• Welcome to Valhalla Legends Archive.
 

Need help. Logging BNet... [NOT solved]

Started by z-stars, July 22, 2004, 01:47 PM

Previous topic - Next topic
|

UserLoser.


Maddox

Quote from: z-stars on July 26, 2004, 03:33 PM
-The last string. D2 client sends "Game.exe 10/13/04 21:31:36 11988" while for some reason my program sends "Game.exe 05/16/04 21:31:36 11988"

http://forum.valhallalegends.com/phpbbs/index.php?board=17;action=display;threadid=6974
asdf.

z-stars

Quote from: UserLoser. on July 26, 2004, 07:51 PM
Quote from: z-stars on July 26, 2004, 07:14 PM
But should I swap the values returned by cdKeydecode?

No!!

But without swapping dwKey1Product and dwKey2Product they are wrong :(

z-stars

Quote from: Maddox on July 26, 2004, 07:56 PM
Quote from: z-stars on July 26, 2004, 03:33 PM
-The last string. D2 client sends "Game.exe 10/13/04 21:31:36 11988" while for some reason my program sends "Game.exe 05/16/04 21:31:36 11988"

http://forum.valhallalegends.com/phpbbs/index.php?board=17;action=display;threadid=6974

Uhm how can I fix that? or is there another better CheckVersion() function?

UserLoser.

Quote from: z-stars on July 26, 2004, 07:57 PM
Quote from: UserLoser. on July 26, 2004, 07:51 PM
Quote from: z-stars on July 26, 2004, 07:14 PM
But should I swap the values returned by cdKeydecode?

No!!

But without swapping dwKey1Product and dwKey2Product they are wrong :(

Just use memcpy like someone else suggested..

z-stars

#95
Quote from: UserLoser. on July 26, 2004, 08:05 PM
Quote from: z-stars on July 26, 2004, 07:57 PM
Quote from: UserLoser. on July 26, 2004, 07:51 PM
Quote from: z-stars on July 26, 2004, 07:14 PM
But should I swap the values returned by cdKeydecode?

No!!

But without swapping dwKey1Product and dwKey2Product they are wrong :(

Just use memcpy like someone else suggested..

I dont mean that my WriteDWord function doesn't work, I mean that dwKey1Product is 0x00000006, when the real client sends 0x06000000.

UserLoser.

#96
Quote from: z-stars on July 26, 2004, 08:08 PM
Quote from: UserLoser. on July 26, 2004, 08:05 PM
Quote from: z-stars on July 26, 2004, 07:57 PM
Quote from: UserLoser. on July 26, 2004, 07:51 PM
Quote from: z-stars on July 26, 2004, 07:14 PM
But should I swap the values returned by cdKeydecode?

No!!

But without swapping dwKey1Product and dwKey2Product they are wrong :(

Just use memcpy like someone else suggested..

I dont mean that my WriteDWord function doesn't work, I mean that dwKey1Product is 0x00000006, when the real client sends 0x06000000.

Yes.  I know that.  I never had to swap bytes before because i've always used RtlMoveMemory/memcpy.  Sorry, your WriteDWord function threw me off a lot

z-stars

#97
Mhh, I don't use memcpy, do I have to swap all the hashes too then?
EDIT: And about the second cd key value1, and the ExeInfo, anyone knows why are they different than the ones the real client sends?

MyndFyre

Guys, my god, get on AIM or something.  There have been ~15 posts to this thread in the last half-hour; I watched an entire page get added to this thread while I ate a small cookie-dough blizzard from Dairy Queen.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

z-stars

#99
Uhm I discovered something...
I made this program to see if CheckRevision() works well...

#include <windows.h>
#include <iostream>
#include <fstream>
#include <string>
#include <sys/stat.h>
#include <windows.h>
#include <process.h>
#include <commctrl.h>
#include <winreg.h>
#include <conio.h>

#include "CheckRevision.h"
#include "D2Test.h"

using namespace std;



int test1();


int main(void)
{
   test1();
   return 0;
}


int test1()
{
   int i = 0;
   DWORD RealChecksum = 0x901CF41B;
   DWORD CRVersion = 0;
   DWORD CRChecksum = 0;
   char ExeInfo[5000];
   memset(ExeInfo, 0, 5000);
   BOOL bCheckRevision = 0;
   bCheckRevision =
      CheckRevision("C:\\Archivos de programa\\Diablo II\\Game.exe",
         "C:\\Archivos de programa\\Diablo II\\BnClient.dll",
         "C:\\Archivos de programa\\Diablo II\\D2Client.dll",
         "A=256586614 B=432471822 C=762285261 4 A=A^S B=B+C C=C-A A=A^B",
         &CRVersion, &CRChecksum,
         ExeInfo, "IX86ver0.mpq");
   if(!bCheckRevision)
   {
      cout << "CheckRevision() failed" << endl;
      exit(0);
   }

   cout << "CRChecksum: " << hex << htonl(CRChecksum) << endl;
   cout << "CRVersion: " << hex << htonl(CRVersion) << endl;
   cout << ExeInfo << endl;
   return 0;
}


I logged a real connection between D2 and BNet, I got ValueString and MPQ Filename, and I called CheckRevision() with these to see if the exe hash it returns is the same than battle.net's...
It wasn't the same. Then, I ran the program again to see if it was random or something. It isn't random. Then, I changed D2Client.dll for storm.dll, the checksum changed... (but still not Battle.net's). And then I swapped D2Client.dll with BNetClient.dll and the checksum changed too... so does anyone know the exact files and the exact order of them to pass to CheckRevision()?



EDIT:
Confirmed:
-The files needed are: Game.exe, Bnclient.dll, and D2client.dll
-They go in that order.
dwVersion and dwExeHash are given in Big Endian, so they must be converted to Little Endian to put in the packet.
-ExeInfo string is still different, but as dwVersion and dwExeHash work, I suposse I could safely just copy the string D2 sends into ExeInfo.


EDIT:
I go to sleep, it's v late here.

z-stars

#100
I did the changes to CheckVersion that I wrote in the post above, and the 0x51 received packet has changed! now it is the "invalid CdKey" packet.

EDIT: uhm now it also IP bans me, is that normal?

Maddox

Quote from: z-stars on July 26, 2004, 08:03 PM
Quote from: Maddox on July 26, 2004, 07:56 PM
Quote from: z-stars on July 26, 2004, 03:33 PM
-The last string. D2 client sends "Game.exe 10/13/04 21:31:36 11988" while for some reason my program sends "Game.exe 05/16/04 21:31:36 11988"

http://forum.valhallalegends.com/phpbbs/index.php?board=17;action=display;threadid=6974

Uhm how can I fix that? or is there another better CheckVersion() function?

I posted how to in that thread...
asdf.

z-stars

#102
Quote from: Maddox on July 27, 2004, 05:42 AM
Quote from: z-stars on July 26, 2004, 08:03 PM
Quote from: Maddox on July 26, 2004, 07:56 PM
Quote from: z-stars on July 26, 2004, 03:33 PM
-The last string. D2 client sends "Game.exe 10/13/04 21:31:36 11988" while for some reason my program sends "Game.exe 05/16/04 21:31:36 11988"

http://forum.valhallalegends.com/phpbbs/index.php?board=17;action=display;threadid=6974

Uhm how can I fix that? or is there another better CheckVersion() function?

I posted how to in that thread...

CheckVersion() seems to work fine now, I managed to generate the same ExeHash than d2 client changing the order of the files (and using fixed values I got from the d2 packet log)

z-stars

#103
Is this code right? I want it to find out which is the cd key that is invalid, but in the second switch() it goes to the default.


LTBNSixthPacket()
{
   int n = 0;
   BEFORE_RECV;
   n = RecvPacket(crSixthPacket.packet, 50);
   if(n == -1) error(9, "RecvPacket");
   else cout << "Packet 6 Recv. Bytes: " << n << endl;
   
   memset(r_SID_AUTH_CHECK.AdditionalInformation, 0,
      sizeof(r_SID_AUTH_CHECK.AdditionalInformation));
   crSixthPacket.ReadByte(&r_SID_AUTH_CHECK.IntegrityCheck);
   crSixthPacket.ReadByte(&r_SID_AUTH_CHECK.PacketID);
   crSixthPacket.ReadWord(0, &r_SID_AUTH_CHECK.PacketLen);
   // Im converting this dword to big endian before parsing it.
   crSixthPacket.ReadWord(0, &r_SID_AUTH_CHECK.Result1);
   crSixthPacket.ReadWord(0, &r_SID_AUTH_CHECK.Result2);
   crSixthPacket.ReadString(r_SID_AUTH_CHECK.AdditionalInformation);

   cout << endl;
   switch(r_SID_AUTH_CHECK.Result1)
   {
   case 0x000: cout << "Passed Challenge" << endl; break;
   case 0x100: cout << "Old Game Version" << endl; break;
   case 0x101: cout << "Invalid Version" << endl; break;

   case 0x200: cout << "Invalid CDKey" << endl; break;
   case 0x201: cout << "CDKey in use" << endl; break;
   case 0x202: cout << "Banned CDKey" << endl; break;
   case 0x203: cout << "Wrong Product" << endl; break;
   default: cout << "Undefined" << endl;
   }

   switch(r_SID_AUTH_CHECK.Result2)
   {
   case 0x200: cout << "Invalid CDKey2" << endl; break;
   case 0x201: cout << "CDKey in use2" << endl; break;
   case 0x202: cout << "Banned CDKey2" << endl; break;
   case 0x203: cout << "Wrong Product2" << endl; break;
   default: cout << "Undefined" << endl;
   }


   cout << "ADDITIONAL INFORMATION: " <<
      r_SID_AUTH_CHECK.AdditionalInformation << endl;

   crSixthPacket.dbgShowPacket();

   return n;
}

z-stars

#104
I have fixed the CDKey2 Value1 error :), but battle.net still sends me the "Invalid CD-Key" packet and it still ip bans me. (And it ip bans me for a lot of time)

The new compare log: the 2 first logs are from real d2 client, the last log is from my prog. They seem to be identical... (Except the hashes and the client token of course)...


FF 51 86 00    header
ED E7 B4 11    client token
00 0A 00 01    exe version
D5 AD 18 D6    exe hash  
02 00 00 00    keys num
00 00 00 00    using spawn

10 00 00 00    key 1length
06 00 00 00       cdkey1 product
D9 15 0D 00    cdkey1 value1
00 00 00 00    key1 unknown

xx xx xx xx
xx xx xx xx
xx xx xx xx    KEY1 HASHED DATA
xx xx xx xx
xx xx xx xx

10 00 00 00      k2 len
0A 00 00 00    k2 product
FB F9 12 00    k2 value1
00 00 00 00    k2 unknown

xx xx xx xx
xx xx xx xx
xx xx xx xx    KEY2 HASHED DATA
xx xx xx xx
xx xx xx xx
 
47 61 6D 65 2E 65 78 65 20 31 30 2F 31 33 2F 30    Game.exe 10/13/0
33 20 30 38 3A 33 35 3A 33 30 20 31 31 39 38 38    3 08:35:30 11988
35 37 00 4D 65 00                                  57.Me.


__________________________________________________________________________



FF 51 86 00    header
1B 13 43 DF    client token
00 0A 00 01    exe version
DF F5 4A EE       exe hash
02 00 00 00    keys num
00 00 00 00    using spawn

10 00 00 00    key 1 length
06 00 00 00     cdkey1 product
D9 15 0D 00    cdkey1 value1
00 00 00 00    key1 unknown

xx xx xx xx
xx xx xx xx
xx xx xx xx    KEY1 HASHED DATA
xx xx xx xx
xx xx xx xx

10 00 00 00     k2 len
0A 00 00 00    k2 product
FB F9 12 00    k2 value1
00 00 00 00    k1 unknown

xx xx xx xx
xx xx xx xx
xx xx xx xx    KEY2 HASHED DATA
xx xx xx xx
xx xx xx xx

47 61 6D 65 2E 65 78 65 20 31 30 2F 31 33 2F 30    Game.exe 10/13/0
33 20 30 38 3A 33 35 3A 33 30 20 31 31 39 38 38    3 08:35:30 11988
35 37 00 4D 65 00                                  57.Me.


____________________________________________________________________________________________________


___________________________________________________________________________________



FF 51 86 00    header
58 01 3F 01    client token
00 0A 00 01    exe version
5C D5 B3 27   exe hash
02 00 00 00    keys num
00 00 00 00    using spawn

10 00 00 00    key1 len
06 00 00 00   key1 product
D9 15 0D 00    key1 val1
00 00 00 00    key1 unknown

xx xx xx xx
xx xx xx xx
xx xx xx xx    KEY1 HASHED DATA
xx xx xx xx
xx xx xx xx

10 00 00 00   k2 len
0A 00 00 00    k2 product
FB F9 12 00    k2 val1
00 00 00 00    k2 unknown

xx xx xx xx
xx xx xx xx
xx xx xx xx    KEY2 HASHED DATA
xx xx xx xx
xx xx xx xx

47 61 6D 65 2E 65 78 65 20 31 30 2F 31 33 2F 30    Game.exe 10/13/0
33 20 30 38 3A 33 35 3A 33 30 20 31 31 39 38 38    3 08:35:30 11988
35 37 00 4D 65 00                                  57.Me.



The full new packet log of my program...

1  Hide  Hide  1  Send  
0000  01                                                 .

2  Hide  Hide  50  Send  
0000  FF 50 32 00 00 00 00 00 36 38 58 49 50 58 32 44    .P2.....68XIPX2D
0010  0A 00 00 00 53 45 73 65 50 23 6B 1D 88 FF FF FF    ....SEseP#k.....
0020  0A 0C 00 00 0A 0C 00 00 45 53 50 00 53 70 61 69    ........ESP.Spai
0030  6E 00                                              n.

3  Hide  Hide  8  Recv  
0000  FF 25 08 00 98 F5 BB 67                            .%.....g

4  Hide  Hide  100  Recv  
0000  FF 50 64 00 00 00 00 00 01 0C F9 CB 37 38 16 00    .Pd.........78..
0010  00 EC D4 78 91 E7 C3 01 49 58 38 36 76 65 72 32    ...x....IX86ver2
0020  2E 6D 70 71 00 41 3D 31 30 35 34 37 39 37 38 32    .mpq.A=105479782
0030  39 20 42 3D 39 31 36 35 37 36 31 31 39 20 43 3D    9 B=916576119 C=
0040  33 38 33 34 32 37 34 31 34 20 34 20 41 3D 41 5E    383427414 4 A=A^
0050  53 20 42 3D 42 2D 43 20 43 3D 43 5E 41 20 41 3D    S B=B-C C=C^A A=
0060  41 2B 42 00                                        A+B.

5  Hide  Hide  134  Send  
0000  FF 51 86 00 58 01 3F 01 00 0A 00 01 5C D5 B3 27    .Q..X.?.....\..'
0010  02 00 00 00 00 00 00 00 10 00 00 00 06 00 00 00    ................
0020  D9 15 0D 00 00 00 00 00 xx xx xx xx xx xx xx xx    ................
0030  xx xx xx xx xx xx xx xx xx xx xx xx 10 00 00 00    ..7...H.........
0040  0A 00 00 00 FB F9 12 00 00 00 00 00 xx xx xx xx    ............MUjt
0050  xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx    lc.D........'NJQ
0060  47 61 6D 65 2E 65 78 65 20 31 30 2F 31 33 2F 30    Game.exe 10/13/0
0070  33 20 30 38 3A 33 35 3A 33 30 20 31 31 39 38 38    3 08:35:30 11988
0080  35 37 00 4D 65 00                                                     57.Me.

6  Hide  Hide  9  Recv  
0000  FF 51 09 00 00 02 00 00 00                         .Q.......


|