Warden Packets

From SkullSecurity
Revision as of 04:02, 27 February 2008 by Ron (talk | contribs) (New page: This is about how to encrypt/decrypt the Warden packets, and what they mean. ==Generating encryption keys== Generating the keys used for encrypting Warden packets is a somewhat convolute...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This is about how to encrypt/decrypt the Warden packets, and what they mean.

Generating encryption keys

Generating the keys used for encrypting Warden packets is a somewhat convoluted algorithm, but it is fairly simple to implement. Here are the basic steps:

  1. Create a source of shared random data based on a seed
  2. Generate the outgoing key from the first 0x10 bytes
  3. Generate the incoming key from the next 0x10 bytes

The random source is basically a struct with 4 fields, which are initialized as such:

  • Current position [0x04 bytes]: 0
  • Data 1 [0x14 bytes]: 00 00 00 ....
  • Data 2 [0x14 bytes]: WardenSHA1(first half of seed)
  • Data 3 [0x14 bytes]: WardenSHA1(second half of seed)

Data is read one byte at a time, and Current position is incremented. Immediately after being created, or when Current position reaches 0x14, an update is performed:

  • Current position = 0
  • Data 1 = SHA1(Data 2, Data 1, Data 3)

That's it! All that's left is to read 0x10 bytes, generate the outgoing key (using the key generation function in Crypto_and_Hashing#Xor_Encryption), read 0x10 more bytes, and generate the incoming key.

Here is the code in C and in Java.


The Key

On Starcraft, the first 4 bytes of the CDKey hash are used. That's the actual CDKey has that's sent over the wire as part of SID_AUTH_CHECK.

Packet codes

===0x00 ===0x01 ===0x02