I remember seeing your server rise higher and higher gtop and then change to bye, mind me asking why you guys shutdown? ;P
Nice release nonetheless, this might be the first v62 with those buffstats implemented properly.
Are there no files missing from this download? I feel like it is missing something essential like a folder with java libraries. It might that i can grab them from somewhere else but i don't know what is compatible with this source. This is probably inappropriate so i am sorry, but i am trying to learn.
Holy poop there is HWID blocking in this source. Amazing release.
It'd be good to note here this is an improper formula for it. Me and BlitzMK figured this was the most appropriate way of doing it. It'll give all users a unique HWID > 0, I doubt it's right though. Works per computer from the looks of it (disregards VPNs, mac spoofers, etc(?))
int __thiscall CSystemInfo::Init(void *this)
{
signed int v1; // ebx@1
int v2; // edx@13
signed int v3; // eax@13
int v4; // ecx@13
int v5; // esi@14
CSystemInfo *v6; // esi@15
int v7; // ecx@15
CSystemInfo *v8; // edx@15
int v9; // eax@15
int v10; // ecx@15
int result; // eax@16
int v12; // eax@21
int v13; // ecx@21
CSystemInfo *v14; // esi@21
int v15; // edx@21
__int64 v16; // kr08_8@22
CSystemInfo *v17; // esi@22
int v18; // eax@22
CSystemInfo *v19; // [sp+7Ch] [bp-9B8h]@1
char v20[9]; // [sp+80h] [bp-9B4h]@1
int v21; // [sp+89h] [bp-9ABh]@1
__int16 v22; // [sp+8Dh] [bp-9A7h]@1
char v23; // [sp+8Fh] [bp-9A5h]@1
int v24; // [sp+90h] [bp-9A4h]@11
char v25; // [sp+94h] [bp-9A0h]@11
struct _NCB pncb; // [sp+98h] [bp-99Ch]@1
char v27; // [sp+D8h] [bp-95Ch]@11
CSystemInfoVtbl *v28; // [sp+DCh] [bp-958h]@1
int v29; // [sp+E0h] [bp-954h]@21
int v30; // [sp+E4h] [bp-950h]@21
int v31; // [sp+E8h] [bp-94Ch]@21
int v32; // [sp+1DCh] [bp-858h]@3
__int16 v33; // [sp+1E0h] [bp-854h]@8
char v34; // [sp+1E4h] [bp-850h]@6
char v35; // [sp+434h] [bp-600h]@11
char v36; // [sp+437h] [bp-5FDh]@11
char v37; // [sp+634h] [bp-400h]@11
char v38; // [sp+834h] [bp-200h]@11
*(_QWORD *)&v20[1] = 0i64;
v19 = (CSystemInfo *)this;
v21 = 0;
v22 = 0;
memset(&pncb, 0, sizeof(pncb));
v20[0] = 0;
v23 = 0;
LOBYTE(v28) = 0;
pncb.ncb_command = 55;
pncb.ncb_buffer = (char *)&v28;
pncb.ncb_length = 256;
Netbios(&pncb);
v1 = 0;
if ( (_BYTE)v28 )
{
while ( 1 )
{
memset(&pncb, 0, sizeof(pncb));
pncb.ncb_command = 50;
pncb.ncb_lana_num = v1;
if ( !Netbios(&pncb) )
{
memset(&pncb, 0, sizeof(pncb));
strcpy(pncb.ncb_callname, "*");
pncb.ncb_command = 51;
pncb.ncb_lana_num = v1;
memset(&v32, 0, 0x258u);
pncb.ncb_buffer = (char *)&v32;
pncb.ncb_length = 600;
if ( !Netbios(&pncb) )
break;
}
++v1;
if ( v1 >= (unsigned __int8)v28 )
goto LABEL_11;
}
if ( v34 != -2 && v34 != -1 )
{
if ( v34 )
v20[0] = v34;
}
else
{
*(_DWORD *)v20 = v32;
*(_WORD *)&v20[4] = v33;
}
}
LABEL_11:
GetWindowsDirectoryA(&v35, 0x200u);
v36 = 0;
if ( GetVolumeInformationA(&v35, &v37, 0x200u, (LPDWORD)&v24, (LPDWORD)&v25, (LPDWORD)&v27, &v38, 0x200u) == 1 )
*(_DWORD *)&v20[6] = v24;
v2 = 0;
v3 = 0;
v4 = (int)v20;
do
{
v5 = v3 + 3;
LOWORD(v5) = *(_WORD *)v4 * (v3 + 3);
v2 += v5;
++v3;
v4 += 2;
}
while ( v3 < 6 );
v6 = v19;
v7 = *(_DWORD *)&v20[4];
*(__int16 *)((char *)&v22 + 1) = v2;
v8 = (CSystemInfo *)((char *)v19 + 20);
*(_DWORD *)&v19->MachineId[0] = *(_DWORD *)v20;
v9 = *(_DWORD *)&v20[8];
*(_DWORD *)&v8->SupportId[0] = v7;
v10 = *(int *)((char *)&v21 + 3);
*(_DWORD *)&v8->SupportId[4] = v9;
*(_DWORD *)&v8->SupportId[8] = v10;
RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", 0, 3u, (PHKEY)&v19);
if ( v19 )
{
v24 = 256;
if ( RegQueryValueExA((HKEY)v19, "CxSupportId", 0, (LPDWORD)&v25, (LPBYTE)&v28, (LPDWORD)&v24) || v24 != 16 )
{
CoCreateGuid((GUID *)v20);
RegSetValueExA((HKEY)v19, "CxSupportId", 0, 3u, v20, 0x10u);
v16 = *(_QWORD *)&v20[4];
v17 = (CSystemInfo *)((char *)v6 + 4);
v17->vfptr = *(CSystemInfoVtbl **)v20;
v18 = *(int *)((char *)&v21 + 3);
*(_QWORD *)&v17->SupportId[0] = v16;
*(_DWORD *)&v17->SupportId[8] = v18;
}
else
{
v12 = v29;
v13 = v30;
v14 = (CSystemInfo *)((char *)v6 + 4);
v14->vfptr = v28;
v15 = v31;
*(_DWORD *)&v14->SupportId[0] = v12;
*(_DWORD *)&v14->SupportId[4] = v13;
*(_DWORD *)&v14->SupportId[8] = v15;
}
result = RegCloseKey((HKEY)v19);
}
else
{
result = (int)v6->SupportId;
do
{
*(_BYTE *)result = *(_BYTE *)(result + 16);
++result;
}
while ( -4 - (signed int)v6 + result < 16 );
}
return result;
}
___:00B14114 ; BOOL __stdcall GetVolumeInformationA(LPCSTR lpRootPathName, LPSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, [b]LPDWORD lpVolumeSerialNumber[/b], LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize)
I still have to implement it myself. Surprised someone else actually knew about this, I made a thread about it a while ago LOL. You're correct, it is a unique SystemInfo MachineID. It is 16 bytes of data, and is initialized upon password select (and on SendViewAllCharPacket). It has some commands and I thought it got operating system information but in the end only got volume serial numbers.
Here is the client sub if you're interested:
PHP:int __thiscall CSystemInfo::Init(void *this) { signed int v1; // ebx@1 int v2; // edx@13 signed int v3; // eax@13 int v4; // ecx@13 int v5; // esi@14 CSystemInfo *v6; // esi@15 int v7; // ecx@15 CSystemInfo *v8; // edx@15 int v9; // eax@15 int v10; // ecx@15 int result; // eax@16 int v12; // eax@21 int v13; // ecx@21 CSystemInfo *v14; // esi@21 int v15; // edx@21 __int64 v16; // kr08_8@22 CSystemInfo *v17; // esi@22 int v18; // eax@22 CSystemInfo *v19; // [sp+7Ch] [bp-9B8h]@1 char v20[9]; // [sp+80h] [bp-9B4h]@1 int v21; // [sp+89h] [bp-9ABh]@1 __int16 v22; // [sp+8Dh] [bp-9A7h]@1 char v23; // [sp+8Fh] [bp-9A5h]@1 int v24; // [sp+90h] [bp-9A4h]@11 char v25; // [sp+94h] [bp-9A0h]@11 struct _NCB pncb; // [sp+98h] [bp-99Ch]@1 char v27; // [sp+D8h] [bp-95Ch]@11 CSystemInfoVtbl *v28; // [sp+DCh] [bp-958h]@1 int v29; // [sp+E0h] [bp-954h]@21 int v30; // [sp+E4h] [bp-950h]@21 int v31; // [sp+E8h] [bp-94Ch]@21 int v32; // [sp+1DCh] [bp-858h]@3 __int16 v33; // [sp+1E0h] [bp-854h]@8 char v34; // [sp+1E4h] [bp-850h]@6 char v35; // [sp+434h] [bp-600h]@11 char v36; // [sp+437h] [bp-5FDh]@11 char v37; // [sp+634h] [bp-400h]@11 char v38; // [sp+834h] [bp-200h]@11 *(_QWORD *)&v20[1] = 0i64; v19 = (CSystemInfo *)this; v21 = 0; v22 = 0; memset(&pncb, 0, sizeof(pncb)); v20[0] = 0; v23 = 0; LOBYTE(v28) = 0; pncb.ncb_command = 55; pncb.ncb_buffer = (char *)&v28; pncb.ncb_length = 256; Netbios(&pncb); v1 = 0; if ( (_BYTE)v28 ) { while ( 1 ) { memset(&pncb, 0, sizeof(pncb)); pncb.ncb_command = 50; pncb.ncb_lana_num = v1; if ( !Netbios(&pncb) ) { memset(&pncb, 0, sizeof(pncb)); strcpy(pncb.ncb_callname, "*"); pncb.ncb_command = 51; pncb.ncb_lana_num = v1; memset(&v32, 0, 0x258u); pncb.ncb_buffer = (char *)&v32; pncb.ncb_length = 600; if ( !Netbios(&pncb) ) break; } ++v1; if ( v1 >= (unsigned __int8)v28 ) goto LABEL_11; } if ( v34 != -2 && v34 != -1 ) { if ( v34 ) v20[0] = v34; } else { *(_DWORD *)v20 = v32; *(_WORD *)&v20[4] = v33; } } LABEL_11: GetWindowsDirectoryA(&v35, 0x200u); v36 = 0; if ( GetVolumeInformationA(&v35, &v37, 0x200u, (LPDWORD)&v24, (LPDWORD)&v25, (LPDWORD)&v27, &v38, 0x200u) == 1 ) *(_DWORD *)&v20[6] = v24; v2 = 0; v3 = 0; v4 = (int)v20; do { v5 = v3 + 3; LOWORD(v5) = *(_WORD *)v4 * (v3 + 3); v2 += v5; ++v3; v4 += 2; } while ( v3 < 6 ); v6 = v19; v7 = *(_DWORD *)&v20[4]; *(__int16 *)((char *)&v22 + 1) = v2; v8 = (CSystemInfo *)((char *)v19 + 20); *(_DWORD *)&v19->MachineId[0] = *(_DWORD *)v20; v9 = *(_DWORD *)&v20[8]; *(_DWORD *)&v8->SupportId[0] = v7; v10 = *(int *)((char *)&v21 + 3); *(_DWORD *)&v8->SupportId[4] = v9; *(_DWORD *)&v8->SupportId[8] = v10; RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", 0, 3u, (PHKEY)&v19); if ( v19 ) { v24 = 256; if ( RegQueryValueExA((HKEY)v19, "CxSupportId", 0, (LPDWORD)&v25, (LPBYTE)&v28, (LPDWORD)&v24) || v24 != 16 ) { CoCreateGuid((GUID *)v20); RegSetValueExA((HKEY)v19, "CxSupportId", 0, 3u, v20, 0x10u); v16 = *(_QWORD *)&v20[4]; v17 = (CSystemInfo *)((char *)v6 + 4); v17->vfptr = *(CSystemInfoVtbl **)v20; v18 = *(int *)((char *)&v21 + 3); *(_QWORD *)&v17->SupportId[0] = v16; *(_DWORD *)&v17->SupportId[8] = v18; } else { v12 = v29; v13 = v30; v14 = (CSystemInfo *)((char *)v6 + 4); v14->vfptr = v28; v15 = v31; *(_DWORD *)&v14->SupportId[0] = v12; *(_DWORD *)&v14->SupportId[4] = v13; *(_DWORD *)&v14->SupportId[8] = v15; } result = RegCloseKey((HKEY)v19); } else { result = (int)v6->SupportId; do { *(_BYTE *)result = *(_BYTE *)(result + 16); ++result; } while ( -4 - (signed int)v6 + result < 16 ); } return result; }
This is where it calls the GetVolumeInformation() and returns the serial number.
Code:___:00B14114 ; BOOL __stdcall GetVolumeInformationA(LPCSTR lpRootPathName, LPSTR lpVolumeNameBuffer, DWORD nVolumeNameSize, [B]LPDWORD lpVolumeSerialNumber[/B], LPDWORD lpMaximumComponentLength, LPDWORD lpFileSystemFlags, LPSTR lpFileSystemNameBuffer, DWORD nFileSystemNameSize)
This is from the microsoft libraries though, but you could definitely find how everything being translated if you really care to. But, either way, just adding all the ints together generates a unique 16-byte MachineID. I have yet to test it on a mac spoofer, but iirc, using a VPN I had the same MachineID.
Nice job though, something you don't see in public sources.
Not surprised you had posted a thread about this actually! You have a lot of good documentation/reference stuff in your posts about material regarding the BMS files. I had no clue at first how to go about it, and initially the 4 int's added together would result in a negative MachineID for some people which didn't seem right, so the next most sensible thing was to add 0x7FFFFFFF.
I thought originally it got some serials in relation to your Hard Drive and possibly motherboard, but I guess that wasn't the case after all.
Holy poop there is HWID blocking in this source. Amazing release.
It'd be good to note here this is an improper formula for it. Me and BlitzMK figured this was the most appropriate way of doing it. It'll give all users a unique HWID > 0, I doubt it's right though. Works per computer from the looks of it (disregards VPNs, mac spoofers, etc(?))
MapleSolaxia actually had HWID bans in the release as well, just was never announced. They used the volume serial number that was sent to the server in the char select packet for yet another method.