No doubt, but there were a lot of factors that contributed to WoW's decline

- Game going in the wrong direction - lots of recycled content, game being trivialized
- Long downtimes
- Bad customer service

didn't hack anyone as its complex for automation, i just tested with a friend for over an hour.
you just need to replace some of your session particulars with another person, and for a short time you'll be in control of the other party, then you get errors.

My suspicions are the same as Bashiok, this was well coordinated, and the guys targeted people from the start. Collected the passwords and details. Then they did the "hack at once.

I still don't understand why the game server would pass your session token to other members in the group and vice versa. I haven't done any testing but a wireshark or tcpdump file would interest me very much.

record a video... expose blizzard blaming technique....
now blizzard kept blaming the players.

^ +1 to this. The way blizzard posts the formal announcement is like, blaming players for not being careful/secured enough; and mentions nothing about the exploits.

i am going to try to replicate the exploit as well.

http://www.youtube.com/watch?v=8iQoOMJ9n8k

For you.

very irresponsible.

it is battle.net server not secured. not the players.

True. But I'm not surprised, that's how most of the business organisations AND the government works... play "Tai-chi" (push the blame to end users/citizen/anyone else than themselves)

Sigh, only hope Blizzard will fix this as soon as possible, doesn't matter if they don't want to admit their mistakes.. just fix it before my final exam is over

This post has been edited by polarzbearz: May 23 2012, 02:07 PM

aye. at least valve admitted.

since WOW has this problem, if i give hack i quit, that it
argue they dont give help hand

here's the setup tho a very very simplified one.

2 pc in the same network. By network I mean me and mate using my router.
No opendns, No dns crypt, No authenticator used, firewall and my IPS turned off.
after trading and dropping items left and right for about half an hour and monitoring packets with tcpdump,
i just copied some token values from my friend to my packets (a certain open source scarab javascript packet interceptor i bet you know was used )

For a few seconds, i got him off his account. Then I got the i got kicked of battle net error.

what i can suspect is that my token and session weren't matching the ones on battlenet so i got kicked off, as the next few packets sent from me was using my original values, instead of the "malformed" packet.

Its doable but based on my setup its quite a below basic one, its still a long way for me.
Will try to pass u a dump with better values if i can get some sort of poc.

edit: wouldn't be surprised if chinese have pwned bnet

This post has been edited by VinluV: May 23 2012, 03:45 PM

Hmm interesting.

If you have any interesting dumps, please send them my way. But I still don't understand Bliz's need to allow user machines to communicate with each other. I thought all the heavy lifting was done on the servers and the result was sent to the user machines.

Unless somebody has a way to parse token data and reconstruct login values, then this may not work. Still it does sound possible.

What you described is the typical man in the middle attack where a hacker sits some where inside the same network as you are and use packet siffer to sniff out the packet s you send and receive to Blizzard server.

This is almost undoable on the open internet.

I have been reading the Diablo 3 official forum and really tempted to try to replicate or some how prove Blizzard is covering up and downplay the whole issue while at the same time keep blaming the users for hacking. This is even worse when combined with fanboys on the forum insulting and accusing people of lying about getting hacked with an authenticator.

probably due to heavy loads on the server.
Wouldn't be surprised that companies would choose the easy and less secure way out of a problem.
I've not played wow but some guys on my d3 public games told me you can use wow hacks on d3. Unproven as i don't play wow or have any knowledge of it.
If u know any hitb/hackerspace fellows, they may have doxed it as well.

edit: just thought of the whisper and message function, not sure if can directly ping user ip/id from whispering. Any thoughts?

with my understanding of the battle.net 1.0 protocol.. nope you cant get any network info by whispering/messaging a player.

not really sure about battle.net 2.0 though.

they never said it was for social anticheat - it's anti-piracy.

The MITM is very highly dependant on where the hacker location is as well.
Has to be close to Bnet server or piggybacking tmnut in order to capture a proper dump.

edit: just informed that there is a new type of boy/man in the browser attack as well.

This post has been edited by VinluV: May 23 2012, 04:52 PM