Battle.net Server Signature

[iago]

Last night and this morning I spent a little time and figured out how Battle.net's server signatures work.  It's a simple RSA decryption, r = s^k % n, where n is a 128-byte constant, k is a 4-byte constant, and s is the 128-byte signature.  See this document for more details:

http://www.javaop.com/~iago/ServerSig.html

[Newby]

Har. Good work.

Was that documented anywhere else?

[iago]

Not that I know of.  I knew going in that it was the IP, encrypted, which made it a little easier.  But Skywing told me that directly, a long time ago. 

[yiourkas]

Is there any way to create a signature for localhost ip (127.0.0.1)

What i want to do is interfere between Warcraft and battle.net.
I use a modified JavaOp version for THE REAL client (this connects to battle.net) and some extra classes as a server (listens to 127.0.0.1:6112)

Then i let all packets pass through this filter except the SID_AUTH_INFO, which is replaced by a packet with a cdkey different than the one used in war3 mpq files.

That way i am able to change cdkeys on the fly.

The only problem is that the signature my program sents to warcraft is baaad.

[yiourkas]

Reply to myself

After tingling with warcraft3 files a little I found that the modulo parameter n is located in the file game.dll offset 0x00722B70

I changed it to all BB's except the last 4 bytes : 0x01000080 (which is {the hex representation of 127.0.0.1 in reverse order} + 1)

After the n is the key k (offset 0x00722BF0). Replaced it with dec 1 (hex: 0x00000001)

So now the sig we have to send to warcraft 3 is all BB's except the last 4 bytes : 0x0100007F

[MyndFyre]

Doesn't that mean that now you can't get onto the real Battle.net?

[Newby]

Doesn't that mean that now you can't get onto the real Battle.net?

Oh well.

[iago]

The point of the server signature is to prevent fake servers, such as yours.  It would be computationally infeasable to get Blizzard's private key and thus to make your own signature without patching the client.

Maddox says that he found the private key, but I don't believe him.

[Joe]

How can you decrypt something you can't encrypt? Perhaps Blizzard's key will be in the WarCraft III client.

[iago]

How can you decrypt something you can't encrypt? Perhaps Blizzard's key will be in the WarCraft III client.

By using public key cryptography:

A public key can be derived from a private key, but a private key can NOT be derived from the public key.
If a message is encrypted with a private key a, it can only be decrypted with the matching public key A.  That provides proof that a message was sent from the source with the private key.
If a message is encrypted with a public key B, it can only be decrypted with the matching private key b.  That provides confidentiallity since only the person with the matching private key can ever see your message.

When logging into Battle.net as War3, it uses ephemeral (temporary) public/private keys that are based on the password to verify the other's identity.

For more information, and lots of links, see:
http://en.wikipedia.org/wiki/Public-key_cryptography

[Joe]

AHH

[yiourkas]

Actually i never wanted to find the private key battle.net uses (as this operation will take about 100 years). I just want to make warcraft believe that my localhost server is NOT fake server. Hex editing of game.dll didn't actually work (perhaps private key is in another file too).

So i suppose patching the client (so as to skip verifying server) will be a solution...
But WHERE is such a patch?!??!?!?

[iago]

(as this operation will take about 100 years)

No, for this reason: If it took one computer 100 years, it would take 100 computers 1 year, or 36,500 computers 1 day.  It would actually take something on the order of 10^100 (that's a 1 with 100 zeroes after it, 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) years.  At least. 

So i suppose patching the client (so as to skip verifying server) will be a solution...
But WHERE is such a patch?!??!?!?

Dunno.  I could probably go back and find it, but that sounds like work..

[Krazed]

(as this operation will take about 100 years)

No, for this reason: If it took one computer 100 years, it would take 100 computers 1 year, or 36,500 computers 1 day.  It would actually take something on the order of 10^100 (that's a 1 with 100 zeroes after it, 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) years.  At least. 

*cough* Botnets *cough*

[iago]

(as this operation will take about 100 years)

No, for this reason: If it took one computer 100 years, it would take 100 computers 1 year, or 36,500 computers 1 day.  It would actually take something on the order of 10^100 (that's a 1 with 100 zeroes after it, 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) years.  At least. 

*cough* Botnets *cough*

No, because you're fighting an expontential problem with multiplication.  Say you had a botnet of 100 billion computers (100,000,000,000).  That would still take 10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 / 100000000000, or 100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 years.  Which really doesn't make a difference.

If you ever take an algorithm analysis course, you'll learn that you can't fight exponential problems with multiplication.