Archive for January, 2010

Ban-wave summary

Posted in Warden, world of warcraft on January 15th, 2010 by kynox – 14 Comments

Now that the dust has settled, there doesn’t seem to be any point in delaying this any longer.

December 19th, WardenGuy sends instructions to Warden, detailing how to detect LuaNinja and WoWGremlin. At an undisclosed time, the ‘client’ activates it’s special routine which effectively disables the anti-detection in both tools (Vague, i know. Don’t want to give out too many secrets, right?).

What follows, is what seems to be the new direction in most anti-cheat software.

Warden, among other anti-cheats employ the methods of delayed banning; where by recording all of the offending users, they can maximize the effect of casualties by giving people that false sense of security.

To summarize, anyone who blames Cypher for their accounts being terminated are self-centered morons. You knew the risks of using software that infringes on the contract you signed, and even agreed to have your account terminated if found doing so.

Banwave in effect

Posted in world of warcraft on January 11th, 2010 by kynox – 54 Comments

So, unless you live under a rock, you’ve noticed there is a rather wide-spread banwave in effect right now. Finding the proper sources are providing difficult due to the overwhelming amount of cross-contamination from the many sources reporting bans.

If any of you have been banned, please write a list of the Bots/Hacks you have used in the past 4 weeks, preferably in chronological order.

Clarification (Updated):

Well, after searching around for a while with Harko; he found the culprit. He, being on Windows XP, ran his logger over LuaNinja.dll and found that it was in-fact reporting back detection flags. However, when i ran my logger over LuaNinja, it returned clean flags.

I run Windows 7, as does Cypher; which would appear to be how he missed the Windows XP incompatibility.

Long story short? LuaNinja’s protection only worked on certain operating systems and Warden has been detecting LuaNinja since December 19th.

Update #02:

It’s got to be something in the client – too many reports contradicting earlier theories.
42e3d28a01319e58661ca4c201e7dc376ee1e7fa

Blizzard Authenticator Emulator

Posted in General, world of warcraft on January 7th, 2010 by kynox – 25 Comments

Recently, a friend asked if I knew how to run the authenticator on a Windows Mobile; puzzled that Blizzard hadn’t supported that platform yet, I decided to take a look for myself.
Attached is the result of my findings. A complete authenticator emulator library, with included basic demonstration.

* Notes *

  1. This does not allow you to gain unauthorized access to peoples authenticators.
  2. This is limited to mobile-authenticators keys, as I don’t have the know-how to disassemble the physical hardware authenticators.
  3. To use this tool with a pre-existing authenticator, you must have access to your phones file-system in order to extract the Serial and Token from its configuration file.

Caveat: The library itself is closed source until further notice, and must retain the included license files if used in projects other than the included test project.

Serial refers to the "US-XXXX-XXXX-XXXX" code and Token refers to a shared-public key used in the generation of the one-time keys.

* Releases *
v20090108