• Welcome to Valhalla Legends Archive.
 

My First Binary Bot

Started by Joe[x86], October 29, 2004, 03:11 AM

Previous topic - Next topic

Joe[x86]

About a week ago, I got pissed because CSB uses the BNLS server that was down, so I stopped using it and decided to write my own Binary Bot. I feel that I'm doing quite poorly at it, but some say I'm doin good, so I'm still working on it. So far, I can send null packets (duh), log on to a JBLS server (like BNLS, made by The-FooL), and Request verbytes.

So, since I know a lot of people use CSB, but might want to try making a binary bot, have at some source code!

Verbyte Request for BNLS
pbuffer.InsertDWORD &H1
pbuffer.SendBNLSPacket &H10
WriteToLog "[BNLS] VerByte Requested (0x10)"
AddChat vbGreen, "[BNLS] Version Byte Requested (0x10)"


0x00 (Null) for JBLS
pbuffer.SendJBLSPacket "&H0"
AddChat vbGreen, "[JBLS] Sent 0x00"
WriteToLog "[JBLS] Sent 0x00 (JBLS_NULL)"


And last but not least, My Wonderful BNLS/JBLS parser:
Private Sub ParseJBLS(ByVal Data As String)
Select Case Asc(Mid(Data, 3, 1))
    Case &H10
        verbyte = GetDWORD(Mid(Data, 8, 4))
        verbyte = Replace(verbyte, Chr(13), vbNullString)
        Dim strVerbyte As String
        strVerbyte = verbyte
        AddChat vbGreen, "[JBLS] Verbyte: " & DecToHex(strVerbyte)
    Case Else
            AddChat vbCyan, "[JBLS] Data Arrival!"
            AddChat vbCyan, strJblsData
End Select
End Sub

Yup. It parses the whole 0x10 Packet.

Well, thats all I really have worth posting here. For the verbytes, though, if anyone has a DecToHex Sub so I can get verbytes like C9 and 0A and stuff, please post that here.


EDIT: I FINALLY stopped stubbing my toe on that fzcking 0x50 packet. Wee!
EDIT2: Used code blocks, and updated my ParseBNLS sub.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

EviL_MarinE

Use [ / code ] for your code plz.

Bot sounds good, keep it up :)

Eric

#2
* LoRd[nK] finds it odd that your connection's out buffer is referred to as "JBLS" while your connection's in buffer is referred to as "BNLS"

Even though the small amount of code you posted has little to no use to anyone other than yourself, it may help to include all of the functions your code requires to run, rather than just a select few.

QuoteFor the verbytes, though, if anyone has a DecToHex Sub so I can get verbytes like C9 and 0A and stuff, please post that here.


Dim sHex As String * 2

sHex = Hex(201)

iago

Quote from: LoRd[nK] on October 29, 2004, 05:35 AM
* LoRd[nK]

Dim sHex As String * 2

sHex = Hex(201)

Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Skywing

Quote from: iago on October 29, 2004, 08:28 AM
Quote from: LoRd[nK] on October 29, 2004, 05:35 AM
* LoRd[nK]

Dim sHex As String * 2

sHex = Hex(201)

Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.
Not quite, JBLS doesn't implement the full protocol.  For instance, you might have trouble getting EternalChat to log on to War3 using it, because (IIRC) JBLS doesn't support checking server password proofs.  AFAIK, it doesn't support password change, either.

Warrior

Yes, asked Spht why It wouldnt logon with SphtBot and he said it was something with JBLS .  Anyways Joe, Good job. Im glad to see your working so hard.
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

Eric

#6
QuoteWouldn't there be a danger with overflowing that if it was used for arbitrary data?

No.  It would just trunicate the returned value, but since, in this case, it'll only be used for byte conversions, so it shouldn't be a problem.

Joe[x86]

#7
Quote[12:47:49 PM] [JBLS] Connecting
[12:47:49 PM] [JBLS] Connected!
[12:47:50 PM] [JBLS] Version Byte Requested (0x10)
[12:47:50 PM] [JBLS] Verbyte: C9

*hugs lord, realizes what he just did, and steps back*

Thanks LoRd

EDIT: The reason it says the JBLS verbyte came from BNLS, is because my ParseJBLS sub is a copy and pasted version of my ParseBNLS sub and I forgot to change the label for it. Its fixed now.

EDIT2: As for Sphtbot, JBLS doesn't handle 0x0F properly, because, quite obviosly, FooL doesn't have the BNLS accound passwords :P

EDIT3: I tweaked the DecToHex thing a bit and ended up with..Public Function DecToHex(Dec As String) As String
Dim sHex As String * 2
sHex = Hex(Dec)
DecToHex = sHex
End Function
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

Minux

Quote from: JoeTheOdd on October 29, 2004, 02:48 PM


Public Function DecToHex(Dec As String) As String
Dim sHex As String * 2
sHex = Hex(Dec)
DecToHex = sHex
End Function


EDIT3: I tweaked the DecToHex thing a bit and ended up with..

Forgive me for being out of line, but how is that tweaked?

Lord's code
Quote from: LoRd[nK] on October 29, 2004, 05:35 AM

Dim sHex As String * 2

sHex = Hex(201)


All you did was make it into a function. So you constructed it into a routine...you did not tweak it.

Joe[x86]

By tweaked, I meant made it into a function :P
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

iago

Quote from: Skywing on October 29, 2004, 09:45 AM
Quote from: iago on October 29, 2004, 08:28 AM
Quote from: LoRd[nK] on October 29, 2004, 05:35 AM
* LoRd[nK]

Dim sHex As String * 2

sHex = Hex(201)

Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.
Not quite, JBLS doesn't implement the full protocol. For instance, you might have trouble getting EternalChat to log on to War3 using it, because (IIRC) JBLS doesn't support checking server password proofs. AFAIK, it doesn't support password change, either.

I've never actually looked at it at all.  But I'm not surprised it doesn't do password change, since he's using my login code and I never wrote a password change myself.  In fact, same with checking proofs.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Eric

#11
QuoteEDIT2: As for Sphtbot, JBLS doesn't handle 0x0F properly, because, quite obviosly, FooL doesn't have the BNLS accound passwords Tongue
All it'd have to do is spit out a random encryption key and return the sucess value when the client replied to it with the checksum...

Skywing

Quote from: iago on October 29, 2004, 05:48 PM
Quote from: Skywing on October 29, 2004, 09:45 AM
Quote from: iago on October 29, 2004, 08:28 AM
Quote from: LoRd[nK] on October 29, 2004, 05:35 AM
* LoRd[nK]

Dim sHex As String * 2

sHex = Hex(201)

Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.
Not quite, JBLS doesn't implement the full protocol. For instance, you might have trouble getting EternalChat to log on to War3 using it, because (IIRC) JBLS doesn't support checking server password proofs. AFAIK, it doesn't support password change, either.

I've never actually looked at it at all.  But I'm not surprised it doesn't do password change, since he's using my login code and I never wrote a password change myself.  In fact, same with checking proofs.
Provided he understands how the system works, it shouldn't be too difficult to implement those...

The-FooL

#13
 
Quote from: LoRd[nK] on October 29, 2004, 07:55 PM
QuoteEDIT2: As for Sphtbot, JBLS doesn't handle 0x0F properly, because, quite obviosly, FooL doesn't have the BNLS accound passwords Tongue
All it'd have to do is spit out a random encryption key and return the sucess value when the client replied to it with the checksum...

It actually does support the BNLS account login packets, but accepts all logins as anonymous.  You *could* modify the source and have it reply with the password verified response code.

And as iago said, I used his Checkrevision and SRP Classes, so there is no change password support.

Joe[x86]

Well, I don't mean to be a topic bumper, but..

*BUMP*

Work on this project has been re-started. I'm working on a JSTR client because 0x51 was a stumper. My BNLS packet work with the JSTR client should be sufficient to get past 0x51, but, meh.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.