Blizzard is allowing the full client to be downloaded before release!

Vernam7 · July 18, 2010, 11:58:48 AM

damn it my last replay was not posted....fucking forum cokies.....

anyway in sort i was saying this is the 1st step then you have to crack the .exe of the game to avoid Validation Errors as i do in my last launcher version for the beta.

been in guest mode isnt that cool, i cant save any of my progress in campaign nor achievements and when some safegurds that i missed try to seek WAN authendication here and there i lag!

sure the 1st retail path will have lots of improvents and will complete the retail in many ways, and probably new safegurds

anyway gl.

Cybertox · July 18, 2010, 12:03:43 PM

Guys you are lucky you have the installer i have only 5% of it XD
I have a fast internet(DL 1MB/s) but nobody seeds they just downloaded the game and thats it no seed.Fuck them!
My average sped is 20 KB/s and im downloading 16 from 187 Peers WTF?

Vernam7 · July 18, 2010, 12:10:06 PM

Quote from: Cybertox on July 18, 2010, 12:03:43 PM
Guys you are lucky you have the installer i have only 5% of it XD
I have a fast internet(DL 1MB/s) but nobody seeds they just downloaded the game and thats it no seed.Fuck them!
My average sped is 20 KB/s and im downloading 16 from 187 Peers WTF?

do you use the official blizzard downloader for the installer or some old torrent?
get Blizard downloader and from option uncheck Peer2Peer it will speed you way up!
:thumbsup:

darkrei9n · July 18, 2010, 01:06:45 PM

Okay, I think I got this guys. At 004CDEF there is a boolean true or false that checks if the authentication key is authentic. If its true it moves onto the EULA and all that stuff. However if FALSE it moves onto location 0044D012 which means that the file never gets decrypted. Which means we need to get validdecryptionkey to come out to true. After looking at this there is two checks, the date check along with valid key check, if the key is invalid it SKIPS decryption.

Blackcode · July 18, 2010, 02:34:31 PM

Quote from: darkrei9n on July 18, 2010, 01:06:45 PM
Okay, I think I got this guys. At 004CDEF there is a boolean true or false that checks if the authentication key is authentic. If its true it moves onto the EULA and all that stuff. However if FALSE it moves onto location 0044D012 which means that the file never gets decrypted. Which means we need to get validdecryptionkey to come out to true. After looking at this there is two checks, the date check along with valid key check, if the key is invalid it SKIPS decryption.

recheck

004CDEF
0044D012

Cybertox · July 18, 2010, 02:43:19 PM

Quote from: Vernam7 on July 18, 2010, 12:10:06 PM
Quote from: Cybertox on July 18, 2010, 12:03:43 PM
Guys you are lucky you have the installer i have only 5% of it XD
I have a fast internet(DL 1MB/s) but nobody seeds they just downloaded the game and thats it no seed.Fuck them!
My average sped is 20 KB/s and im downloading 16 from 187 Peers WTF?

do you use the official blizzard downloader for the installer or some old torrent?
get Blizard downloader and from option uncheck Peer2Peer it will speed you way up!
:thumbsup:

Thank you so much i connected it first to ethernet because first i had wifi and after downloaded the downloader and then unchecked the peer to peer option and now it shows about 75 minutes the average speed is 1.25 MBs.Thank you!

darkrei9n · July 18, 2010, 03:14:15 PM

I'm beginning to think that memory editing might be easier for this.

Vernam7 · July 18, 2010, 03:20:20 PM

Quote from: darkrei9n on July 18, 2010, 03:14:15 PM
I'm beginning to think that memory editing might be easier for this.

to do it once and in a specific moment maybe, if this is permanent is more efficient inmho.

darkrei9n · July 18, 2010, 03:22:33 PM

So vernam7, are those addresses I posted where we should be looking?

Vernam7 · July 18, 2010, 03:25:57 PM

Quote from: darkrei9n on July 18, 2010, 03:22:33 PM
So vernam7, are those addresses I posted where we should be looking?

yes this is one of the spots! ;-)
from there you can find the other references ;-)

also instead off blocking the address the installer tryes to reach and redirect them into the hosts file, with time and been careful you can permanent hack them in the installer2 and make them look elsewhere! i think it even accepts address like file:\\c:\askdaksdj\asdad.txt not sure about that, but i pointed as i told you to my server ;-) that had the fake files it was looking for.but this is also not so important if you simply tell it to go on with the decryption after you enter anything in the text box!

just try to not write more byte that is needed! try to overwrite the existed one when you came to hex editing the installer. i believe size matters! and that sure for the mpqes as well! modiefied sized could cause problems!

i will log off now we have a thunderstorm here and my UPS isnt working properly LOL

darkrei9n · July 18, 2010, 03:32:00 PM

Is it the second address mentioning valid decrypt key at 004D037?

Gah, I don't know how to do hex editing.

Jebediah · July 18, 2010, 03:51:36 PM

Quote from: Vernam7 on July 18, 2010, 03:25:57 PM
i will log off now we have a thunderstorm here and my UPS isnt working properly LOL

..oh god, they sent the templars.

Jibs · July 18, 2010, 04:17:56 PM

Quoteimho the main focus should be to fake the installer that is ok to go on with the dycreption of the files
(look the header of the MPQE files!) calculate the size in HEX dont just copy paste information people say in other china forums without understanding what you read guys!

You mean 0x88649be5? 2nd installer dword value from the header... no idea what to do with it tho

Doix · July 18, 2010, 04:53:31 PM

Guys you are getting trolled. This guy has no reverse engineering skills and you are giving him way to much credit just because he wrote that launcher. That launcher involved no reverse engineering at all. At first it was just a GUI for lazylauncher (if any of you remember back that far). After patch 9 was released blizzard let you launch maps by passing the path of the map as an argument to the exe, so the lazylauncher was no longer needed. No reverse engineering involved here.

Somewhere along the timeline I reversed the exe a bit to let me set the speed of SC2 to make AI testing easier (I helped write the Starcrack AI). I then helped Vernman7 incorporate this into his launcher. We had a few conversations, it was bloody obvious that this guy knew nothing about how stuff worked in the lower level.

Lets come back to the present. In phase 2 blizzard decided that you can't launch maps via the commandline anymore without authenticating first. Sheppard cracked this. Afterwards Vernam7 incorporated this into his launcher. I'm willing to bet that all he did was rip off Sheppards work here. Again involving no reverse engineering on his part.

All his launcher does is modify a few files inside the map MPQ file. He didn't even reverse engineer the mapdetials stuff, that was all Blackcode- and some other people I can't remember right now(basttmp maybe?). These edits are pretty simple compared to some of the stuff people are working on at sc2mapster.com.

Vernam7 is an average VB.net coder, nothing less, nothing more. He has previously demonstrated no knowledge of reverse engineering, he couldn't even reverse engineer the speed setting in sc2 which was pretty basic. And now he claims to have hacked the installer and have a working game. When the Asian community can't do it, and they have people with actually technical knowledge trying to get this to work. Look at StarManager(i hope that's what it's called) it has one of the most complete replay structures which was obviously obtained by reversing the exe and not just trial and error.

The only proof he has shown is a screenshot of the installer which any noob can get by simply messing with a few xml files. No in-game screen shots. No screen shots of the installed directory. No screen shots of unpacked MPQ files or the contents of these MPQ files. NOTHING.

Now lets look at some of the stuff he has said in this thread:

"decryption can be bypassed"

Are you guys reading this? That's one of the most ridiculous statements I've heard in my life. According to some chinese posts, blizzard used salsa20 : http://en.wikipedia.org/wiki/Salsa20 . Read up on it. When you encrypt something the contents of the file are changed. If you bypass the decryption part and don't decrypt the files, you are left with garbage... come on.

"W32DSMHHD Hex Editor (its simple and with fast compairing methods i like it)"

W32DSM and a hex editor? Come on... Who the hell uses W32DSM, it's pretty much all Olly or IDA now days. Maybe syser if you need ring-0 debugging since softice support has died. Some of the stuff he says sounds like he is editing random bytes with a hex editor.

From an msn conversation we had:

"the most importand the installer crack is done while the installer is NOT running, so i actually wrote 0 line of code, i did it all manually with good hex editors and lots of reverse on other files "

So he did this without debugging the installer at all, just dissembling it and editing random shit with a hex editor. Get real.

Don't get me wrong, he has done a great job at giving all the people who just want to play a 1-click solution to play and invested a lot of time to make sure it was easy to use and shit. But that's all he has done. Like I said earlier, he is an average VB.Net programmer. But right now he is being a total asshat by telling you guys a bunch of bullshit and pretending as if he has the game.

tl;dr verman7 didn't crack it. he is a vb.net programmer not a reverse engineering god.

Vernam7 · July 18, 2010, 05:28:30 PM

............next page.............