php bot

Barabajagal · September 21, 2007, 02:05 AM

I can send that all to the client easily. I said if it annoyed me. It wouldn't be for anyone else to use, just like any current implementations of the same system are for the local user.

devcode · September 21, 2007, 08:33 AM

It is indeed based on the client and server tokens, and the resulting hash for 0x5E is the result of serveral layers of hashing/encryption. By just looking at database of hashes, there is simply no way you can find patterns unless the hashes collide, which theoretically doesn't happen too often.

Quote from: Camel on September 21, 2007, 01:43 AM
Quote from: Don Cullen on September 21, 2007, 01:20 AM
Quote from: Andy on September 20, 2007, 10:54 PM
Naw, it only stumps those who care. If I ever get to the point where it annoys me, I'll set up a copy of SC running on my server and make a 5E server system and I'll log all the responses in a database, just like I did with lockdown. The database in this case would only be for the off chance of a repeat and looking for any possible patterns or anything of the like. Right now, I use SC when I can, and I use W2 the rest of the time.

That would work fine for a bot using the specific cdkey that your starcraft copy was using. But it would be useless for any other bot using different cdkeys. The warden response is based on the hash of the cdkey, along with other variable factors.

To be precise, the hash is based on other variable factors. Specifically, the client and server tokens.

Camel · September 21, 2007, 09:54 AM

It is guaranteed to happen no less often than 1 out of 2^64 times. Still, that's 18.4 quintillion, so don't hold your breath.

devcode · September 21, 2007, 12:21 PM

So Camel, if you know about Warden details, why haven't you published it yet

Quote from: Camel on September 21, 2007, 09:54 AM
It is guaranteed to happen no less often than 1 out of 2^64 times. Still, that's 18.4 quintillion, so don't hold your breath.

Don Cullen · September 21, 2007, 12:28 PM

Quote from: devcode on September 21, 2007, 12:21 PM
So Camel, if you know about Warden details, why haven't you published it yet

Quote from: Camel on September 21, 2007, 09:54 AM
It is guaranteed to happen no less often than 1 out of 2^64 times. Still, that's 18.4 quintillion, so don't hold your breath.

Actually, we could say the same about you.

Camel · September 21, 2007, 12:36 PM

Quote from: devcode on September 21, 2007, 12:21 PM
So Camel, if you know about Warden details, why haven't you published it yet

Quote from: Camel on September 21, 2007, 09:54 AM
It is guaranteed to happen no less often than 1 out of 2^64 times. Still, that's 18.4 quintillion, so don't hold your breath.

I was talking about hash collision. The client and server tokens are each 32-bits, but the generators are only pseudo-random, so it'll happen slightly more frequently than that.

devcode · September 21, 2007, 12:46 PM

Well, you mentioned that the reply consisted of server/client tokens, so I assumed you figured something there

Quote from: Camel on September 21, 2007, 12:36 PM
Quote from: devcode on September 21, 2007, 12:21 PM
So Camel, if you know about Warden details, why haven't you published it yet

Quote from: Camel on September 21, 2007, 09:54 AM
It is guaranteed to happen no less often than 1 out of 2^64 times. Still, that's 18.4 quintillion, so don't hold your breath.

I was talking about hash collision. The client and server tokens are each 32-bits, but the generators are only pseudo-random, so it'll happen slightly more frequently than that.

"The two most powerful warriors are patience and time." - Leo Nikolaevich Tolstoy

Quote from: Don Cullen on September 21, 2007, 12:28 PM
Actually, we could say the same about you.

brew · September 21, 2007, 02:18 PM

It has been known for quite some time that the encryption key for decoding the 0x5E packet consists of the client/server token, the first DWORD of the cdkey hash reported in the 0x51, and ?maybe? the first 128 bits of the checksum formula.

Denial · September 21, 2007, 05:17 PM

This thread has gotten off subject i made a new subject for "warden" for you guys to discuss it further.

Also im not refurring to a webbot im speaking more along the lines of this

http://battlecenter.net/bot/

Leaky · September 21, 2007, 06:30 PM

that bot is pritty old and it doesn't support lockdown unless someone has updated it

Denial · September 22, 2007, 05:50 AM

Not sure i dont have time to fix it or i would but i dont care it it wants sc i just wonder if it still works on any client.

Leaky · September 23, 2007, 01:17 PM

I'm currently adding wc3 support to my framework but I would be happy to release it as open source as soon as it's completed I just don't like releasing things that aren't completed and full of bugs

Denial · September 23, 2007, 11:39 PM

leaks would it be in php or what are we talking about? im currently intrested in running multiple bots on battle.net to do some sort of project and i figured the easiest way might be through php the way i want to try something out.

Leaky · September 24, 2007, 02:31 PM

the framework i've created is entirly made out of php it uses BNLS to do all the hashing and stuff (i'm not extreamly good with algorythms and stuff like that so all hashing is done through bnls unless someone wants to help me some hash functions in php ex: password, cdkey, yadda yadda)

it's pritty simple the way i have it layed out

it's 4 files
bncs.class.php
bnls.class.php
socket.class.php
packet.class.php

and all you do is make a plugin class

class pluginname extends BNCS

the event's are just function calls $this->eventFunction($eventArgs)

i've got a premade blank plugin template you just fill in the events you plan to use and leave the rest blank

easy peasy bananna cheesy no? If you'd like more information you can PM me or aim me animepages11

php bot

Barabajagal