67 68   ÿL.IX86MindSigh
0010:  74 2E 6D 70 71 00                                 t.mpq...........
[09:46:00]0000:  FF 3A 08 00 00 00 00 00                           ÿ:.............
[09:46:00]BNET: (0x3A-0x00) Login passed!
[09:46:00]0000:  FF 40 04 00                                       ÿ@.............
[09:46:00]
0000:  FF 40 28 00 00 00 00 00 01 00 00 00 01 00 00 00   ÿ@(...........
0010:  45 75 72 6F 70 65 00 52 65 61 6C 6D 20 66 6F 72   Europe.Realm for
0020:  20 45 75 72 6F 70 65 00                            Europe.........
[09:46:00]Found realm Europe,
0000:  FF 3E 23 00 00 00 00 00 3E 76 A6 77 4D 0D 84 1F   ÿ>#.....>v¦wM.,,
0010:  84 0E 89 6A 95 A2 50 C3 C6 98 19 BE 45 75 72 6F   ,,‰j•¢PÃƘ¾Euro
0020:  70 65 00                                          pe..............
[09:46:00]Logging in...
[09:46:00]0000:  FF 3E 0C 00 00 00 00 00 02 00 00 80               ÿ> .......€....

Help :(
Pie?

l2k-Shadow

#8
June 15, 2007, 10:07 AM
with..?
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

raylu

#9
June 15, 2007, 11:00 AM
Quote[09:46:00]0000:  FF 3E 0C 00 00 00 00 00 02 00 00 80               ÿ> .......€....
means that my login failed.
Pie?

iago

#10
June 15, 2007, 11:11 AM
I suspect (and I could be wrong) that the issue is that your login failed.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Tazo

#11
June 15, 2007, 05:33 PM
Quote from: iago on June 15, 2007, 11:11 AM
I suspect (and I could be wrong) that the issue is that your login failed.
ROFL.

Raylu, please label S->C and vice versa. Specifically, C->S for the realm login packet.

raylu

#12
June 15, 2007, 08:24 PM
I considered labeling it but I assumed they were self-explanatory...

C->S
Code Select
0000:  FF 50 3A 00 00 00 00 00 36 38 58 49 50 58 32 44   ÿP:.....68XIPX2D
0010:  0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ...............
0020:  00 00 00 00 00 00 00 00 55 53 41 00 55 6E 69 74   ........USA.Unit
0030:  65 64 20 53 74 61 74 65 73 00                     ed States.......
C->S (spoofing ping)
Code Select
0000:  FF 25 08 00 00 00 00 00                           ÿ%.............
S->C
Code Select
0000:  FF 25 08 00 C1 01 E2 EE                           ÿ%.âî........
S->C
Code Select
0000:  FF 50 68 00 00 00 00 00 B1 AF 31 21 33 00 AA 00   ÿPh.....±¯1!3.ª.
0010:  00 20 58 7D 99 CB C6 01 76 65 72 2D 49 58 38 36   . X}™ËÆver-IX86
0020:  2D 31 2E 6D 70 71 00 43 3D 31 30 33 32 36 38 39   -1.mpq.C=1032689
0030:  30 36 31 20 41 3D 31 32 35 38 31 37 35 32 34 39   061 A=1258175249
0040:  20 42 3D 34 30 38 34 31 37 30 30 32 38 20 34 20    B=4084170028 4
0050:  41 3D 41 2B 53 20 42 3D 42 2D 43 20 43 3D 43 2B   A=A+S B=B-C C=C+
0060:  41 20 41 3D 41 2B 42 00                           A A=A+B.........
C->S
Code Select
0000:  FF 51 92 00 24 C2 3F 00 00 0B 00 01 EF 07 AC C6   ÿQ'.$Â?.. .ï¬Æ
0010:  02 00 00 00 00 00 00 00 10 00 00 00 06 00 00 00   .............
0020:  C9 58 A7 00 00 00 00 00 C9 52 B9 59 B6 30 E6 74   ÉX§.....ÉR¹Y¶0æt
0030:  87 E3 10 3C 2C 08 BF 95 1B 4F 2B F9 10 00 00 00   ‡ã<,¿•O+ù...
0040:  0A 00 00 00 F4 B2 69 00 00 00 00 00 20 2D C1 11   ....ô²i..... -
0050:  AF 86 9D 46 76 AE 32 8A FC 2B 4D 81 51 17 CC 61   ¯†?Fv®2Šü+M?QÌa
0060:  47 61 6D 65 2E 65 78 65 20 30 33 2F 31 39 2F 30   Game.exe 03/19/0
0070:  37 20 30 37 3A 32 32 3A 34 37 20 32 31 32 39 39   7 07:22:47 21299
0080:  32 30 00 46 4F 20 50 2E 41 2E 57 2D 52 61 79 4C   20.FO P.A.W-RayL
0090:  75 00                                             u...............
S->C (B.net figuratively gives me a literal cookie here.)
Code Select
0000:  FF 51 09 00 00 00 00 00 00                        ÿQ..............
S->C, I think
Code Select
0000:  FF 14 08 00 74 65 6E 62                           ÿ.tenb........
C->S
Code Select
0000:  FF 3A 2C 00 24 C2 3F 00 B1 AF 31 21 5F FF 3F C0   ÿ:,.$Â?.±¯1!_ÿ?À
0010:  E3 0A CA B7 74 A7 09 F0 EE 3E 40 FB CF C2 DD 07   ã.Ê·t§.ðî>@ûÏÂÝ
0020:  50 2E 41 2E 57 2D 52 61 79 4C 75 00               P.A.W-RayLu.....
S->C
Code Select
0000:  FF 4C 16 00 49 58 38 36 4D 69 6E 64 53 69 67 68   ÿL.IX86MindSigh
0010:  74 2E 6D 70 71 00                                 t.mpq...........
S->C
Code Select
0000:  FF 3A 08 00 00 00 00 00                           ÿ:.............
C->S (requesting realm list)
Code Select
0000:  FF 40 04 00                                       ÿ@.............
S->C (response with list of realms)
Code Select
0000:  FF 40 28 00 00 00 00 00 01 00 00 00 01 00 00 00   ÿ@(...........
0010:  45 75 72 6F 70 65 00 52 65 61 6C 6D 20 66 6F 72   Europe.Realm for
0020:  20 45 75 72 6F 70 65 00                            Europe.........
C->S (logging in)
Code Select
0000:  FF 3E 23 00 00 00 00 00 3E 76 A6 77 4D 0D 84 1F   ÿ>#.....>v¦wM.,,
0010:  84 0E 89 6A 95 A2 50 C3 C6 98 19 BE 45 75 72 6F   ,,‰j•¢PÃƘ¾Euro
0020:  70 65 00                                          pe..............
S->C (no, go die)
Code Select
0000:  FF 3E 0C 00 00 00 00 00 02 00 00 80               ÿ> .......€....

Could the issue be not responding to the UDP test packet?
Pie?

l2k-Shadow

#13
June 15, 2007, 08:30 PM
well first of all there is no UDP in d2, so there is no 0x14 packet or udp data exchange...

second of all your client token is 0 in your sending of 0x3E.
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

UserLoser

#14
June 15, 2007, 08:35 PM
I was just discussing this with Spht over MSN about 1 minute ago (literally).  You cannot use 0 as a client key for any kind of hashing in the logon
Print
|
Go Up Pages1 2 3
User actions