Jump to content

  • Log In with Google      Sign In   
  • Create Account

We need your feedback on a survey! Each completed response supports our community and gives you a chance to win a $25 Amazon gift card!


World of Warcraft protocol information (specifically, encryption algorithm?)


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
20 replies to this topic

#1 Afr0m@n   Members   -  Reputation: 100

Like
0Likes
Like

Posted 12 February 2007 - 10:07 PM

Ok, so lately I've been discouraged from doing alot of programming due to some serious personal issues - however, a couple nights ago I read an interesting article about (how to) beginning to make your own server emulator. One of the things suggested for figuring out the protocol was to write a simple proxy program that relays the data sent from the client to the server and vice versa, while saving the raw binary data to a log file inbetween. This made me interested in doing some programming again, and as such, I started the basis of a small proxy program for World of Warcraft. However, I figured there wouldn't be much point in doing that, and subsequently trying to figure out the encryption algorithm used to encrypt the packets, if this information was already known. I know there are some server emulators out already, and I even have the source for an emulator written in C#, my preferred language for the time being. I believe it's called WoWDeamon or something. However, this emulator seems to be for an older version of WoW, and seems to be slightly buggy. At least I haven't been able to figure out how to use it with my version of WoW yet. As a result, I decided to make a post here to see if there's any generally known information about the World of Warcraft protocol out there, aside from the fact that it seems to use TCP exclusively for communication. What I am specifically interested in is knowing a recent algorithm used for encrypting the packets ('recent' as in a recent version of WoW), as I have spent countless hours scouring the net for information about the WoW protocol in general, and there doesn't seem to be much info out there. Thanks in advance!

Sponsor:

#2 thallish   Members   -  Reputation: 202

Like
0Likes
Like

Posted 12 February 2007 - 10:25 PM

That sounds awfully illegal. You want to program a piece of some software that can decrypt the data send from the client to the server? If you accomplish this what would stop you from changing the data sent(other than moral)? This would lead to compromised data and that, I guess, would not be in Blizzard's interest. So I venture a guess that the encryption protocol is classified.



#3 Afr0m@n   Members   -  Reputation: 100

Like
0Likes
Like

Posted 12 February 2007 - 10:33 PM

Uhm, I'm guessing nothing would stop me from changing the data sent from the client to the server if I managed to decrypt it, but that's really not my intention, and I'm guessing that if some vital data is changed, my client would probably be booted off the server right away. As a general rule, encryption is mostly used to avoid people making server emulators/gaining information about the protocol at large, not to stop people tampering with the data sent (like, for instance, gaining a huge boost in running speed, which, in the case of most MMORPGs, would cause any client doing so to get booted off immediately, as well as possibly being logged, so that the account would get a warning/be banned).

#4 sharpnova   Banned   -  Reputation: 108

Like
0Likes
Like

Posted 12 February 2007 - 11:00 PM

There is little or no chance of the OP being able to hack anything or cheat to gain any unfair advantage in the game. However, emulating servers is illegal in the case of WoW. He should have asked more discreetly about the process of generating such a log file in general.

#5 Ranor   Members   -  Reputation: 128

Like
0Likes
Like

Posted 12 February 2007 - 11:26 PM

Quote:
Original post by sharpnova
There is little or no chance of the OP being able to hack anything or cheat to gain any unfair advantage in the game. However, emulating servers is illegal in the case of WoW. He should have asked more discreetly about the process of generating such a log file in general.

Isn't it illegal to emulate pretty much any of the big mmrpgs? I know there many Ultima Online emulators avaible and some of them are supposedly quite big as well. Isn't there Lineage emulators also?

What is it that makes it specifically illegal to write a WoW emulator than to emulate the other mmrpgs? Aren't they all illegal, or is some more/lesser illegal than the others? :P



#6 DogCity   Members   -  Reputation: 553

Like
0Likes
Like

Posted 13 February 2007 - 06:33 AM

AFAIK it isn't and legaly can't be illegal to write a server emulator. However, providing that server for public consumption is a grey area. Consequently, charging for the service is highly illegal.
------ ----- ---- --- -- -Export-Games.com is searching for talented and friendly developers. Visit our Help Wanted post for more info!My Indie development uber Journal - A game production walk through.

#7 Promit   Moderators   -  Reputation: 7695

Like
0Likes
Like

Posted 13 February 2007 - 06:37 AM

Regardless of whether or not it's actually legal, Blizzard takes a very dim view of people doing this sort of thing, and I'm fairly sure that the DMCA will become involved in documenting their encryption. (It is reverse engineering, after all.) They've been quite proactive in stopping anyone doing this sort of work from getting anywhere.

I'm closing this thread for now, given Blizzard's harsh attitude towards this sort of work in the past and the unclear legality of the issue.

#8 Promit   Moderators   -  Reputation: 7695

Like
0Likes
Like

Posted 13 February 2007 - 08:30 AM

Re-opened after further review.

#9 TehDonutGuy   Members   -  Reputation: 184

Like
0Likes
Like

Posted 13 February 2007 - 02:02 PM

The main reason for encryption is privacy. Any realistic company can realise that encryptions can be reversed easily by someone with access to their client, but for someone sniffing along the line, it's not such an easy task. There is the benefit of having a protocol protected from amateur hackers, but they know it'll be reversed eventually anyway. The privacy means someone on a network won't be able to peek at somebody's login for instance, infact, theres probably additional encryption/hashing for u/n and passwords.

It's not completely legal or illegal to emulate, but there are some real boundaries you shouldn't cross. The first legal issue is you're directly opposing the Terms of Agreement set by Blizzard. Particularly "4. Limitations on your use of the service". I'd advise you read it and read it again if neccesary. It sums up that you can't emulate their game, however, there are usually holes in ToA/S that can avoid court, I've not looked much into Blizzards though. There are other legal issues involved in reverse engineering encryption algorithms, attempting to 'hack' Blizzard servers (by means of sending custom structures, which is usually required to completely reverse a protocol), etc.

Copyrights are quite easy to get around if you avoid immitating their service precisely, and very importantly, use chinese wall techniques. I'd guess most server emulators have probably ripped the encryption method from the client or made a HLL version of it, but they're still similar in too many ways that it's a breach of copyright.

In most cases the developing companies do not have the resources to combat server emulators and crackers. The bigger games, although provide more resources, generally have more people cracking them. The bigger companies have realised that the way to prevent emulation is to deter people from playing the clones rather than trying hopelessly to stop it with code.

There have been relatively few legal cases in comparison to the quantity of emulators around for various games. A recent one was FBI raids on Lineage2 server emulators based in America. The scenario here was people were usng copyrighted work (leaked NCSoft code), and they were silly enough to host them in America. You'll find that most server emulators host throughout europe or elsewhere where the legality isn't so well defined.

On-topic. Encryption algorithms are simple to reverse. You need some moderate knowlegde of assembly, processor architecture and any API's involved, particularly the socket ones (I'm assuming Winsock is used). In brief, attach a debugger, set a breakpoint on recv()/WSARecv(), which will trigger when a packet is received. Look at lpBuffer or lpBuffers in memory and if neccesary set hardware breakpoints on encrypted parts, if you continue code execution, it'll break when the code tries to access or modify the packet buffers, which you can assume or check, if it's for decrypting. You now know the location of the encryption algorithm and it's usually very easy to make sense of. I'm not going to needlessly give more info than that.

Ah, and my opinion on the topic, it doesn't really belong here. I would re-clsoe it tbh. There are places other than here you can find out about this, and it's generally off topic to this forum.

#10 hplus0603   Moderators   -  Reputation: 5739

Like
0Likes
Like

Posted 13 February 2007 - 03:51 PM

Discussion of network protocols belong in this forum.

The DMCA may make it illegal to perform certain reverse engineering of certain protected digital restrictions management schemes. However, any encryption used by a networked game client/server game has nothing to do with copy protection or digital restrictions management, and thus I would be very surprised if the DMCA would apply to that case. I am, however, not a lawyer; if you want legal advice you should ask one licensed to practice in your locale.

In certain jurisdictions, I am led to understand that reverse engineering is explicitly allowed when done to enable interoperability between separate systems. A user-written server and a commercial client would be construed separate systems by me -- I have no idea what the European courts think on the matter.

Last, a word on terminology: Blizzard may have some kind of implicit contract between itself and its players. As far as I understand it, breach of that contract would not be "illegal," it would be a civil matter between you and Blizzard. I don't think that's what the word "illegal" actually means, as it doesn't usually apply to civil contract law (barring criminal fraud, etc); the term "illegal" typically refers to criminal law in my experience.

#11 TehDonutGuy   Members   -  Reputation: 184

Like
0Likes
Like

Posted 14 February 2007 - 04:11 AM

Yeah, Copyrights are easy to get around if you use the right techniques, though there are still undefined legal boundaries about the reverse engineering of encryptions used for privacy. As mentioned, using a chinese wall technique is an sure way to avoid the legal troubles with copyrights. Copyrights aren't the problem, it's patents that are more well defined. Patent's can prevent you from creating derivative works even if they're completely independent of the original implementation. These would prevent you from having direct clones in an emulator, for which you'd have to discard or modify the client to overcome (which is also a legal issue). There are plenty of patent's used in the WoW protocol and the game virtualisation.

You also need to consider how you would connect the client to your emulator without modifying it. If it uses DNS to retreive the address, you're in luck, as it's a simle HOSTS edit. Otherwise, you're probably gonna wind up modifying client files, unless you wanna go for a more complex route involving the Winsock SPI. It's not a good idea to blatantly advertise that you edit game files if you're already on the border of legality with the emulator.

A word on the Terms of Service. This IS a legal contract, and it can be used in a court (although, their have been few successful cases). The first things you need to make sure of is that you must actively agree to the contract and that it is validated by means of a registered email/home address. I've seen instances where you can navigate directly to a sign-up page to avoid reading the ToA, or ones that aren't validated through email. These are practically useless, as there's no evidence that you agreed to it ever. If you read the WoW ToS, you'll see it's governed by CA law. Most games are, because the laws offer protection for the developers.

Also, I'm no lawyer myself, but I've been involved in the server emulation seen in the past, and understand a fair amount of the legal issues surrounding it. There are some borders which you can definately not cross, but most of them aren't well defined, and if you can find part of the contract/system or laws to exploit, make the best of it.

I would still consider this thread off-topic to this forum. While I agree protocol discussion is welcome here, an encryption algorithm is hardly network related. These kind of topics are usually kept in private/underground forums as to avoid the popularity and legal issues surrounding it. If this site is seen as a welcome place for game crackers, there'll be alot of hassle surroinding it, you'll also have the idiots who might find it in google if they mix "WoW" and "Hack" in the same search, in that case you'll have a plethora of rediculous questions you didn't think any human was stipud enough to possibly ask.

There's also a couple of paragraphs in the ToU of this site that outline discussion of anything that may infringe on intellectual property rights. I think this clause is there to avoid exactly this kind of discussion.

#12 RdF   Members   -  Reputation: 100

Like
0Likes
Like

Posted 14 February 2007 - 05:32 AM

Click through agreements are as about as binding as a very non-bindy thing. Think it hinges on being entitled to play the game after the contract was established at point of sale. email reg and continual billing systems is likely a different kettle of fish and in those cases updating the ToA after the initial agreement would be usless, it's beyond reasonable expectation for you to review the text every time you log on. [dependant on country of residence etc] Play nice and none of that'll be a problem

Anyway, sure that WOW uses a custom protocol for some of it's comms. Probably just the login right enough. I'm sure google must know

#13 Ranor   Members   -  Reputation: 128

Like
0Likes
Like

Posted 14 February 2007 - 05:52 AM

Quote:
Original post by TehDonutGuy
There's also a couple of paragraphs in the ToU of this site that outline discussion of anything that may infringe on intellectual property rights. I think this clause is there to avoid exactly this kind of discussion.

You have to consider that basicully anything "may infringe on intellectual property rights". Writing a Tetris clone might infringe on someones rights. Yet it is a pretty common starting point, and recommended in gamedev.net beginner articles.

With all the EULAs etc people agree to when they install applications they most likely break a lot of them every time they post on gamedev.net. Bragged about how one of your algorithms run faster in .NET? The .NET EULA actually forbids you to make "benchmarks" avaible.

I have even seen software who tries in their EULA to forbid the user to create similar applications, as they fear the open source movement.

What I try to say is that if discussing anything that might infringe on someones intellectual property rights was totally forbidden on gamedev.net, then this website would no longer exist. A lot of companies, and people in general seem to believe they have more rights to their work than they actually have.

It is like when I asked my professor, "Why doesn't commercial software developers credit their sources?". "They are, unlike academic world, afraid to be sued", he replied.

Edit: It is most likely wrong to make a WoW emulator. Atleast ethically and probably illegal as well. However I think discussing what rights we have as software developers is something that should be done more often, and open. People scared of reusing others ideas/concepts probably hurt the gamedev/software community more than what might be apparant.

#14 swordfish   Members   -  Reputation: 276

Like
0Likes
Like

Posted 14 February 2007 - 05:57 AM

Quote:
A group of gamers reverse engineered the network protocol used by Battle.net and Blizzard games, and released a free (under the GNU GPL) Battle.net emulation package called bnetd. With bnetd, a gamer is not required to use the official Battle.net servers to play Blizzard games.

In February of 2002, lawyers retained by Blizzard threatened legal action under the Digital Millennium Copyright Act against the developers of bnetd. Blizzard games are designed to operate online exclusively with a set of Blizzard-controlled servers collectively known as "Battle.net". Battle.net servers include a CD key check as a means of preventing software piracy.

Despite offers from the bnetd developers to integrate Blizzard's CD key checking system into bnetd, Blizzard claims that the public availability of any such software package facilitates piracy, and moved to have the bnetd project shut down under provisions of the DMCA. As this case is one of the first major test cases for the DMCA, the Electronic Frontier Foundation became involved, for a while negotiations were ongoing to resolve the case without a trial. The negotiations failed however, and Blizzard won the case on all counts: the defendants were ruled to have breached both StarCraft's End User License Agreement (EULA) and the Terms of Use of Battle.net.

This decision was appealed to the Eighth Circuit Court of Appeals, which also ruled in favor of Blizzard/Vivendi on September 1, 2005.


From Wikipedia

#15 asp_   Members   -  Reputation: 172

Like
0Likes
Like

Posted 14 February 2007 - 08:35 AM

The initial communication is unencrypted and uses a modified version of SRP6 for password verification and key exchange. Following packet headers are encrypted with RC4. At least this is correct if my memory serves me right. In order to write a server you'll need to do some heavy reverse engineering or find a document written by someone who has done the reverse engineering. There are papers available but I don't have a link handy.

#16 Afr0m@n   Members   -  Reputation: 100

Like
0Likes
Like

Posted 14 February 2007 - 09:47 AM

Thanks for all the info so far! :) In particular, thanks to asp_ and TehDonutGuy for providing very helpful information that is very relevant to the original post. However, I would also like to thank everyone else for joining in, and please don't hesitate to voice your opinion in this thread if you feel like it - seems like this forum definately needed a debate on this particular topic.

#17 hplus0603   Moderators   -  Reputation: 5739

Like
0Likes
Like

Posted 14 February 2007 - 10:25 AM

Donut: unless you're a lawyer, please don't attempt to give legal advice.

Regarding the Wikipedia case: it only states that they won the civil claims, not that they were actually found to infringe the DMCA. I'm not familiar with the details of the case, but it'd be interesting if they could claim such broad protection of "facilitating" piracy -- in that case, taping over the write protect hole on a floppy disc might "facilitate" piracy, too, as you can write pirated data onto that floppy.


#18 TehDonutGuy   Members   -  Reputation: 184

Like
0Likes
Like

Posted 14 February 2007 - 11:16 AM

Unless you're a lawyer, don't contradict my legal advice. Isn't it the same thing?

My opinons aren't just spun up, there is reasoning/evidence behind them. The reason I've not posted protocol information here is because I'm cautious about the legality. I'm not all-knowledgeable about this issue, and I don't believe you are either.

I don't expect for people to take what I say as fact. I believe anyone serious enough would do their own research into it rather than relying on the opinions of a single community. I mean for my posts to inform on certain issues rather than describe them intently. I do welcome any contradictions on my opinions about it, and would be more than interested to hear other peoples.

What I'm trying to avoid doing unlike some of the other posters, is giving people the false sense of security that what they are doing is completely legal, because it definately is not.

If you encounter a legal threat because you were overconfident about the legality of your emulator, then it's a good assumption that you have no chance of affording the legal expertise that a multi-million dollar company can (In the case of Blizzard, a billion dollar company?). I personally would consider every angle possible to avoid the possibilty of that scenario.

If WoW uses open encryption standards as suggested here, then I guess it's fine to belong in this forum, but some other patented information probably doesn't, because Blizzard would request it's removal if they were informed, and it's then a legal responsability of gamedev to remove it. I don't wanna insinuate that nothign should be posted, just, better to check the legal issues before doing so.

@RdF: Do some research before posting potentially fallacious arguments. Follow the example of swordfish.

@Ranor:
You have valid points on the IP rights. I think the clause here at GD is aimed at protecting gamedev (and yourselves) from legal bother by monitoring the amount of IP rights. If a simple game like tetris was being discussed as a clone (lets, for arguments sake say it's a recent, commercial, simple game for a cell phone or such), and the owner of the IP rights was aware of the discussion, they could request it be removed and it would be GDs legal responsability to do so. You can't really compare WoW to something as outdated as tetris that doesn't have the protective developer behind it.

I definately think the legal issue should be kept open for discussion, but it extends alot further than just WoW. It should really be in it's seperate thread and the WoW thread be left open for those who aren't too concerned about being law-abiding.

#19 Battlemarch   Members   -  Reputation: 126

Like
0Likes
Like

Posted 14 February 2007 - 04:55 PM

Let me begin by asking that this thread not be closed. I believe that it is a discussion of a valid topic in which I and others might learn something.

Now, IANAL , nor do I play one on TV. But I have learned enough to be dangerous (by reading Groklaw), so, if you want real legal advice, go ask Slashdot.

Humor aside...

The best place to begin looking for info about the bnetd case would be:
The Electronic Frontier Foundation, Analysis of BNETD and Blizzard and From Ars Technica: "broke Blizzard's EULA, which bars users from reverse-engineering the software. In addition, the court also upheld the lower court's finding that BnetD violated the DMCA's prohibition against circumventing software antipiracy measures"

Search for reverse engineering here.

For more about the enforceability of click through EULAs, search about half way down for "orders the case to be moved to arbitration". Another good article from EFF is "A User's Guide to EULAs"

Almost there....

Now, I recall reading about a background process, Warden, that Blizzard runs on machines that looks for cheating in Wow. If you are interested in that, go search on "Greg Hoglund", the author of the book "Rootkits" who released KEEPING BLIZZARD HONEST - Announcing the release of 'The Governor' (and the reason to read this site is to learn to write a better Warden for your own game)

Now, having gotten all that out of the way, for the sake of this academic discussion, let's assume that no one is trying to cheat, steal or otherwise do something bad or illegal. If I recall correctly, making an emulator (reverse engineering, remember IBM and Compaq?) is not in and of itself illegal. How might someone go about learning how to debug the data communications to build an emulator as a first step towards building their own client/server game?

And finally, really, if you want to make an emulator, seek advice from a real lawyer.

Bill





#20 stormwarestudios   Members   -  Reputation: 215

Like
0Likes
Like

Posted 15 February 2007 - 03:26 AM

In regard to the original topic, these guys seem to have gotten it working already...




Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS