I am having trouble adding realm support to my bot.

From looking at https://davnit.net/bnet/vL/phpbbs/index.php?topic=11383.0 I assume I start by sending 0x40 after logging in with 0x3A.

I have no idea what the difference between 0x40 and 0x34 are because they seem to do almost the same thing, but I used 0x40 because it was used in that sequence information. I recieved the realm name to send in 0x3E (Europe).

Because I am using BNLS, I hash "password" by sending 0x0B, I didn't know what to put as the client and server key. Leaving them blank disconnects me from BNLS, so I just put the information I put for hashing the login password. Here is the packet I am sending to BNLS.

[code]0000: 1B 00 0B 08 00 00 00 02 00 00 00 70 61 73 73 77  .......passw
0010: 6F 72 64 4E E8 CB 73 E7 D2 5C 3C                ordNèËsçÒ\<.....
[/code]

After that I recieve the response and stick it into packet 0x3E to get the server to connect to. Here is the packet I am sending.

[code]0000: FF 3E 23 00 00 00 00 00 C9 2C 83 9D 1B E2 E8 36  ÿ>#.....É,ƒ?âè6
0010: 66 87 76 5D 14 6D 98 C5 AC 24 6D 96 45 75 72 6F  f‡v]m˜Å¬$m–Euro
0020: 70 65 00                                        pe..............
[/code]

I get a response but I recieve the status is 0x80000002 (Realm logon failed). I think its an error in hashing "password" but I don't know what I'm doing wrong.

Also, I noticed that the ip address returns in a dword. Isnt an ip address xx.xx.xxx, how do I connect to that ip address?

1) You must send 0x0A before attempting to connect to realm.
2) The IP is a DWORD where it goes first byte.second byte.third byte.fourth byte
3) Client key is your GetTickCount (although you do not have to use that, using any number will pretty much work) and Server Key is the Server Token value you receive in S->C 0x50.

I am now sending 0x0A before I send 0x40.

I was sending Server Key correctly, but I changed Client key to GetTickCount, and I am still getting realm logon failed.

try using the samer exact client token for the hash, as you did for the hashing in 0x51 (CD-Key hashing)
or 0x29 if it's diffrent.
~-~(HDX)~-~

I tried, it still gives me failed realm login.

Wouldn't BNET disconnect me if I submitted the wrong hash data? Am I doing something else wrong?

Set the 'cookie' in your 0x3E packet to your client token, not the cookie form 0x0B.
If that dosent work, pease post the code for what your doing.
~-~(HDX)~-~

In 0x3E I send 0x01 for the cookie and it works fine. I also tested 0x00... 0x00 DOES NOT work.

EDIT: l2k-Shadow - I tried 0x01 as I cookie and I still recieve that error

Nope not working. I have no idea where you want me to post my code from, So I'll guess I'll post it from right after I pass 0x3A.

[code]Select Case Asc(Mid(data, 5, 1))
    Case &H0 '// Login Information Correct

        buffer.InsertNTString GetFromINI("Connection", "Username", "", App.Path & "\config.ini")
        buffer.InsertBYTE &H0
        buffer.SendPacket &HA
...
(code continues on to deal with invalid login information)
[/code]

That code executes after it recieves 0x3A

.. This code executes when 0x0A is recieved.

[code]
UsernameLogged = KillNull(Mid(data, 5))
MainFRM.bnet.SendData Chr(&HFF)
MainFRM.bnet.SendData Chr(&H40)
MainFRM.bnet.SendData MakeWORD(4)
'//Sends packet 0x40, its empty.
[/code]

And when 0x40 is recieved.

[code]
'//RealmToConnect is a private vairable in the module.
If GetDWORD(Mid(data, 9, 4)) = 1 Then
RealmToConnect = KillNull(Mid(data, 17))
Else
RealmToConnect = GetFromIni("Connection", "Realm", "", App.Path & "\config.ini")
End if

OntoRealms = True '//Private module boolean

buffer.Clear
buffer.InsertDWORD Len("password")
buffer.InsertDWORD &H2
buffer.InsertNonNTString "password"
buffer.InsertDWORD GetTickCount
buffer.InsertDWORD sessionkey '//obtained from 0x50
buffer.SendBNLSPacket &HB
[/code]

And my code for when 0x0B is recieved..

[code]
HashedData =  Mid(Data, 4)

If OntoRealms = True Then

      buffer.Clear
      buffer.InsertDWORD sessionkey '//cookie
      buffer.InsertNonNTString HashedData
      buffer.InsertNTString RealmToConnect
      buffer.SendPacket &H3E

Else
...
[/code]

0x3E returns with realm logon failed.

[quote author=MindArchon link=topic=12967.msg130097#msg130097 date=1128563075]
Because I am using BNLS, I hash "password" by sending 0x0B, I didn't know what to put as the client and server key. Leaving them blank disconnects me from BNLS, so I just put the information I put for hashing the login password. Here is the packet I am sending to BNLS.

[code]0000: 1B 00 0B 08 00 00 00 02 00 00 00 70 61 73 73 77  .......passw
0010: 6F 72 64 4E E8 CB 73 E7 D2 5C 3C                 ordNèËsçÒ\<.....
[/code]

After that I recieve the response and stick it into packet 0x3E to get the server to connect to. Here is the packet I am sending.

[code]0000: FF 3E 23 00 00 00 00 00 C9 2C 83 9D 1B E2 E8 36  ÿ>#.....É,ƒ?âè6
0010: 66 87 76 5D 14 6D 98 C5 AC 24 6D 96 45 75 72 6F  f‡v]m˜Å¬$m–Euro
0020: 70 65 00                                         pe..............
[/code]
[/quote]
Hm, iv never once used BNLS, but im presuming your client and server key are 4E E8 CB 73 E7 D2 5C 3C from checking bnet docs.
Inorder for bnet to check the realm password, it needs to know the client token used in the client side hash (it already knows your server key), but your useing 4E E8 CB 73 as your client token in the hashing, and then telling bnet you did the hash with a null value.
AFAIK, client tokens cant be set to 0.
I think if you were to send it like this:
[code]0000: FF 3E 23 00 4E E8 CB 73 C9 2C 83 9D 1B E2 E8 36  ÿ>#.....É,ƒ?âè6
0010: 66 87 76 5D 14 6D 98 C5 AC 24 6D 96 45 75 72 6F  f‡v]m˜Å¬$m–Euro
0020: 70 65 00                                         pe..............
[/code]
It would have worked.
And im not sure sending 0x0A before logging on a realm char is a good idea.

Hope this helps

Thanks Ringo!

Your response helped me to get it to work. Now a few questions.

So do I just do something like

[code]rPort = GetDWORD(Mid(data, 25, 4))

rIP = Asc(Mid(data, 21, 1)) & "." & Asc(Mid(data, 22, 1)) & "." & Asc(Mid(data, 23, 1)) & "." & Asc(Mid(data, 24, 1))

winsock.Connect rIP, rPort[/code]

Because its not connecting.

I think u have to htons() the port, but you don't have to parse the port... it will always be 6112.

Connection works fine, but im my response to 0x01 I am recieving an unknown result according to bnetdocs

Here I am sending 0x01

[code]0000: 4D 00 01 70 5A 64 78 8D FA 07 DC D3 E9 00 35 3B  M.
pZdx?úÜÓé.5;
0010: 1A 28 00 00 00 00 00 FE 69 90 06 EB 82 6D A7 50  (.....þi?ë‚m§P
0020: 58 32 44 36 38 58 49 D3 E9 00 35 00 00 00 00 61  X2D68XIÓé.5....a
0030: 03 0A 77 51 30 EB 6E 9E 88 3B C5 AB F3 42 5F F0  .wQ0ënžˆ;Å«óB_ð
0040: 17 EE 48 74 65 73 74 61 63 63 35 35 00          îHtestacc55....[/code]

And here is the response.

[code]0000: 07 00 01 7E 00 00 00                            .
~............[/code]

Sorry guys, its just that I've never even looked at realms before.

I am sending the full 16 dwords of the data returned in 0x3E.

Make sure you send the header byte 0x01 before sending the packet 0x01.  Also a log of response to 0x3E would help in making sure you are sending the correct information in 0x01.

Ok. Here is the code I am sending when the winsock realm connects.

[code]MCPsck.SendData Chr(1)

buffer.Clear
buffer.InsertNonNTString MCP1
buffer.InsertNonNTString MCP2
buffer.InsertNTString BNCSu
buffer.SendPacketRealm &H1[/code]

Here is part of the code I use to parse 0x3E

[code]MCP1 = Mid(data, 5, 16)
MCP2 = Mid(data, 29, 48)
BNCSu = KillNull(Mid(data, 77))[/code]

And here is the response to 0x3E

[code]0000: FF 3E 58 00 BF E1 D0 78 70 6F 1B B6 D3 E9 00 35  ÿ>X.¿áÐxpo¶Óé.5
0010: 02 25 28 00 D3 E9 30 09 17 E0 00 00 00 00 00 00  %(.Óé0.à......
0020: FE 69 90 06 EB 82 6D A7 50 58 32 44 36 38 58 49  þi?ë‚m§PX2D68XI
0030: D3 E9 00 35 00 00 00 00 66 E9 F9 3D D3 2E 7F FF  Óé.5....féù=Ó.ÿ
0040: 03 25 26 AB F3 99 F1 33 F4 79 24 EF 74 65 73 74  %&«ó™ñ3ôy$ïtest
0050: 61 63 63 35 35 00 63 35                          acc55.c5........[/code]

Hmm that should work... if it still doesn't try using a different bnet server

I still recieve the error. It does not matter what server I connect to.

Does anyone know what response 7E is?

EDIT:

Strange, upon changing the account I was connecting with, the status changed to 0, meaning it was a success.

I've got a gut fealing it means cdkey disabled from realm play, or temp ip ban/restriction.
If you say you get it on all servers, it might be cdkey releated :(

[edit]: lucky :D
maybe it means account disabled from realm play :P

Actually the problem WAS with the CD-key. I changed that and it gave me 0x00

Strangely, that cd-key seemed to be banned across all servers

Thanks guys, I got it working