I'm suer this is a commonly asked question, so forgive me, but how can I trick battle.net into thinking Im logged in under Starcraft, or WarCraft or such, specfically what extra data should I include when I send in the login data?

Packet log the official client from blizzard and go from there

Yeah I figured I could do that, but the problem is that requires effort :P.

Noone said it was going to be easy ::)

Im not real good with Ethereal, and Im trying to trace the packets I need, but there's to dang many of them, does anyone have any tips?

[quote author=Rasico link=board=17;threadid=6156;start=0#msg53489 date=1081127814]
Im not real good with Ethereal, and Im trying to trace the packets I need, but there's to dang many of them, does anyone have any tips?
[/quote]

My suggestion: http://bnetdocs.valhallalegends.com

Good luck! =]

Or he could use BNCSMon and see what packet's are sent and recieved. Than use BNETDocs to identify each packet :)

Forgive my ignorance but what exactly does BNCS standfor? ;D

Ack theres to many vocabulary words I don't know, perhaps a detailed reading is in order (to be honest I'm just trying to get my friend's bot to trick b.net into thinking its signed on as a sc client).

Follow the logon procedures outlined in BnetDocs to create a hashed logon sequence after reading the packet education text document or use CSB, which implements the logon for you and all you have to do is define what it does during certain events and set up your controls.

Your entering this subject at a time when most if not all of the especially hard work has been done for you assuming you know how to use it.

At this point, if you lack the effort needed to put even the simplest bot together, than you are in the wrong subject entirely.

You misunderstood me, I understand a great deal has been done already :), but Im using VB as my friend is to lazy to write it in C++ ;D. Essentially I found what you need to send in order to emulate the SC client, so I'm working with that 8)

Yeah you'll have to forgive me, I just did a lot of reading, I sounded pretty stupid, and I will continue to do so for a not so limited time only. But I still have a stupid question to ask ;D. In order to emulate the client, I'm following the packet order I found on BNETDocs. Since I'm using VB here, I have to reverse the order of the DWORD to put it into a string according to something I read. Now what I'm looking at is

say the 0x51 Packet

[code]
(DWORD)       Client Token
(DWORD)       EXE Version
(DWORD)       EXE Hash
(DWORD)       Number of keys in this packet
(BOOLEAN)    Using Spawn (32-bit)

For Each Key:
(DWORD)       Key Length
(DWORD)       Product
(DWORD)       CDKEY Value 1
(DWORD)       Unknown (0)
(DWORD[5])    Hashed Key Data

(STRING)       Exe Information
(STRING)       CD Key owner name
[/code]

One, whats the client token, two how can I send a 32 bit boolean, normally they are represented by 1 bit, but allocated from 1 byte, should I send 4 0's? And finally, what does exe hash mean?

You'll want to use DarkMinion's packetbuffer, not exactly sure where it's located at, someone else might have the link. If it's not there tomorrow I'll upload it..

Once you have it you simply do
[code]
Dim p as new PacketBuffer ' PacketBuffer being your classname.

p.insertDWORD &H1
[/code]
for example..

The EXE hash is EXE information (not exactly sure what) that's passed through a hashing algorithm (best bet is BnetAuth.dll, Search)

it's late, i'm goin to bed, i might add more tomorrow

Thanks, where did &H1 come from. Just for everyone, assume Im a complete n00b at this (not at programming, but at anything related to the bot).

[quote]One, whats the client token[/quote]
Client token is a random 4-byte unsigned int (DWORD, or whatever you want to call it). It's something that you generate for yourself and is used in the hashing algorithm. (Hence 'token')

[quote] how can I send a 32 bit boolean, normally they are represented by 1 bit, but allocated from 1 byte, should I send 4 0's?[/quote]
I recommend testing it out for youself. If you have a starcraft cd install the spawn & packet log it.
;D That's how I learned this stuff.

[quote] And finally, what does exe hash mean?[/quote]
You can take guesses at what this means, but it's the result of a hashing algorithm. If you're looking for a quick way out, many people here "borrow" a function called CheckRevision() that figures out this value. Figuring out how it's done without it takes some work.

Some tips on figureing out all this stuff. Read up on stuff in bnetdocs and in this forum. Packet log like a madman. Seriously. Print stuff out, label stuff. Debug output like crazy. I was going through what you were going through about 2 weeks ago.

GL.

My advice: stop being lazy.

[quote author=iago link=board=17;threadid=6156;start=15#msg53530 date=1081157278]
My advice: stop being lazy.
[/quote]

I Agree, just using a packet logger and http://bnetdocs.valhallalegends.com you can get all this to work, and the information is very xplained on there. (i think)

Ok cool, thanks for all the help :)

Ok a question about Ehtereal, can I assume everything Im following in the TCP Stream is a single byte, because Im basically trying to figure why there are long strings of .....'s. I've basically been pasting the strings I've gotten from saving it as a text file into my sends, and it unlke before, its not automatically kicking me off, however I'm not getting any data like I should be.

[quote author=Rasico link=board=17;threadid=6156;start=15#msg53561 date=1081177849]
Ok a question about Ehtereal, can I assume everything Im following in the TCP Stream is a single byte, because Im basically trying to figure why there are long strings of .....'s. I've basically been pasting the strings I've gotten from saving it as a text file into my sends, and it unlke before, its not automatically kicking me off, however I'm not getting any data like I should be.
[/quote]

I believe you should be looking at the hex dump and taking the bytes from there. All the ....'s are just various characters that the ethereal authors deemed unprintable.

Ok, but does this mean I need to calculate the ASCII code for all the hexadecimal pairs, because I'm lazy and that would take a long time ;D. I could write a function to do it, I know, but it would be much easier if there was some way for me to look at the bytes sent out and be able to compare them to the bnet docs, thats basically my goal at the moment, matching outgoing packes with the format specified (Starcraft in this case, but I intend to apply it to other clients as well.)

[quote author=Rasico link=board=17;threadid=6156;start=15#msg53579 date=1081192875]
Ok, but does this mean I need to calculate the ASCII code for all the hexadecimal pairs, because I'm lazy and that would take a long time ;D. I could write a function to do it, I know, but it would be much easier if there was some way for me to look at the bytes sent out and be able to compare them to the bnet docs, thats basically my goal at the moment, matching outgoing packes with the format specified (Starcraft in this case, but I intend to apply it to other clients as well.)
[/quote]

Unless you're using the chat protocol, I think you'll find that most of the bytes that are tricky to get right are much easier to compare in hexadecimal form than as ascii characters. They are also rarely specified as ascii characters. Of course, in the actual chat/channel/text data there's lots of characters, but when you get to that point, you don't really need to count/compare characters.

What I meant was when I want to send these packets (I'm using VB with Winsock here), I need to take the value each hexadecimal pair provides and send it as a character(example FF = 255, so I would send chr(255)), or is there perhaps a different way of going about this?

[quote author=Rasico link=board=17;threadid=6156;start=15#msg53583 date=1081194584]
What I meant was when I want to send these packets (I'm using VB with Winsock here), I need to take the value each hexadecimal pair provides and send it as a character(example FF = 255, so I would send chr(255)), or is there perhaps a different way of going about this?
[/quote]

In VB, the way of using a hex value is:

&Hvalue-in-hexadecimal

Which might be:

&H50, which is the value of 80 in decimal.
&H0F, which is the value of 15 in decimal.

etc.

You will see this written typically as 0x50 or 0x0f, which is the syntax for writing hex numbers in C-based languages (including Java).

You will also have to do manipulations on the values. You can't just send a fixed string of bytes - they have to be appropriate responses for the bytes that b.net is sending you.

[quote author=Adron link=board=17;threadid=6156;start=15#msg53597 date=1081199185]
You will also have to do manipulations on the values. You can't just send a fixed string of bytes - they have to be appropriate responses for the bytes that b.net is sending you.
[/quote]

I'm fully aware ;D, but one thing at a time, thanks for all the help thus far everyone :).

[quote]You will see this written typically as 0x50 or 0x0f, which is the syntax for writing hex numbers in C-based languages (including Java). [/quote]
0x50 or 0x0f is the standard to printing/writing hex. It is prefixed by either 0x or 0X.

This is similiar to the standard of printing a '0' (zero) as a prefix to any octal number.

When I look at the log on sequence for SC on b.net, I see a protocol byte is the first thing that needs to be sent, however bNet takse me to a protocol headers page, which then gives me the BNCS packet header format. This raises two questions: One, how do you format the protocol Byte, using what information to format it. Second, does the Packet header need be included with every other thing you send?

For instance with the SID_AUTH_INFO packet, should one send the header along with that packet?

[quote author=Rasico link=board=17;threadid=6156;start=15#msg53602 date=1081201101]
For instance with the SID_AUTH_INFO packet, should one send the header along with that packet?
[/quote]

You just send Chr(1) to tell the server that you want to connect using a client. Similarly to how you would send Chr(3) to connect using the CHAT protocol, or Chr(2) (I think) for ftp.

Yes, you would need to include the packet header:
Chr(255) or Chr(&HFF) - FF
Chr("&H" & PacketID) - 0x51 for example
Then the length of the packet which you use CopyMemory to get.

Those 4 bytes would be the packet header which you send along with every packet.

Yay I managed to IPBan myself, I take it that if you don't send the appropitate data after the protocol byte, bad thigns happen ::)

This should be the last thing I hope for a while, when I trace the outgoing packets from SC, I find that just 01 is being sent first (the protocol byte), this to me makes sense as thats 2 hex digits or 1 bye. But when I send &H1, I found out that two bytes have been sent out. Perhaps an explanation could be offered, thats confusing me and explained a lot about why things weren't working the way I thought they should be, thanks.

Post the packet data from the capture.

Since the test I conducted was me just sending data, it comes out to:
00000000 01 00

Yeah thats it, nothing more there. When I send &H1 I should just get 01, since thats simply one byte. I only sent half a byte technically, but since its in a character which is 1 byte, it should come out to be 01 instead of 1. Therefore, I am confused :-[

How exactly did you do this? Did you try to use the packetbuffer class or just:
[code]
SOCKET.SendData Chr(1)
[/code]
?

odd, actually sending chr 1 worked, thats kinda funny. Why did that send only 1 byte, while sending &H1 sent two?

[quote author=Rasico link=board=17;threadid=6156;start=30#msg53668 date=1081229016]
odd, actually sending chr 1 worked, thats kinda funny. Why did that send only 1 byte, while sending &H1 sent two?
[/quote]

Well..
two bytes is an integer..
or a single character VB string..
or a boolean..
BAH w/e
My guess is you are doing:
[code]
Winsock.Send &H1
[/code]

..which is just a number which VB6 sees as an integer
and so saw it as two bytes in memory.
Add On: (I may be wrong if I am please correct me.)

Remember that a hex number is still just a number just represented differently.
Meaning..

[code]
&H1 = 1
1 = &H1
[/code]

[quote author=o.OV link=board=17;threadid=6156;start=30#msg53673 date=1081235564]
[quote author=Rasico link=board=17;threadid=6156;start=30#msg53668 date=1081229016]
odd, actually sending chr 1 worked, thats kinda funny. Why did that send only 1 byte, while sending &H1 sent two?
[/quote]

Well..
two bytes is an integer..
or a single character VB string..
or a boolean..
BAH w/e
My guess is you are doing:
[code]
Winsock.Send &H1
[/code]
[/quote]
If that is what you did, you could stick to hex and fix it by changing that to:
[code]Chr(&H1)[/code]:-*

If you do
winsock.send &h1

vb interprets it however it feels like, by what you said probably as a word which is 2 bytes. When you make a char first, it knows it's only sending a single byte.

Yeah That makes sense, I didn't VB was going to interpret it as an integer, thanks ;D

Ok things are going well :D. Now since it needs a CD key, is there a way to pull the client's CD key from its location to send in, or am I going to have to write code to do that myself?

I think it's stored somewhere in the registry, but the way most bots do it is to read information like that from a config (hint Config.txt). You could have the user input his information into the config.txt and then read from it using:
[code]
Open app.path & "\config.txt" for input as #1
' // Or
Dim Buffer as String
Open app.path & "\config.cfg" for binary access read as #1
Buffer = Space$(LOF(1))
Get #1, , Buffer
' // You only need this way if your config is going
' // to include 'undisplayable' characters -- such as Chr(0).
' // Also for some reason when you use For Input, it
' // seems to screw up when there's commas in the
' // data it's trying to input.
[/code]

[quote author=Rasico link=board=17;threadid=6156;start=30#msg53807 date=1081297554]
Ok things are going well :D. Now since it needs a CD key, is there a way to pull the client's CD key from its location to send in, or am I going to have to write code to do that myself?
[/quote]

Hrm?

A couple things -- when nobody has posted since your last post, utilize the modify feature, so that you don't have two or three posts in a row. It's something that we generally appreciate around here.

Second -- I'm not sure what your question means. You will need to encrypt the CD key, most likely using BNLS. You can get the CD key by presenting the user with a text box that asks for the user's CD key. Other than that, I'm not exactly certain what you mean.

[quote author=Myndfyre link=board=17;threadid=6156;start=30#msg53810 date=1081298102]
[quote author=Rasico link=board=17;threadid=6156;start=30#msg53807 date=1081297554]
Ok things are going well :D. Now since it needs a CD key, is there a way to pull the client's CD key from its location to send in, or am I going to have to write code to do that myself?
[/quote]

Hrm?

A couple things -- when nobody has posted since your last post, utilize the modify feature, so that you don't have two or three posts in a row. It's something that we generally appreciate around here.

Second -- I'm not sure what your question means. You will need to encrypt the CD key, most likely using BNLS. You can get the CD key by presenting the user with a text box that asks for the user's CD key. Other than that, I'm not exactly certain what you mean.
[/quote]

Sorry about that, I'll do that in the future, and second I mean is there a way so the user doesn't have to, I already thought of making the user input it, come on give me some credit here.

Only if you can design a telepathic user interface. However, that would still require the user knowing the CD key.

[edit]
This post may not be _comepletely_ accurate; I've heard of ways to extract the CD key data from the installed client. However, I made the assumption that this technique would be outside the realm of this particular bot.
[/edit]

I already answered what you could do (read above myndfyre's post -- first sentence.), but note that not many users really want to use the same CDKey their game is installed with. For 90% of the users of your bot, they will want to have a bot loaded, and be on the client at the same time. If your bot is using the clients key, therefore stopping it from connecting, it will stop them from doing what they want.

[Edit] I just tryed looking through the registry, and I can't find the CDKey for SC (doesn't mean it's not there, I just can't find it).

[quote author=Eli_1 link=board=17;threadid=6156;start=30#msg53820 date=1081300019]
I already answered what you could do (read above myndfyre's post -- first sentence.), but note that not many users really want to use the same CDKey their game is installed with. For 90% of the users of your bot, they will want to have a bot loaded, and be on the client at the same time. If your bot is using the clients key, therefore stopping it from connecting, it will stop them from doing what they want.

[Edit] I just tryed looking through the registry, and I can't find the CDKey for SC (doesn't mean it's not there, I just can't find it).
[/quote]

Not being certain how other bots do it (SphtBot puts it in the registry), this is how I do it:

I store in the registry the full path of the installation folder under HKEY_LOCAL_MACHINE\Software\ArmaBot Alpha 4, which tells me where the install path is. Under HKEY_CURRENT_USER\Software\ArmaBot Alpha 4, I store the path to the Profiles folder, which is by default in My Documents\ArmaBot Alpha 4\, with the file named Profiles.apl. The profiles.apl file is simply an XML file with names of connection profiles; for example, FTAzeroth. There is then a subfolder in the MyDocs\ArmaBot Alpha 4 folder called FTAzeroth, which has a file called FTAzeroth.acp, another XML file, containing the CD keys for all supported clients. That way, each connection can maintain its own CD key list.

Fun, huh? ;)

[quote author=Eli_1 link=board=17;threadid=6156;start=30#msg53820 date=1081300019]
[Edit] I just tryed looking through the registry, and I can't find the CDKey for SC (doesn't mean it's not there, I just can't find it).
[/quote]

The cd keys for blizzard games are stored in various mpqs in the game directories.

[quote author=Adron link=board=17;threadid=6156;start=45#msg53927 date=1081384433]
[quote author=Eli_1 link=board=17;threadid=6156;start=30#msg53820 date=1081300019]
[Edit] I just tryed looking through the registry, and I can't find the CDKey for SC (doesn't mean it's not there, I just can't find it).
[/quote]

The cd keys for blizzard games are stored in various mpqs in the game directories.
[/quote]

ok thanks, Adron ;D

[quote author=Eli_1 link=board=17;threadid=6156;start=30#msg53809 date=1081298029]
[code]' // Also for some reason when you use For Input, it
' // seems to screw up when there's commas in the
' // data it's trying to input.[/code]
[/quote]

When using Input, VB treats commas as delimiters, much like vbCrLfs. To read in an entire line, whether it includes commas or not, use Line Input, eg:

[code]Line Input #1, MyLine[/code]