Main Menu
Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - MADCATX

#1
Starcraft II Beta / Re: Emulate Battle.net
March 02, 2010, 05:54:12 PM
Quote from: stoffern on March 02, 2010, 09:03:06 AM
i could not fetch the file either..
worked with ie not firefox..
Ok, i'll attach it to post.
#2
Starcraft II Beta / Re: Emulate Battle.net
March 02, 2010, 05:26:31 AM
Quote from: waxypants on March 01, 2010, 10:44:45 PM
I realize it's just a skeleton now, but would you mind sharing the source?
Ok, here you go: http://loino.co.cc/upload-files/tmp/sc2serverP.zip (hosting is free and used for other purposes, say me if you can't download the file)
It's a java project for NetBeans IDE(http://netbeans.org/downloads/index.html).  I wasn't able to decrypt the packets, maybe you will succeed.
#3
Starcraft II Beta / Re: Emulate Battle.net
February 28, 2010, 03:17:15 AM
Quote from: Anonymious_BG on February 27, 2010, 05:58:41 PM
So i believe it goes like this
I have read this file, but the question is where to get the Key, as you can see this function requires key to initialize(Init(uint8 *K)).
#4
Starcraft II Beta / Re: Emulate Battle.net
February 27, 2010, 01:59:27 PM
The problem is that auth packet has encoded data(which differs every time), and I can't understand the pattern. When client authorize on server it sends the password hash(sha1) and key for another encryption algorithm. Server sends back account data + some data encrypted using client's key. If you try to send back data which you have got from dumps client says that the server is bad and closes it's connection, because he decrypts the data with the key generated, but data was encrypted using another key.
As far as I know WoW uses the same encryption, so we can look at the WoW emu's sourcecodes, but there is no documentation and it's quite hard to find what we need.
http://www.arcemu.info/wiki/index.php?title=Getting_the_source_code
http://getmangos.com/

#5
Starcraft II Beta / Re: Emulate Battle.net
February 26, 2010, 07:10:45 AM
It seems that auth packet response differs from time to time, based on what is sent by client. The good thing is that WoW also uses battle.net protocol and there is already emulator written. If someone want to help, please check their authentication code: http://www.arcemu.info/wiki/index.php?title=Getting_the_source_code .
#6
Starcraft II Beta / Re: Emulate Battle.net
February 26, 2010, 04:30:20 AM
Quote from: aChnorr on February 25, 2010, 05:19:13 PM
are you sure ?? I just replicating the data that the real server sends which mean that i would get a "bad server" respond even when i connect to real-bnet, and thats not the case.
I downloaded EU client, it seems that this is the case only for EU server(which sends additional 554 bytes). If you try to redirect to your server via hosts file then it says "Bad server". Probably this 554 bytes contains server IP. Try changing your IP to 213.248.127.131(enGB.logon.battle.net). It works for me, still can't authenticate...
#7
Starcraft II Beta / Re: Emulate Battle.net
February 26, 2010, 03:23:05 AM
Quote from: unsobill on February 25, 2010, 09:00:03 PM
MADCATX - what do you think? we need you e-mail then if yes, to send donations - just needs to be slightly careful with this too - as long as bad guys don't donate bad money - that happens many times i know before, but in any case it was always bad guys fault...  I would donate 5 buks if you legit and REALLY need key to get either crack or virtual server going ! I TRUST YOU MAN!  8)
I don't think that you guys need to donate to get me a key. Money carries great responsibility, and I don't want to be responsible for something :). Packets dumps will be enough.
#8
Starcraft II Beta / Re: Emulate Battle.net
February 25, 2010, 04:07:12 PM
Quote from: aChnorr on February 25, 2010, 03:45:00 PM
//Auth C->S
// 52 bytes + username in plain text username: er@er.er
// protocolID 0x40?
0x40, 0x00, 0x00, 0x0a, 0x66, 0x02, 0x0a, 0xed,
0x2d, 0x66, 0xad, 0xca, 0xaa, 0x0b, 0x01, 0x00,
0x29, 0x99, 0x46, 0xb0, 0xb6, 0xb2, 0x01, 0x00,
0x1b, 0x21, 0x01, 0x00, 0x29, 0x99, 0x00, 0x2b,
0xb4, 0xb7, 0x00, 0x00, 0x1b, 0x21, 0x43, 0x37,
0x32, 0xba, 0x00, 0x2b, 0xb4, 0xb7, 0x00, 0x00,
//
//                    l---------l different depending of usernamelength ( format? )  
//                    l         l        e     r       @       e
0x21, 0xf9, 0x02, 0x05, 0x65, 0x72, 0x40, 0x65,
//  r         .       e       r
0x72, 0x2e, 0x65, 0x72

//Auth S->C
//protocolID 0x42?
//                   a         u       t         h                 U
0x42, 0x10, 0x61, 0x75, 0x74, 0x68, 0x00, 0x55,
//S         B
0x53, 0x42, 0x8f, 0x52, 0x90, 0x6a, 0x2c, 0x85,
// session key?? password?? crap??
0xb4, 0x16, 0xa5, 0x95, 0x70, 0x22, 0x51, 0x57,
0x0f, 0x96, 0xd3, 0x52, 0x2f, 0x39, 0x23, 0x76,
.....and so on....( 919 byte )

C-> Bad server..
This is as far as i know...
How can the client determine that my program is a bad server?? it sends exactly the same data as i captured in wireshark.
Bad server means the you use US client, but send EU auth data, I'm currently downloading EU client to test it...
#9
Starcraft II Beta / Re: Emulate Battle.net
February 25, 2010, 01:09:58 PM
Quote from: aChnorr on February 25, 2010, 12:03:52 PM
MADCATX, are you reading the package header/information or just sending what you captured with wireshark without knowing what it means? Can you please post what you know about the protocol here.
I try to differentiate packets with answers to the same command, if they differ then  there is simething to do with it.
I've found that packet coming from server to auth command always have different bytes, starting from byte 46, so this packet have some header information and the rest is the seesion key.
US auth header:
420861757468005553428f52906a2c85b416a595702251570f96d3522f39237603115f2f1ab24962043c500100
EU auth header:
421061757468004555428f52906a2c85b416a595702251570f96d3522f39237603115f2f1ab24962043c500100
Possible differences EU in place of US and so on (4555=EU)(5553=US)...
However EU session key is longer then US by 554 bytes. You also can't login to US server with EU client and vice versa. What is stored in this 554 bytes I do not imagine.
#10
Starcraft II Beta / Re: Emulate Battle.net
February 25, 2010, 08:28:16 AM
Quote from: Xzotica on February 25, 2010, 06:54:09 AM
I have a working cd key of my own. And i think i may be able to help depending on what you want me to do.
I posted FAQ how to do so here: http://darkblizz.org/Forum2/index.php?topic=526.0
#11
Starcraft II Beta / Re: FAQ: How to dump packets
February 25, 2010, 03:30:38 AM
Quote from: 2g4u on February 24, 2010, 06:10:00 PM
I can provide you with a useful dump(the whole Auth process, Profile edit, Searching for players process, game in progress, scoreboard after the game end... whatever you need from the live beta functions just post in this topic), but if you can tell me which is the "password recognition" part of a dump? I need to remove it cause the acc that I use to play is not mine(so I can't change the pass) and there is a WoW acc attached to it, which costs more then 500$. And if I got my friend's acc hacked he will be mad.

/offtopic

I think that the Devs got some kind of SC2Beta enabled acc for testing purposes, have you tried asking in the dev channel for such dump(s) ?
I tried asking devs if I can help, they said that they don't need more people helping them. And they won't give any dumps.
42 48 21 02 (BH!.) - Auth command, after that goes encrypted password.

There is also possibility that your real name and Starcraft2 nickname is returned in answer to this command (WoW auth returns this values as Strings).

Change any personal info you can, dump packets, restore original personal info.

If you can't edit personal info, then you should edit saved dump file with program like xvi32 or notepad++(not changing the encoding).

Screen-shot(edited):

#12
Starcraft II Beta / Re: Emulate Battle.net
February 25, 2010, 02:45:24 AM
Quote from: unsobill on February 24, 2010, 07:15:57 PM
Sorry if i bug you MADCATX, Can you explain if possible, how capture with authenticated information would help? I'm just curios, if that will be efficient information to emulate BAttle.net server, or there must be custom API to be written or such in order to emulate ? As far as i understand Blizzards side server currently "hosting" maps and synchronize players in the game ? How in this case capture authentication traffic would help ? Which kind of traffic is expected to be captured and what needs to be performed? Reason i'm asking is We should educate masses and have them do it without risk of them loosing their keys - everyone is suspicious about their authentication data.  Please share your mind with us. Thank you !
First of all, if someone want to submit this data, they should change their password before doing so. It's not the only packets I ask, they should also load some map. Packets dumps will play some scenario of interacting with battle.net between client and server, that we can repeat. I don't know if there is some interaction between the client and server in the game it self with only one player presented. If there is, then it will be hard to repeat. Everything else can be done by repeating the packets scenario.
If someone cracked the battle.net.dll, and has data mined information about packet structures, then it will be more valuable then packets dumps.
#13
Starcraft II Beta / Re: Emulate Battle.net
February 24, 2010, 05:51:42 PM
Quote from: drealecs on February 24, 2010, 04:41:19 PM
maybe you want to look at
http://sc2c.pastebin.com/D7kcCBdt
and
http://sc2c.pastebin.com/8C4PJ8kx
There is no successful authentication packets, search for string: 42 48 21 02(SC2 Auth), answer to this packet is 40 28 00 e8 00 00 00 00(Bad password). I already implemented this type of packets in server, I also written the code for alert and bnetfile protocols.
#14
Starcraft II Beta / FAQ: How to dump packets
February 24, 2010, 05:38:13 PM
jokinglygo asked me how to dump packets, so I will post it here, may be some one else will

find it useful too.


1) Download WireShark ( http://www.wireshark.org/download.html )

2) Install the WireShark ( click Next all the way :) )

3) Open WireShark

4) Open "Show capture options dialog", see screen-shot 1

5) Select adapter you use to connect to the Internet, open capture filter dialog, see screen-

shot 2

6) Create new filter and type "port 1119" into filter string and click ok, see screen-shot 3

7) Change your Battle.net password to something else

8) Click Start in "capture options dialog"

9) Open Starcraft 2 game and push all the buttons you can in the battle.net

10) Close game, you should be able to see all the interaction between the SC2 client and

battle.net server in WireShark, stop the capture of packets, see screen-shot 4

11) Save as file, choosing all packets captured, see screen-shots 5 and 6


12) Restore your original Battle.net password

Screen-shot 1:



Screen-shot 2:



Screen-shot 3:



Screen-shot 4:



Screen-shot 5:



Screen-shot 6:

#15
Starcraft II Beta / Re: Emulate Battle.net
February 23, 2010, 06:09:57 PM
Quote from: hegemonwiggin on February 23, 2010, 05:51:50 PM
You should just hop on the IRC chat and talk with some of the devs. I'm sure they have the information you need.
I tried to, but no one answers...