Blizzard Authenticator Emulator
Recently, a friend asked if I knew how to run the authenticator on a Windows Mobile; puzzled that Blizzard hadn’t supported that platform yet, I decided to take a look for myself.
Attached is the result of my findings. A complete authenticator emulator library, with included basic demonstration.
* Notes *
- This does not allow you to gain unauthorized access to peoples authenticators.
- This is limited to mobile-authenticators keys, as I don’t have the know-how to disassemble the physical hardware authenticators.
- To use this tool with a pre-existing authenticator, you must have access to your phones file-system in order to extract the Serial and Token from its configuration file.
Caveat: The library itself is closed source until further notice, and must retain the included license files if used in projects other than the included test project.
Serial refers to the "US-XXXX-XXXX-XXXX" code and Token refers to a shared-public key used in the generation of the one-time keys.
* Releases *
v20090108
hay guys!1
kynx do you know what >>> operator is for in java?
in soviet russia, chuck norris packs your ints big-endian!
duz he am play the fiddle? fiddle halp wid shift okie???// :>)))))
kynox iz in ur authenticatorz
stealin ur cerealz
Kynox, i’m curious. What Mobile Blizzard Authenticator did you reverse? like what device did it run on?
He probably reversed the iphone binary
ARM code isn’t very friendly.
Motorola RAZR v3
so, we’re now just one step away from being able to create a genuine authenticator from scratch. right now, the only way to get a PSK and serial number is to grab it from the config file on a cell phone (which costs money, which is currently the bottleneck).
the iphone/ipod touch versions are free. i’m trying to see if there’s a way to possibly pull the information from the device after it’s been given by blizzard, or possibly bypass the ipod alltogether and replicate how the ipod goes about getting the information from blizzard’s server. once this is accomplished, the oppertunities are endless (until blizzard catches on and chances how the ipod app works).
this is beyond my skill level currently, but what do you learn if you don’t push yourself? wish me luck.
p.s. if this post doesn’t make much sense, i apologize, i’m probably too tired to be thinking about stuff like this
What you’re describing is already part of the library. I just didn’t include it in the test example.
Hi im at the root of my ipod touch, but i cant seem to find were the battle.net auth installed to. any help would be great.
The iPod Touch and iPhone seem to store the information in the key store; which is encrypted. I don’t own either product, so i can’t really help there.
i found it,
\User\Applications\68698A65-6E2F-4583-A5C9-04578AD89904\SecureLogin_iPhone.app
my only problem is locating what file holds the “token”
That’s the app. The token is stored in the keychain.
so i can use my serial number and the token you provided and it will work?
No. The serial has nothing to do with the one-time-key generation. The token is the important bit.
Kynox, do you know where is the .db file in a Nokia (Symbian V3, N81)
I’ve been searching it for an hour, the app is instaled in the Memory card, but there is only a file called “uids” and the .jar of the Auth in a folder.
Of course I can browse private files, I have it hacked, so that isn’t the problem.
Thanks and sorry for my English ;)
Not a clue, sorry. Through an emulator, the file name is “run_by_class_storage_#Token#Record.db”. It’s a java record store; so i suppose you could find it by saving to a named record store and then searching for that.
RecordStore recordstore = null; recordstore = RecordStore.openRecordStore("TokenRecord", true);The above is the code used to open the authenticators save file.
I’m using X-plore and i can’t find any file with that name.
I found this http://forum.xda-developers.com/showthread.php?t=557862&page=6
I’m using a warez auth, http://forum.xda-developers.com/showthread.php?t=557862&page=6 but it don’t use the “default” token, it works with another one, which I can’t find in my phone.
And how can I use that code for open the token?
Thanks for helping.
It’s Java. You need to find out where the record stores are stored on your phone.
Well, it’s on E:\private\102033E6\MIDlets\[10174c6c]
but there is just two files: a .jar called battlenetmobileauthenticator.jar and a file with no extension called uids which only contains (hexadecimal)
6c 4c 17 10 36
c6 17 10
I do not have a mobile to place an authenticator on at the moment, mine is broken. My account was recently stolen and Blizzard has suggested using an authenticator. Can I simply generate a random token of the required length, a random serial, and just enter it into my BNet account and use that as a new authenticator? I don’t ever intend on using a mobile version if so.
No, you’ll need to use the Authenticator.CreateAuthenticator method of my library. Randomly creating data won’t work.
hey kynox im currently working on a relogger and i want to include authenticator support but im having trouble using your library with vb.net and was curious if you could email me a basic rundown on all the class’s/methods in your library and what they do so i can really get this going and have a reference, iv been trying to decipher your c# since i do not know c# its been a bit hard lol
you can check out my relogger on the honorbuddy forums at http://www.buddyforum.de/showthread.php?7470-RelogMe-HB2-Relogger&p=88608#post88608
I cant wait for the World of Warcraft cataclysm update. You really ought to check out this site for a cool video that lets you in on whats about to happen.