Author Topic: Lockdown  (Read 12049 times)

0 Members and 1 Guest are viewing this topic.

Offline Hdx

  • The Hdx!
  • Full Member
  • ***
  • Posts: 311
  • <3 Java/Cpp/VB/QB
    • View Profile
Lockdown
« on: February 24, 2007, 10:34:16 pm »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx
« Last Edit: March 06, 2007, 06:23:15 pm by Joe[x86] »
http://img140.exs.cx/img140/6720/hdxnew6lb.gif
09/08/05 - Clan SBs @ USEast
 [19:59:04.000] <DeadHelp> We don't like customers.
 [19:59:05.922] <DeadHelp> They're assholes
 [19:59:08.094] <DeadHelp> And they're never right.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Lockdown
« Reply #1 on: March 02, 2007, 04:35:00 pm »
Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

Dumping StarCraft's RAM image to a file is cheating, results in massive "hash files", and will be broken as soon as someone implements it and Blizzard changes lockdown to hash the location it loaded itself into memory as well.

Just sayin'. :P
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Hdx

  • The Hdx!
  • Full Member
  • ***
  • Posts: 311
  • <3 Java/Cpp/VB/QB
    • View Profile
Lockdown
« Reply #2 on: March 06, 2007, 12:15:13 pm »
It already hashes itself.
From what I've seen/heard it grabs from the dll, the 3 main files, and your gfx buffer.
Something like that.
~Hdx
http://img140.exs.cx/img140/6720/hdxnew6lb.gif
09/08/05 - Clan SBs @ USEast
 [19:59:04.000] <DeadHelp> We don't like customers.
 [19:59:05.922] <DeadHelp> They're assholes
 [19:59:08.094] <DeadHelp> And they're never right.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Lockdown
« Reply #3 on: March 06, 2007, 06:22:20 pm »
So wait -- for each lockdown, you'd have to have the image of itself in memory? Can that be gotten from the DLL itself without loading it?

The graphics buffer, I think, would be stupidly easy as it's the same each time (lockdown runs at the same point).
I'd personally do as Joe suggests

You might be right about that, Joe.


trust

  • Guest
Re: Lockdown
« Reply #4 on: March 06, 2007, 09:02:43 pm »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

I'm pretty sure I wrote a lockdown plugin for JavaOp v1 if you can find it.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #5 on: March 06, 2007, 09:20:40 pm »
I'm almost positive you're confused. :P

The only ones who have gotten lockdown working are Yoni and/or Skywing, or those who have done so and kept it private. But if you did, "flippin' awesome!".
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline rabbit

  • x86
  • Hero Member
  • *****
  • Posts: 8092
  • I speak for the entire clan (except Joe)
    • View Profile
Re: Lockdown
« Reply #6 on: March 06, 2007, 09:51:54 pm »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

I'm pretty sure I wrote a lockdown plugin for JavaOp v1 if you can find it.
Lockdown is a new type of checkrevision created by Battle.net which hashes various parts of memory, and does some other things.  Not channel lockdown, which is retarded.

Offline abc

  • Hero Member
  • *****
  • Posts: 576
    • View Profile
Re: Lockdown
« Reply #7 on: March 06, 2007, 09:58:27 pm »
** & warz

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #8 on: March 06, 2007, 10:09:01 pm »
Nope. warz never finished.
I'd personally do as Joe suggests

You might be right about that, Joe.


trust

  • Guest
Re: Lockdown
« Reply #9 on: March 06, 2007, 10:25:46 pm »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

I'm pretty sure I wrote a lockdown plugin for JavaOp v1 if you can find it.
Lockdown is a new type of checkrevision created by Battle.net which hashes various parts of memory, and does some other things.  Not channel lockdown, which is retarded.

oh sorry, yeah I was talking about channel lockdown.

Offline Furious

  • Hero Member
  • *****
  • Posts: 1833
  • I hate rabbits
    • View Profile
Re: Lockdown
« Reply #10 on: March 07, 2007, 07:31:37 am »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

I'm pretty sure I wrote a lockdown plugin for JavaOp v1 if you can find it.
Lockdown is a new type of checkrevision created by Battle.net which hashes various parts of memory, and does some other things.  Not channel lockdown, which is retarded.

oh sorry, yeah I was talking about channel lockdown.

Lol  :P
Quote
[23:04:34] <deadly7[x86]> Newby[x86]
[23:04:35] <deadly7[x86]> YOU ARE AN EMO
[23:04:39] <Newby[x86]> shush it woman

Quote
[17:53:31] InsaneJoey[e2] was banned by x86 (GO EAT A BAG OF FUCK ASSHOLE (randomban)).

Quote from: Ergot
Put it this way Joe... you're on my Buddy List... if there's no one else on an you're the only one, I'd rather talk to myself.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #11 on: March 07, 2007, 11:04:28 am »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

I'm pretty sure I wrote a lockdown plugin for JavaOp v1 if you can find it.
Lockdown is a new type of checkrevision created by Battle.net which hashes various parts of memory, and does some other things.  Not channel lockdown, which is retarded.

oh sorry, yeah I was talking about channel lockdown.

Lol  :P

What a waste of like a kilobit of bandwidth for me.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Furious

  • Hero Member
  • *****
  • Posts: 1833
  • I hate rabbits
    • View Profile
Re: Lockdown
« Reply #12 on: March 07, 2007, 11:05:39 am »
[Joe Edit: Split from *me*]

Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

I'm pretty sure I wrote a lockdown plugin for JavaOp v1 if you can find it.
Lockdown is a new type of checkrevision created by Battle.net which hashes various parts of memory, and does some other things.  Not channel lockdown, which is retarded.

oh sorry, yeah I was talking about channel lockdown.

Lol  :P

What a waste of like a kilobit of bandwidth for me.

That's what I say when I read half of your topics. *shrug*
Quote
[23:04:34] <deadly7[x86]> Newby[x86]
[23:04:35] <deadly7[x86]> YOU ARE AN EMO
[23:04:39] <Newby[x86]> shush it woman

Quote
[17:53:31] InsaneJoey[e2] was banned by x86 (GO EAT A BAG OF FUCK ASSHOLE (randomban)).

Quote from: Ergot
Put it this way Joe... you're on my Buddy List... if there's no one else on an you're the only one, I'd rather talk to myself.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #13 on: March 07, 2007, 11:14:10 am »
*shrug*

Note that this is Hdx's topic. :P
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline K20A2

  • Newbie
  • *
  • Posts: 12
  • botdev god
    • View Profile
Re: Lockdown
« Reply #14 on: March 10, 2007, 03:18:40 am »
Just a note:
Lockdown is completely possible to do in Java ;)
But its not working yet.
~Hdx

Dumping StarCraft's RAM image to a file is cheating, results in massive "hash files", and will be broken as soon as someone implements it and Blizzard changes lockdown to hash the location it loaded itself into memory as well.

Just sayin'. :P

Dumping the "RAM image" is rather useless.  You just need to hash the three versioncheck files using a generated key from the server as well as a hash calculated off of the game's DirectX video buffer.

The whole idea behind lockdown isn't that complicated.  The only hack it checks for is pplug114.bwl (by trying to get the base address of it), but then again if you have a hack loaded, it probably modified the game's memory which is put through hash (not the actual files on disk, once again, it gets the base address of the files loaded).  Just finding exactly what it hashes is the hard part.

It is easier to write your own implementation than to write a workaround for loading Blizzard's version

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #15 on: April 11, 2007, 04:38:37 pm »
Hm, if you replaced CreateFile, DeleteFile, etc, with stubs, couldn't you actually make your own lockdown DLL's that didn't check for the hacks?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Lockdown
« Reply #16 on: April 11, 2007, 05:14:59 pm »
Hm, if you replaced CreateFile, DeleteFile, etc, with stubs, couldn't you actually make your own lockdown DLL's that didn't check for the hacks?
Assuming that the DLL does a checksum on memory (which I'm pretty sure it does), you'd have to fake the checksum, which would be identical to re-implementing it.


Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #17 on: April 11, 2007, 07:05:33 pm »
Right, but you could force StarCraft to use your DLL instead of the one from BNFTP, which does check for hacks, right?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Lockdown
« Reply #18 on: April 11, 2007, 07:22:24 pm »
The one from Battle.net checks for exactly one hack.

The easier thing to do if you want to hack is to load your memory patches after the CheckRevision .dll is unloaded. You can hook LoadLibraryA() and FreeLibrary() safely, because Battle.net's .dll can't check those (kernel32.dll can't be guaranteed to have a consistent checksum).

Better yet, apply patches after the ExtraWork .dll has been unloaded. Then you're even safer.

Offline warz

  • Hero Member
  • *****
  • Posts: 1134
    • View Profile
    • chyea.org
Re: Lockdown
« Reply #19 on: April 12, 2007, 02:30:08 pm »
The one from Battle.net checks for exactly one hack.

Saying that is misleading. Checkrevision only checks for one hack's file name. Since most hacks deal with modifying memory, and the new Checkrevision routines check for that, I'd say it checks for a whole realm of hacks. :P
http://www.chyea.org/ - web based markup debugger

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Lockdown
« Reply #20 on: April 12, 2007, 02:57:09 pm »
The one from Battle.net checks for exactly one hack.

Saying that is misleading. Checkrevision only checks for one hack's file name. Since most hacks deal with modifying memory, and the new Checkrevision routines check for that, I'd say it checks for a whole realm of hacks. :P
I explained that in the previous post. But Joe is talking about checking for specific .dll's.

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Lockdown
« Reply #21 on: April 12, 2007, 05:25:26 pm »
No, I'm saying that we could write a DLL that has the same functionality as the BnFtp DLL's, but doesn't check for hacks. By patching StarCraft's CreateFile and DeleteFile, we can stick our own DLL in the folder and StarCraft *should* run it instead.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Lockdown
« Reply #22 on: April 12, 2007, 07:21:01 pm »
No, I'm saying that we could write a DLL that has the same functionality as the BnFtp DLL's, but doesn't check for hacks. By patching StarCraft's CreateFile and DeleteFile, we can stick our own DLL in the folder and StarCraft *should* run it instead.
Have you read my posts? The new CheckRevision does a checksum on your *memory*! The trick is to re-implement the checksum, which isn't an easy job.

The alternative, as I said, is to load hacks *after* the CheckRevision function runs. It's a whole lot easier than the alternatives.