Author Topic: Status of War3 Warden implementation?  (Read 7439 times)

0 Members and 1 Guest are viewing this topic.

Offline thebigred

  • Newbie
  • *
  • Posts: 7
  • I'm new here!
    • View Profile
Status of War3 Warden implementation?
« on: May 12, 2009, 11:13:03 PM »
How far along is the Warden implementation? 

Is there any code documentation for JavaOP i can use and specifications of Warden?  I ran HDX's Warden proxy and noticed it produces some binary data (RC4 keys?).  I'm guessing Blizzard is using a challenge - reply for authentication of some sort? 

Assuming I've never messed with connections, I'll have to use bnetdocs as well.  I've got a few weeks before I start work and gives me a chance to brush up on Java.  Any svn or cvs server with latest Javaop work?


EDIT:
Links I've been looking at :
http://forum.valhallalegends.com/index.php?topic=17910.0
http://www.skullsecurity.org/wiki/index.php/Warden_Packets

All data is sent encrypted using the key specified in the skullsecurity link (can I assume it's the first four bytes of the War3 key hash?  I'm guessing there is a function to get the cd key hash). 
BNET sends a 0, I send a 0
BNET sends a lot of packets that total the length from the original 0 packet received

What is the relationship between game.dll and warden?  I'm seeing all these game.dll offsets used in Warden implementations.

Feel free to give me more links to read up on.  I'm clearly missing a lot of info.
« Last Edit: May 14, 2009, 02:57:34 PM by thebigred »

Offline Joe

  • B&
  • Moderator
  • Hero Member
  • *****
  • Posts: 10326
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Status of War3 Warden implementation?
« Reply #1 on: May 14, 2009, 02:33:48 PM »
I haven't touched the code since I released the latest beta, and all the code should be in the JARs for you to get a start. If you'd like, I can zip up my workspace and give it to you too.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Hdx

  • The Hdx!
  • Full Member
  • ***
  • Posts: 311
  • <3 Java/Cpp/VB/QB
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #2 on: May 14, 2009, 03:59:55 PM »
Considering that to currently implement warden you have to actually run the module, which Java can not do.
So pretty much you're screwed. If you're doing it in Java.

Warden reads your game's memory, hence why its reading game.dll

http://img140.exs.cx/img140/6720/hdxnew6lb.gif
09/08/05 - Clan SBs @ USEast
 [19:59:04.000] <DeadHelp> We don't like customers.
 [19:59:05.922] <DeadHelp> They're assholes
 [19:59:08.094] <DeadHelp> And they're never right.

Offline thebigred

  • Newbie
  • *
  • Posts: 7
  • I'm new here!
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #3 on: May 14, 2009, 04:09:19 PM »
Considering that to currently implement warden you have to actually run the module, which Java can not do.
So pretty much you're screwed. If you're doing it in Java.

Warden reads your game's memory, hence why its reading game.dll



I'm unfamiliar with what happens when you load the game, but do we know how much changes in memory, so we can't just dump the memory contents and change what we need?

Offline Hdx

  • The Hdx!
  • Full Member
  • ***
  • Posts: 311
  • <3 Java/Cpp/VB/QB
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #4 on: May 14, 2009, 05:56:14 PM »
Considering you have no idea what you're talking about, I can say this, shutup. [I'm being nice]
Reading the game data isn't a problem, like I said, you have to actually RUN the code that is sent to you by bnet right now in order to run warden. This is because people have not taken the time to reverse 0x05/0x04.
Until such a time, java users are fucked, because java has no way of running x86 code.
http://img140.exs.cx/img140/6720/hdxnew6lb.gif
09/08/05 - Clan SBs @ USEast
 [19:59:04.000] <DeadHelp> We don't like customers.
 [19:59:05.922] <DeadHelp> They're assholes
 [19:59:08.094] <DeadHelp> And they're never right.

Offline thebigred

  • Newbie
  • *
  • Posts: 7
  • I'm new here!
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #5 on: May 14, 2009, 07:16:51 PM »
oh I see what you meant.  That clears up a lot for me.  I was wondering why I was getting warnings from an IPS about executing shellcode.  And those .bin files that are saved from the bypass are the code that gets executed on our end right? 

Thanks for all the info! 

Offline Hdx

  • The Hdx!
  • Full Member
  • ***
  • Posts: 311
  • <3 Java/Cpp/VB/QB
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #6 on: May 14, 2009, 07:22:09 PM »
oh I see what you meant.  That clears up a lot for me.  I was wondering why I was getting warnings from an IPS about executing shellcode.  And those .bin files that are saved from the bypass are the code that gets executed on our end right? 

Thanks for all the info! 
The compressed encrypted version yes.

http://img140.exs.cx/img140/6720/hdxnew6lb.gif
09/08/05 - Clan SBs @ USEast
 [19:59:04.000] <DeadHelp> We don't like customers.
 [19:59:05.922] <DeadHelp> They're assholes
 [19:59:08.094] <DeadHelp> And they're never right.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17928
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Status of War3 Warden implementation?
« Reply #7 on: May 15, 2009, 10:55:04 AM »
You should implement a x86 interpreter/sandbox in Java that can run it. :D

Offline Camel

  • Hero Member
  • *****
  • Posts: 1705
    • View Profile
    • BNU Bot
Re: Status of War3 Warden implementation?
« Reply #8 on: May 15, 2009, 02:07:49 PM »
You can run native modules from Java (heck, half the Java API is native anyways), but you have to follow a particular convention so that the VM can import and run the code. It would be feasible to write an adapter to do that, but it'd still only work on Windows machines.

You should implement a x86 interpreter/sandbox in Java that can run it. :D
Oh, the irony!

<Camel> i said what what
<Blaze> in the butt
<Camel> you want to do it in my butt?
<Blaze> in my butt
<Camel> let's do it in the butt
<Blaze> Okay!

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17928
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Status of War3 Warden implementation?
« Reply #9 on: May 15, 2009, 03:44:23 PM »
You should implement a x86 interpreter/sandbox in Java that can run it. :D
Oh, the irony!
Especially if it's complete enough to run a JVM :)

Offline thebigred

  • Newbie
  • *
  • Posts: 7
  • I'm new here!
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #10 on: June 07, 2009, 08:03:59 PM »
When I want to edit the Java control panel, there is a proxy option.  However, when I select a proxy server, my java apps (JavaOP in this case) does not use the proxy.  Is there any built-in java functionality to connect via a proxy? 

I'm wondering how much functionality needs to be implemented to run JavaOP through Ringo's or Hdx's Warden bypass.

Offline Camel

  • Hero Member
  • *****
  • Posts: 1705
    • View Profile
    • BNU Bot
Re: Status of War3 Warden implementation?
« Reply #11 on: June 08, 2009, 02:44:29 PM »
Java does not inherently provide proxy support, but adding SOCKS4 is a trivial task.

Here's the Socket class I use in my bot; it supports SOCKS4 and SOCKS4a (Hdx's proxy does not presently support the SOCK4a extension): SOCKS4ProxySocket.java.

<Camel> i said what what
<Blaze> in the butt
<Camel> you want to do it in my butt?
<Blaze> in my butt
<Camel> let's do it in the butt
<Blaze> Okay!

Offline Hdx

  • The Hdx!
  • Full Member
  • ***
  • Posts: 311
  • <3 Java/Cpp/VB/QB
    • View Profile
Re: Status of War3 Warden implementation?
« Reply #12 on: June 08, 2009, 05:42:39 PM »
Camel, if you'd like to msg me on bnet I'll see if I can add 4a in real fast.
http://img140.exs.cx/img140/6720/hdxnew6lb.gif
09/08/05 - Clan SBs @ USEast
 [19:59:04.000] <DeadHelp> We don't like customers.
 [19:59:05.922] <DeadHelp> They're assholes
 [19:59:08.094] <DeadHelp> And they're never right.