Advanced Programming | WoW

Author	Message	Time
UserLoser.	My function wasn't returning right values causing server to reject my logon [code] void CheckVersion(const BYTE ChecksumKey, const BYTE ClientKey, BYTE *Result) // Begin: HashA = SHA1(BufferA, WoW.exe, fmod.dll, ijl15.dll, dbghelp.dll, unicows.dll) // End: HashA = SHA1(BufferA, WoW.exe, fmod.dll, ijl15.dll, dbghelp.dll, unicows.dll) // Begin: HashB = SHA1(BufferB, HashA); // End: HashB = SHA1(BufferB, HashA) // Begin: Final = SHA1(A, HashB) // End: Final = SHA1(A, HashB) } [/code] Edit: Removed code left comments. You all have WoW.exe, do it your self	March 31, 2005, 10:37 AM
TheMinistered	Yes, run WoW.exe side by side with yours -- running with the same values. step through it instr by instr and find where you go wrong	April 1, 2005, 1:02 AM
UserLoser.	[quote author=TheMinistered link=topic=11114.msg106656#msg106656 date=1112317357] Yes, run WoW.exe side by side with yours -- running with the same values. step through it instr by instr and find where you go wrong [/quote] Edit: They never broke because my IDB was older than the current version of WoW I am running :P	April 1, 2005, 3:26 AM
EpicOfTimeWasted	Nevermind, I made a mistake.	April 1, 2005, 8:06 AM
EpicOfTimeWasted	It has to be SHA1 (or at least one of Blizzard's famous "modified" algorithms)... the Init and Update functions are the same, Final LOOKS the same (except for the two calls to HashUpdate, that seems a bit odd). Happen to have a link to a current copy of WoW.exe? Would be fun to look at when I get bored.	April 1, 2005, 8:31 AM
UserLoser.	For anyone who wants have fun: http://www.userloser.net/files/WoW.rar	April 1, 2005, 8:37 AM
EpicOfTimeWasted	Well, I glanced at it a bit before work today... so far the only things I've found are: HashTransform is the standard SHA1 transform, with loops unrolled. HashInit seems to be standard, except for moving the bit length to the start of the message (before the constants), rather than at the end. That would explain the mov [ecx], 0 and mov [ecx+4], 0. HashUpdate at first glance appears to be standard, but I have to agree with you about not wanting to reverse the damned thing just to find out. HashFinal... who knows. I'm used to just throwing an 0x80 at the end of my digest and calling it good, so that first call to HashUpdate seems odd to me. It appears to just be a stupid looking way to figure out 64 - sizeof(current_block_to_hash) though.	April 2, 2005, 6:38 AM
UserLoser.	Ok, to finalize this, it is the same exact SHA1 as it is for logon stuff. It seems Blizzard just wanted to change things around to make people work for it. Thanks to drivehappy for pointing out that my code indeed did work after he tested it, which led me to believe I had old WoW.exe	April 5, 2005, 6:34 AM

Author

Message

Time

UserLoser.

My function wasn't returning right values causing server to reject my logon

[code]
void CheckVersion(const BYTE *ChecksumKey, const BYTE *ClientKey, BYTE *Result)
// Begin: HashA = SHA1(BufferA, WoW.exe, fmod.dll, ijl15.dll, dbghelp.dll, unicows.dll)
// End: HashA = SHA1(BufferA, WoW.exe, fmod.dll, ijl15.dll, dbghelp.dll, unicows.dll)
// Begin: HashB = SHA1(BufferB, HashA);
// End: HashB = SHA1(BufferB, HashA)
// Begin: Final = SHA1(A, HashB)
// End: Final = SHA1(A, HashB)
}
[/code]

Edit: Removed code left comments. You all have WoW.exe, do it your self

March 31, 2005, 10:37 AM

TheMinistered

Yes, run WoW.exe side by side with yours -- running with the same values. step through it instr by instr and find where you go wrong

April 1, 2005, 1:02 AM

UserLoser.

[quote author=TheMinistered link=topic=11114.msg106656#msg106656 date=1112317357]
Yes, run WoW.exe side by side with yours -- running with the same values. step through it instr by instr and find where you go wrong
[/quote]

Edit: They never broke because my IDB was older than the current version of WoW I am running :P

April 1, 2005, 3:26 AM

EpicOfTimeWasted

Nevermind, I made a mistake.

April 1, 2005, 8:06 AM

EpicOfTimeWasted

It has to be SHA1 (or at least one of Blizzard's famous "modified" algorithms)... the Init and Update functions are the same, Final LOOKS the same (except for the two calls to HashUpdate, that seems a bit odd). Happen to have a link to a current copy of WoW.exe? Would be fun to look at when I get bored.

April 1, 2005, 8:31 AM

UserLoser.

For anyone who wants have fun:

http://www.userloser.net/files/WoW.rar

April 1, 2005, 8:37 AM

EpicOfTimeWasted

Well, I glanced at it a bit before work today... so far the only things I've found are:

HashTransform is the standard SHA1 transform, with loops unrolled.
HashInit seems to be standard, except for moving the bit length to the start of the message (before the constants), rather than at the end. That would explain the mov [ecx], 0 and mov [ecx+4], 0.
HashUpdate at first glance appears to be standard, but I have to agree with you about not wanting to reverse the damned thing just to find out.
HashFinal... who knows. I'm used to just throwing an 0x80 at the end of my digest and calling it good, so that first call to HashUpdate seems odd to me. It appears to just be a stupid looking way to figure out 64 - sizeof(current_block_to_hash) though.

April 2, 2005, 6:38 AM

UserLoser.

Ok, to finalize this, it is the same exact SHA1 as it is for logon stuff. It seems Blizzard just wanted to change things around to make people work for it. Thanks to drivehappy for pointing out that my code indeed did work after he tested it, which led me to believe I had old WoW.exe

April 5, 2005, 6:34 AM

Valhalla Legends Forums Archive | Advanced Programming | WoW - VersionCheck