Valhalla Legends Forums Archive | Battle.net Bot Development | I found a problem with BNLS.

AuthorMessageTime
Deception
I found a problem with BNLS.

To explain this problem, we must first understand what BNLS does.

BNLS receives your account passwords and CD-Keys in plaintext from the client.
It then hashes them and sends back the hashed value to the client to be sent to Battle.net.

Now, the whole purpose of hashing in the first place is to make it impossible to obtain the password/CD-Key when sending it to Battle.net (through sniffers and what not). You send a hashed value instead of the plaintext value.

So, the problem with BNLS is simple: It defeats the purpose of hashing in the first place.

Unfortunetly this is a problem with only one solution: Stop using BNLS.

It's pointless.
May 6, 2005, 4:51 AM
Quarantine
Wow, you're a fucking genius. Shutup.
May 6, 2005, 5:13 AM
UserLoser.
What's the problem?  You're jealous now because you use that NLS.dll or what
May 6, 2005, 6:18 AM
QwertyMonster
BNLS isnt Pointless everywhere. It is helpful, if you know how to use it in the right way.

EG: For connecting to some clients. (Warcraft perhaps..)
May 6, 2005, 7:08 AM
Eternal
[quote author=Deception link=topic=11503.msg111253#msg111253 date=1115355083]
I found a problem with BNLS.

To explain this problem, we must first understand what BNLS does.

BNLS receives your account passwords and CD-Keys in plaintext from the client.
It then hashes them and sends back the hashed value to the client to be sent to Battle.net.

Now, the whole purpose of hashing in the first place is to make it impossible to obtain the password/CD-Key when sending it to Battle.net (through sniffers and what not). You send a hashed value instead of the plaintext value.

So, the problem with BNLS is simple: It defeats the purpose of hashing in the first place.

Unfortunetly this is a problem with only one solution: Stop using BNLS.

It's pointless.
[/quote]

Then don't use it.
May 6, 2005, 7:52 AM
Networks
Wow..weren't you doing a "clan" (group) project that was going to impliment BNLS along with a hashed connection? And I believe you were mad at ArchAngel because he didn't want to a project that implimented BNLS and you did.

Deception that was retard post and you're simply stating the obvious many people (a good majority of respected programmers) already knew about. Congratulations!

[quote]
It's pointless.
[/quote]

Yes this entire post is. I give you the most pointless post of the year. Infact you're slowly losing my respect with such immaturity.

The solution is quite simple:
If you don't like it, DO NOT use it.
May 6, 2005, 4:19 PM
R.a.B.B.i.T
The point of using BNLS to hash passwords and CD-Keys isn't because you need them hashed so nobody can read them, it's to hash them because that's what Battle.Net requires to determine a valid copy of the game.  Please understand what BNLS does before you try and bash it.
<translation>Shut the fuck up.</translation>
May 6, 2005, 4:43 PM
CrAz3D
[quote author=Warrior link=topic=11503.msg111254#msg111254 date=1115356429]
Wow, you're a fucking genius. Shutup.
[/quote]I second that motion.

BNLS, like it, love it, or shove it
May 6, 2005, 4:49 PM
Quarantine
I don't believe you have any right to be telling anyone what they should and should not run, so when you run BNLS then you can do whatever you want with the server, as wrong as your thinking may be.
May 6, 2005, 5:30 PM
Deception
You kids make me laugh.

And no, Networks, ArchAngel refused to use anything but BNLS on the clan bot project. That is why I banned him.
May 6, 2005, 5:45 PM
QwertyMonster
[quote author=Deception link=topic=11503.msg111300#msg111300 date=1115401535]
And no, Networks, ArchAngel refused to use anything but BNLS on the clan bot project. That is why I banned him.
[/quote]

We dont care.

[quote author=Deception link=topic=11503.msg111300#msg111300 date=1115401535]
You kids make me laugh
[/quote]

You, calling us kids? Get a life Deception. No-one likes you, you jealous ignorant worthless peice of dirt on this planet. Go live on Mars.
May 6, 2005, 5:47 PM
shout
I think the point of BNLS is to provide a way to hash because you don't want to use or can't use local hashing.
May 6, 2005, 5:54 PM
UserLoser.
[quote author=Shout link=topic=11503.msg111302#msg111302 date=1115402047]
I think the point of BNLS is to provide a way to hash because you don't want to use or can't use local hashing.
[/quote]

As Spht once told me when I told him that someone else who was banned here a long time ago and I (way before the whole maddox/iago/theministered/whoever else ordeal) were going to start reversing War3 logon things year(s) ago, "why reinvent the wheel?"
May 6, 2005, 6:57 PM
Archangel
[quote author=Deception link=topic=11503.msg111300#msg111300 date=1115401535]
You kids make me laugh.

And no, Networks, ArchAngel refused to use anything but BNLS on the clan bot project. That is why I banned him.
[/quote]

1st of all you didnt banned me, i left your clan. (lol you are an idiot)

2nd, i didnt rejected Local hashed connection, i just said it was a clan project and we would use what we (members) wanted, but you are so damn immature and selfish that you wanted us to make a operator bot just for you.

And like warrior told you:
If you are scared to send data to a server over a game, get off the internet.

[The only problem here is you]
May 6, 2005, 9:14 PM
QwertyMonster
In simple:

[size=3]Dont like BNLS? Dont use it then![/size]
May 6, 2005, 10:31 PM
Deception
I don't use it. I never said I "didn't like it". I am just saying it is pointless.
May 6, 2005, 10:33 PM
KkBlazekK
BNLS is useful for getting the newest game version.
May 6, 2005, 10:54 PM
BaDDBLooD
[quote author=Blaze link=topic=11503.msg111328#msg111328 date=1115420090]
BNLS is useful for getting the newest game version.
[/quote]

You don't have to perform your own check revision, you don't have to worry about the correct hash files either.
May 6, 2005, 11:00 PM
Lenny
To be fair, Deception is simply incorrectly stating what shadypalm88 had suggested long ago.  I don't know why he's stating it, but it's clearly made him very popular.

https://davnit.net/bnet/vL/phpbbs/index.php?topic=11231.0

Regardless, it's time for the moderators to remove this duplicate topic...
May 6, 2005, 11:03 PM
Quarantine
Who are you to say something what's pointless and what's not when it's not your software to begin with? You're mad because of something that happened between Me, You, Archangel, and the rest of DC. You really should stop talking like you know what you're saying because really, you don't.

I think that about sums it up, anything else?
May 6, 2005, 11:04 PM
Stealth
[quote author=Deception link=topic=11503.msg111253#msg111253 date=1115355083]
I found a problem with BNLS.

To explain this problem, we must first understand what BNLS does.

BNLS receives your account passwords and CD-Keys in plaintext from the client.
It then hashes them and sends back the hashed value to the client to be sent to Battle.net.

Now, the whole purpose of hashing in the first place is to make it impossible to obtain the password/CD-Key when sending it to Battle.net (through sniffers and what not). You send a hashed value instead of the plaintext value.

So, the problem with BNLS is simple: It defeats the purpose of hashing in the first place.

Unfortunetly this is a problem with only one solution: Stop using BNLS.

It's pointless.
[/quote]

Those of you who play WoW will understand this:

/slap
/spit
/shoo

Translation for non-WoW-players:

Go away. Nobody wants to hear you complain. I humbly suggest that a moderator remove this thread.
May 7, 2005, 2:24 AM
shout
You should translate everything Stealth!!!

Here Deception, I encoded your little speach into one little line:
[quote]
bnls R t3H SuX0R!111 i R t3H R0X0R!!!oneoneoneone1
[/quote]
May 7, 2005, 5:48 AM
shout
Goody... I'm gay. :P I'm the gay beacuse someone over the internet said I am. OMG OMG IMA FAG! OMG KILL ME!

What is it with people and their hatred of homosexuals? I don't get it.
May 7, 2005, 9:48 AM
Deception
Stealth: I am not complaining. Maybe you should re-read my thread before you post lies. I was just stating a fact. It's not my problem that the fact that BNLS is pointless causes you to get emotional.

Everyone else: Your lack of maturity on this thread reveals your true nature.
May 7, 2005, 10:09 AM
UserLoser.
[quote author=Deception link=topic=11503.msg111364#msg111364 date=1115460587]
Stealth: I am not complaining. Maybe you should re-read my thread before you post lies. I was just stating a fact. It's not my problem that the fact that BNLS is pointless causes you to get emotional.

Everyone else: Your lack of maturity on this thread reveals your true nature.
[/quote]

Some people may have a lack of maturity, but you may lack the ability to cope with others in life, and on the Internet.  Group projects is something that you'll most likely have to face in a real job.  It's not my problem that it's a fact.
May 7, 2005, 4:24 PM
Quarantine
Also for the same reason banned because I am somehow a "traitor" for having a different opinion on something which you have now
May 7, 2005, 4:58 PM
Archangel
[quote]
Everyone else: Your lack of maturity on this thread reveals your true nature.[/quote]

Yep this is how maturity works:
http://www.archangel.bnetweb.com/projecto/immortal_bot_leak/Immortal%20Bot%20Source.zip

>> https://davnit.net/bnet/vL/phpbbs/index.php?topic=8803.0
- NLS.dll: This is a private dll, this bot is not authorized to use it.

>> https://davnit.net/bnet/vL/phpbbs/index.php?topic=6404.0
- Scammed ChRoNiC for 0x7D? Wow.
Quote: effect: For reference Nyko = Decep7ion@uswest , go and hunt him down =p

Edit: I prefer using BNLS than using someone else code and un-authorized dll's.

Ohh and didint you made a scam for warcraft III keys?
May 7, 2005, 6:44 PM
ColT
[quote author=Archangel link=topic=11503.msg111410#msg111410 date=1115491460]
[quote]
Everyone else: Your lack of maturity on this thread reveals your true nature.[/quote]

Yep this is how maturity works:
http://www.archangel.bnetweb.com/projecto/immortal_bot_leak/Immortal%20Bot%20Source.zip

>> https://davnit.net/bnet/vL/phpbbs/index.php?topic=8803.0
- NLS.dll: This is a private dll, this bot is not authorized to use it.

>> https://davnit.net/bnet/vL/phpbbs/index.php?topic=6404.0
- Scammed ChRoNiC for 0x7D? Wow.
Quote: effect: For reference Nyko = Decep7ion@uswest , go and hunt him down =p

Edit: I prefer using BNLS than using someone else code and un-authorized dll's.

Ohh and didint you made a scam for warcraft III keys?
[/quote]

Deception I suggest you only post on these forums for help, not to bitch.

Edit: Chonics' story was good!
May 7, 2005, 7:12 PM
Deception
You're an idiot. Just like Stealth, you think I am complaining or bitching when I am just showing you why BNLS is stupid and anyone who chooses it over local hashing is an idiot for a number of reasons.
May 7, 2005, 7:28 PM
BaDDBLooD
[quote author=Deception link=topic=11503.msg111419#msg111419 date=1115494081]
You're an idiot. Just like Stealth, you think I am complaining or bitching when I am just showing you why BNLS is stupid and anyone who chooses it over local hashing is an idiot for a number of reasons.
[/quote]

There are plenty of reasons why BNLS is awesome.  Don't be hating just because your jealous, that is just so incredibly uncool.

Reasons why BNLS is good:

Always updated
You can get the current version byte
you can have check revision performed
it has cdkey decoding
hashing of passwords using Broken SHA-1
it also has all the SRP variables needed for logging on Warcraft III.

It's a very good learning tool, requiring:

Knowledge of TCP/IP
Data Types

BNLS Wasn't intended as a way to avoid sending information in "plain text".

It does what it was intended to do, very well i might add.

You should get your head out of your ass, and start appreciating all the time and effort skywing and yoni spent on BNLS, as well as how much it helps people.

You are the immature idiot.  You have no respect for yourself, your friends, nor the people on this forum.  You are a self centered, narrow minded, ego tripping asshole.
May 7, 2005, 7:49 PM
Ringo
I dont know what was more pointless, Description's existance or this whole topic in general.

Going back to the 1st post, maybe you would like to explain why Starcraft Japan Client (by blizzard might i add) send raw unhashed cdkey data to the battle.net server? its pointless right?

And wouldnt bnet have to remove all hashing/decoding/revision functions from all there clients for BNLS to become "pointless" ?

And yes like BaDDBLooD said BNLS is good for learning the method to a battle.net connection and also gives people another option to choose from.

It seems this Description kiddie is a prime example of what happens when you become additcted to SC.
May 7, 2005, 8:06 PM
Quarantine
Holy crap BadBlood, best I've heard.
May 7, 2005, 8:50 PM
Maddox
i brought this point up like 2 years ago. you're a little late.
May 7, 2005, 8:51 PM
ColT
I don't like BNLS as much as I like Hashing, but you don't hear me bitching right Deception?
May 7, 2005, 10:24 PM
tA-Kane
Deception, while the algorithms behind BNLS are designed for the security of your information (password and cdkey, specifically), BNLS itself is not. While I do not know specifically why it was developed, I do believe that it is designed to enhance and boost the speed of developing third party Battle.net clients. Using BNLS, it is incredibly easy to write a Battle.net client without even the basic knowledge required of the algorithms used in protecting your data. In fact, it is helpful for some languages that hinder bitwise calculations, such as PHP. While I'm sure it's certainly possible to port the necessary algorithms to PHP, it would take a lot of time and effort. With BNLS, you can simply add another socket, add a relatively small amount of processing code, and get underway on the "real" part of a Battle.net client: the post-logon communications.

In addition to those, it is very helpful for those on slow connections. BNLS allows these slow connections to download "other" things instead of patches, which can be sized in several megabytes. While just a few MB for any decent connection would take relatively no time at all, it can take as much as 30 minutes to a half hour to download patches at 5 KB/sec. Without BNLS, users of third party clients would be required to download those patches in order to use the clients after a patch. With BNLS, it enables those users to simply send the hashing data to another server, receive the (very short) results, and proceed to logging in.

To add to that, I know a lot of people that run their bots on low-end machines that have been stripped and turned into a server. These machines are often very low speed, in terms of the processor. I've heard that some of the common algorithms used in third party clients would take several seconds to compute the necessary information required to successfully connect as a WarCraft 3 client, not because of the "new logon system" used in WarCraft 3, but because the WarCraft 3 executable is several MB in size. These clients can instead, send the required information to BNLS and usually receive a result in a shorter amount of time than it would have for those clients to have computed the information themselves.


While it is possible for every client written in every language to use the algorithms required on the local side instead of BNLS side, it would be quite a pain in the ass. Imagine you're new to writing Battle.net clients. You're implementing an algorithm you know practically nothing about, and get something wrong. You don't know the problem is there until after you try to connect to Battle.net, and then once you know it's there, you don't know where it is because, again, you know next to nothing about the algorithms you just implemented. BNLS simplifies this process. Instead of needing knowledge in two (or more) fields of programming; networking and hashing... you only need a little extra knowledge in the first field of networking.

Sure, BNLS could be used to steal your information. But you know what? If someone really wanted to steal your information, they wouldn't be using BNLS to do it with. Not only that, but I know of NO concrete evidence that BNLS has ever been used to steal the only two forms of personal information transmitted in the process.


Deception, before you again claim that you know what something was designed for and then immediately proceed to shoot that down, perhaps you should learn a little more about it.
May 8, 2005, 12:25 AM
Quarantine
Always have to make a story don't you :p
May 8, 2005, 1:09 AM
Archangel
Why do you even care if BNLS is stealing your information?  If i remember correctly, the keys you currently use are from a scam you created, aren't they?  You claim BNLS "steals" cdkeys, right? Why then, do you develop software to get other peoples keys?  Wouldn't BNLS "steal" the exact same cdkeys you stole? 

Whats the difference between your scam and BNLS? 
First, it is imperative that you understand what BNLS is, and that it's not a scam.  BNLS actually helps the community as a whole, and your program is just evil, benefitting NOONE.  It doesn't even connect to battle.net, even if it did, it would use the un-authorized NLS.dll library as a basis.
 
You have lost my respect as a programmer.
May 8, 2005, 3:33 AM
warz
I dont even understand whats goin on here.
May 8, 2005, 6:51 AM
Topaz
deceptive griefer.
May 8, 2005, 7:07 AM
Deception
[quote author=Archangel link=topic=11503.msg111468#msg111468 date=1115523214]
Why do you even care if BNLS is stealing your information?  If i remember correctly, the keys you currently use are from a scam you created, aren't they?  You claim BNLS "steals" cdkeys, right? Why then, do you develop software to get other peoples keys?  Wouldn't BNLS "steal" the exact same cdkeys you stole? 

Whats the difference between your scam and BNLS? 
First, it is imperative that you understand what BNLS is, and that it's not a scam.  BNLS actually helps the community as a whole, and your program is just evil, benefitting NOONE.  It doesn't even connect to battle.net, even if it did, it would use the un-authorized NLS.dll library as a basis.
 
You have lost my respect as a programmer.
[/quote]

My CD-Key scam program does benefit one person. Me. And no, my program DOES logon to Battle.net under WarCraft III, to test the CD-Key before I receive it. It does this with BNCSUtil. Not NLS.dll or BNLS.

Also, I don't remember this topic having anything to do with my method of obtaining CD-Keys. Perhaps you are all ignorant to the fact that if you use a CD-Key that isn't from a game you bought, you're using a stolen CD-Key and thus hindering someone's ability to use their game on Battle.net.

Also, it is very immature to post other people's stolen code on these forums when you yourself think using NLS.dll is wrong. You're a hypocrite.

Oh, and some idiot up there reminded me that StarCraft Japanese sends the CD-Key in plaintext via packet 0x30. Duh. Have you noticed Blizzard has since made all there games send a hashed version of the CD-Key, because they realized it was a security vulnerabiliy? Perhaps you didn't see that they haven't (to my knowledge) ever patched StarCraft Japanese to upgrade it's logon sequence to the same level as the newer products. Mostly because it didn't sell very well.

Kane, you should understand that us Windows users have the luxury of a library called BNCSUtil. This means we don't have to use BNLS or reverse the functions ourselves.
It is open source and very simple to use thanks to Cloaked. Maybe if you came to face the harsh reality that Macs are the shittiest computers ever built, you would have known that.

Reguardless of the fact that most of the people who posted here are morons, I'd have to say you completely misinterpreted my thread. I was not flaming anyone or "complaining and bitching". I was just giving all you dim witted fools a heads up on why BNLS is useless.

If you really have a problem downloading updated binary files or modifying your version bytes, you're a god damned idiot and you don't belong on Battle.net.
May 8, 2005, 7:18 AM
Maddox
[quote author=Deception link=topic=11503.msg111482#msg111482 date=1115536683]
[quote author=Archangel link=topic=11503.msg111468#msg111468 date=1115523214]
Why do you even care if BNLS is stealing your information?  If i remember correctly, the keys you currently use are from a scam you created, aren't they?  You claim BNLS "steals" cdkeys, right? Why then, do you develop software to get other peoples keys?  Wouldn't BNLS "steal" the exact same cdkeys you stole? 

Whats the difference between your scam and BNLS? 
First, it is imperative that you understand what BNLS is, and that it's not a scam.  BNLS actually helps the community as a whole, and your program is just evil, benefitting NOONE.  It doesn't even connect to battle.net, even if it did, it would use the un-authorized NLS.dll library as a basis.
 
You have lost my respect as a programmer.
[/quote]

My CD-Key scam program does benefit one person. Me. And no, my program DOES logon to Battle.net under WarCraft III, to test the CD-Key before I receive it. It does this with BNCSUtil. Not NLS.dll or BNLS.

Also, I don't remember this topic having anything to do with my method of obtaining CD-Keys. Perhaps you are all ignorant to the fact that if you use a CD-Key that isn't from a game you bought, you're using a stolen CD-Key and thus hindering someone's ability to use their game on Battle.net.

Also, it is very immature to post other people's stolen code on these forums when you yourself think using NLS.dll is wrong. You're a hypocrite.

Oh, and some idiot up there reminded me that StarCraft Japanese sends the CD-Key in plaintext via packet 0x30. Duh. Have you noticed Blizzard has since made all there games send a hashed version of the CD-Key, because they realized it was a security vulnerabiliy? Perhaps you didn't see that they haven't (to my knowledge) ever patched StarCraft Japanese to upgrade it's logon sequence to the same level as the newer products. Mostly because it didn't sell very well.

Kane, you should understand that us Windows users have the luxury of a library called BNCSUtil. This means we don't have to use BNLS or reverse the functions ourselves.
It is open source and very simple to use thanks to Cloaked. Maybe if you came to face the harsh reality that Macs are the shittiest computers ever built, you would have known that.

Reguardless of the fact that most of the people who posted here are morons, I'd have to say you completely misinterpreted my thread. I was not flaming anyone or "complaining and bitching". I was just giving all you dim witted fools a heads up on why BNLS is useless.

If you really have a problem downloading updated binary files or modifying your version bytes, you're a god damned idiot and you don't belong on Battle.net.
[/quote]

BNCSUtil compiles under OSX and Linux as well.
May 8, 2005, 8:31 AM
Deception
[quote]
BNCSUtil compiles under OSX and Linux as well.
[/quote]

Well then why hasn't Kane heard about it?

Also note that BNCSUtil is horribly outdated for Mac OS X.
Macintosh sucks in general. It is by far the shittiest commercial desktop-computer OS.
May 8, 2005, 9:11 AM
Deception
ArchAngel: I see you enjoy uploading my stolen ImmortalBot beta source which is shitty for a number of reasons and generally worthless:

1. It uses NLS.dll since BNCSUtil.dll hadn't been released yet.
2. It's command class (does it even have one in that version?) is shit.
3. It is slow and shitty with unorganized code.
4. There are so many things wrong with it that I can't list them all here.

I welcome any idiot who for some reason wants to download my shitty bot source code from many months ago to do so. I must advise that it is nothing special, unless you need a WarCraft III logon example using NLS.dll.

Interesting that you, ArchAngel, choose to release this source in hopes that it will hurt me in some way. It is equally interesting that you do this after our disagreement over BNLS's usefulness.
May 8, 2005, 9:37 AM
Null
lol, look at all the kids cry because u said BNLS sucks..

As for Kane, your speeches are worthless and are almost as bad as myndfyre's  ???
May 8, 2005, 9:43 AM
QwertyMonster
I think we should let him think what he wants.

He thinks BNLS sucks. Get over it.
May 8, 2005, 10:32 AM
LoRd
[quote author=Deception link=topic=11503.msg111253#msg111253 date=1115355083]
I found a problem with BNLS.

To explain this problem, we must first understand what BNLS does.

BNLS receives your account passwords and CD-Keys in plaintext from the client.
It then hashes them and sends back the hashed value to the client to be sent to Battle.net.

Now, the whole purpose of hashing in the first place is to make it impossible to obtain the password/CD-Key when sending it to Battle.net (through sniffers and what not). You send a hashed value instead of the plaintext value.

So, the problem with BNLS is simple: It defeats the purpose of hashing in the first place.

Unfortunetly this is a problem with only one solution: Stop using BNLS.

It's pointless.
[/quote]

You need to find a better way to get attention.
May 8, 2005, 11:28 AM
Archangel
The scam used NLS or BNLS. (By the time you did it BNCSUtil didnt even was public) [And Binary needed to help you because u couldn't use NLS by your own :(]

"Stolen" source code?
[quote]
you can just do it locally with the PUBLIC code that has been released against the will of the author. NLS.dll is no longer private. Get over it.
[/quote]
You gave this source code to Alan,
you cried about 1 month about this source code, what do you think NLS authors feel for some newb that didnt understand he couldn't use the dll? Actually, you started a topic of NLS telling to authors to stop crying didnt you?
Dude, trust me, you are noone to say things about BNLS, actually like you said this thread isnt an opinion and is a fact, you are flaming the authors of this software so moderators should ban you from using this forums.

Well, thats why i said it was a bad idea to give out a vb source code using BNCSUtil, this a live example of it.

[quote]
*  If you are going to say something that would probably get you punched in the mouth in person, do not say it.
[/quote]

[quote]our disagreement over BNLS's usefulness. [/quote]
Dude you are to immature that you think the problem was because of BNLS after xpalining like 10 times the motive.

[quote]
Also, I don't remember this topic having anything to do with my method of obtaining CD-Keys. Perhaps you are all ignorant to the fact that if you use a CD-Key that isn't from a game you bought, you're using a stolen CD-Key and thus hindering someone's ability to use their game on Battle.net.
[/quote]
Dude you are saying BNLS steals your cdkeys and accounts...
and that people must stop use it, and blah... and you personally are stealing keys and names.. so? whats the deal?

[quote]
Also, it is very immature to post other people's stolen code on these forums when you yourself think using NLS.dll is wrong. You're a hypocrite.
[/quote]
Using NLS is wrong, but like you say stop crying about it.
You are immature, selfish, ignorant, pathetic, etc.. don't come here to tell me what i am, i already know what i am, do you?

[quote]You need to find a better way to get attention. [/quote]
Ok this might be the best post on this forums.

In my point of view we can use w/e we want, we know how BNLS works because its well documented, and we dont want people like you comming here saying it sucks, or saying other software sucks, we dont care actually about what you think, say or try to say.
May 8, 2005, 2:00 PM
Lenny
Still not sure why this thread has not been trashed yet.  It offer's no information to 'Battle.net Bot Development' whatsoever.  It's merely a thread where one person decided to criticize another's program/service for attention.


Are you moderators waiting for Deception to push his luck a little too far? 
May 8, 2005, 3:11 PM
R.a.B.B.i.T
So, Dec, let me get this strait:
[Illegal] Using a stolen library is ok.
[Legal] Using a public system is not.
[Illegal] Stealing CD-Keys and accounts is ok, as long as it's you, and nobody else, doing the stealing.
[Legal] BNLS has the potential to steal thousands upon thousands of CD-Keys and accounts but it DOESN'T because the authors aren't greedy douchefucks and you're just jealous is not ok.
[Fact] You're a whiney little attention whore.

I beleive that about sums it up, right?
May 8, 2005, 3:14 PM
ColT
[quote author=rabbit link=topic=11503.msg111524#msg111524 date=1115565267]
So, Dec, let me get this strait:
[Illegal] Using a stolen library is ok.
[Legal] Using a public system is not.
[Illegal] Stealing CD-Keys and accounts is ok, as long as it's you, and nobody else, doing the stealing.
[Legal] BNLS has the potential to steal thousands upon thousands of CD-Keys and accounts but it DOESN'T because the authors aren't greedy douchefucks and you're just jealous is not ok.
[Fact] You're a whiney little attention whore.

I beleive that about sums it up, right?
[/quote]

Agreed with rabbit.
May 8, 2005, 4:57 PM
shadypalm88
[quote author=Deception link=topic=11503.msg111486#msg111486 date=1115543486]
[quote]
BNCSUtil compiles under OSX and Linux as well.
[/quote]

Well then why hasn't Kane heard about it?

Also note that BNCSUtil is horribly outdated for Mac OS X.
Macintosh sucks in general. It is by far the shittiest commercial desktop-computer OS.
[/quote]As a sidenote, BNCSutil was written almost completely on Mac OS X.  I find it to be the best tool for the job, but YMMV.

It'd be pretty easy to fix up the one broken part for OSX, but there's been no demand for it.
May 8, 2005, 8:54 PM
HdxBmx27
Well I'll add my .5 cents in.
As many people have posted, BNLS is not used tosteal cd-key, or to do anything with sucurit. Except for the fact that it complys with Bnet's methods. Noone who has made/used a bot using BNLS cares that they are sending there cd-keys plain text. If they did they would find a diffrent method to send ther cdkeys. BNCSutil is great, it does the hash function required locally so that there is no need for BNLS, so does BnetAuth, and NLS.dll. but witch two were released publically. ... but thats not the point. The point it, IF people were woirried about the saftie of there private information they they have MORE then enough methods to sucure there information. Be it BNCSutil, BnetAuth, or NLS.dll, there are manny ways to fix this. There is also one more, god forbid!, called JBLS. if you don't trust yourself enough, then you shouldn't be using any sort of bot.

Also like others have osted, BNLS was created for the user-friendlyness. I honsetly think that outweighs the fact that it destroys all sucurity that Blizzard has put into there games. (well not all, but most)
But everyone is entitled to there opinion, that why I am free to post this. But it's jsut your OPINION, not everyone elses.
~-~(HDX)~-~
May 9, 2005, 2:02 AM
tA-Kane
[quote author=Deception link=topic=11503.msg111482#msg111482 date=1115536683]Kane, you should understand that us Windows users have the luxury of a library called BNCSUtil. This means we don't have to use BNLS or reverse the functions ourselves.
It is open source and very simple to use thanks to Cloaked. Maybe if you came to face the harsh reality that Macs are the shittiest computers ever built, you would have known that.[/quote]Maybe I'm just being retarded, but perhaps you could explain to me this hatred you seem to have for me? Maybe because of the fact that after everyone had already torn your reasoning apart piece by piece, I had proceeded to blow it all away with a single post?

[quote author=Deception link=topic=11503.msg111482#msg111482 date=1115536683]
[quote author=Archangel link=topic=11503.msg111468#msg111468 date=1115523214]
Why do you even care if BNLS is stealing your information? If i remember correctly, the keys you currently use are from a scam you created, aren't they? You claim BNLS "steals" cdkeys, right? Why then, do you develop software to get other peoples keys? Wouldn't BNLS "steal" the exact same cdkeys you stole?

Whats the difference between your scam and BNLS? [/quote]

My CD-Key scam program does benefit one person. Me.[/quote]Does BNLS not benefit one person? You cannot say no, because it has benefitted me. So then, I fail to see your point.

[quote author=Deception link=topic=11503.msg111486#msg111486 date=1115543486]
[quote]
BNCSUtil compiles under OSX and Linux as well.
[/quote]

Well then why hasn't Kane heard about it?

Also note that BNCSUtil is horribly outdated for Mac OS X.
Macintosh sucks in general. It is by far the shittiest commercial desktop-computer OS.
[/quote]What gives you the idea that I haven't heard about it? I have heard about it, and I even installed it on a NetBSD machine I own. The machine does not run on any IAxx architecture (eg, the machine cannot run Windows). I have yet to test BNCSUtil, yet I am confident that it will work.

BNCSUtil is not "horribly outdated" for Mac OS X. It is up-to-date, with the exception of a small bug regarding endian issues which no one has shown an interest in being fixed.

Note that this is not an operating system forum (in fact, I don't think there's one to be found anywhere on the Valhalla Legends forums). Why you decided to flame Macintosh when no one else has brought it up is beyond me. However, let me tell you something: I have used both Macintosh and Windows computers for all of my computer life (since I was 3, if you're wondering). While I've used Macs for most of that time, I do use a Windows machine currently. I know the assembly language of both platforms. Taking this into mind, I still believe that Macintoshes are a better operating system built for a better machine architecture. Do you know a lot about Macs? Do you know the hardware of both machines? Have you written software for both machines? I hope so, for your sake, because otherwise you have ZERO rights to bash Macs. It's just like rascism.


A footnote on "stolen" CD keys: every CD key I use was either given to me freely (eg, I asked for a key and someone was kind enough to give it to me) or I purchased it. I fail to understand any legitimate reason someone would want to steal a CD key.


A mod should lock this thread before it turns into Deception throwing fists at people for pwning him purely with words. In fact, it'd be nice if it was trashed.
May 9, 2005, 2:39 AM
UserLoser.
There's no mods to lock the thread.  Kp ran away (probably finals at school), Skywing hasn't been seen on Battle.net or on the forum in months, Spht disappeared, Arta seems to hardly visit this, Grok ?? same as Skywing (probably wow'd)
May 9, 2005, 3:27 AM
Lenny
We'll I've seen Adron active in the forums.  But I'm assuming Administrators don't deal with moderation issues.

I hope this thread won't remain neglected for too long.  Before we know it, these forums could be filled with useless topics like this.....
May 9, 2005, 3:39 AM
UserLoser.
[quote author=Lenny link=topic=11503.msg111629#msg111629 date=1115609948]
We'll I've seen Adron active in the forums.  But I'm assuming Administrators don't deal with moderation issues.

I hope this thread won't remain neglected for too long.  Before we know it, these forums could be filled with useless topics like this.....
[/quote]

There's hardly any topics in here that are actually bot development.  There's crap like i don't know vb do this for me and how do you do this, what's wrong when documentation is right in front of me, i'm advertising this, crap like this, etc
May 9, 2005, 4:36 AM
Archangel
Wouldnt it be better moving this to:
Stupid People Arguing About Stupid Things Forum?
May 9, 2005, 4:43 AM
UserLoser.
[quote author=Archangel link=topic=11503.msg111633#msg111633 date=1115613829]
Wouldnt it be better moving this to:
Stupid People Arguing About Stupid Things Forum?
[/quote]

Yes, but who will move it?
May 9, 2005, 4:44 AM
Skeptical
Actually um, Let me throw this out to you,

I'm too lazy to click firefox and download hash files, then put them in folders, I'd rather just put my info in and hit connect. It seems to be an easy thing to do these days. I'd just rather not deal with the hassle unless i need to.

There, I just proved that i use BNLS for something, therefore everyone can move on because this post has been proven incorrect.
May 9, 2005, 5:43 AM
shout
Still not locked/deleted/moved...
May 9, 2005, 6:17 AM
UserLoser.
[quote author=Shout link=topic=11503.msg111640#msg111640 date=1115619436]
Still not locked/deleted/moved...
[/quote]

[quote author=UserLoser link=topic=11503.msg111623#msg111623 date=1115609268]
There's no mods to lock the thread.  Kp ran away (probably finals at school), Skywing hasn't been seen on Battle.net or on the forum in months, Spht disappeared, Arta seems to hardly visit this, Grok ?? same as Skywing (probably wow'd)
[/quote]
May 9, 2005, 6:42 AM
OnlyMeat
Clearly some mods are monitoring this thread and others as my post about kp's narrow minded attitude towards post deletion was deleted. Which proves my point perfectly.
May 9, 2005, 10:41 AM
iago
I asked to moderate this forum awhile back, but they decided that there was already plenty of moderation.  So what can I say?
May 9, 2005, 12:05 PM
Deception
[quote author=iago link=topic=11503.msg111671#msg111671 date=1115640339]
I asked to moderate this forum awhile back, but they decided that there was already plenty of moderation.  So what can I say?
[/quote]

You can say that there is no reason to delete this topic.

I am pointing out a flaw in the functionality of BNLS. BNLS pertains to Battle.net bot development.
May 9, 2005, 1:21 PM
QwertyMonster
[quote author=UserLoser link=topic=11503.msg111641#msg111641 date=1115620955]
[quote author=Shout link=topic=11503.msg111640#msg111640 date=1115619436]
Still not locked/deleted/moved...
[/quote]

[quote author=UserLoser link=topic=11503.msg111623#msg111623 date=1115609268]
There's no mods to lock the thread. Kp ran away (probably finals at school), Skywing hasn't been seen on Battle.net or on the forum in months, Spht disappeared, Arta seems to hardly visit this, Grok ?? same as Skywing (probably wow'd)
[/quote]
[/quote]


They need MORE moderators..  and admins.
May 9, 2005, 2:52 PM
shout
[quote author=Deception link=topic=11503.msg111676#msg111676 date=1115644891]
[quote author=iago link=topic=11503.msg111671#msg111671 date=1115640339]
I asked to moderate this forum awhile back, but they decided that there was already plenty of moderation.  So what can I say?
[/quote]

You can say that there is no reason to delete this topic.

I am pointing out a flaw in the functionality of BNLS. BNLS pertains to Battle.net bot development.
[/quote]

Stfu. Just shut up. Nobody here cares. Go be the center of attention somewhere else. There is no flaw in BNLS, there is a flaw in your logic.
May 9, 2005, 4:07 PM
iago
[quote author=Deception link=topic=11503.msg111676#msg111676 date=1115644891]
[quote author=iago link=topic=11503.msg111671#msg111671 date=1115640339]
I asked to moderate this forum awhile back, but they decided that there was already plenty of moderation.  So what can I say?
[/quote]

You can say that there is no reason to delete this topic.

I am pointing out a flaw in the functionality of BNLS. BNLS pertains to Battle.net bot development.
[/quote]

Yeah, but it would still be better off in the Stupid Argument forum.

Don't get me wrong, I agree with you 100% that BNLS is silly.  Blizzard went through lots of work to make War3 secure by using an advanced authentication algorithm, and BNLS totally subverted it by allowing users to send their passwords in plain text.  It's actually pretty humorous, in my opinion.

I don't use BNLS, ever.  I won't use any bot that uses BNLS.  If you don't like it, then you also shouldn't use it.  As long as people understand the risk that they're taking, and are willing to accept the possibility that on any or all given BNLS logins there's a very real possibility of having their account stolen by a third party, then there isn't much we can do to stop them. 

That being said, I think that all bots that use BNLS should have a disclaimer stating what I just said ("Warning: on any/all logins it is possible for your password to be stolen by a third party who's in the right place").  It's just polite to let users know that they're risking their credentials.
May 9, 2005, 5:28 PM
QwertyMonster
I dont use BNLS either! Hashes all the way baby! :P
May 9, 2005, 5:50 PM
Archangel
I dont use BNLS either, but people comming around and insulting someone else software is pathetic.
May 9, 2005, 6:17 PM
OnlyMeat
[quote author=iago link=topic=11503.msg111671#msg111671 date=1115640339]
I asked to moderate this forum awhile back, but they decided that there was already plenty of moderation.  So what can I say?
[/quote]

Well, it couldn't get any worse, especially when you have moderators like kp running things.
May 9, 2005, 6:21 PM
Topaz
</burn>
May 9, 2005, 6:23 PM
Lenny
Deception is stating that the entire BNLS system is useless.  Clearly an opinion and not a fact as has been made clear by the posts in this thread. 

Personally, I'm not going to state my opinion about BNLS because this is NOT the place to do it. 

Also, I'm going to mention again that regarding the uses of BNLS with password and cdkey hashing has already been covered in another topic.  But I will say that the author of that thread articulated the subject better than Deception has.  (And also correctly)
May 9, 2005, 6:58 PM
Quarantine
Doing everything locally in some languages is horribly inefficient and I'd rather use a free service provided by a trusted establishment. Even with the recent DLLs that have been made, it still requires horrible modification of a client to support that DLL, as where BNLS I can put into my clients gracefully withought having hundreds of refrences.
May 9, 2005, 9:39 PM
R.a.B.B.i.T
[quote author=Deception link=topic=11503.msg111676#msg111676 date=1115644891]
[quote author=iago link=topic=11503.msg111671#msg111671 date=1115640339]
I asked to moderate this forum awhile back, but they decided that there was already plenty of moderation.  So what can I say?
[/quote]

You can say that there is no reason to delete this topic.

I am pointing out a flaw in the functionality of BNLS. BNLS pertains to Battle.net bot development.
[/quote]How is userfriendlyness a flaw?  Are you that retarded?
May 9, 2005, 10:05 PM
Arta
[quote author=Deception link=topic=11503.msg111676#msg111676 date=1115644891]
I am pointing out a flaw in the functionality of BNLS. BNLS pertains to Battle.net bot development.
[/quote]

It is not a flaw. You are expecting BNLS to meet an objective that was not among its design goals. BNLS was designed to enhance Battle.net's ease of use, not its security.
May 9, 2005, 10:20 PM
Deception
[quote author=QwertyMonster link=topic=11503.msg111708#msg111708 date=1115661043]
I dont use BNLS either! Hashes all the way baby! :P
[/quote]

Funny how a minute ago you were completely hating on me for saying I don't use BNLS and once Iago sides with me you change your mind. It goes to show that you are a follower.
May 9, 2005, 10:47 PM
Deception
Someone seriously needs to delete this thread. It was stupid to post this here. I should have realized that all you kids can't have a serious discussion and it would lead to your pathetic flaming.
May 9, 2005, 10:48 PM
Null
Just face it loooozerz BNLS Sucks  8)
May 9, 2005, 11:23 PM
HdxBmx27
God, are you retarded? Anywho not to argue, but stop posting people, and let this dammen thread die if no mods are ehre to delete/close it.
~-~(HDX)~-~
May 9, 2005, 11:29 PM
Null
no we must let everyone know that BNLS is the worst!  >:(
May 9, 2005, 11:35 PM
Myndfyr
[quote author=HdxBmx27 link=topic=11503.msg111782#msg111782 date=1115681381]
God, are you retarded? Anywho not to argue, but stop posting people, and let this dammen thread die if no mods are ehre to delete/close it.
~-~(HDX)~-~
[/quote]

Are you asking God if He is retarded?  :P
(I figured that this topic is already off-topic enough for me to be able to make a stupid post.  Get off me).
May 9, 2005, 11:45 PM
Null
Hey i do it all the time! no problem!
May 9, 2005, 11:48 PM
Networks
[quote author=effect link=topic=11503.msg111780#msg111780 date=1115680996]
Just face it loooozerz BNLS Sucks  8)
[/quote]

Lies! It has it's usefulness, I don't personally use it anymore but I don't go about publically announcing I hate it or anything. If you don't use it why do you care whether other do?

hm..........iago is a butthead! (yes butthead dammit!)

[me=Networks]ponders how many threads we can go! Lets break a world record guys![/me]
May 10, 2005, 12:51 AM
HdxBmx27
[quote author=Networks link=topic=11503.msg111793#msg111793 date=1115686314]
[me=Networks]ponders how many threads we can go! Lets break a world record guys![/me]
[/quote]

1085 pages??? holy crap. (Ive seent his befor, but hte site it was on got shutdown.)
~-~(HDX)~-~
May 10, 2005, 12:56 AM
Quarantine
I personally don't agree with iago on this matter and never have. I think that if you're scared to send some data to a server because you fear people are out to get you and take your password, then you should get off the internet. Anyone who says BNLS is insecure is paranoid. Period.
May 10, 2005, 1:00 AM
UserLoser.
[quote author=Warrior link=topic=11503.msg111797#msg111797 date=1115686819]
I personally don't agree with iago on this matter and never have. I think that if you're scared to send some data to a server because you fear people are out to get you and take your password, then you should get off the internet. Anyone who says BNLS is insecure is paranoid. Period.
[/quote]

Anyone who says sending data for a free gaming service in plain text and whines about security is paranoid
May 10, 2005, 1:13 AM
Quarantine
ooook.,
May 10, 2005, 1:55 AM
Deception
[quote author=UserLoser link=topic=11503.msg111802#msg111802 date=1115687637]
[quote author=Warrior link=topic=11503.msg111797#msg111797 date=1115686819]
I personally don't agree with iago on this matter and never have. I think that if you're scared to send some data to a server because you fear people are out to get you and take your password, then you should get off the internet. Anyone who says BNLS is insecure is paranoid. Period.
[/quote]

Anyone who says sending plain text data for a free gaming service in plain text is paranoid
[/quote]

?
May 10, 2005, 5:38 AM
UserLoser.
[quote author=Deception link=topic=11503.msg111831#msg111831 date=1115703496]
[quote author=UserLoser link=topic=11503.msg111802#msg111802 date=1115687637]
[quote author=Warrior link=topic=11503.msg111797#msg111797 date=1115686819]
I personally don't agree with iago on this matter and never have. I think that if you're scared to send some data to a server because you fear people are out to get you and take your password, then you should get off the internet. Anyone who says BNLS is insecure is paranoid. Period.
[/quote]

Anyone who says sending plain text data for a free gaming service in plain text is paranoid
[/quote]

?
[/quote]

Oops, that makes no sense.  Fixed
May 10, 2005, 12:44 PM
QwertyMonster
Why dont we just face that he doesn't like it and get on with life? :P
May 10, 2005, 2:49 PM
Adron
[quote author=Deception link=topic=11503.msg111253#msg111253 date=1115355083]
BNLS receives your account passwords and CD-Keys in plaintext from the client.
It then hashes them and sends back the hashed value to the client to be sent to Battle.net.

Now, the whole purpose of hashing in the first place is to make it impossible to obtain the password/CD-Key when sending it to Battle.net (through sniffers and what not). You send a hashed value instead of the plaintext value.

So, the problem with BNLS is simple: It defeats the purpose of hashing in the first place.
[/quote]

For Starcraft and similar cdkeys, BNLS doesn't actually defeat the purpose of hashing the cd key. This is because the unknown part of the cd key is so small as to be easily brute forceable if you can obtain a dump of the packets exchanged between client and server.

For the rest, what BNLS does is offer you freedom of choice. You can use BNLS for everything, at the same security level as connecting to battle.net with a chat gateway bot. You can use BNLS for the version check calculations only, to save you from having the game files locally. Or you can not use BNLS at all.

The freedom is yours.
May 10, 2005, 3:20 PM
Adron
[quote author=Lenny link=topic=11503.msg111629#msg111629 date=1115609948]
We'll I've seen Adron active in the forums.  But I'm assuming Administrators don't deal with moderation issues.
[/quote]

I try to avoid moderating forums that I'm not a moderator of. I will occasionally, if I think the post is bad enough, but I'll prefer to then ban the users involved instead.


Edit: Besides, if I did, I'd have to think more carefully about what I post. I post off-topic things on forums now and then, and then I like to see moderators trashing my posts. If I was a moderator on the forum, I'd have to remove my own posts, and that would be such a waste of time.
May 10, 2005, 3:30 PM
Stealth
The fact of the matter is that the OP is a troll. This entire thread is a deliberate attention grab and contains not a single productive post except iago's and Kane's.  >:(
May 10, 2005, 3:40 PM
iago
[quote author=Adron link=topic=11503.msg111856#msg111856 date=1115738455]
[quote author=Deception link=topic=11503.msg111253#msg111253 date=1115355083]
BNLS receives your account passwords and CD-Keys in plaintext from the client.
It then hashes them and sends back the hashed value to the client to be sent to Battle.net.

Now, the whole purpose of hashing in the first place is to make it impossible to obtain the password/CD-Key when sending it to Battle.net (through sniffers and what not). You send a hashed value instead of the plaintext value.

So, the problem with BNLS is simple: It defeats the purpose of hashing in the first place.
[/quote]

For Starcraft and similar cdkeys, BNLS doesn't actually defeat the purpose of hashing the cd key. This is because the unknown part of the cd key is so small as to be easily brute forceable if you can obtain a dump of the packets exchanged between client and server.

For the rest, what BNLS does is offer you freedom of choice. You can use BNLS for everything, at the same security level as connecting to battle.net with a chat gateway bot. You can use BNLS for the version check calculations only, to save you from having the game files locally. Or you can not use BNLS at all.

The freedom is yours.

[/quote]

What you said is true for Starcraft and possibly War2/Diablo2.  And for cdkeys only.  War3 does a much better job of concealing the important information.
May 10, 2005, 5:28 PM
tA-Kane
Doesn't WarCraft 3 do the same job of concealing cdkeys as StarCraft does? Remember that StarCraft has been patched to use 0x51.
May 11, 2005, 1:09 AM
R.a.B.B.i.T
[quote author=HdxBmx27 link=topic=11503.msg111794#msg111794 date=1115686566]
[quote author=Networks link=topic=11503.msg111793#msg111793 date=1115686314]
[me=Networks]ponders how many threads we can go! Lets break a world record guys![/me]
[/quote]

1085 pages??? holy crap. (Ive seent his befor, but hte site it was on got shutdown.)
~-~(HDX)~-~
[/quote]http://vbforums.com/showthread.php?p=2004246&highlight=Post+Race#post2004246
1144 pages.
May 11, 2005, 7:43 PM
Adron
[quote author=iago link=topic=11503.msg111869#msg111869 date=1115746124]
[quote author=Adron link=topic=11503.msg111856#msg111856 date=1115738455]
For Starcraft and similar cdkeys, BNLS doesn't actually defeat the purpose of hashing the cd key. This is because the unknown part of the cd key is so small as to be easily brute forceable if you can obtain a dump of the packets exchanged between client and server.

For the rest, what BNLS does is offer you freedom of choice. You can use BNLS for everything, at the same security level as connecting to battle.net with a chat gateway bot. You can use BNLS for the version check calculations only, to save you from having the game files locally. Or you can not use BNLS at all.

The freedom is yours.

[/quote]

What you said is true for Starcraft and possibly War2/Diablo2.  And for cdkeys only.  War3 does a much better job of concealing the important information.
[/quote]

Passwords for War3 are hard to brute force. For Starcraft etc, they're doable. But either way, I see no big problem sending b.net passwords in cleartext across the Internet. I send pop3 or imap passwords in cleartext all the time, and those would be a much bigger pain to lose. If someone got my b.net password, I could always do password recovery through e-mail on it.

The important thing to protect is your cd key, and for cd keys you can't say any of the battle.net games are safe. If you get a packet log of the login sequence from any client, you would be able to brute force the raw cd key within a very reasonable time.
May 12, 2005, 3:26 PM
iago
[quote author=Adron link=topic=11503.msg112254#msg112254 date=1115911615]
[quote author=iago link=topic=11503.msg111869#msg111869 date=1115746124]
[quote author=Adron link=topic=11503.msg111856#msg111856 date=1115738455]
For Starcraft and similar cdkeys, BNLS doesn't actually defeat the purpose of hashing the cd key. This is because the unknown part of the cd key is so small as to be easily brute forceable if you can obtain a dump of the packets exchanged between client and server.

For the rest, what BNLS does is offer you freedom of choice. You can use BNLS for everything, at the same security level as connecting to battle.net with a chat gateway bot. You can use BNLS for the version check calculations only, to save you from having the game files locally. Or you can not use BNLS at all.

The freedom is yours.

[/quote]

What you said is true for Starcraft and possibly War2/Diablo2.  And for cdkeys only.  War3 does a much better job of concealing the important information.
[/quote]

Passwords for War3 are hard to brute force. For Starcraft etc, they're doable. But either way, I see no big problem sending b.net passwords in cleartext across the Internet. I send pop3 or imap passwords in cleartext all the time, and those would be a much bigger pain to lose. If someone got my b.net password, I could always do password recovery through e-mail on it.

The important thing to protect is your cd key, and for cd keys you can't say any of the battle.net games are safe. If you get a packet log of the login sequence from any client, you would be able to brute force the raw cd key within a very reasonable time.

[/quote]

That's true, the email recovery is quite helpful.

I hate pop3, I use SSL to connect to it on every server (except vL's..).  I also don't use non-anonymouse FTP.
May 12, 2005, 6:05 PM
Arta
[quote author=Stealth link=topic=11503.msg111862#msg111862 date=1115739629]
The fact of the matter is that the OP is a troll. This entire thread is a deliberate attention grab and contains not a single productive post except iago's and Kane's.  >:(
[/quote]

*And Arta's :P
May 12, 2005, 8:48 PM
Deception
[quote author=Warrior link=topic=11503.msg111797#msg111797 date=1115686819]
I personally don't agree with iago on this matter and never have. I think that if you're scared to send some data to a server because you fear people are out to get you and take your password, then you should get off the internet. Anyone who says BNLS is insecure is paranoid. Period.
[/quote]

You don't agree with iago for one reason.

That reason is that Iago agrees with me and you can't admit when you're wrong (much like various other heavy posters here).
May 20, 2005, 9:57 PM

Search