My First Binary Bot

[Joe[x86]]

About a week ago, I got pissed because CSB uses the BNLS server that was down, so I stopped using it and decided to write my own Binary Bot. I feel that I'm doing quite poorly at it, but some say I'm doin good, so I'm still working on it. So far, I can send null packets (duh), log on to a JBLS server (like BNLS, made by The-FooL), and Request verbytes.

So, since I know a lot of people use CSB, but might want to try making a binary bot, have at some source code!

Verbyte Request for BNLS

Code Select Expand


pbuffer.InsertDWORD &H1
pbuffer.SendBNLSPacket &H10
WriteToLog "[BNLS] VerByte Requested (0x10)"
AddChat vbGreen, "[BNLS] Version Byte Requested (0x10)"

0x00 (Null) for JBLS

Code Select Expand


pbuffer.SendJBLSPacket "&H0"
AddChat vbGreen, "[JBLS] Sent 0x00"
WriteToLog "[JBLS] Sent 0x00 (JBLS_NULL)"

And last but not least, My Wonderful BNLS/JBLS parser:

Code Select Expand


Private Sub ParseJBLS(ByVal Data As String)
Select Case Asc(Mid(Data, 3, 1))
    Case &H10
        verbyte = GetDWORD(Mid(Data, 8, 4))
        verbyte = Replace(verbyte, Chr(13), vbNullString)
        Dim strVerbyte As String
        strVerbyte = verbyte
        AddChat vbGreen, "[JBLS] Verbyte: " & DecToHex(strVerbyte)
    Case Else
            AddChat vbCyan, "[JBLS] Data Arrival!"
            AddChat vbCyan, strJblsData
End Select
End Sub
Yup. It parses the whole 0x10 Packet.

Well, thats all I really have worth posting here. For the verbytes, though, if anyone has a DecToHex Sub so I can get verbytes like C9 and 0A and stuff, please post that here.


EDIT: I FINALLY stopped stubbing my toe on that fzcking 0x50 packet. Wee!
EDIT2: Used code blocks, and updated my ParseBNLS sub.

[EviL_MarinE]

Use [ / code ] for your code plz.

Bot sounds good, keep it up

[Eric]

* LoRd[nK] finds it odd that your connection's out buffer is referred to as "JBLS" while your connection's in buffer is referred to as "BNLS"

Even though the small amount of code you posted has little to no use to anyone other than yourself, it may help to include all of the functions your code requires to run, rather than just a select few.

For the verbytes, though, if anyone has a DecToHex Sub so I can get verbytes like C9 and 0A and stuff, please post that here.

Code Select Expand


Dim sHex As String * 2

sHex = Hex(201)


[iago]

* LoRd[nK]

Code Select Expand


Dim sHex As String * 2

sHex = Hex(201)


Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.

[Skywing]

* LoRd[nK]

Code Select Expand


Dim sHex As String * 2

sHex = Hex(201)


Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.

Not quite, JBLS doesn't implement the full protocol.  For instance, you might have trouble getting EternalChat to log on to War3 using it, because (IIRC) JBLS doesn't support checking server password proofs.  AFAIK, it doesn't support password change, either.

[Warrior]

Yes, asked Spht why It wouldnt logon with SphtBot and he said it was something with JBLS .  Anyways Joe, Good job. Im glad to see your working so hard.

[Eric]

Wouldn't there be a danger with overflowing that if it was used for arbitrary data?

No.  It would just trunicate the returned value, but since, in this case, it'll only be used for byte conversions, so it shouldn't be a problem.

[Joe[x86]]

[12:47:49 PM] [JBLS] Connecting
[12:47:49 PM] [JBLS] Connected!
[12:47:50 PM] [JBLS] Version Byte Requested (0x10)
[12:47:50 PM] [JBLS] Verbyte: C9

*hugs lord, realizes what he just did, and steps back*

Thanks LoRd

EDIT: The reason it says the JBLS verbyte came from BNLS, is because my ParseJBLS sub is a copy and pasted version of my ParseBNLS sub and I forgot to change the label for it. Its fixed now.

EDIT2: As for Sphtbot, JBLS doesn't handle 0x0F properly, because, quite obviosly, FooL doesn't have the BNLS accound passwords

EDIT3: I tweaked the DecToHex thing a bit and ended up with..

Code Select Expand

Public Function DecToHex(Dec As String) As String
Dim sHex As String * 2
sHex = Hex(Dec)
DecToHex = sHex
End Function

[Minux]

Code Select Expand


Public Function DecToHex(Dec As String) As String
Dim sHex As String * 2
sHex = Hex(Dec)
DecToHex = sHex
End Function


EDIT3: I tweaked the DecToHex thing a bit and ended up with..

Forgive me for being out of line, but how is that tweaked?

Lord's code

Code Select Expand


Dim sHex As String * 2

sHex = Hex(201)


All you did was make it into a function. So you constructed it into a routine...you did not tweak it.

[Joe[x86]]

By tweaked, I meant made it into a function

[iago]

* LoRd[nK]

Code Select Expand


Dim sHex As String * 2

sHex = Hex(201)


Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.

Not quite, JBLS doesn't implement the full protocol. For instance, you might have trouble getting EternalChat to log on to War3 using it, because (IIRC) JBLS doesn't support checking server password proofs. AFAIK, it doesn't support password change, either.

I've never actually looked at it at all.  But I'm not surprised it doesn't do password change, since he's using my login code and I never wrote a password change myself.  In fact, same with checking proofs.

[Eric]

EDIT2: As for Sphtbot, JBLS doesn't handle 0x0F properly, because, quite obviosly, FooL doesn't have the BNLS accound passwords Tongue

All it'd have to do is spit out a random encryption key and return the sucess value when the client replied to it with the checksum...

[Skywing]

* LoRd[nK]

Code Select Expand


Dim sHex As String * 2

sHex = Hex(201)


Wouldn't there be a danger with overflowing that if it was used for arbitrary data? Or is buffer overflow not an issue in vb (thus creating MORE bad habits in vb programmers)?

Incidentally, BNLS and JBLS are interchangable, so you can technically use CSB with JBLS to log in.  If you can't change the BNLS server for CSB easily, you can probably do it in your hosts file.

Not quite, JBLS doesn't implement the full protocol. For instance, you might have trouble getting EternalChat to log on to War3 using it, because (IIRC) JBLS doesn't support checking server password proofs. AFAIK, it doesn't support password change, either.

I've never actually looked at it at all.  But I'm not surprised it doesn't do password change, since he's using my login code and I never wrote a password change myself.  In fact, same with checking proofs.

Provided he understands how the system works, it shouldn't be too difficult to implement those...

[The-FooL]

 

EDIT2: As for Sphtbot, JBLS doesn't handle 0x0F properly, because, quite obviosly, FooL doesn't have the BNLS accound passwords Tongue

All it'd have to do is spit out a random encryption key and return the sucess value when the client replied to it with the checksum...

It actually does support the BNLS account login packets, but accepts all logins as anonymous.  You *could* modify the source and have it reply with the password verified response code.

And as iago said, I used his Checkrevision and SRP Classes, so there is no change password support.

[Joe[x86]]

Well, I don't mean to be a topic bumper, but..

*BUMP*

Work on this project has been re-started. I'm working on a JSTR client because 0x51 was a stumper. My BNLS packet work with the JSTR client should be sufficient to get past 0x51, but, meh.