wc3edit.net

United Warcraft 3 map hacking!
It is currently March 19th, 2024, 7:51 am

All times are UTC




Post new topic Reply to topic  [ 12 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: Hidden activators
PostPosted: February 1st, 2020, 11:34 pm 
Offline
Newcomer

Joined: April 20th, 2019, 12:34 am
Posts: 2
Where is the activator hidden? What should i look for/pay attention to in the future when I will be looking for the activator?


You do not have the required permissions to view the files attached to this post.


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 2nd, 2020, 3:25 am 
Offline
Also Not an Admin, but closer than devoltz
User avatar

Joined: February 14th, 2018, 5:35 am
Posts: 1791
Title: Just Another S.Mod
Code:
if StringHash(GrimS)==836025351 and NBAC[ii]==true and not IsPlayerInForce(p2p,CHEATER) then


StringHash. Just give up.


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 2nd, 2020, 4:22 am 
Offline
Shopping Maul USA Creator
User avatar

Joined: January 18th, 2007, 11:07 am
Posts: 1989
Location: Calgary Canada
Title: No Comment
nuzamacuxe wrote:
Just give up.


:shock: Savage


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 2nd, 2020, 1:23 pm 
Offline
Newcomer

Joined: April 20th, 2019, 12:34 am
Posts: 2
FeelsBadMan


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 4th, 2020, 8:20 am 
Offline
Member

Joined: August 5th, 2009, 1:39 am
Posts: 99
what does the stringhash mean lol. does that mean it just takes you on a journeey of looking through code?


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 5th, 2020, 2:50 pm 
Offline
Also Not an Admin, but closer than devoltz
User avatar

Joined: February 14th, 2018, 5:35 am
Posts: 1791
Title: Just Another S.Mod
You need to decrypt the number code. It's encrypted.


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 8th, 2020, 7:06 pm 
Offline
Super Moderator

Joined: February 3rd, 2009, 11:28 pm
Posts: 2394
To clarify: it is hashed (not encrypted). Hashing is a one-way method that turns a value into a different representation of that value. It's easy to compare another value to the first one because you just apply the same hash function to it and then compare the output values, but it is not possible to take a hash and turn it back into the original value in constant time since it's a one-way function. It being one-way and having a limited output space means that collisions are possible (two different values resulting in the same hash).

Hashes are often used to store user passwords (plus additional security) so that if the database is broken in to, the hacker can't discover people's passwords.

Hashes are not necessarily unbreakable. What you can do is "brute force" it, meaning you try hashing a ton of different values until you find one that results in the hash you're looking for. The simplest way of doing this is building a massive loop that builds random strings and then hashes them and finds if the hash matches. Whether this will work depends on the complexity of the original activator they used. If it's a 25-character activator, it'll take you a few billion years to find it. If it's maybe a 6 character activator then you can find it pretty easily by brute force. You can also try common dictionary words or things you might suspect that they would use for an activator.


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 9th, 2020, 2:45 am 
Offline
Shopping Maul USA Creator
User avatar

Joined: January 18th, 2007, 11:07 am
Posts: 1989
Location: Calgary Canada
Title: No Comment
owner123 wrote:
... it'll take you a few billion years to find it.



Double Savage.


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 12th, 2020, 3:12 pm 
Offline
Newcomer

Joined: September 5th, 2009, 2:20 am
Posts: 19
StringHash only produce 32bit integer and it not aim to protection purpose, so it weak and easy to get a collision string instead of real string. Just make a bruteforce with any language code you know (not jass because it very slow and have limit execute time for 1 function). I'm sure you will get a collision string within 4 to 8 character length (charset for bruteforce just A-Z0-9). I'm strongly advice you make code run on GPU (faster than CPU x10 time), you will get collision string within 15s.


Top
 Profile  
 
 Post subject: Re: Hidden activators
PostPosted: February 15th, 2020, 8:38 pm 
Offline
Super Moderator

Joined: February 3rd, 2009, 11:28 pm
Posts: 2394
Interesting, didn't know that.

Is the source code available for the StringHash function so that we can replicate it? If it's 32bit then brute forcing in Java or something would be trivial but we'd need to write code to replicate the StringHash JASS function. For that reason I was thinking of just writing one in JASS, there are ways around function execution limit, though it's true it'd be pretty slow

(edit) Yeah someone did reverse engineer the code for it: https://www.hiveworkshop.com/threads/bi ... st.213272/
Maybe someone can write a little script to break stringhashes. I might do it if I get the time.

(edit2) After coding up a script to break SStrHash2, I realized the C++ code provided is wrong.
It doesn't match what's in WC3 at all.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 12 posts ]  Go to page 1, 2  Next

All times are UTC


Who is online

Users browsing this forum: Bing [Bot] and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO


Privacy Policy Statement
Impressum (German)