Created
October 9, 2020 06:10
-
-
Save wjlafrance/b0ff0f33ffefa55cde9385a6ac0adbfa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (5185, 663, 0, 5185, 'Bot Developers -- Useful Information', 'n00blar', 'wingate2@hotmail.com', 1041519376, '68.47.226.6', 1, 0, '1048312800', 'This information is from a jump table called in the RecvThreadProc, my brother indulg traced and documented the packets! heh =p<br><br>[code]<br>// jump table called in RecvDataThread to identify the packet type<br><br> // PKT_GAMEDATA = 0x00<br> // PKT_CLIENTREQ = 0x03<br> // PKT_SERVERPING = 0x05<br> // PKT_SELFPING = 0x06<br> // PKT_KEEPALIVE = 0x07<br> // PKT_CONNTEST = 0x08<br> // PKT_CONNTEST2 = 0x09<br> <br> // SID_NULL = 0x00<br> // SID_STOPADV = 0x05<br> // SID_SERVERLIST = 0x06 <br> // SID_CLIENTID = 0x07<br> // SID_STARTVERSIONING = 0x08<br> // SID_REPORTVERSION = 0x09<br> // SID_GETADVLISTEX = 0x0A<br> // SID_ENTERCHAT = 0x0B<br> // SID_GETCHANNELLIST = 0x0C<br> // SID_JOINCHANNEL = 0x0D<br> // SID_CHATCOMMAND = 0x0E<br> // SID_CHATEVENT = 0x0F<br> // SID_LEAVECHAT = 0x10<br> // SID_LOCALEINFO = 0x12<br> // SID_FLOODDETECTED = 0x13<br> // SID_UDPPINGRESPONSE = 0x14<br> // SID_CHECKAD = 0x15<br> // SID_CLICKAD = 0x17<br> // SID_QUERYMEM = 0x18<br> // SID_MESSAGEBOX = 0x19<br> // SID_STARTADVEX2 = 0x1A<br> // SID_GAMEDATAADDRESS = 0x1B<br> // SID_STARTADVEX3 = 0x1C<br> // SID_LOGONCHALLENGEEX = 0x1E<br> // SID_CLIENTID2 = 0x1F<br> // SID_BROADCAST = 0x20<br> // SID_DISPLAYAD = 0x21<br> // SID_NOTIFYJOIN = 0x22<br> // SID_SETCOOKIE = 0x23<br> // SID_GETCOOKIE = 0x24<br> // SID_PING = 0x25<br> // SID_READUSERDATA = 0x26<br> // SID_WRITEUSERDATA = 0x27<br> // SID_LOGONCHALLENGE = 0x28<br> // SID_LOGONRESPONSE = 0x29<br> // SID_CREATEACCOUNT = 0x2A<br> // SID_SYSTEMINFO = 0x2B<br> // SID_GAMERESULT = 0x2C<br> // SID_GETICONDATA = 0x2D<br> // SID_GETLADDERDATA = 0x2E<br> // SID_FINDLADDERUSER = 0x2F<br> // SID_CDKEY = 0x30<br> // SID_CHANGEPASSWORD = 0x31<br> // SID_GETFILETIME = 0x32<br> // SID_CDKEY2 = 0x33<br> // SID_CHECKDATAFILE2 = 0x34<br> // SID_CREATEACCOUNT2 = 0x35<br> // SID_STARTVERSIONING2 = 0x36<br> // SID_QUERYADURL = 0x37<br> // SID_CDKEY3 = 0x38<br><br> // SID_AUTH_INFO = 0x50<br> // SID_AUTH_CHECK = 0x51<br> // SID_AUTH_ACCOUNTCREATE = 0x52<br> // SID_AUTH_ACCOUNTLOGON = 0x53<br> // SID_AUTH_ACCOUNTLOGONPROOF = 0x54<br> // SID_AUTH_ACCOUNTCHANGE = 0x55<br> // SID_AUTH_ACCOUNTCHANGEPROOF = 0x56<br> // SID_AUTH_ACCOUNTUPGRADE = 0x57<br> // SID_AUTH_ACCOUNTUPGRADEPROOF = 0x58<br> // SID_AUTH_RECONNECT = 0x59<br> // SID_AUTH_RECONNECTPROOF = 0x5A<br> // SID_AUTH_DISCONNECT = 0x5B<br> // SID_UNK = 0x5C<br><br><br> // SN_ADDCHANNEL = 0x01<br> // SN_DELETECHANNEL = 0x02<br> // SN_JOINCHANNEL = 0x03<br> // SN_ADDUSER = 0x04<br> // SN_DELETEUSER = 0x05<br> // SN_DISPLAYSTRING = 0x06<br> // SN_DOWNLOADING = 0x08<br> // SN_DOWNLOADFAILED = 0x09<br> // SN_DOWNLOADSUCCEEDED = 0x0A<br> // SN_FAILEDTOCONNECT = 0x0B<br> // SN_USERNAME = 0x0C<br> // SN_LOSTCONNECTION = 0x0D<br> // SN_CHANGEUSERFLAGS = 0x0E<br> // SN_CHANNELLISTISFULL = 0x10<br> // SN_CHANNELDOESNOTEXIST = 0x11<br> // SN_CHANNELISRESTRICTED = 0x12<br> // SN_SQUELCHUSER = 0x13<br> // SN_UNSQUELCHUSER = 0x14<br> // SN_BADCONNECTION = 0x15<br> // SN_SETADINFO = 0x16<br> // SN_DISPLAYAD = 0x17<br> // SN_MESSAGEBOX = 0x18<br> // SN_ICONDATA = 0x19<br> // SN_TOS = 0x1A<br> // SN_BNSERVER_INI = 0x1B<br> // SN_FAILEDTOCONNECTEXT = 0x1C<br> // SN_UNIQUEICONDATA = 0x1D<br>[/code]', 'xx', 17, 1, 0, 0), | |
| (5186, 663, 2455, 39, 'Re: Bot Developers -- Useful Information', 'Skywing', '', 1041522410, '12.221.64.79', 1, 1, '', 'Yes. I''ve been using those IDs for some time. The SN_ codes are for the Battle.snp GUI and have no relation to Battle.net messages.<br><br>Also, I think you''ve got some errors in that table. SID_CLIENTID2 is not 0x1f, it''s 0x1e. I recommend making a program to automatically dump tables such as that instead of doing it manually which introduces errors like this frequently for tables of this size.', 'xx', 17, 1, 0, 0), | |
| (5187, 663, 27, 5187, 'Re: Bot Developers -- Useful Information', 'Arta', 'arta@the-group.org', 1041532591, '217.149.104.133', 1, 0, '1048312800', 'Also, several of those are incorrect :)', 'xx', 17, 1, 0, 0), | |
| (5188, 663, 98, 39, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1041644872, '68.47.226.6', 1, 1, '', 'Yes more than 1 is incorrect...<br>I was half asleep when i wrote it... and havent edited it...<br>:yawn:', 'xx', 17, 1, 0, 0), | |
| (5189, 663, 54, 5189, 'Re: Bot Developers -- Useful Information', 'MrRaza', 'mrraza69@hotmail.com', 1041686923, '24.112.227.120', 1, 0, '1048312800', 'how about you post some corrections ;)', 'xx', 17, 1, 0, 0), | |
| (5190, 663, 2455, 5190, 'Re: Bot Developers -- Useful Information', 'Skywing', '', 1041696431, '12.221.64.79', 0, 0, '1048312800', '[quote]how about you post some corrections ;)[/quote]<br>You [i]could[/i] try and find them on your own, and then you''d have no worries about errors, right? ;)', 'xx', 17, 1, 0, 0), | |
| (5191, 663, 101, 5191, 'Re: Bot Developers -- Useful Information', 'Etheran', 'etheranx@hotmail.com', 1041713445, '68.66.246.38', 1, 0, '1048312800', 'How about a tutorial on how you would find something like this? :)', 'xx', 17, 1, 0, 0), | |
| (5192, 663, 28, 5192, 'Re: Bot Developers -- Useful Information', 'Zakath', 'Zackath@aol.com', 1041723640, '64.222.83.225', 1, 0, '1048312800', 'I don''t even know all the SIDs. :-[', 'xx', 17, 1, 0, 0), | |
| (5193, 663, 98, 39, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1041723808, '68.47.226.6', 1, 1, '', 'Uh -- I think i should take skywings advice on how to retrieve the full list... There is a big jumptable for those IDs... they are for debug output... :x<br><br>--- You do know all the SID''s they are listed above -- there are just some errors on their values...', 'xx', 17, 1, 0, 0), | |
| (5194, 663, 28, 5194, 'Re: Bot Developers -- Useful Information', 'Zakath', 'Zackath@aol.com', 1041724315, '64.222.83.225', 1, 0, '1048312800', 'I was talking about what I''d found on my own, kthx.<br><br>A couple parts of my bot aren''t as nice as I''d like yet...my Connection class could use a few upgrades when I get around to it...sigh...so much work still to do...', 'xx', 17, 1, 0, 0), | |
| (5195, 663, 0, 5195, 'Re: Bot Developers -- Useful Information', 'st0rmmage', 'asfd@aFaf.com', 1041724657, '24.61.144.229', 1, 0, '1048312800', 'Softice, bpx recv.<br>Trace through (F10) till you see the symbol SID_something show up. Open up the process and jump to the address and see what''s there.', 'xx', 17, 1, 0, 0), | |
| (5196, 663, 98, 5196, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1041726374, '68.47.226.6', 1, 0, '1048312800', 'SID_??? results will be a return value from a function...', 'xx', 17, 1, 0, 0), | |
| (5197, 663, 2455, 5197, 'Re: Bot Developers -- Useful Information', 'Skywing', '', 1041770041, '12.221.64.79', 1, 0, '1048312800', 'The way I did it was to write a small HDL to call the function which translates a packet id into a packet name repeatedly for 0 through 0xff, logging the results to a file.', 'xx', 17, 1, 0, 0), | |
| (5198, 663, 98, 39, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1041905603, '68.47.226.6', 0, 1, '', ':boo: thats what i was going to do just now', 'xx', 17, 1, 0, 0); | |
| INSERT INTO `yabbse_messages` (`id_msg`, `id_topic`, `id_member`, `id_msg_modified`, `subject`, `poster_name`, `poster_email`, `poster_time`, `poster_ip`, `smileys_enabled`, `modified_time`, `modified_name`, `body`, `icon`, `id_board`, `approved`, `thank_you_post`, `thank_you_post_counter`) VALUES | |
| (5199, 663, 98, 39, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1042433867, '68.47.226.6', 1, 1, '', 'Here are reliable results straight from battle.snp<br><br>[code]<br>0x00: SID_NULL<br>0x02: SID_STOPADV<br>0x04: SID_SERVERLIST<br>0x05: SID_CLIENTID<br>0x06: SID_STARTVERSIONING<br>0x07: SID_REPORTVERSION<br>0x09: SID_GETADVLISTEX<br>0x0A: SID_ENTERCHAT<br>0x0B: SID_GETCHANNELLIST<br>0x0C: SID_JOINCHANNEL<br>0x0E: SID_CHATCOMMAND<br>0x0F: SID_CHATEVENT<br>0x10: SID_LEAVECHAT<br>0x12: SID_LOCALEINFO<br>0x13: SID_FLOODDETECTED<br>0x14: SID_UDPPINGRESPONSE<br>0x15: SID_CHECKAD<br>0x16: SID_CLICKAD<br>0x17: SID_QUERYMEM<br>0x19: SID_MESSAGEBOX<br>0x1A: SID_STARTADVEX2<br>0x1B: SID_GAMEDATAADDRESS<br>0x1C: SID_STARTADVEX3<br>0x1D: SID_LOGONCHALLENGEEX<br>0x1E: SID_CLIENTID2<br>0x20: SID_BROADCAST<br>0x21: SID_DISPLAYAD<br>0x22: SID_NOTIFYJOIN<br>0x23: SID_SETCOOKIE<br>0x24: SID_GETCOOKIE<br>0x25: SID_PING<br>0x26: SID_READUSERDATA<br>0x27: SID_WRITEUSERDATA<br>0x28: SID_LOGONCHALLENGE<br>0x29: SID_LOGONRESPONSE<br>0x2A: SID_CREATEACCOUNT<br>0x2B: SID_SYSTEMINFO<br>0x2C: SID_GAMERESULT<br>0x2D: SID_GETICONDATA<br>0x2E: SID_GETLADDERDATA<br>0x2F: SID_FINDLADDERUSER<br>0x30: SID_CDKEY<br>0x31: SID_CHANGEPASSWORD<br>0x33: SID_GETFILETIME<br>0x36: SID_CDKEY2<br>0x3C: SID_CHECKDATAFILE2<br>0x3D: SID_CREATEACCOUNT2<br>0x3F: SID_STARTVERSIONING2<br>0x41: SID_QUERYADURL<br>0x42: SID_CDKEY3<br>0x50: SID_AUTH_INFO<br>0x51: SID_AUTH_CHECK<br>0x52: SID_AUTH_ACCOUNTCREATE<br>0x53: SID_AUTH_ACCOUNTLOGON<br>0x54: SID_AUTH_ACCOUNTLOGONPROOF<br>0x55: SID_AUTH_ACCOUNTCHANGE<br>0x56: SID_AUTH_ACCOUNTCHANGEPROOF<br>0x57: SID_AUTH_ACCOUNTUPGRADE<br>0x58: SID_AUTH_ACCOUNTUPGRADEPROOF<br>0x59: SID_AUTH_RECONNECT<br>0x5A: SID_AUTH_RECONNECTPROOF<br>0x5B: SID_AUTH_DISCONNECT<br><br>0x01: SN_ADDCHANNEL<br>0x02: SN_DELETECHANNEL<br>0x03: SN_JOINCHANNEL<br>0x04: SN_ADDUSER<br>0x05: SN_DELETEUSER<br>0x06: SN_DISPLAYSTRING<br>0x08: SN_DOWNLOADINGUPGRADE<br>0x09: SN_DOWNLOADFAILED<br>0x0A: SN_DOWNLOADSUCCEEDED<br>0x0B: SN_FAILEDTOCONNECT<br>0x0C: SN_USERNAME<br>0x0D: SN_LOSTCONNECTION<br>0x0E: SN_CHANGEUSERFLAGS<br>0x10: SN_CHANNELISFULL<br>0x11: SN_CHANNELDOESNOTEXIST<br>0x12: SN_CHANNELISRESTRICTED<br>0x13: SN_SQUELCHUSER<br>0x14: SN_UNSQUELCHUSER<br>0x15: SN_BADCONNECTION<br>0x16: SN_SETADINFO<br>0x17: SN_DISPLAYAD<br>0x18: SN_MESSAGEBOX<br>0x19: SN_ICONDATA<br>0x1A: SN_TOS<br>0x1B: SN_BNSERVER_INI<br>0x1C: SN_FAILEDTOCONNECTEXT<br>0x1D: SN_UNIQUEICONDATA<br><br>0x00: PKT_GAMEDATA<br>0x03: PKT_CLIENTREQ<br>0x05: PKT_SERVERPING<br>0x06: PKT_SELFPING<br>0x07: PKT_KEEPALIVE<br>0x08: PKT_CONNTEST<br>0x09: PKT_CONNTEST2<br>[/code]', 'xx', 17, 1, 0, 0), | |
| (5200, 663, 26, 5200, 'Re: Bot Developers -- Useful Information', 'tA-Kane', 'kane@kbserver.homeip.net', 1042613329, '207.151.148.205', 1, 0, '1048312800', 'My guess would be a Handle, but that''s probably more like HNDL instead of HDL.<br><br>Perhaps *something* dynamic library?', 'xx', 17, 1, 0, 0), | |
| (5201, 663, 28, 5201, 'Re: Bot Developers -- Useful Information', 'Zakath', 'Zackath@aol.com', 1042673281, '130.215.228.97', 1, 0, '1048312800', 'It''s a type of hack file. I would guess it modifies things in memory when the program it affects is running? Adron has some info about HDLs at his site, IIRC.', 'xx', 17, 1, 0, 0), | |
| (5202, 663, 98, 39, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1042694770, '68.47.226.6', 1, 1, '', 'its sexy :D<br><br>a dll with local access to a process'' memory...', 'xx', 17, 1, 0, 0), | |
| (5203, 663, 101, 39, 'Re: Bot Developers -- Useful Information', 'Etheran', 'etheranx@hotmail.com', 1042700865, '24.53.46.116', 1, 1, '', 'It''s a hook DLL, I believe. I know about windows hooks, but I don''t understand HDL''s.<br><br>EDIT: When I said I know about windows hooks, I mean I only know of them. I have yet to read about them, but I will in time.', 'xx', 17, 1, 0, 0), | |
| (5204, 663, 26, 5204, 'Re: Bot Developers -- Useful Information', 'tA-Kane', 'kane@kbserver.homeip.net', 1042720206, '207.151.148.205', 1, 0, '1048312800', 'Sounds like fun ;D', 'xx', 17, 1, 0, 0), | |
| (5205, 663, 3, 5205, 'Re: Bot Developers -- Useful Information', 'Yoni', 'rzvika@netvision.net.il', 1042880262, '212.143.221.146', 1, 0, '1048312800', 'http://www.valhallalegends.com/yoni/SampleHDL.zip<br>:)', 'xx', 17, 1, 0, 0), | |
| (5206, 663, 0, 5206, 'Re: Bot Developers -- Useful Information', 'Coltz', '', 1042898665, '68.62.20.249', 1, 0, '1048312800', 'heh you got the link in the right place this time yoni ;)', 'xx', 17, 1, 0, 0), | |
| (5207, 663, 107, 5207, 'Re: Bot Developers -- Useful Information', 'zorm', 'zorm@softhome.net', 1043037802, '209.155.168.66', 1, 0, '1048312800', 'Found the function in IDA, now how do i go figuring out the args it takes and what it returns?', 'xx', 17, 1, 0, 0), | |
| (5208, 663, 101, 5208, 'Re: Bot Developers -- Useful Information', 'Etheran', 'etheranx@hotmail.com', 1043042181, '24.53.46.116', 1, 0, '1048312800', 'think about how it works.. look at the instructions.<br><br>[code]<br>.text:19015D80 cmp ecx, 5Bh<br>.text:19015D83 ja loc_19015F0C<br>.text:19015D89 xor eax, eax<br>.text:19015D8B mov al, ds:byte_19016024[ecx]<br>.text:19015D91 jmp ds:off_19015F28[eax*4]<br>[/code]<br><br>ecx is the id. if it''s above 5B it breaks out of the "switch". so instead of pushing onto the stack, put your id in ecx.', 'xx', 17, 1, 0, 0), | |
| (5209, 663, 98, 39, 'Re: Bot Developers -- Useful Information', 'indulgence', 'indulgance@excite.com', 1043049256, '68.47.226.6', 1, 1, '', 'since this is apparently public domain now -- heres my lil c++ routine contribution... did at 4 am lol...<br>[code]<br> FILE *stream;<br> BYTE bSID = 0;<br> char* szTemp;<br><br> if (!(stream = fopen ("C:\\\\SID_Output.txt", "a")))<br> {<br> sprintf (t, "Unable to append C:\\\\PktID.txt");<br> server->GamePrintError (t);<br> return TRUE;<br> }<br> __asm <br> {<br>sidloop:<br> mov ecx, bSID<br> push 0x19015D80<br> ret<br> mov szTemp, eax<br> }<br> sprintf (swi, "%#.2x: %s", b, *szTemp);<br> fprintf (stream, "%s\\n", swi);<br><br> if (bSID == 0xFF) { goto closesid }<br><br> bSID++;<br> goto sidloop;<br>closesid:<br> fclose (stream);<br> delete stream;<br>[/code]<br><br>This is assuming its being called from within SC Memory space... Obviously :)<br><br>', 'xx', 17, 1, 0, 0), | |
| (5210, 663, 2455, 5210, 'Re: Bot Developers -- Useful Information', 'Skywing', '', 1043139787, '12.221.64.79', 1, 0, '1048312800', 'Aren''t you going to need to push your return address too? Otherwise I don''t see how that will avoid crashing.', 'xx', 17, 1, 0, 0), | |
| (5211, 663, 2454, 39, 'Two alternatives to that code', 'Adron', '', 1043144797, '213.67.180.99', 1, 1, '', 'Alternative #1, using call<br>[code]<br> __asm <br> { <br>sidloop: <br> mov ecx, bSID <br> mov eax, 0x19015D80<br> call eax<br> mov szTemp, eax <br> } <br> sprintf (swi, "%#.2x: %s", b, *szTemp); <br> fprintf (stream, "%s\\n", swi); <br> <br> if (bSID == 0xFF) { goto closesid } <br> <br> bSID++; <br> goto sidloop; <br>[/code]<br><br>Alternative #2, using no assembly (should work in msvc++)<br>[code]<br> typedef char *__fastcall sid2sfunc(BYTE);<br> sid2sfunc *sid2s = (sid2sfunc*)0x19015D80;<br> do {<br> szTemp = sid2s(bSID);<br> sprintf (swi, "%#.2x: %s", b, *szTemp); <br> fprintf (stream, "%s\\n", swi); <br> } while(bSid++ != 0xff)<br>[/code]<br> ', 'xx', 17, 1, 0, 0), | |
| (5212, 663, 26, 5212, 'Re: Bot Developers -- Useful Information', 'tA-Kane', 'kane@kbserver.homeip.net', 1043157199, '207.151.148.205', 1, 0, '1048312800', 'Is it not possible to display those tables, but for something else? Such as, event IDs for packet SID_CHATEVENT? Or perhaps getting all the names of possible values in various unknown?', 'xx', 17, 1, 0, 0), | |
| (5213, 663, 2455, 5213, 'Re: Bot Developers -- Useful Information', 'Skywing', '', 1043157796, '216.124.147.250', 1, 0, '1048312800', '[quote]Is it not possible to display those tables, but for something else? Such as, event IDs for packet SID_CHATEVENT? Or perhaps getting all the names of possible values in various unknown?[/quote]<br>Those have been available for years in the GreetBot source code provided by Blizzard.', 'xx', 17, 1, 0, 0), | |
| (5214, 663, 107, 5214, 'Re: Bot Developers -- Useful Information', 'zorm', 'zorm@softhome.net', 1043186304, '209.155.168.78', 1, 0, '1048312800', 'ah thanks for the info.', 'xx', 17, 1, 0, 0), |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment