Server Help

Misc User Apps - Macrowhiz

la - Fri Jul 29, 2005 3:14 pm
Post subject: Macrowhiz
To better assist in bandwidth issues here, you can download Macrowhiz directly from my site. Total File size is 827K

Macrowhiz is a unique chat tool for subspace, then continuum. I Started it back in 96 while testing for VIE, and never made it public except to a few ppl until now.
I hope you use it for what it was made for, not for foolishness as It can and will get you banned.

La's Macrowhiz
D1st0rt - Mon Aug 15, 2005 11:45 am
Post subject:
Very nice! May I ask how it works? I mean, I assume it generates keystrokes, but it worked even when I had the chat window minimized and had focus on a different one. All the stuff I've worked on requires the focus to be on the text component I want it entered to.
Bak - Mon Aug 15, 2005 2:06 pm
Post subject:
Can I ask what it does? Seems like it's just a chat tool, and you need continuum running to use it (and continuum comes with it's own chat mode).
la - Mon Aug 15, 2005 3:04 pm
Post subject:
It's just a simple Macro tool for Multi-line chat.

It is coded to work with continuum so that once you are running continuum, it knows it is running, and is ready to flood whatever text you input.

I used API calls to make it work, and if you want to understand better on how to interact with the UDP and TCP packets I suggest you download Ether Detect.
The Continuum protocol's themselves are encrypted, and althought I have decrypted them, I will not be releasing that information.

It would make Prittk cry icon_sad.gif

Perhaps this will help some of you to have a better understanding of Winsock functions.




Code: Show/Hide


API Declarations
Option Explicit

Public Const SOCKET_ERROR = -1
Public Const AF_INET = 2
Public Const PF_INET = AF_INET
Public Const MAXGETHOSTSTRUCT = 1024
Public Const SOCK_STREAM = 1
Public Const MSG_PEEK = 2

Private Type SockAddr
    sin_family As Integer
    sin_port As Integer
    sin_addr As String * 4
    sin_zero As String * 8
End Type

Private Type T_WSA
    wVersion As Integer
    wHighVersion As Integer
    szDescription(0 To 255) As Byte
    szSystemStatus(0 To 128) As Byte
    iMaxSockets As Integer
    iMaxUdpDg As Integer
    lpVendorInfo As Long
End Type

Dim WSAData As T_WSA

Type Inet_Address
    Byte4 As String * 1
    Byte3 As String * 1
    Byte2 As String * 1
    Byte1 As String * 1
End Type

Public IPStruct As Inet_Address

Public Type T_Host
    h_name As Long
    h_aliases As Long
    h_addrtype As Integer
    h_length As Integer
    h_addr_list As Long
End Type

' KERNEL32.DLL funtions
Declare Sub CopyMemory Lib "kernel32.dll" Alias "RtlMoveMemory" (Dest As Any, Src As Any, ByVal cb&)

' WSOCK32.DLL functions
Declare Function gethostbyaddr Lib "wsock32.dll" (addr As Long, ByVal addr_len As Long, ByVal addr_type As Long) As Long
Declare Function inet_addr Lib "wsock32.dll" (ByVal addr As String) As Long
Declare Function GetHostByName Lib "wsock32.dll" Alias "gethostbyname" (ByVal HostName As String) As Long
Declare Function GetHostName Lib "wsock32.dll" Alias "gethostname" (ByVal HostName As String, HostLen As Long) As Long
Declare Function WSAStartup Lib "wsock32.dll" (ByVal a As Long, b As T_WSA) As Long
Declare Function WSACleanUp Lib "wsock32.dll" Alias "WSACleanup" () As Integer
Declare Function Socket Lib "wsock32.dll" Alias "socket" (ByVal afinet As Integer, ByVal socktype As Integer, ByVal protocol As Integer) As Long
Declare Function ConnectWinsock Lib "wsock32.dll" Alias "connect" (ByVal sock As Long, sockstruct As SockAddr, ByVal structlen As Integer) As Integer
Declare Function send Lib "wsock32.dll" (ByVal sock As Long, ByVal msg As String, ByVal msglen As Integer, ByVal flag As Integer) As Integer
Declare Function recv Lib "wsock32.dll" (ByVal sock As Long, ByVal msg As String, ByVal msglen As Integer, ByVal flag As Integer) As Integer
Declare Function htonl Lib "wsock32.dll" (ByVal a As Long) As Long
Declare Function ntohl Lib "wsock32.dll" (ByVal a As Long) As Long
Declare Function htons Lib "wsock32.dll" (ByVal a As Integer) As Integer
Declare Function ntohs Lib "wsock32.dll" (ByVal a As Integer) As Integer
Declare Function closesocket Lib "wsock32.dll" (ByVal sn As Long) As Integer

Module
Function HostByName(sHost As String) As String
    Dim s As String
    Dim p As Long
    Dim Host As T_Host
    Dim ListAddress As Long
    Dim ListAddr As Long
    Dim Address As Long

    s = String(64, 0)
    sHost = sHost + Right(s, 64 - Len(sHost))
    p = GetHostByName(sHost)
    If p = SOCKET_ERROR Then
        Exit Function
    Else
        If p <> 0 Then
            CopyMemory Host.h_name, ByVal p, Len(Host)
            ListAddress = Host.h_addr_list
            CopyMemory ListAddr, ByVal ListAddress, 4
            CopyMemory Address, ByVal ListAddr, 4
            HostByName = InetAddrLongToString(Address)
        Else
            HostByName = "No DNS Entry"
        End If
    End If
End Function

Private Function InetAddrStringToLong(Address As String) As Long
    InetAddrStringToLong = inet_addr(Address)
End Function

Private Function InetAddrLongToString(Address As Long) As String
    CopyMemory IPStruct, Address, 4
    InetAddrLongToString = CStr(Asc(IPStruct.Byte4)) + "." + CStr(Asc(IPStruct.Byte3)) + "." + CStr(Asc(IPStruct.Byte2)) + "." +   CStr(Asc(IPStruct.Byte1))
End Function

Function HostByAddress(ByVal sAddress As String) As String
    Dim lAddress As Long
    Dim p As Long
    Dim HostName As String
    Dim Host As T_Host

    lAddress = inet_addr(sAddress)
    p = gethostbyaddr(lAddress, 4, PF_INET)
    If p <> 0 Then
        CopyMemory Host, ByVal p, Len(Host)
        HostName = String(256, 0)
        CopyMemory ByVal HostName, ByVal Host.h_name, 256
        If HostName = "" Then HostByAddress = "Unable to Resolve Address"
        HostByAddress = Left(HostName, InStr(HostName, Chr(0)) - 1)
    Else
        HostByAddress = "No DNS Entry"
    End If
End Function

Private Function ResolveHost(sHost As String) As Long
    Dim lAddress As Long

    lAddress = InetAddrStringToLong(sHost)
    If lAddress = SOCKET_ERROR Then
        ResolveHost = inet_addr(HostByName(sHost))
    Else
        ResolveHost = lAddress
    End If
End Function

Public Function WinsockConnect(ByVal m_RemoteHost As String, m_RemotePort As Long, iSocket As Long) As Boolean
    Dim sock As SockAddr
    Dim sRemoteIP As String
    Dim x As Long
    Dim bAddr(0 To 3) As Byte
    Dim i As Integer

    iSocket = Socket(AF_INET, SOCK_STREAM, 0)
    If iSocket < 1 Then
        WinsockConnect = False
        Exit Function
    End If
    sRemoteIP = ""
    sock.sin_family = AF_INET
    x = ResolveHost(m_RemoteHost)
    CopyMemory bAddr(0), x, 4
    For i = 0 To 3
        sRemoteIP = sRemoteIP & Chr(bAddr(i))
    Next
    sock.sin_addr = sRemoteIP
    sock.sin_port = htons(m_RemotePort)
    sock.sin_zero = String(8, 0)
    If ConnectWinsock(iSocket, sock, Len(sock)) Then
        WinsockConnect = False
        Exit Function
    End If
    WinsockConnect = True
End Function

Public Sub WinsockInit()
    WSAStartup &H101, WSAData
End Sub


CypherJF - Mon Aug 15, 2005 3:48 pm
Post subject:
If someone publically released proof they've cracked it; it'd force PriitK to update the game. tongue.gif
Cyan~Fire - Mon Aug 15, 2005 3:58 pm
Post subject:
emot-wtf.gif

You are very confusing.

la wrote:
The Continuum protocol's themselves are encrypted, and althought I have decrypted them, I will not be releasing that information.

I don't believe that, and I especially hope you're not claiming this program decrypts the packets seeing as it doesn't even make any winsock DLL calls.

And anyway, last I checked, VB doesn't use MFC, so I don't know why you're even talking about VB with this program (which even has that stupid MFC icon).

And anyway, last I checked, you don't spell "test" like this:

Bak - Mon Aug 15, 2005 4:24 pm
Post subject:
conitnuum ignored leading spaces... which is why bots will often put in a period when dumping stats and alignment is desired
Maverick - Mon Aug 15, 2005 6:39 pm
Post subject:
Cyan~Fire wrote:

I don't believe that, and I especially hope you're not claiming this program decrypts the packets seeing as it doesn't even make any winsock DLL calls.

ditto

What this program has to do is store text in the right part of the memory by using pointers to the correct memory location. Still funny how it works though.
la - Mon Aug 15, 2005 8:49 pm
Post subject:
Quote:
I don't believe that, and I especially hope you're not claiming this program decrypts the packets seeing as it doesn't even make any winsock DLL calls.


#1 I have made no such claim.
#2 Myself and a few others have infact broke prittk's encryption.
#3 No, We will never give out the information to ANYONE.
#4 Macrowhiz was not built using anything found with Ether Detect.
#5 No, Macrowhiz does not utitlize ANY Winsock DLL's
#6 Macrowhiz was not written in VB, but C++

As far as Ether Detect, I did not make the program. It is just a method to sniff packets and for the wouldbe assembly programmers
it just provides a method to pick apart packets. The encryption Prittk used was very, very, very clever, however it was by far not un-breakable.


Just so everyone understands me.. I make no claims at 'hax0ring' anything. I am just a free minded individual who likes to see how things tick.

One last thing ... I have nothing to prove to anyone, or myself.
I know my capabilities.


Have a great day icon_smile.gif
Mine GO BOOM - Mon Aug 15, 2005 8:54 pm
Post subject:
la wrote:
The encryption Prittk used was very, very, very clever, however it was by far not unbreakable.

I'd say. Anyways, if you do feel that you and others have broken it, I'd recommend sending anything you have related to it to Ghost Ship or Ekted. Both are those individuals have the best chance of getting direct contact with Priit, and this would be a very good way to get Priit to release an updated client.

If you need to contact either one, Ekted reads these forums. If you'd like a more direct email address for Ghost Ship, send me a private message via these forums. I don't know what he uses for a public address right now.
la - Mon Aug 15, 2005 8:57 pm
Post subject:
I would be happy to inform Priit of our findings.

I will pm you MGB
D1st0rt - Tue Aug 16, 2005 1:58 am
Post subject:
Oh wow, I didn't realize it actually sent packets. I had always just worked on stuff that faked user input sa_tongue.gif

Cyan--

Cyan~Fire - Tue Aug 16, 2005 4:33 pm
Post subject:
This program doesn't, but he's claiming he can if he wants to.

And how did you do that?
Smong - Tue Aug 16, 2005 6:05 pm
Post subject:
In your screenshot it half worked, some of the lines did have spaces at the front.
IronStrike - Wed Jun 22, 2016 5:56 pm
Post subject:
This is a long shot, does anyone still have this by any chance?
fatrolls - Fri Nov 04, 2016 5:46 pm
Post subject:
Heres the original one made by a Trench Wars player its very old
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group