Emulate Battle.net

stormbreaker · March 08, 2010, 11:50:37 PM

Quote from: mini.dude_@2 on March 08, 2010, 08:02:52 PM
Ok my password changed finally and im uploading the packed capture now. should i send this to someone specific? or just post it here?

Whatever you wish. But can I get a copy?

mini.dude_@2 · March 08, 2010, 11:58:41 PM

http://www.multiupload.com/OQEDMN66NE
There you all go, its a rar with 2 captures in it

hope this will help with the emulater

Freundschaft · March 09, 2010, 08:10:50 AM

link for ms packet tracer:
http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en

anyone here who managed to perform a correct logon?
I am having problems with the AUTH_COMPLETE blob response to the PROOF_REQUEST of the client.
it has to be hashed with the challenge sent by the client somehow, but i wasnt able to get it from the wow source. anyone got a good documentation on the topic?

btw if you want to mess around with some packets, ive uploaded my server source
http://www.multiupload.com/DGCYEATMAM

stormbreaker · March 09, 2010, 11:31:34 AM

Quote from: Freundschaft on March 09, 2010, 08:10:50 AM
link for ms packet tracer:
http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en

anyone here who managed to perform a correct logon?
I am having problems with the AUTH_COMPLETE blob response to the PROOF_REQUEST of the client.
it has to be hashed with the challenge sent by the client somehow, but i wasnt able to get it from the wow source. anyone got a good documentation on the topic?

Perhaps we can share some information

What I've found out so far is that it uses SRP-6 http://www.ipa.go.jp/security/rfc/RFC5054EN.html#253 . In the specifications we can see that the server should send the values of N, g, s, B. N and g is in the auth file (does someone have a way of getting them or modifying the auth file?) and s & B is sent with the ProofRequest in the ModuleData field. http://sc2c.pastebin.com/E30JdTCE (after the ModuleID). There are 2 salts which never change for the same account. They are generated when you register or change your password. But why 2 Challenges? B and what? M1 ?
The ModuleData of the second module doesn't seem to change even when switching accounts (correct me if i'm wrong here).

WoW I think acts a little differently. It doesn't have an auth file so it sends N and g along in the packet.

We shouldn't be trying to skip this step and move on if we cannot understand the encryption because most probably the next packets will be encrypted with the generated session key somehow.

EDIT: We are sharing so... Here is my server source. The PacketBase class isn't complete since I don't know the encryption which is used after authentication. Also I'm writing in VB.NET if you want to take a look ( http://www.multiupload.com/D3Z879UHTD ). The skeleton is an emulator I used to write for AION.

Freundschaft · March 09, 2010, 08:54:03 PM

ah cool, thanks

as the logon mechanism is pretty similar, i think we should at least be able to get a succesful login to work somehow, ill have a look at some old wow dev stuff that i might find.
i think if we can handle that salt / hashes thingy, we should get past the problem.

regarding http://sc2c.pastebin.com/E30JdTCE i do understand that the first module is the auth file, what is the second one?
btw, is that the output of the auth client that has been written? is there an output of the thing with a succesful logon somewhere?

EDIT:
think this might help?
http://forum.gamedeception.net/threads/14426-wow-SRP6-challenge-lookup?14426-=Array

further reading
http://www.mmowned.com/forums/wow-memory-editing/231740-understanding-wow-communication-protocol.html
http://trevp.net/tls_srp/draft-ietf-tls-srp-10.html#intro
http://arcemu.info/trac/arcemu/browser/trunk/src/arcemu-shared/Auth/WowCrypt.cpp?rev=2078

anyone had luck on disassembling password.dll? which is basically the auth file

stormbreaker · March 10, 2010, 12:04:50 AM

Quote from: Freundschaft on March 09, 2010, 08:54:03 PM
ah cool, thanks
as the logon mechanism is pretty similar, i think we should at least be able to get a succesful login to work somehow, ill have a look at some old wow dev stuff that i might find.
i think if we can handle that salt / hashes thingy, we should get past the problem.

regarding http://sc2c.pastebin.com/E30JdTCE i do understand that the first module is the auth file, what is the second one?
btw, is that the output of the auth client that has been written? is there an output of the thing with a succesful logon somewhere?

EDIT:
think this might help?
http://forum.gamedeception.net/threads/14426-wow-SRP6-challenge-lookup?14426-=Array

further reading
http://www.mmowned.com/forums/wow-memory-editing/231740-understanding-wow-communication-protocol.html
http://trevp.net/tls_srp/draft-ietf-tls-srp-10.html#intro
http://arcemu.info/trac/arcemu/browser/trunk/src/arcemu-shared/Auth/WowCrypt.cpp?rev=2078

anyone had luck on disassembling password.dll? which is basically the auth file

The second module is also an auth file. But what does it contain? Where is it used? Its moduleData seems to be constant.

To get the encryption to work we need those N and g values from password.dll . I don't have experience in looking up things in dlls. Maybe someone can?

Freundschaft · March 10, 2010, 08:19:20 AM

the http://github.com/kow/Starcraft-2-Battle.Net-Wrapper
contains a C++ library which accesses password.dll and exposes some functions for key retrieval, if this works, this would basically be it
http://github.com/kow/Starcraft-2-Battle.Net-Wrapper/blob/master/AuthInterface/AuthInterface/Main.cpp
ill check out if they work later on.

plus there is the wiki page http://darkblizz.org/wiki/doku.php?id=password.dll i dont really understand what it means though.

itsarabbit · March 10, 2010, 09:51:25 AM

sooo, not to interrupt here, but it looks like you are actually coming close to emulate it?

stormbreaker · March 10, 2010, 10:01:28 AM

Quote from: itsarabbit on March 10, 2010, 09:51:25 AM
sooo, not to interrupt here, but it looks like you are actually coming close to emulate it?

Authentication is the first step in this way.
BTW I'm almost certain that there is something those guys over at Teknogods aren't sharing. They must have like a few beta keys and I'm sure they aren't just playing the game...

Freundschaft I think this AuthInterface uses Password.dll's functions which are doing the calculations on the client side. Since the math on the server side is different I think we can't use these functions directly. If I'm right with this we need to get only the values we need from it.

I got another idea reading the link about WoW you posted. It seems that wow client stores the computed session key at a specific address in memory. Maybe if we can find this address for SC2 then with a launcher we could send it to the server so it can decrypt the packets. Of course it will be much easier if we could just get the N and g from password.dll . Anyone that can help out there?

corinthiano · March 10, 2010, 01:57:11 PM

Hey guys! I'm new here... trying to help someway...

I'd like to make a simple summary of everything known here:

1) [1] has a pretty decent description of the protocol, except on the parts regarding the successfull login;
2) [2], [3] and [4] suggest that both client and server generates a common key, which is used to encrypt some data exchanged between them (it's to note, however, that some dumps on successfull logins show plain text map and settings xml being transferred);
3) [4], however, says that once it was easy to get this key on WoW (since it was used to simply XOR the contents), but now they are using it as a key for the RC4 encryption (I still didn't follow their protected links yet though);

Now some questions:

1) It was suggested by stormbreaker to read game RAM and check the key generated. I thought that too but how can we retrieve the key generated? I was thinking about getting the calls to encryption methods [5] and try to figure code in its vicinity.
2) It was strongly suggested [4] to look at mangos source code. Maybe its better than Arcemu?

Did I forget something? What do you people think we could do?
Sorry for my english...

[1] http://darkblizz.org/wiki/doku.php?id=bnet2_protcol
[2] http://trevp.net/tls_srp/draft-ietf-tls-srp-10.html#intro
[3] http://forum.gamedeception.net/threads/14426-wow-SRP6-challenge-lookup?14426-=Array
[4] http://www.mmowned.com/forums/wow-memory-editing/231740-understanding-wow-communication-protocol.html
[5] http://darkblizz.org/wiki/doku.php?id=battle.net.dll#known_crypto

Freundschaft · March 10, 2010, 02:06:07 PM

okay, so as far as i can see, we need the N and g values?
im not sure wheather i completely understand this. with default SRP-6, the values of N and g are sent to the client. If this were the case, the client would not be able to distinguish our server from the original one, cause we could directly sniff N and g off the network.
But with SC2, the N and g values are not sent directly, but instead are stored in the auth file. That's why we have to determine the correct N and g values from this auth file?
and regarding this, additional packet traces with passwords probably won't help us either, cause as far as i see it, there is no possibility to calculate N and g based on the network trace, even if the password is known.
Am i correct?

stormbreaker · March 10, 2010, 03:30:34 PM

As I see it you are correct. Actually I'm not 100% sure these N and g things are in the auth file. This was said in a comment in the wiki. The other things the user has written seem to be correct.
The N ( Modulus ) seems to be constant in Wow as well as in SC2. Its 32 bytes long.
The g value is 1 byte long (its 1 byte in battlenet1 and in wow)
B is the server public key ( generated each time ) and its 32 bytes long.
s is the salt, also 32 bytes. BUT. In WoW and bnet1 its only one. Here there are two salts? They are both a unique constant for every account. Maybe one is for the username and one for the password? But why for the username?

... it's so much harder than wow lol http://forum.gamedeception.net/threads/14426-wow-SRP6-challenge-lookup?14426-=Array

Also here are the docs for bnet1. There are a few similarities http://www.bnetdocs.org/old/content4323.html?Section=d&id=18
Once we have the N and g constants for SC2 we can make the authentication work. Suggestions on how to get them?

EDIT: Another idea. The password.dll is loaded in memory just before the client tries to send the password ( I read this somewhere ) so theoretically we should be able to get the N and g from the memory. We can distinguish them by the time they are initialized. Does one of you have experience with memory hacking?

Freundschaft · March 10, 2010, 06:45:22 PM

QuoteDoes one of you have experience with memory hacking?

absolutely not sorry, if i had more time I'd surely try to learn it, but unfortunately exam time strikes in a week, so no chance for this.

corinthiano · March 10, 2010, 07:37:03 PM

There are some programs that take a "snapshot" of the process memory. Then we can diff it before and after typing the username (since I think - not sure though - that the auth file is downloaded and "executed" just before the user types his password).

I think I'll take a look at that in the next days.

Freundschaft · March 11, 2010, 05:18:52 AM

btw i dont know if we need it but here's the sc2.exe that starts without launcher
(version 14259)
http://www.multiupload.com/5JJ9IZHRV8
just copy to StarCraft II Beta\Versions\Base14259 and run

EDIT:
I'm reading http://www.woodmann.com/crackz/Tutorials/IdaTut.zip now, dont konw if this will give me some benefit over the matter