• Welcome to Valhalla Legends Archive.
 

[VB6] S->C SID_AUTH_INFO

Started by Sorc.Polgara, August 08, 2004, 06:21 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

Sorc.Polgara

August 08, 2004, 06:21 PM
I am having trouble extracting the data from the packet that was returned by the SID_AUTH_INFO packet.

I'm using the Grok's DebugOutput function but I'm finding that its is just confusing me.

The format of the returned packet by the SID_AUTH_INFO packet is
Quote
(DWORD)       Logon Type
(DWORD)       Server Token
(DWORD)       UDPValue**
(FILETIME)    MPQ filetime
(STRING)       IX86ver filename
(STRING)       ValueString

This is what the DebugOutput function displays in the lstbox I used
Quote
FF 50 62 00 00 00 00 00 E7 F9 41 F3 8C 60 02 00   ÿPb.....çùAóŒ`..
00 81 8F 83 91 E7 C3 01 49 58 38 36 76 65 72 37   .??ƒ'çÃ.IX86ver7
2E 6D 70 71 00 41 3D 32 39 30 30 32 37 33 31 39   .mpq.A=290027319
20 42 3D 37 30 39 37 36 34 30 32 35 20 43 3D 34    B=709764025 C=4
32 37 31 38 35 33 36 20 34 20 41 3D 41 2B 53 20   2718536 4 A=A+S
42 3D 42 5E 43 20 43 3D 43 5E 41 20 41 3D 41 5E   B=B^C C=C^A A=A^
42 00                                             B...............

The packet has a total of 99 bytes...

DWORDs are 32-bit unsigned integers, 4bytes and so to get the "Logon Type" I should take the first 4 bytes from the packet.

I tried to get the "Logon Type" by using the MidB function like this
Code Select

LogonType = MidB(data, 1, 4)


What I get is the "ÿP" that is shown from the DebugOutput.

The possible logon type values are
Quote
0: Broken Sha-1 (STAR/SEXP/D2DV/D2XP)
1: NLS version 1 (War3Beta)
2: NLS Version 2 (WAR3)

ummm I don't think that "ÿP" is 0, 1 or 2 =\

where is this Logon Type?

Soul Taker

#1
August 08, 2004, 06:37 PM
The first four bytes of all BNCS packets is the packet header.  The format shall always be 0xFF followed by the packet ID as a byte, followed by the packet length as a WORD.  The logon type would then logically be the next four bytes.

Sorc.Polgara

#2
August 08, 2004, 08:28 PM Last Edit: August 08, 2004, 08:29 PM by bethra
Quote from: Soul Taker on August 08, 2004, 06:37 PM
The first four bytes of all BNCS packets is the packet header.  The format shall always be 0xFF followed by the packet ID as a byte, followed by the packet length as a WORD.  The logon type would then logically be the next four bytes.

LogonType = MidB(data, 4, 4)

gives me "?"

LogonType = Mid(data, 4, 4)

gives me "" nothing

UserLoser.

#3
August 08, 2004, 08:58 PM
Quote from: bethra on August 08, 2004, 08:28 PM

LogonType = MidB(data, 4, 4)

gives me "?"

LogonType = Mid(data, 4, 4)

gives me "" nothing

You should be storing it as a long, not a string.  Look into RtlMoveMemory() to copy the 4 bytes into a long.
Print
|
Go Up Pages1
User actions