Password Hack

[HolyShytItsBob]

bncache sounds better, now i know wtf you are talking about lol.

 

[Me0wMixUp]

errr, i wasnt talking about the ip, i ment the connection memory address, and where it subsides :/ if you would lock your client side address as sumthin else, boom desync instantly :/ but it changes to fast

 

[InFerN0]

hahaha u guys just didnt so smart to figure out how that can work,i told u that my girl is made that for me,i get an idea and she uses her brain and take a little time and made that,but if u dont beleve me thats ur problem.u continue living in past and im making good bisnis with selling annihiluses on bnet for good items

 

[Starfish]

Originally posted by InFerN0
hahaha u guys just didnt so smart to figure out how that can work,i told u that my girl is made that for me,i get an idea and she uses her brain and take a little time and made that,but if u dont beleve me thats ur problem.u continue living in past and im making good bisnis with selling annihiluses on bnet for good items

is too smart posting here is! attention whore you are girl, friend made hack you brag girl about hacks make she good bisnis for good item is she brain?

in other words: stop the attention whoring

 

[xXLordSlippyXx]

Starfish, you should have closed this thread before you left

This will go nowhere, it's a usless waste of all our time, and I think password hacking is against BF rules.

 

[InFerN0]

u wana hack passwords?ok PM me something about that idea,like where the pass can be stored,what file,what tipe of file and so on,maybe we can do something about that if u realy want that.

 

[xXLordSlippyXx]

lol, close this thread, waste of time

 

[sam_the_man]

Inferno you are a ****ing moron .. i just read some of your shit in a different thread - maybe you should ASK someone what clientside means before you keep spouting off more stupid shit that no one wants to hear

 

[OMA]

ok - first of all that bullshit you came out with originally doesnt even make sense. You're talking about exploiting the d2 server first.. then you go on to say that you send them a trojan. THATS NOT AN EXPLOIT FOOL.

Second: if you know so much about d2: play it and get ur own elite account moron!

By the way - xxlordslippyxx that avatar pic is HOT - is that you?

 

[OMA]

Originally posted by HolyShytItsBob

[On Topic]
Im pretty sure that the pw is saved in memory somewhere, just its probably in a random location. I doubt that the servers run through every whisper you send and check to see if it contains your password. That would waste a whole lot of time and processing the servers dont need. They would have to load the pw, decrypt it, and find it.

Just thought i'd mention the fact that your password is stored nowhere except on bnet's servers. That is why you actually connect to the server before giving your password - not after.

The only way to steal an account is to send a trojan (remote access program) which contains a keylogger to the person with the desired account (a keylogger shows you exactly what they type) So when they login to their account you will get their password. SIMPLE! no exploits. Also i thought i'd just say that i know alot about computers and exploits etc so this is common knowlege to me - i havent stolen any accounts and i dont recommend it because its GAY!

Happy Gaming

 

[HolyShytItsBob]

Originally posted by OMA
Just thought i'd mention the fact that your password is stored nowhere except on bnet's servers. That is why you actually connect to the server before giving your password - not after.

The only way to steal an account is to send a trojan (remote access program) which contains a keylogger to the person with the desired account (a keylogger shows you exactly what they type) So when they login to their account you will get their password. SIMPLE! no exploits. Also i thought i'd just say that i know alot about computers and exploits etc so this is common knowlege to me - i havent stolen any accounts and i dont recommend it because its GAY!

Happy Gaming

Im sorry sir but the password IS stored in memory after you log on to b.net. Have you tried whispering yourself your password on b.net? It tells you you cant right..? Well open up a second d2 window and change the password of the account you just got on and then close that d2. Go back to the first one and whisper your password to yourself again...it still thinks thats your password. Its obviously a client side check. Easy as that.

 

[OMA]

dude - you are trying to send the password accross the SERVER and its the SERVER that stops you - not the GAME - the SERVER.. its got feck all to do with it being stored on your computer.

Logging onto the SERVER and changing the password is obviously going to change the file stored on the SERVER. Wether its a different d2 window or a different computer it wont matter.

It is NOT client side. but thx for the argument i guess

 

[HolyShytItsBob]

I know that is DOES change the password, thats the entire point, but when you try to whisper your old password on the first d2 it STILL THINKS ITS YOUR PASSWORD! That is obviously not a server side check dumbass...how about you try it then come back and tell me off. Quit trying to defend something you obviously havent tested. Once you log on...your password IS stored temporarily client side.

Look at it like this, the server is not going to go through ever message everyone on bnet sends and go through, find their pw, decrypt it, look for it in the message, and determine whether or not to allow the message. Thats too much for a server to do to process a simple message. But it does make more since for the client to make a simple check before it sends a message...its a whole lot less processing.

Will someone other than me do what im saying and prove to this guy its stored client side while your are logged on...?

 

[OMA]

ever tried deleting a file when its still in use? cant be done. if u got one account with the old pass settings going and one with the new pass then temporarily there is 2 passes on the server because bliz cant get rid of the old password while there is an account using it. fool.

 

[HolyShytItsBob]

Appending to a file or changing the file or reading the file can all be done even if it did stay OPEN while you were logged on to d2. (Which is unlikely because the server just checks to password you send to data in the file and is done with it, thus closing it.)
So what you are saying is that there is a file where your password is stored...and instead of just editing the file with the new password...blizzard decides to delete that file and make a new one...oh boy how did they ever think of that. There YOU go FOOL.

But since you know about computers and exploits then i guess i should trust you. Bullshyt, take what little knowledge you have and stop. What you are saying is ridiculous. Either that or you work for blizzard and you use your dumb methods of checking passwords and thus blizzard needs a new programmer. I could careless what you "know about computers and exploits" but you obviously know shyt about programming. You can open a file so that it is shared...you can even load whats into a file into memory and then delete the file. It is udder non sense that blizzard would open a file and leave it open while you were connected. Stop arguing in an argument you cannot win.

 

[iRokk]

If you want to crack passwords, why not just do it the old-fashioned way... Get Bruteforce and a large number of proxies (Since battle.net will block you for trying to connect too many times in a short period of time). This method would be more time consuming, but you could set it to run during school/work/sleep.

 

[oneyedMan]

[ has skiped the last 6 posts ]

u wana hack passwords?ok PM me something about that idea,like where the pass can be stored,what file,what tipe of file and so on,maybe we can do something about that if u realy want that.

Heres a qute from skuzzy back in the day when i was new to these forums.

If hacking passwords were easy, then passwords would be useless.

* Well somehting along them lines. *

Anyway, even if you did know where the password is stored, then you would still have to gain access to the victims computer. Why not just use a najort? , Because thats the only way your gonna get their password.

 

[Me0wMixUp]

i just wanna say... -.- yes passwords are stored, in the game memory, just open up a good old hex editor and search for your password in ascii... see clientside hosted -.-

 

[Decide]

K i just looked @ bncache (not telling ) but here is what i found:
It's a whole new ladder for Diablo II players! The 1.10 patch requires new ladder-specific characters if you want to participate on the ladder. It's a brand-new world for ladder-climbers, free from the pollution of high-level characters and their godly items! So get out there and stake your claim on the ladder!..=.?Diablo II accounts/CD keys tied to the use of a map-hack program are now subject to being disabled without warning. Map-hacks violate Battle.net's Terms of Use Agreement; we'll continue to take action to keep Battle.net safe and fun for all players.....?The 1.13 patch for Warcraft III Reign of Chaos and The Frozen Throne has been released! 1.13 possesses the Orc Campaign Acts II and III for The Frozen Throne, and for both Reign of Chaos and Frozen Throne 1.13 supports binding your email address to your Battle.net account so you can recover your password


etc. Obviously, the news is stored in here too. I also found this: [Server List Version]..VER=1001....[Server Gateways]..1=uswest.battle.net..2=useast.battle.net..3=asia.battle.net..4=europe.battle.net....[uswest.battle.net]..ZONE=8..ENU=U.S. West..FRA=U.S. Ouest....[useast.battle.net]..ZONE=6..ENU=U.S. East..FRA=U.S. Est....[asia.battle.net]..ZONE=-9..ENU=Asia..FRA=Asie....[europe.battle.net]..ZONE=-1..ENU=Europe..FRA=Europe..D

etc..
also, IX86ver1.mpq was in there too. This file holds valuable information, and id bet any money it includes the password, just encrypted.

 

[HolyShytItsBob]

Thank you people. This fag would not go down, but now he has nothing to defend. Good job OMA! I guess all your superior knowledge of computers and exploits really payed off...or not, fag. I was about ready to take this to the Asylum.