Author | Message | Time |
---|---|---|
Ozzapoo | Hi. What's different with the PvPGN login sequence (and its packets), as opposed to the Battle.Net one? The password never seems to work and I can't find any documentation or anything. | February 1, 2009, 12:48 AM |
HdxBmx27 | the login sequance should be the same. IIRC it simply hashes the passwords incorrectly, you'd have to look at its source to figure out exactly whats wrong. | February 1, 2009, 12:56 AM |
Ozzapoo | If PvPGN hashes passwords incorrectly then wouldn't it have been fixed a long time ago? | February 1, 2009, 2:32 AM |
HdxBmx27 | Nope thats why PVPGN sucks | February 1, 2009, 2:34 AM |
Ozzapoo | Well isn't there any online source that details whats wrong with the hashing? Or did everyone who ever made a bot for PvPGN look at the source themselves =/? | February 1, 2009, 2:53 AM |
Sixen | Just look at a PvPGN Bot's source code then. | February 1, 2009, 2:59 AM |
Ozzapoo | I'm trying but I can't seem to find where it actually hashes the password >.< I'm not all that good on C. EDIT: I think I've pinpointed the calculate hash functions in both PvPGN and MBNCSUtil....But now I'm lost. PvPGN: [code] extern t_uint32 bn_int_get(bn_int const src) { t_uint32 temp; if (!src) { eventlog(eventlog_level_error,__FUNCTION__,"got NULL src"); return 0; } temp = ((t_uint32)src[0]) ; temp |= ((t_uint32)src[1])<< 8; temp |= ((t_uint32)src[2])<<16; temp |= ((t_uint32)src[3])<<24; return temp; } [/code] The code that executes this (PvPGN): [code] extern void bnhash_to_hash(bn_int const * bnhash, t_hash * hash) { unsigned int i; if (!bnhash) { eventlog(eventlog_level_error,__FUNCTION__,"got NULL bnhash"); return; } if (!hash) { eventlog(eventlog_level_error,__FUNCTION__,"got NULL hash"); return; } for (i=0; i<5; i++) (*hash)[i] = bn_int_get(bnhash[i]); } [/code] MBNCSUtil: [code] private void calculateHash(uint clientToken, uint serverToken) { if (!valid) throw new InvalidOperationException(Resources.invalidCdKeyHashed); MemoryStream ms = new MemoryStream(26); BinaryWriter bw = new BinaryWriter(ms); bw.Write(clientToken); bw.Write(serverToken); switch (key.Length) { case 13: case 16: bw.Write(product); bw.Write(val1); bw.Write((int)0); bw.Write(val2); bw.Write((short)0); hash = XSha1.CalculateHash(ms.GetBuffer()); break; case 26: bw.Write(product); bw.Write(val1); bw.Write(val2); byte[] buffer = ms.GetBuffer(); SHA1 sha = new SHA1Managed(); hash = sha.ComputeHash(buffer); break; default: break; } ms.Close(); } [/code] I don't see how these two piece of code have got ANYTHING to do with eachother...=/ Can anyone explain it to me? | February 1, 2009, 3:02 AM |
Ringo | iirc, PvPGN server compares password hash, by useing the client token used in 0x51. So, if you use a differnt client token for password hashing than you did for cdkey hashing, it fails. I think, the reall client's use the same client token through out the whole connection, and only change it when you change password (or somthing like that) | February 1, 2009, 6:41 AM |
xpeh | [quote author=Hdx link=topic=17818.msg181541#msg181541 date=1233455671] Nope thats why PVPGN sucks [/quote] It sucks, but not so. Relax dude, it works. | February 1, 2009, 9:03 AM |
Ozzapoo | Oh no. I was looking at the completely wrong thing >.< It was PASSWORD hashes >.< The password hash is sent in SID_AUTH_ACCOUNTLOGONPROOF (0x54), right? | February 1, 2009, 9:11 AM |
xpeh | What about using sniffer? | February 1, 2009, 9:17 AM |