Rudimentary Warden information

[Barabajagal]

Use the code exactly as I gave it.

[replaced]

Use the code exactly as I gave it.

I'm unable to because I use a different packet buffer and I don't use BNCSutil

I got it to go all the way thru but it still doesn't send out the packet

what does Packet.GetNull do?
Packet.ClearOutbound same as clearing the packet that would be set out?

If packet.getnull gets the last packet (5e) would it be this?

0000  FF 5E 29 00 44 0D 06 0F 85 C0 E4 F3 D6 14 C1 EB    .^).D...........
0010  B7 F9 82 25 74 D8 7A 2F 07 25 4A 21 4B 65 02 07    ...%t.z/.%J!Ke..
0020  EC B6 52 D0 8C CE 27 02 57                         ..R...'.W

or this

0000  44 0D 06 0F 85 C0 E4 F3 D6 14 C1 EB    .^).D...........
0010  B7 F9 82 25 74 D8 7A 2F 07 25 4A 21 4B 65 02 07    ...%t.z/.%J!Ke..
0020  EC B6 52 D0 8C CE 27 02 57                         ..R...'.W

without the first 4 chars?


OK, now I just copy and pasted ur code with a few modifications otherwise it will not compile

Here's my result

Unknown Warden Packet:  FF 5E 29 00 F0 B2 9F 53 1D 0A 9E 1C 4E 0C 8F 22 4A 61 B3 A1 21 64 2E 05 8B 86 EC 89 75 86 DE F2 6A 3B F6 99 D1 C4 7C 8F 53
bRet(0):202

Here's my new code, more complete

Code Select Expand


Public Function ParsePacket(ByVal datA As String)
        If Len(datA) = 0 Or Asc(Left(datA, 1)) <> 255 Then Exit Function

        data2 = datA
        With clsI
            .SetBuffer datA
            .Skip 1
            PacketId = .GetByte
            .Skip 2
        End With
        Select Case PacketId
        Case &H5E
        SID_Recv_Warden datA
...
end function



Code Select Expand


Public Sub SID_Recv_Warden(datA As String)
Dim clsP As New clsPacket
  sData = datA
  cWarden.StrToByteArray sData, bData()
  cWarden.DoCrypt bData(), wKeyIn(), bRet()
Select Case bRet(0)
    Case &H0
    clsP.Clear
      ReDim bData(0)
      bData(0) = &H1
      cWarden.DoCrypt bData(), wKeyOut(), bRet()
      With clsP
      .InsertString cWarden.ByteArrayToStr(bRet())
      .sendPacket frmMain.sckBot, &HE
      End With
    Case Else
      AddChat vbRed, "Unknown Warden Packet: " & StrToHex(datA)
            AddChat vbRed, "bRet(0):" & bRet(0)
  End Select



Right now bret(0) equaled 202, not zero.

Know why?

I also tried sData = Mid$(datA, 5) and it still did not work - bret(0) equaled 233

[Barabajagal]

GetNull gets all the data from the current read position on. In your example it would be the second one, without the 4 byte header. You should at least read the documentation iago posted before trying to adapt my code.

[replaced]

GetNull gets all the data from the current read position on. In your example it would be the second one, without the 4 byte header. You should at least read the documentation iago posted before trying to adapt my code.

Where's the documentation??

The 4 byte header one still gives me THE WRONG bRet(0)!

Maybe I got the code to initialize wrong

here's my code

Code Select Expand

   
Public Function Send0x51(datA As String)
AccountHash = String(20, vbNullChar)

    cWarden.Initialize Left$(AccountHash, 4)
    cWarden.StrToByteArray cWarden.GetBytes(&HF), bRet()
    cWarden.SimpleCrypt bRet(), wKeyOut()
    cWarden.StrToByteArray cWarden.GetBytes(&HF), bRet()
    cWarden.SimpleCrypt bRet(), wKeyIn()

In making the packet...
            .InsertDWORD &H0
           .InsertDWORD Len(CDKey)
            .InsertDWORD lngProdID
            .InsertDWORD lngValue1
            .InsertDWORD &H0
            .InsertNonNTString AccountHash


Am I suppose to use the AccountHash??

Code Select Expand

  sData = Mid$(datA, 5)
  cWarden.StrToByteArray sData, bData()
        'problem below
  cWarden.DoCrypt bData(), wKeyIn(), bRet()
      MsgBox ("HI3")

Right now it won't pass  cWarden.DoCrypt bData(), wKeyIn(), bRet()

msgbox("HI3") doesn't come up, ill now place msgboxes in docrypt and see where it stops

PROBLEM FOUND!

Code Select Expand

Public Sub DoCrypt(ByRef bData() As Byte, ByRef bKey() As Byte, ByRef bRet() As Byte)
Dim i      As Long
Dim temp   As Byte
Dim Y      As Long
Dim Z      As Long
  ReDim bRet(UBound(bData))
  RtlMoveMemory bRet(0), bData(0), UBound(bData) + 1
   MsgBox ("yes0")
     'msg box DOES COME UP
  Y = bKey(&H100)
  MsgBox ("yes1")
  'msg box does NOT COME UP
  Z = bKey(&H101)
  For i = 0 To UBound(bData)
    Y = (Y + 1) And &HFF
    Z = (Z + bKey(Y)) And &HFF
    temp = bKey(Y)
    bKey(Y) = bKey(Z)
    bKey(Z) = temp
    bRet(i) = bRet(i) Xor bKey((CInt(bKey(Y)) + CInt(bKey(Z))) And &HFF)
  Next i
  'bad
  bKey(&H100) = Y
  bKey(&H101) = Z
End Sub

at the code  "  Y = bKey(&H100)"

the msgbox after that does not come up

1 line of bad code

Code Select Expand


Public Sub DoCrypt(ByRef bData() As Byte, ByRef bKey() As Byte, ByRef bRet() As Byte)
Dim Y      As Long

  Y = bKey(&H100)

http://img509.imageshack.us/img509/5600/codeisbadhp3.jpg

[Barabajagal]

Do you have Break on All Errors enabled in Options>General>Error Trapping? And the documentation's on the first post of this topic.

[replaced]

editted, success!!

the entire problem was due to

Private cWarden         As New clsWarden

not being placed on the same module where my send 0x51 packet is


but now I get this...

10 63.240.202.126:6112  192.168.0.100:5753  41  Recv 
0000  FF 5E 29 00 2C C4 81 EA 60 3B B1 C6 12 F2 E0 A8    .^).,...`;......
0010  C7 FB CA 10 55 9C E4 93 B0 61 8A BA 8C 6B A3 FA    ....U....a...k..
0020  EA 12 9E AE 44 F9 E0 17 8E                         ....D....

11  192.168.0.100:5753  63.240.202.126:6112   5  Send 
0000  FF 5E 05 00 51                                     .^..Q

12  63.240.202.126:6112   192.168.0.100:5753  28  Recv 
0000  FF 5E 1C 00 E8 2D 91 03 78 6F 1C A2 AD DD C6 97    .^...-..xo......
0010  CB 6C 74 6C 5A BA 15 DC B8 12 66 2E                .ltlZ.....f.


Now my bot won't respond to the second warden packet, why?

[Hdx]

What happens when you get to the 2nd opcode? Are you decoding it correctly?
Are you sure that your crypto states are being saved over multiple packets?

[replaced]

What happens when you get to the 2nd opcode? Are you decoding it correctly?
Are you sure that your crypto states are being saved over multiple packets?

I guess i'm going to have to painfully put msgboxes all over the place to find out where it stops 

I think my crypto states are being saved over multiple packet, I got them publicly declared.  I'll see where it stops and check the values of the variables that I got.

[Hdx]

What happens when you get to the 2nd opcode? Are you decoding it correctly?
Are you sure that your crypto states are being saved over multiple packets?

I guess i'm going to have to painfully put msgboxes all over the place to find out where it stops 

debug.print?

[replaced]

I get EXACTLY 4 msg boxes of  "001"
I get EXACTLY 3 msg boxes of  "002"

It does the loop 3 times but at the 4th loop it stops the code "RtlMoveMemory addr(i), bRet(lPos), 4"


EDITTED - FIXED

NOW I GOT ANOTHER PROBLEM 


13  63.240.202.126:6112  192.168.0.100:6178  41  Recv 
0000  FF 5E 29 00 6B 75 E8 53 D6 F0 A1 5E FF F6 3B BE    .^).ku.S...^..;.
0010  58 D7 F3 A5 A3 05 B8 6F D2 30 0B 1A C0 87 1C B4    X......o.0......
0020  78 AD 2B C3 D2 BA 16 2E D3                         x.+......

14  192.168.0.100:6178  63.240.202.126:6112   5  Send 
0000  FF 5E 05 00 A5                                     .^...

15  63.240.202.126:6112  192.168.0.100:6178  28  Recv 
0000  FF 5E 1C 00 DA 64 C7 09 D4 9E 6B B1 E8 35 AE F4    .^...d....k..5..
0010  3B 3D 64 44 79 35 79 F6 E2 8B 8F FE                ;=dDy5y.....

16  192.168.0.100:6178  63.240.202.126:6112   82  Send 
0000  FF 5E 52 00 00 84 5E 0C 74 05 E8 F6 54 F9 FF 8B    .^R...^.t...T...
0010  76 04 85 00 00 83 00 00 00 8B 55 08 00 00 A3 68    v.........U....h
0020  CC 59 00 E8 DF 23 00 07 82 72 F7 B8 F7 17 A9 FE    .Y...#...r......
0030  90 70 07 99 D5 39 5B 5F 06 1B 25 D4 6D 4D F9 6A    .p...9[_..%.mM.j
0040  DD A0 5A 44 FB F7 8A AF C9 27 87 C7 41 24 E1 DB    ..ZD.....'..A$..
0050  4B 00                                              K.


DISCONNECT AFTER RESPONDING TO THE SECOND WARDEN REQUEST

[Hdx]

HUmm, with new information come to light about your identity, I have conclude that you are not worth helping and that with all the information that is available, you do not have a reason to be confused.

[replaced]

WOOHOO

FINALLY IT WORKS LOL

NOW THIS NIGHTMARE IS OVER 

[Archangel.]

WOOHOO

FINALLY IT WORKS LOL

NOW THIS NIGHTMARE IS OVER 

mm i wouldn't call it a nightmare since all you did was copy and paste, you should be thanking Andy.

[replaced]

New problem,

it does respond to warden but something now happens that never happened before-

My bot freezes!  It NEVER has before and now does every time!

[Barabajagal]

Find out where, and if it's in a loop, maybe throw in a DoEvents?