Warden for warcraft III

[brew]

That's a terribly written wikipedia article.

[Yegg]

That's a terribly written wikipedia article.

Looks fine to me without putting a microscope to it. Luckily, Wikipedia gives us the freedom to modify it so people like you can enlighten us all.

[Denial]

Looks like guests are coming from everywhere. But as we have learned in past time. When the mac thing gets to public like if i recall for starcraft we made a temp fix for battle.net patched it and people had to start over. Even if it was possible to spoof being a mac.

I personally don't care about war3 i never use it but it would be very smart to look ahead not just for a temp quick fix.

I also agree with the people working on this. They are gaining nothing from fixing all the bots to work again so chill out and wait and when they are done thank them.

[neckbeard]

When you say lack of "administrative rights" what do you mean?

After discussing it with my friend from work, applications need administrator rights for certain programs to access other programs memory.

Warden runs in-process and doesn't access other programs' memory.  It is able to read other windows' titles, though, because Windows provides APIs to do so.

Effectively meaning spoofing as a Mac client won't do shit, as we are being stopped by battle.net hashchecking to make sure Warden is included, NOT by the memory scans looking for 3rd party apps. Gotta do it the hard(er) way.

[neckbeard]

Warden officially broken.
http://bnetweb.org/news-on-bnetweb/warden-now-on-war3/30/
http://bnetweb.org/moderation-bots/l2uthless-ops-v2-12/
http://forum.codelain.com/index.php?topic=4803.0

[Ringo]

I did these yesterday night, for anyone who's interested, but didn't get time to post this.

I've updated the SCGP bot, here and theres some basic infomation on how to use it here.


I've also put all the *stuff* into one VB6 module (modWARDEN.zip), so it should be pretty easy to add to a VB6 bot.

You need:
- modWARDEN.bas added to you're vb6 project.
- xxxx_warden.ini file accessable
- zlib.dll accessable
- A folder named "Warden" in the program's directory

The module has 3 functions, WardenInit(), WardenOnData() and WardenCleanUp()
WardenInit:
- When building you're 0x51 packet, you call the WardenInit(Seed, Handle, Warden.ini)
- The Seed is the 1st dword of the 1st cdkey hash, in C>S 0x51.
- The Handle is the socket handle of the TCP socket you are connected to bnet with.
- The Warden.ini is the file path to the ini file. (found in the zip)

WardenOnData:
- When you get a S>C 0x5E, pass the full packet (including the bnet header) to WardenOnData()

WardenCleanUp:
- When you're program unloads, call WardenCleanUp() to free up any memory it maybe useing.

If you don't want it to send out going warden packets to bnet for you, then just modify the OnSendPacket() at the bottom of the .bas file.

It's not much and it's abit of a mess, but I hope it helps somone.

edit;
I don't have warcraft3 installed atm, so I don't know 100% that the offsets blizzard are useing, does not over lap non-static data, since I just pulled these blobs of data from the dll file, on the fly.

Code Select Expand


[MEMORY]
game.dll&H3A1DCE_7=E8 5D D6 C6 FF 8B D0
game.dll&H285B3A_8=E8 81 FA 22 00 8B 40 10
game.dll&H743576_8=C1 E0 08 03 E8 8B 84 AE
game.dll&H361DD3_7=E8 78 F4 1C 00 85 C0
game.dll&HF453_9=8B 41 14 8B 49 10 BA 02 00
game.dll&H3C1354_8=F6 D0 8A C8 8B 44 24 1C
game.dll&H3F92CA_6=75 0A 83 7B 14 00
game.dll&H3A1E8E_7=8B 54 24 20 0F B7 32
game.dll&H285B33_7=B9 0D 00 00 00 8B E8
game.dll&H283444_7=8B C8 BA 01 00 00 00
game.dll&H39A39B_6=8B 97 98 01 00 00
game.dll&H39A458_6=74 27 39 6C 24 44
game.dll&HF490_6=74 08 8B 00 83 C4
game.dll&H73DFFC_7=E8 DF 3D FF FF 85 C0
game.dll&H361DF9_7=33 C9 B8 01 00 00 00
game.dll&H431569_6=85 C0 0F 84 AD 00
game.dll&H356F1C_8=3B 86 18 02 00 00 89 44
game.dll&H3A1DE3_4=75 04 A8 02
game.dll&H36040A_6=EB 08 C7 44 24 18
game.dll&H285BA2_5=75 29 53 8B CF
game.dll&H3A1DE9_7=8B 44 24 24 66 09 18
game.dll&H39A3B1_10=55 50 56 E8 37 7B 00 00 23 D8
game.dll&H356C67_8=85 DB 8A 8E E8 07 00 00
game.dll&H361DFC_6=01 00 00 00 D3 E8
game.dll&H39A465_13=66 85 87 F4 01 00 00 74 1D 8B 8F 98 01
game.dll&H285B8C_6=74 2A 8B 44 24 20
game.dll&H28345C_4=C3 CC CC CC
game.dll&H3A1E64_6=8B 0C 41 66 8B 04
game.dll&H356E7E_5=66 85 C0 76 04
game.dll&H73DEC9_6=8A 90 6C 68 AA 6F
game.dll&H3C135C_10=3D FF 00 00 00 76 05 C1 F8 1F
game.dll&H362211_10=85 C0 0F 84 30 04 00 00 8B 03
game.dll&H431556_6=85 C0 0F 84 C0 00
game.dll&H3A1E9B_4=23 CA 75 32
game.dll&H3C5C22_12=74 0B 81 88 7C 02 00 00 00 02 00 00
game.dll&H73DEB7_10=0F B7 0C 4A 81 C9 00 F0 00 00

I'm 99% sure they should all be fine, but if anyone has warcraft3 installed and feels like doing somthing -- could you verify those offsets/data?

[nindoja]

Thanks ringo and everyone else involved for all the hard work!

[Rebel]

got another link? that link isn't working for me or my friend.

[Jailout2000]

I have another link for everyone, since his seems to be broken.
http://www.BnetBeta.com/files/Battle.net/modWARDEN.zip

Edit: His link seems to be working again, oh well.

[AngelicKing]

I may have missed this somewhere in this thread, although I have read it from first to last post, but could someone explain to me how I take the key hash that bncsutil returns and make it into a long/dword that Ringo's class will accept?

-King-

[l2k-Shadow]

Code Select Expand


Dim Seed As Long
Call CopyMemory(Seed, ByVal KeyHash, 4)