Ok, i was talking with UserLoser about Packet 0x50, learned a few things; Still have a few questions.

When blizzard sends you back 0x50

You recieve a Revision Number?

There are a Couple Responses

0x00 = XSHA-1 ( Why is it Called XSHA-1, What's with PSUEDO Sha-1, Broken Sha-1, and all that stuff )
0x01 = SRP
0x02 = Modified SRP? or What!?

What is Server Key? Some time of Authentication Signature?

What is UDP Value?

Filetime, Used in order to upgrade patch or something?

Version FileName, No idea what this is used for.
Hash Command, All Randomly Generated By the server. Where S is Constant and found in... Storm.dll??? What is this used for?

Server Signature? What is this used for?

Thanks Alot

- BaDDBLooD

[quote author=BaDDBLooD link=board=17;threadid=8194;start=0#msg75865 date=1092717291]
Ok, i was talking with UserLoser about Packet 0x50, learned a few things; Still have a few questions.
0x00 = XSHA-1 ( Why is it Called XSHA-1, What's with PSUEDO Sha-1, Broken Sha-1, and all that stuff )
0x01 = SRP
0x02 = Modified SRP? or What!?
[/quote]

0x01 <- W3 Beta
0x02 <- W3 and W3XP Standard SHA-1

So than what's 0x00?

You had the Broken SHA-1 correct, but the other two needed some correcting.

Where does SRP Come in than?

SRP is the authentication that Warcraft 3 uses to verify passworsd. It's a 4-part process, and you can find official documetnation at http://srp.stanford.edu .

[quote author=BaDDBLooD link=board=17;threadid=8194;start=0#msg75884 date=1092720802]
Where does SRP Come in than?
[/quote]
Hashing used to log in your account with the NLS (revision 0x1 or 0x2).

Edit: SCREW YOU IAGO

Here is some Psuedo Code for SHA-1 I doubt it is the exact same as Broken SHA-1 but here ya go.

A description of SHA-1
[code]
a = h0 = 0x67452301
b = h1 = 0xEFCDAB89
c = h2 = 0x98BADCFE
d = h3 = 0x10325476
e = h4 = 0xC3D2E1F0
(Pre-processing:)
paddedmessage = (message) append 1
while length(paddedmessage) < 512n - 64:
paddedmessage = paddedmessage append 0
paddedmessage = paddedmessage append (length(message) in 64-bit format)
(Process the message in successive 512-bit chunks:)
while 512-bit chunk(s) remain(s):
break the current chunk into sixteen 32-bit words w(i), 0 <= i <= 15
(Extend the sixteeen 32-bit words into eighty 32-bit words:)
for i from 16 to 79:
w(i) = (w(i-3) xor w(i-8) xor w(i-14) xor w(i-16)) leftrotate 1
(Main loop:)
for i from 0 to 79:
temp = (a leftrotate 5) + f(b,c,d) + e + k + w(i) (note: all addition is mod 2^32)
where:
(0 <= i <= 19): f(b,c,d) = (b and c) or ((not b) and d), k = 0x5A827999
(20 <= i <= 39): f(b,c,d) = (b xor c xor d), k = 0x6ED9EBA1
(40 <= i <= 59): f(b,c,d) = (b and c) or (b and d) or (c and d), k = 0x8F1BBCDC
(60 <= i <= 79): f(b,c,d) = (b xor c xor d), k = 0xCA62C1D6
e = d
d = c
c = b leftrotate 30
b = a
a = temp
h0 = h0 + a
h1 = h1 + b
h2 = h2 + c
h3 = h3 + d
h4 = h4 + e
digest = hash = h0 append h1 append h2 append h3 append h4
Note: Instead of the formulation from FIPS PUB 180-1 shown, the following may be used for improved efficiency:

(0 <= i <= 19): f(b,c,d) = (d xor (b and (c xor d)))
(40 <= i <= 59): f(b,c,d) = (b and c) or (d and (b or c)))
[/code]

Oh and in case you didn't know SHA = Secure Hash Algorithm and the -1 means the version. Battle.net modified this a little bit and is called Broken SHA-1, just their own kind of version I believe.

Not very related, but if true could change a lot:
http://www.freedom-to-tinker.com/archives/000661.html

[quote author=Soul Taker link=board=17;threadid=8194;start=0#msg75888 date=1092720981]
[quote author=BaDDBLooD link=board=17;threadid=8194;start=0#msg75884 date=1092720802]
Where does SRP Come in than?
[/quote]
Hashing used to log in your account with the NLS (revision 0x1 or 0x2).

Edit: SCREW YOU IAGO
[/quote]

So what are the Resvision Status codes? You guys got me all fricking Confused now!

0x00 = Broken SHA-1
0x01 = SRP For WAR3 Beta
0x02 = SRP for WAR3/W3XP

Broken SHA-1 And SRP are both used to hash passwords?

EDIT: Can you guys answer all my other questions as well?

I believe SRP is used to hash W3 passwords only and SHA-1 is used to hash old product passwords and all cdkey'd products, though I am informed from a reliable source :P

What exactly is SRP Sha-1 used to hash?

Also, Diablo II and Starcraft both support the logon version 0x01. (Or NLS Revision as some refer to it as)

[quote author=BaDDBLooD link=board=17;threadid=8194;start=0#msg75865 date=1092717291]
Ok, i was talking with UserLoser about Packet 0x50, learned a few things; Still have a few questions.

When blizzard sends you back 0x50

You recieve a Revision Number?

There are a Couple Responses

0x00 = XSHA-1 ( Why is it Called XSHA-1, What's with PSUEDO Sha-1, Broken Sha-1, and all that stuff )
0x01 = SRP
0x02 = Modified SRP? or What!?

What is Server Key? Some time of Authentication Signature?

What is UDP Value?

Filetime, Used in order to upgrade patch or something?

Version FileName, No idea what this is used for.
Hash Command, All Randomly Generated By the server. Where S is Constant and found in... Storm.dll??? What is this used for?

Server Signature? What is this used for?

Thanks Alot

- BaDDBLooD
[/quote]

ServerKey: Used for hashing password and CDKey.
UDPValue: Sent back in UDP packet 0x9.
Filetime: FILETIME struct of the filetime for the versioning MPQ.
Filename: Contains the versioning .DLL, which is then downloaded from Battle.net by the Blizzard clients (or such clients as UserLoserBot), then extracts the .DLL and calls CheckRevision later on.
Hash command: Used for CheckRevision to calculate checksum.
Server signature: Used to verify the server's signature based on it's IP address

How is the Server key used to hash password / cdkey

How Can starcraft/Diablo2 use NLS Revison 0x01?.. lost me there

What exactly is the FILETIME used for?

What is the Checksum used for that comes from the hash command?

I STill don't understand what Server Signature is.

[quote author=BaDDBLooD link=board=17;threadid=8194;start=0#msg75899 date=1092725191]
How is the Server key used to hash password / cdkey
[/quote]
The server key is included in the digest to be hashed, which would also contain the password or CD-Key. I think the server key is just a random value, determined by the server.
[quote]
How Can starcraft/Diablo2 use NLS Revison 0x01?.. lost me there
[/quote]
They both contain support for NLS revision 1, but since the server does not tell them to use it as of right now, you probably will never see it happen.
[quote]
What exactly is the FILETIME used for?
[/quote]
It is used to determine if the file already present on your hard drive is the same as the one the server is telling you to use.
[quote]
I STill don't understand what Server Signature is.
[/quote]
The server signature is checked by WAR3/W3XP. I don't know the forumla used to check it, but if the signature does not match the IP of the server that the client is connected to, the client will abort the connection. I can only assume this is to prevent people from proxying War3 connections.

HTH

Edit: somehow deleted your question about the checksum. It's used to make sure the client version matches what the server thinks it should be.

And than you send all this in 0x51?

Would someone give me a Rough Explination of 0x51, what you have to send, how you do it.

Check it out in http://www.valhallalegends.com/yoni/BNLSProtocolSpec.txt

[code]

(DWORD) Client session key.*
(DWORD) Version.**
(DWORD) Checksum.**
(DWORD) Amount of CD-keys. This is typically 2 for Lord of Destruction, 1 otherwise.***
(BOOL) TRUE for spawn (Starcraft, Japan Starcraft and Warcraft 2 only), FALSE for normal.
(9 DWORDs) CD-key data.*
(Optional 9 DWORDs) CD-key data for second CD-key, if using Lord of Destruction.***
(String) Version check stat string.**
(String) CD-key owner name.

[/code]


Ok so

Client Session Key, is Telling the server who you are, Right?
What the heck is Version

How do you Calculate Checksum. Do you just Plug in all the Numbers for Hash COmmand along with S ( Which is from Storm.DLL ??? ) And that's what you send??

What is the 9 DWORD'S of CDKey Data?
Version Check statstring?

To quibble with semantics, SRP also uses SHA-1. But not broken.

The idea of SHA-1 (for the original login) is this:
The server makes a random key. The client makes a random key. The keys are exchanged. The client hashes the password along with the 2 values, and the server hashes the password with the 2 values. If they match, the password was right. SHA-1 allows the password to be sent securely. It's a "one way hash". SRP is basically a more complicated version of this whole thing, which you can find out if you read that site.

That's all about the password hashing and verification. The CDKey stuff is different, and we can discuss that more later, if you'd like :)

Thank you iago, you explained it exactly how i needed it explained. Thanks a bunch!

I Would greatly like to learn about the cdkey stuff ;)

EDIT: We could talk on AIM

EDIT #2: It would probly be more Beneficial to talk on here though.

EDIT #3: About your above post. Do you mean like Me sending them a Client Token, and them sending me a Server Token?

EDIT #4: Still need help with Version Etc..

[quote author=Soul Taker link=board=17;threadid=8194;start=0#msg75891 date=1092721925]
Not very related, but if true could change a lot:
http://www.freedom-to-tinker.com/archives/000661.html
[/quote]

I Doubt that is true tbh sha-1//md5 are the most widely used on the internet, and they are also the most secure, well they were.

Of course better algorithms are out now but as noted they are just variations upon the same algorithms.

[quote author=OnlyMeat link=board=17;threadid=8194;start=15#msg75917 date=1092733901]
[quote author=Soul Taker link=board=17;threadid=8194;start=0#msg75891 date=1092721925]
Not very related, but if true could change a lot:
http://www.freedom-to-tinker.com/archives/000661.html
[/quote]

I Doubt that is true tbh sha-1//md5 are the most widely used on the internet, and they are also the most secure, well they were.

Of course better algorithms are out now but as noted they are just variations upon the same algorithms.
[/quote]

I have heard rumours that there are weaknesses, and I have also heard rumours that the last person who was going to go public with it disappeared. Rumours are fun.

Badd -- contact me on IM. If you learn anything, post the log here :)

[quote author=OnlyMeat link=board=17;threadid=8194;start=15#msg75917 date=1092733901]
[quote author=Soul Taker link=board=17;threadid=8194;start=0#msg75891 date=1092721925]
Not very related, but if true could change a lot:
http://www.freedom-to-tinker.com/archives/000661.html
[/quote]

I Doubt that is true tbh sha-1//md5 are the most widely used on the internet, and they are also the most secure, well they were.

Of course better algorithms are out now but as noted they are just variations upon the same algorithms.
[/quote]
SHA-0 has already been broken (http://www.mail-archive.com/cryptography%40metzdowd.com/msg02554.html), so it seems to me like SHA-1 shouldn't be far behind.

I didn't notice the second page before I typed all this >:(

ho hum!

> How is the Server key used to hash password / cdkey

It's included in the hash along with the data that you're hashing. It's a way of ensuring that the hash of your password/cdkey is different every time you send it. If there were no server key (which changes each time you log on) then the hash would be the same every time you logged on, which would make it much easier to brute-force your logon information from the hash. I'm ignoring the client key here, but it serves essentially the same purpose.

>How Can starcraft/Diablo2 use NLS Revison 0x01?.. lost me there

The games include code to log on using that method, as well as the normal method. IIRC, the NLS/SRP code in star/d2dv is quite outdated and would probably not work in its current state.

> What exactly is the FILETIME used for?

When you recieve the packet, you should check your local copy of the versioning dll, to see if it has the same filetime as is in the packet. If that time is different (read: newer) it means that a new version dll is available and the client should download it before proceeding with CheckRevision().

> What is the Checksum used for that comes from the hash command?

I think you're referring to the hash returned by CheckRevision here, although I'm not sure. If that's what you mean: That hash is used by battle.net to ensure that your game files have not been modified. The reason that Blizzard uses CheckRevision and not a standard hashing algorithm is that each version dll (ix86ver0, ver1, ver2, ...) is slightly different, and so produces a slightly different hash. This, presumeably, is to make the logon process harder to emulate.

> I STill don't understand what Server Signature is.

The server signature is used to ensure (in theory) that you are connecting to a Blizzard server. Some data about the server (Presumeably the IP address) is cryptographically hashed by Battle.net and sent to the client. The client then does the same and ensures that the signatures match. I'm not really sure about the details, but so far as I know, this is basically the same as digitally signing something. This is what (used to?) prevent Warcraft III from connecting to non-Blizzard servers without being cracked.

I definitely think this should be a candidate for the Battle.net Reference area of the forum :)

Ok, After talking with Iago on aim. I Still have a few more questions.

1) What Exactly does Check Revision Do?

2) Why do you have to "Decode" The CDKey, how do you Decode it? What is the Public CDKey Value? and Hashed CDKey Data that you send in 0x51?

[quote author=BaDDBLooD link=board=17;threadid=8194;start=15#msg76110 date=1092801508]
Ok, After talking with Iago on aim. I Still have a few more questions.

1) What Exactly does Check Revision Do?

2) Why do you have to "Decode" The CDKey, how do you Decode it? What is the Public CDKey Value? and Hashed CDKey Data that you send in 0x51?
[/quote]CheckRevison does many things. Firstly, it calculates a version value (DWORD) from the exe's version information resource. Second, it builds a string containing information about the exe (last write time/file size) and thirdly, it creates a hash value using information from all three files (war3.exe/storm.dll/game.dll). All three of these computed values must match those calculated by Blizzard.

Basically, it checks if the clients game files are up to date and/or not modified in any way. (For example, if you modify the exe so you don't have to insert a CD to play, CheckRevision will return incorrect values and you'll be disconnected apon sending its results.)

CheckRevision basically returns information from the hash files to be sent during 0x51, and they would be the 2nd and 3rd DWORDs. The CheckRevision source is available at the Botdev Source Code Download page if you want to actually see how it works.

The decoded CdKey information is sent during 0x51 as: Product, CDKEY Value 1, and Hashed Key Data, which can be found in the below structure of 0x51 (courtesy of Bnetdocs :)).
[code]
[0x51 Sent]
(DWORD)       Client Token
(DWORD)       Version
(DWORD)       Checksum
(DWORD)       Number of keys in this packet
(BOOLEAN)        Using Spawn
-- For Each Key:
(DWORD)       Key Length
(DWORD)       Product
(DWORD)       CDKEY Value 1
(DWORD)       Unknown (0)
(DWORD[5])       Hashed Key Data
-- Continued...
(STRING)       Exe Information
(STRING)       CD Key owner name
[/code]

The actual hashing however, is usually done with a few functions, if you're able to find the bnetauth source, it contains the functions required for hashing, as well as the CheckRevision. If you use BNLS though, you're not going to have to worry about the actual hashing functions.

[quote author=BaDDBLooD link=board=17;threadid=8194;start=15#msg76110 date=1092801508]
2) Why do you have to "Decode" The CDKey, how do you Decode it? What is the Public CDKey Value? and Hashed CDKey Data that you send in 0x51?
[/quote]

CD keys are encoded to make them easier to enter when you install the game. Also, probably, to obfuscate them. The key encoding is also what is checked by the installer - it only knows if the cd key is properly encoded, not if it is actually valid. This is why any number of silly values will get past the installer, but not onto battle.net. The actual values in the key - the public, private, and product values - are what are encoded. In a starcraft key, they occupy all the digits except the last one. The last digit is a check digit, and the value of that digit is what the installer verifies.

The public, private, and product values are what Battle.net checks. Put simply, when you encode your CD key, you use lots of information that is known by Battle.net and you (product, public, client/server tokens) and one thing that only you know (your private value). When you send your hash to Battle.net, Battle.net runs some (unknown) algorithm on the public value of your key, which yields the private value. Battle.net then re-hashes all the data it already knew about, along with the private value it calculated, and compares the hashes. If they are different, that means that your private value is wrong, and your key is invalid. What prevents key generators from making working keys for Battle.net is the fact that we don't know this algorithm.

Even if we did know this algorithm, it would probably generate alot of banned keys or disabled/jailed keys due to the past 3-4 years of TOS abuse

[me=ChR0NiC]pokes Lord[nK] for making FloodBot[/me]
[me=ChR0NiC]pokes Eurijk! for making zDS Bot Mass loader[/me]

These two people are personally responsible for the banning of over 10,000 keys >:(

But I'm over it :)

No, the people who used those bots for those purposes are responsible for the banning of the aforementioned CDKeys.

[quote author=Stealth link=board=17;threadid=8194;start=30#msg76187 date=1092866281]
No, the people who used those bots for those purposes are responsible for the banning of the aforementioned CDKeys.
[/quote]

Hear, hear. A tool generally has a valid use. The abuse of the tool is what gets you into trouble.

Responsibility must be on the shoulders of those who abused the tool, not those who created it.

[quote author=ChR0NiC link=board=17;threadid=8194;start=30#msg76181 date=1092859550]
Even if we did know this algorithm, it would probably generate alot of banned keys or disabled/jailed keys due to the past 3-4 years of TOS abuse

[me=ChR0NiC]pokes Lord[nK] for making FloodBot[/me]
[me=ChR0NiC]pokes Eurijk! for making zDS Bot Mass loader[/me]

These two people are personally responsible for the banning of over 10,000 keys >:(

But I'm over it :)
[/quote]

Also, using a CDKey Tester to test over 2300 CDKeys, going to http://www.blizzard.com/support/?id=eunmute000 and putting in the account name that your CDKey tester uses (KeyTester) and hoping that somehow all those jailed/muted CDKeys will magically become working; will get every CDKey that the name KeyTester used banned. ;D

[quote author=UserLoser. link=board=17;threadid=8194;start=30#msg76201 date=1092871977]
[quote author=ChR0NiC link=board=17;threadid=8194;start=30#msg76181 date=1092859550]
Even if we did know this algorithm, it would probably generate alot of banned keys or disabled/jailed keys due to the past 3-4 years of TOS abuse

[me=ChR0NiC]pokes Lord[nK] for making FloodBot[/me]
[me=ChR0NiC]pokes Eurijk! for making zDS Bot Mass loader[/me]

These two people are personally responsible for the banning of over 10,000 keys >:(

But I'm over it :)
[/quote]

Also, using a CDKey Tester to test over 2300 CDKeys, going to http://www.blizzard.com/support/?id=eunmute000 and putting in the account name that your CDKey tester uses (KeyTester) and hoping that somehow all those jailed/muted CDKeys will magically become working; will get every CDKey that the name KeyTester used banned. ;D
[/quote]

Should atleast use different account names!

Let's not argue!

Anyways, thanks for all your help! I have learned alot because of this post. Special thanks to arta for Spending lots of time explaining something in detail, which really helped, when it wasn't neccesary! :)