search

tesseract2048 / d2gs

Multithreaded Game Server for Diablo II 1.13c Closed Battle.Net
82 stars 49 forks source link

Warden #3

Closed HarpyWar closed 9 years ago

HarpyWar commented 10 years ago

Hello, could you explain details about how Warden works, how can it be extended with new cheats, and does it work properly in your version? There are a lot of false positives in original 1.13c and it can't be used for play.

tesseract2048 commented 10 years ago

No, we are not using Warden at all actually. In theory, warden mod needs to be signed with Blizzard itself, so the mod provided with this version is captured and cannot be modified. Thus we cannot extend it with new cheats.

Fortunately, there are other techniques that introduced by Blizzard since 1.10. "ExtraWork" module for example. The "ExtraWork" module could be sent by Battle.net server by packet 4C (see: https://bnetdocs.org/?op=packet&pid=182), though it needs to be signed, but with key that can be faked, for you can always factor RSA-256 modules in several weeks. In that case, you can create your own module to detect cheats in your own way. I've done this, so my current approach is modifying pvpgn to support this feature.

HarpyWar commented 10 years ago

I've done ExtraWork support in PvPGN https://github.com/HarpyWar/pvpgn/issues/72 How the key can be faked?

tesseract2048 commented 10 years ago

Step A. Get private key. Step B. Sign your own ExtraWork MPQ with the key, create (signature) file.

Generally, factor the RSA module with GNFS (implementation such as CADO-NFS). Weak key (RSA-256) can be factored in one week using 336 cpu cores.

The key is:

-----BEGIN PRIVATE KEY-----
MIIBOQIBAAJBAJJidwS/uILMBSO5DLGsBFknIXWWjQJe2kfdfEk3G/j66w4KkhZ1
V61Rt4zLaMVCYpDun7FLwRjkMDSepO1q2DcCAwEAAQJANtiztVDMJh2hE1hjPDKy
UmEJ9U/aN3gomuKOjbQbQ/bWWcM/WfhSVHmPqtqh/bQI2UXFr0rnXngeteZHLr/b
8QIhAMuWriSKGMACw18/rVVfUrThs915odKBH1Alr3vMVVzZAiEAuBHPSQkgwcb6
L4MWaiKuOzq08mSyNqPeN8oSy18q848CIHeMn+3s+eOmu7su1UYQl6yH7OrdBd1q
3UxfFNEJiAbhAiAqxdCyOxHGlbM7aS3DOg3cq5ayoN2cvtV7h1R4t8OmVwIgF+5z
/6vkzBUsZhd8Nwyis+MeQYH0rpFpMKdTlqmPF2Q=
-----END PRIVATE KEY-----
HarpyWar commented 10 years ago

What is the purpose of d2warden.dll in this repository?

tesseract2048 commented 10 years ago

D2Warden.dll is inherited from previous work, done by marsgod. I kept most of these original work but it is not necessary.

HarpyWar commented 10 years ago

So, is d2warden.dll deprecated or it still can work properly?

tesseract2048 commented 9 years ago

It is deprecated.