Valhalla Legends Forums Archive | Battle.net Bot Development | Clearing some things up...?

AuthorMessageTime
GoaL
Well, I try to keep my self updated with the current ideas and solutions to Blizzards constant battle against us rogue programmers, that continue to play tit for tat with them. However the recent solutions confuse me, to my knowledge there is only 3 solutions:

BNLS (Obvious)
A Connection Caching Databae (Which to my knowledge was fooled, but the way I understood it, they only added a few thousand more values, is that true or is this been completely patched out)
"warz"'s fix (Calling the data right out of the files themselves with some API calls, but I was told this was a theroy not a reality..)

I'm just looking for some clarification on what all is going on. I've been learning C#, and am awaiting MyndFyre's additon of BNLS to MBNCSUtil, however if there is a non-bnls solution, I would like to incorporate it into my projects. Thanks for anything you can tell me.
February 1, 2007, 7:49 AM
MysT_DooM
the database still works fine. 

also i dont think warz fully reversed lockdown. you can check his website, i still think it has his research on it.
February 1, 2007, 3:32 PM
Smarter
Ok, my name is fixed now (Goal Here), which database is the most complete? Also, I only see usage sources out in VB... Porting isn't my special, lol.
February 2, 2007, 8:19 PM
l2k-Shadow
all you have to do is see how the file is arranged.. then you can write your own buffer for processing queries.
February 3, 2007, 1:57 AM
Ante
[quote author=GoaL link=topic=16227.msg163723#msg163723 date=1170316141]

A Connection Caching Databae (Which to my knowledge was fooled, but the way I understood it, they only added a few thousand more values, is that true or is this been completely patched out)

[/quote]
it's been completely patched out. a friend of mine tested (on the 19th or something of january) all of the 1998 values that were logged by me (on the 6th to 9th of january) and converted to better form by hdx (on around the 14th).
of several thousand connection attempts, none were in the database of 1998 checkrevisions. this was done without the use of bnls.
this shows that bnet either switched the values to anotehr 2000, or made it fully random
February 3, 2007, 6:33 PM
MysT_DooM
no it hasnt been completely patched out.
Clicky
February 3, 2007, 6:51 PM
Ante
hm...if it works, does anyone have at least 50% of the checkrevisons?

unless connections are done en masse, logging them would be way too slow...
February 3, 2007, 8:29 PM
MysT_DooM
[quote author=Ante link=topic=16227.msg163823#msg163823 date=1170534583]
hm...if it works, does anyone have at least 50% of the checkrevisons?
[/quote]

yes people do
February 3, 2007, 8:31 PM
Ante
if someone has it, could they post a link?
February 3, 2007, 8:36 PM
MysT_DooM
[quote author=Ante link=topic=16227.msg163825#msg163825 date=1170534987]
if someone has it, could they post a link?
[/quote]

No, they shud keep it to themselves
February 3, 2007, 8:49 PM
Hell-Lord
http://rcb.realityripple.com/CREV/list.php

this should help
February 3, 2007, 11:29 PM
BreW
hey guys, i'm back ;]
and no, topaz im not deleting my account again sorry

Okay, we know even if we do "collect" all the possible checksums we need, blizzard is just one click away from screwing it up on us again. This is a very, bad temporary solution seeing how they added a much larger amount of possible checksum "formulas". This was obviously directed torwards bots, because it was patched literally 2 days after all these checkrevision database .dlls or .ocxes started popping up. It seems the only (semi) permanent solution for the lockdown mpqs is to acually solve it. I just came up with this idea, a little while ago. Probably someone more experienced in reverse engineering can get the specifics.... But, the checkrevision is a function. And some value must be passed to it, such as a hash of the memory. This memory hash MUST be the exact same for every call of the checkrevision function (must be confirmed because of blizzard's new required work mpqs) since the bits of memory taken in account for are the same for every patch, and this value is passed to the mpq specific function which is then hashed with the checksum formula and then creates a viable value for the checksum, which blizzard's server calculates then compares your reported checksum with it's value. If it is the same, you pass. Different, you phail. So what I'm basically trying to say, is that someone with much experience with reverse engineering should be able to pull a value out, namely the one being passed to checkrevision then use the mpq's formula to calculate it then send to bnet. Correct me if I'm wrong with any of this.

Also please note, this ever growing collection of the checkrevision data is what Ante previously referred to as "brute forcing" the checkrevision, and had received bad publicity from vL-types in the past. I have no clue why you people are supporting it in lieu of a permanent and certainly more intelligable solution.
February 4, 2007, 12:51 AM
Barabajagal
Two problems:
1) the checksum hash is derived from memory values of (publicly) unknown size. if you do reverse the function and find out what memory it reads and hashes, that memory will have to be stored, and changed whenever a new update for a client comes out (similar to hash files of old).
2) once we reverse it, blizzard's just gonna release lockdown 2.0, or something worse. If they ever enforce perfect emulation in all forms, most all the bots are gonna be screwed, since most people don't even call SID_CHECKAD.
February 4, 2007, 12:59 AM
BreW
1). I ment to also state this, but forgot. Yes, I know it would need to be re-fixed every patch, but that's what we had to do with what we called hash files in the past also, except this is "different" in some ways. In time, we will be able to find an easier way to retrieve this value. And yes, it may be varible length but don't forget some debuggers have advanced options to find values such as that. For now, I'm assuming it is 32 bits.
2). If Blizzard does enforce complete emulation, it wouldn't matter. All bots would have to evolve, along with the rest of Battle.net itself. And please, don't forget they hound these forums like dogs and you certainly don't want to give blizzard any new ideas, do you :]

My point is, we can't use BNLS for everything. Skywing should indeed release his way of formulating the checksum. There is no harm in it. And as for "massload" bots, they have been getting around fine using BNLS so far. Releasing the solution won't effect much but make bot development as a whole much easier.
February 4, 2007, 1:09 AM
Barabajagal
You can get the values yourself by running the game and spoofing the server. I've done so many times. It's how I get values for my online cache database for games that BNLS doesn't support. I don't know how Skywing does BNLS, but he could be doing the same thing using VMWare or something of the sort, or spoofing the games some other way without having the actual function.
Also, I highly doubt blizzard hasn't thought of almost any new ideas we have regarding their system. They just wait for us to catch up to them so they can push our faces in the mud and run ahead again.

NP topaz.
February 4, 2007, 1:15 AM
BreW
Can you fuck off, Melissa Ye***?
Keep going, I might have to ctrl+v your contact info.

Anyways @ Ripple, true. He (may) still be using the old window hook method. And haha, the blizzard dev team is probably bored out of their minds and wait for us to say something that sounds like a good idea to smash up battle.net connection emulators again, then we say to ourselves "d'oh shouldn'tve said that" because they used our ideas. And by this, I'm saying it's definate that they have been updating the server for countermeasures against not only hacks, but bots too.
February 4, 2007, 1:16 AM
Barabajagal
Of course they will. The day after lockdown came out, I asked a blizzard rep about it in Blizzard Tech Support. After badgering him and being kicked out twice, he finally admitted it was an anti-bot measure.
February 4, 2007, 1:23 AM
BreW
[quote author=Ripple link=topic=16227.msg163878#msg163878 date=1170552186]
Of course they will. The day after lockdown came out, I asked a blizzard rep about it in Blizzard Tech Support. After badgering him and being kicked out twice, he finally admitted it was an anti-bot measure.
[/quote]

First, you go on battle.net? And also, what rep did you ask? How would he know? They are just tech support, after all. The blizzard dev team is the only one who should know about these countermeasures anyways.
February 4, 2007, 1:30 AM
Skywing
[quote author=BreW link=topic=16227.msg163870#msg163870 date=1170551767]
Can you fuck off, Melissa Ye***?
Keep going, I might have to ctrl+v your contact info.

Anyways @ Ripple, true. He (may) still be using the old window hook method. And haha, the blizzard dev team is probably bored out of their minds and wait for us to say something that sounds like a good idea to smash up battle.net connection emulators again, then we say to ourselves "d'oh shouldn'tve said that" because they used our ideas. And by this, I'm saying it's definate that they have been updating the server for countermeasures against not only hacks, but bots too.
[/quote]

I don't think that Blizzard considers emubots worth serious developer time at this point.  That's not to say that they won't seize the opportunity if there is a trivial change that can make life harder for emubot developers, but the main source of customer pain on Battle.net that Blizzard is attempting to alleviate is game hacks and not bots.

In other words, Blizzard has bigger fish to fry with their counter-hack team than a couple of bot developers.  Spam bots and the like might be annoying, but, say, disconnect hacks are way worse from a customer satisfaction perspective.
February 4, 2007, 6:12 AM
UserLoser
[quote author=Ripple link=topic=16227.msg163878#msg163878 date=1170552186]
Of course they will. The day after lockdown came out, I asked a blizzard rep about it in Blizzard Tech Support. After badgering him and being kicked out twice, he finally admitted it was an anti-bot measure.
[/quote]

They were probably sick of being annoyed by you and since you can't take the hint to leave, he just gave you what you wanted to hear or you're just making it up.  I would think that this clearly isn't a anti-bot measure, the main reason of the lockdown is for anti-hack protection.  Sure it could be anti-bot because it "requires" you to have the game running for the video capture needed, but like I said, not just to get rid of bots.
February 4, 2007, 5:51 PM
MyStiCaL
Sad thing since this lockdown was released, hacks have gotten worse, well atleast the one i use for scbw, gezz basicly lets me do anything!
February 4, 2007, 5:54 PM
BreW
Haha, did anyone notice half of squeak's posts have been deleted? It makes me look like I'm talking to myself now. *sigh*

I'm sure most of you believe this patch is targeted to disable hacks for starcraft/broodwar, but consider the fact that x40 - x50 times as many possible checksum formulas were added to blizzard's database only two days after Ante's CRDB was released.

@ Mystical, you acually go on the game "starcraft"? I wouldn't know very much about hacks since I don't play it, but from what I hear they are getting worse. Still, none are worse then the crash hack (sends a character below a space in game) which had been patched long ago. In general, hacks are becoming less dangerous thanks to Blizzard's wealth of anti hacking systems and occasional warden patches. If blizzard really wants to stop hacks, the only way they can do it is by updating starcraft.exe itself, and not use some .mpq workaround. Also, why would they care about starcraft? what about Starcraft 2? It's been confirmed, it is being released late 2007.
February 4, 2007, 6:20 PM
rabbit
Confirmed?  No.  Hinted at?  Yes.
February 4, 2007, 9:39 PM
Barabajagal
Sorry, had lots of RAM problems last night... constant Blue Screens, etc... I'll try to find the log of the conversation with the rep, but I've reformatted since then, so I doubt i have it. It is an anti-bot measure, thought you can believe whatever you want.
February 4, 2007, 9:44 PM
MyStiCaL
Yes, I still play starcraft broodwar, I think its still a great game along with WarCraft II, atleast you still have ladder in warcraft II =) but the hacks are getting worse, and i don't see what reps would even know about the patchs as they are here for support, anyways skywing made it sound better i'd go with w/e he says, if it was a anti bot movement, then for sure there is easy ways to just stop bots completely, i think this is a anti-hack movment,
February 4, 2007, 10:20 PM
Barabajagal
then why hasn't it cut back on hacks at all? All you have to do is enable hacks after the initial connection (before login even) and you'll be fine. A No-CD crack that edits memory can just edit it back to normal for the connection. Bots suffered the most from lockdown...
February 4, 2007, 10:27 PM
MyStiCaL
thats cuz bnets just retarded lol
February 4, 2007, 10:30 PM
Barabajagal
I dunno, their system seems pretty well done (except for the lack of standardization, but that can be attributed to age and updatability [<--is that a word?]).
February 4, 2007, 10:33 PM
UserLoser
[quote author=Mystical link=topic=16227.msg163959#msg163959 date=1170611649]
Sad thing since this lockdown was released, hacks have gotten worse, well atleast the one i use for scbw, gezz basicly lets me do anything!
[/quote]

You do know that your game is actively downloading and running a file performing memory scans and reporting the information back to a Battle.net server, right?  I wouldn't be suprised if your account is gone in a couple of months or so.
February 5, 2007, 2:53 AM
Barabajagal
warden strikes again!
February 5, 2007, 3:11 AM
rabbit
Breaking news: UserLoser is the Warden!
February 5, 2007, 3:22 AM
Barabajagal
well that sure "Clears some things up"
February 5, 2007, 3:26 AM
MyStiCaL
oh well ban one account i got plenty more.
February 5, 2007, 4:58 AM
UserLoser
[quote author=Mystical link=topic=16227.msg164022#msg164022 date=1170651487]
oh well ban one account i got plenty more.
[/quote]

Cd-Keys too?
February 5, 2007, 4:36 PM
MyStiCaL
[quote author=UserLoser link=topic=16227.msg164039#msg164039 date=1170693379]
[quote author=Mystical link=topic=16227.msg164022#msg164022 date=1170651487]
oh well ban one account i got plenty more.
[/quote]

Cd-Keys too?
[/quote]

uh yes, just like the rest of us im sure, i have a few thousand cdkeys as well.
February 5, 2007, 5:02 PM
l2k-Shadow
[quote author=Blaze link=topic=14366.msg135380#msg135380 date=1133020446]
Pffft, everyone already knows that starcraft keys are really poorly encrypted love messages between Yoni and Skywing.
[/quote]
February 5, 2007, 7:21 PM
BreW
How would they be poorly encrypted love messages? There is no coorelation between them and any human-readable character from the ASCII char set.
February 5, 2007, 9:16 PM
Barabajagal
it's a joke...
February 5, 2007, 9:27 PM

Search