[C++] Dynamic SCBW Verbyte Retrieval

Hdx · October 16, 2007, 10:56 PM

Not necessarily.
It isn't really a 'pattern'. Its more so how they do there code.
They could be doing something like:
SetConnectionInformation(something, something, verbyte, something, something)
They could just decide to change it to SetVerbyte(verbyte) instead.
Or, they could use different compiler optimizations resulting in a different pattern to search for. (EXA: how theres 2 different 'types' of lockdown dlls)

BUT, thats not the reason I want to have the hashes. I want them merely for shits an giggles.
~Hdx

devcode · October 16, 2007, 11:27 PM

Quote from: Hdx on October 16, 2007, 10:56 PM
Not necessarily.
It isn't really a 'pattern'. Its more so how they do there code.
They could be doing something like:
SetConnectionInformation(something, something, verbyte, something, something)
They could just decide to change it to SetVerbyte(verbyte) instead.
Or, they could use different compiler optimizations resulting in a different pattern to search for. (EXA: how theres 2 different 'types' of lockdown dlls)

BUT, thats not the reason I want to have the hashes. I want them merely for shits an giggles.
~Hdx

Well, we know for a fact that there hasn't been any code changes in this section from atleast *version 1.08 for SC, and although pattern matching is obviously not a 100% fool proof method, it is reliable enough in this case.

Don Cullen · October 17, 2007, 12:33 AM

DevCode was so kind as to upload the old hashes, I've made them available at this location:

http://www.bnetdocs.org/archives/

Just navigate to the oldhashes directory, and then choose the version. All files have been scanned and verified clean.

I still need the old hashes from the oldest to the most current for:

w2bn, d2, d2lod, wc3, wc3 tft

if anyone can donate those, it'd be appreciated.

no wow hashes please, as wow is a paid subscription service and i'd rather not annoy blizzard too much.

As for a DCMA, if I get hit with one, well, I'll deal with it when it happens.

MysT_DooM · October 17, 2007, 12:45 PM

you could find some old bot that used hashs and see if those hashs are old enuff for you

Yegg · October 17, 2007, 01:12 PM

Quote from: MysT_DooM on October 17, 2007, 12:45 PM
you could find some old bot that used hashs and see if those hashs are old enuff for you

I've got a copy of Warcraft II that is from 1999 or possibly 2000 if that is of any interest to anyone.

Don Cullen · October 17, 2007, 01:24 PM

Quote from: Yegg on October 17, 2007, 01:12 PM
Quote from: MysT_DooM on October 17, 2007, 12:45 PM
you could find some old bot that used hashs and see if those hashs are old enuff for you

I've got a copy of Warcraft II that is from 1999 or possibly 2000 if that is of any interest to anyone.

What version

l2k-Shadow · November 18, 2007, 05:05 PM

Hex$() returns a string.

Barabajagal · November 18, 2007, 05:07 PM

Ya... I was doing Debug.Print for it and forgot to remove the Hex$() bit. ~~Also, I found where D2 stores the verbyte (BNClient.dll), so I'll add that in a few.~~
Added D2 and War3 as well.

Chriso · November 19, 2007, 01:16 AM

Andy, you forgot to include the values for FindStr it will just error...

Barabajagal · November 19, 2007, 01:22 AM

No, KP deleted them.

Hdx · November 19, 2007, 01:50 AM

Anyone using the default skin:
https://addons.mozilla.org/en-US/firefox/addon/2108

Code Select

@namespace url(http://www.w3.org/1999/xhtml);

@-moz-document domain("forum.valhallalegends.com") {
.code{
  overflow: auto;
  height: 200px;
}
}

~Hdx

Barabajagal · November 19, 2007, 11:37 PM

Why the hell was my entire post deleted?

Edit: Whatever. I'll just post the patterns and you guys can write your own code:
(XX represents a "wildcard" byte)

DRTL/DSHR:
Read from - Diablo.exe / Diablo_s.exe

Code Select

C7 85 64 FF FF FF XX XX XX XX C7 85 68 FF FF FF XX XX XX XX
(First DWORD of X's is LTRD or RHSD. Second DWORD of X's is Version Byte.)

STAR/SEXP/W2BN:
Read from - Starcraft.exe / Warcraft II BNE.exe

Code Select

C7 46 10 XX XX XX XX C7 46 18 XX XX XX XX C7 46
(First DWORD of X's is Version Byte. Second DWORD of X's is currently 08 00 00 00.)

JSTR:
Read from - StarcraftJ.exe

Code Select

8B 4D F4 C7 41 0C XX XX XX XX 8B 55 F4 C7 42 10 XX XX XX XX
(First DWORD of X's is RTSJ. Second DWORD of X's is Version Byte.)

SSHR:
Read from - Starcraft.exe

Code Select

C7 46 0C XX XX XX XX C7 46 10 XX XX XX XX
(First DWORD of X's is RHSS. Second DWORD of X's is Version Byte.)

D2DV/D2XP:
Read from - Bnclient.dll

Code Select

56 44 32 44 89 44 24 58 6A 03 8D 44 24 64 50 C7 44 24 64 XX XX XX XX
(First 4 bytes are VD2D (in both D2DV and D2XP). DWORD of X's is Version Byte.)

WAR3/W3XP:
Read from - game.dll

Code Select

C7 85 4C FD FF FF XX XX XX XX 89 8D 50 FD FF FF
(DWORD of X's is Version Byte.)

FrOzeN · November 20, 2007, 04:15 AM

SC VerByte = Hex(179 + 2 x Version_Number)

Wouldn't the simple algorithm above be just as reliable as this pattern-finding code you guys have come up with?

Barabajagal · November 20, 2007, 09:46 AM

Except that the versioning system in SC just changed from letters to numbers, and revision number increases had no effect on the verbyte. The patterns above are more than patterns, they're searching for the code that compiles 0x50, which isn't likely to change.

FrOzeN · November 20, 2007, 11:27 AM

Quote from: Andy on November 20, 2007, 09:46 AMExcept that the versioning system in SC just changed from letters to numbers, and revision number increases had no effect on the verbyte.

In my post, Version_Number is ment to refer to the Major change. Hence it ignores the revision letters/numbers and the change doesn't effect it's correct output.

[C++] Dynamic SCBW Verbyte Retrieval

Barabajagal

Barabajagal

Barabajagal

Barabajagal