State of the Warden module

Discussion in 'Maps, Patches & Mods: Diablo' started by Ultimate Empire, Sep 1, 2011.

  1. Ultimate Empire

    Ultimate Empire BattleForums Addict

    Joined:
    May 18, 2003
    Messages:
    701
    Likes received:
    0
    Trophy points:
    0
    Here are a couple of open questions to the D2 hacking community:
    -Does Blizzard still actively employ the Warden anti-hacking module with D2/WoW/SC2?
    ---It is hard to find 'current' information about Warden, since most of the research that is out there is from 2006-2009. My guess is that it rarely gets new dynamic updates for D2.

    -Have warden updates (in the past) checked for 'specific' or 'generic' types of code. For example, has it been known to detect only 'specific' injections/modifications/client desyncing scenarios....or does it look for 'generic' techniques, such as any 3rdparty dll injection, etc.
    ---Understandably, the people writing the dynamic updates for the Warden code could employ either of these sets of techniques.

    -Has there been any public effort to RE any of the warden's dynamic updates?
    ---I would be interested in knowing whether they have previously utilized shared game-state inside the status response message they send, to confirm to the server that Warden is alive and kicking.
     
  2. T3h Sorrow

    T3h Sorrow "Best ***s on the forum"

    Joined:
    Nov 2, 2006
    Messages:
    869
    Likes received:
    0
    Trophy points:
    16
    From:
    Frederick
    pretty much what happens, or is speculated to happen, for diablo 2 is on reset they will ban everyone that is flagged for hacks.

    i've been using a bot/MH for a month so far and nothing, knock on wood.
     
  3. Wing Zero

    Wing Zero lol just as planned

    Joined:
    Oct 27, 2002
    Messages:
    12,203
    Likes received:
    12
    Trophy points:
    38
    From:
    Philly
    the valve approach to anti hacking
     
  4. Ultimate Empire

    Ultimate Empire BattleForums Addict

    Joined:
    May 18, 2003
    Messages:
    701
    Likes received:
    0
    Trophy points:
    0
    Found this over at blizzhackers, released a week ago by gonzoj:

    Looks like would be a very handy library to re-use in order to offensively check warden code.

    After checking out the code, its written for linux. It uses <sys/ptrace.h> for the D2 process/memory/breakpoint handling which is 'very-much' linux. For a port to Windows, you'd need to use Windows functions like DebugActiveProcess, ReadProcessMemory, WriteProcessMemory.

    Obviously since this a clientless (no D2 install needed) botting application, the choice of linux versus windows was up to the original dev.
     
  5. Ultimate Empire

    Ultimate Empire BattleForums Addict

    Joined:
    May 18, 2003
    Messages:
    701
    Likes received:
    0
    Trophy points:
    0