EPT
Here are some R1CH quotes that help explain how we see him.
Famousness Test
[18:59] HotBid: is this company famous?
[19:00] R1CH: never heard of them
[19:00] HotBid: but they have their own wiki page...
[19:00] R1CH: so does every pokemon
[19:00] R1CH: never heard of them
[19:00] HotBid: but they have their own wiki page...
[19:00] R1CH: so does every pokemon
Consummate Tweeter
[R1CH has two followers on twitter]
The R1CH Tweet Policy: I will only tweet up to the maximum number of followers I have.
Hack the Gibson
[09:15] HotBid: microsoft security essentials is failing to update, did you update it yet
[09:15] R1CH: i don't use it
[09:15] HotBid: what anti virus do you use
[09:15] R1CH: none
[09:15] HotBid: how do you stop viruses and stuff
[09:16] R1CH: i don't get viruses
[09:16] Heyoka: he clearly goes into the computer and fights them himself
[09:16] HotBid: lol he shoots it with a gun
[09:16] R1CH: it's funny you say that
[09:16] R1CH: i actually made a quake 2 mod
[R1CH loads a Quake 2 map. HotBid plays.]
[09:16] R1CH: come on, you're dying to notepad
[09:17] HotBid: that's notepad? wtf is that flying thing behind it
[09:17] R1CH: firefox
[09:17] Heyoka: why is it so large
[09:17] R1CH: it uses more memory
[09:17] Heyoka: this is what's running right now? what happens when you kill one
[09:18] R1CH: the program closes
[09:18] R1CH: oh look, msn killed google update
[09:18] R1CH: one of the monsters is quake 2 so if you kill it the game just ends
[09:15] R1CH: i don't use it
[09:15] HotBid: what anti virus do you use
[09:15] R1CH: none
[09:15] HotBid: how do you stop viruses and stuff
[09:16] R1CH: i don't get viruses
[09:16] Heyoka: he clearly goes into the computer and fights them himself
[09:16] HotBid: lol he shoots it with a gun
[09:16] R1CH: it's funny you say that
[09:16] R1CH: i actually made a quake 2 mod
[R1CH loads a Quake 2 map. HotBid plays.]
[09:16] R1CH: come on, you're dying to notepad
[09:17] HotBid: that's notepad? wtf is that flying thing behind it
[09:17] R1CH: firefox
[09:17] Heyoka: why is it so large
[09:17] R1CH: it uses more memory
[09:17] Heyoka: this is what's running right now? what happens when you kill one
[09:18] R1CH: the program closes
[09:18] R1CH: oh look, msn killed google update
[09:18] R1CH: one of the monsters is quake 2 so if you kill it the game just ends
The troll apprentice is becoming the troll master
[03:00] HotBid: what's anti-aliasing?
[03:00] R1CH: you use photoshop and you don't know what anti-aliasing is?
[03:00] HotBid: no
[03:00] R1CH: imagine aliasing -- its the opposite of that
[03:00] R1CH: you use photoshop and you don't know what anti-aliasing is?
[03:00] HotBid: no
[03:00] R1CH: imagine aliasing -- its the opposite of that
Yes, we actually check the support email.
[12:47] R1CH: got fed up with this fucking india spam in the support box
[12:47] R1CH: from now on everyone from india will have to answer a captcha before submitting contact form [12:47] R1CH: http://www.teamliquid.net/staff/R1CH/CAPTCHA.png
[12:47] R1CH: from now on everyone from india will have to answer a captcha before submitting contact form [12:47] R1CH: http://www.teamliquid.net/staff/R1CH/CAPTCHA.png
Don't mess with R1CH's image formats
[03:34] R1CH: make it a PNG scrub
[03:34] HotBid: what's a PNG scrub
[03:35] R1CH: no i am calling you a scrub for using jpeg
[03:35] R1CH: man im gonna slap you if you make any more jpegs
[03:34] HotBid: what's a PNG scrub
[03:35] R1CH: no i am calling you a scrub for using jpeg
[03:35] R1CH: man im gonna slap you if you make any more jpegs
Speaking in R1CH
Recently, every time R1CH says something technical, my response has been to immediately Google the subject and ask a highly technical question about it, usually one I completely do not understand.
[17:26] R1CH: the performance is kind of shitty so try to use it sparingly
[17:26] R1CH: mysql refuses to do an index merge
[17:26] R1CH: and i don't feel like adding a whole new index just for this feature
[17:26] R1CH: if we open it up to users though i will
[17:27] HotBid: well maybe the binary or one of the libraries linked was misconfigured or corrupt?
[17:27] HotBid: do a backtrace
[17:28] R1CH: you just googled some random mysql bug didn't you
[17:29] HotBid: ?
[17:26] R1CH: mysql refuses to do an index merge
[17:26] R1CH: and i don't feel like adding a whole new index just for this feature
[17:26] R1CH: if we open it up to users though i will
[17:27] HotBid: well maybe the binary or one of the libraries linked was misconfigured or corrupt?
[17:27] HotBid: do a backtrace
[17:28] R1CH: you just googled some random mysql bug didn't you
[17:29] HotBid: ?
[22:40] R1CH: man
[22:40] R1CH: this SSD is ridiculously fast
[22:40] R1CH: it installed all the win7 updates in like 10 seconds
[22:41] Kennigit: sick, how big is it
[22:41] R1CH: 160
[22:42] HotBid: r1ch have you tried modding your SSD by replacing it with a pata hd using the same ZIF connector
[22:42] R1CH: im gonna slap you if you keep trying that
[22:42] HotBid: ?
[22:40] R1CH: this SSD is ridiculously fast
[22:40] R1CH: it installed all the win7 updates in like 10 seconds
[22:41] Kennigit: sick, how big is it
[22:41] R1CH: 160
[22:42] HotBid: r1ch have you tried modding your SSD by replacing it with a pata hd using the same ZIF connector
[22:42] R1CH: im gonna slap you if you keep trying that
[22:42] HotBid: ?
Ban Everyone
[12:15] @R1CH: i optimized the shit out of TL over the last few months
[12:15] @R1CH: without it im sure the flood of beta shit would be like how TL was during TSL 1 casts
[12:15] @R1CH: i almost want to undo it
[12:15] @R1CH: just so people stop flooding stupid shit
[12:16] @R1CH: we really need to implement that posts per day for new users thing
[12:16] @The-Winner: or a bot which bans shitty posters
[12:17] @R1CH: i tried that
[12:17] @R1CH: it classified everyone as a shitty poster
[12:17] @R1CH: its like santa from futurama
[12:15] @R1CH: without it im sure the flood of beta shit would be like how TL was during TSL 1 casts
[12:15] @R1CH: i almost want to undo it
[12:15] @R1CH: just so people stop flooding stupid shit
[12:16] @R1CH: we really need to implement that posts per day for new users thing
[12:16] @The-Winner: or a bot which bans shitty posters
[12:17] @R1CH: i tried that
[12:17] @R1CH: it classified everyone as a shitty poster
[12:17] @R1CH: its like santa from futurama
Staff Vote
+ Show Spoiler [Show Vote] +
![[image loading]](http://www.teamliquid.net/staff/zatic/r1chpads.png)
R1CH Captcha
+ Show Spoiler [Tdot Owned] +
![[image loading]](http://www.teamliquid.net/staff/Hot_Bid/R1CH/R1CHcaptcha.png )
Wizard It Up
HotBid: r1ch
HotBid: any thoughts about the antihack program?
R1CH: not yet
HotBid: its not a rush yet
HotBid: but itd be nice to have some info about it for when we launch
R1CH: when do we need it by
HotBid: we need it by qualifiers, which is april 22
R1CH: oh just say we'll have it
R1CH: you know i'll wizard that shit up
HotBid: HAHAHA
HotBid: any thoughts about the antihack program?
R1CH: not yet
HotBid: its not a rush yet
HotBid: but itd be nice to have some info about it for when we launch
R1CH: when do we need it by
HotBid: we need it by qualifiers, which is april 22
R1CH: oh just say we'll have it
R1CH: you know i'll wizard that shit up
HotBid: HAHAHA
The Wizard Who Cried Wolf
R1CH: fuck this is horrible
R1CH: im dripping sweat
SonuvBob: ?
HotBid: why?
Daigomi: what happened?
R1CH: no
R1CH: its fucking 90 degrees today
R1CH: and im busy with the stream and irc and shit
HotBid: oh wtf
Daigomi: R1CH you gave us all a heart attack
SonuvBob: =/
HotBid: i thought you meant something with the stream
HotBid: omfg
R1CH: im dripping sweat
SonuvBob: ?
HotBid: why?
Daigomi: what happened?
R1CH: no
R1CH: its fucking 90 degrees today
R1CH: and im busy with the stream and irc and shit
HotBid: oh wtf
Daigomi: R1CH you gave us all a heart attack
SonuvBob: =/
HotBid: i thought you meant something with the stream
HotBid: omfg
The Universe Shoots You
R1CH: well until the stream is posted, connections don't flood in
R1CH: and its not so much an issue of volume
MasterOfChaos: the current cause of crash was somebody disconnecting the wrong way
MasterOfChaos: we could have the stream go live at 10 min before scheduled time showing the waiting screen
R1CH: as MoC said it was my forgetting to handle sigpipe that crashed it
intrigue: somebody disconnecting the wrong way can crash it?
intrigue: haha
R1CH: intrigue, thanks to the wonders of posix, yes
R1CH: i wonder what idiot came up with that idea
HotBid: how can they "disconect" wrong
HotBid: that makes no sense
R1CH: its a posix thing
HotBid: ok you speak of posix like i know what it means
R1CH: when you try to write to a disconnected socket, your program receives a pipe signal
R1CH: which if you don't handle, causes it to exit
HotBid: ok im just going to pretend i know
HotBid: what htat means
MasterOfChaos: never really got the reason why signals work that way
intrigue: can you make a real life analogy
intrigue: so like if u go through a drivethrough
intrigue: and you take your food
intrigue: and don't pay
intrigue: and drive away
intrigue: the restaurant explodes?
MasterOfChaos: somebody you are talking to disappears mid sentence, and the universe shoots you
MasterOfChaos: because you talked to somebody who wasn't there
MasterOfChaos: and R1CH forgot the bullet proof helmet
R1CH: thats surprisingly accurate
R1CH: and its not so much an issue of volume
MasterOfChaos: the current cause of crash was somebody disconnecting the wrong way
MasterOfChaos: we could have the stream go live at 10 min before scheduled time showing the waiting screen
R1CH: as MoC said it was my forgetting to handle sigpipe that crashed it
intrigue: somebody disconnecting the wrong way can crash it?
intrigue: haha
R1CH: intrigue, thanks to the wonders of posix, yes
R1CH: i wonder what idiot came up with that idea
HotBid: how can they "disconect" wrong
HotBid: that makes no sense
R1CH: its a posix thing
HotBid: ok you speak of posix like i know what it means
R1CH: when you try to write to a disconnected socket, your program receives a pipe signal
R1CH: which if you don't handle, causes it to exit
HotBid: ok im just going to pretend i know
HotBid: what htat means
MasterOfChaos: never really got the reason why signals work that way
intrigue: can you make a real life analogy
intrigue: so like if u go through a drivethrough
intrigue: and you take your food
intrigue: and don't pay
intrigue: and drive away
intrigue: the restaurant explodes?
MasterOfChaos: somebody you are talking to disappears mid sentence, and the universe shoots you
MasterOfChaos: because you talked to somebody who wasn't there
MasterOfChaos: and R1CH forgot the bullet proof helmet
R1CH: thats surprisingly accurate
R1CH Made Bad
[5:04] R1CH: oh fuck i screwed up the code
[5:04] HotBid: ?
[5:04] R1CH: it only records half the key on the server
[5:04] HotBid: i dont get what that means
[5:04] R1CH: i can fix its just a bit bad
[5:05] R1CH: the key is 40 letters long
[5:05] R1CH: but only 20 got saved in the db
[5:05] HotBid: again, no idea what that means lol
[5:05] R1CH: r1ch made bad r1ch fix now
[5:05] HotBid: nice ok
[5:05] R1CH: k fixed
[5:04] HotBid: ?
[5:04] R1CH: it only records half the key on the server
[5:04] HotBid: i dont get what that means
[5:04] R1CH: i can fix its just a bit bad
[5:05] R1CH: the key is 40 letters long
[5:05] R1CH: but only 20 got saved in the db
[5:05] HotBid: again, no idea what that means lol
[5:05] R1CH: r1ch made bad r1ch fix now
[5:05] HotBid: nice ok
[5:05] R1CH: k fixed
R1CH Forgot
Heyoka: r1ch had auto ops in the sa bw channel for a year and a half before someone realized he hadn't
HotBid: r1ch’s program for checking Ips and rankings
HotBid: was running for 1.5 years since TSL1, he forgot to turn it off
R1CH: it only ran once an hour
R1CH: for 400 days
HotBid: r1ch’s program for checking Ips and rankings
HotBid: was running for 1.5 years since TSL1, he forgot to turn it off
R1CH: it only ran once an hour
R1CH: for 400 days
Why Isn’t This Working?
+ Show Spoiler [Show Post] +
On January 20 2010 09:31 R1CH wrote:
First connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-C23A4CC70F59}
Pragma: packet-pair-experiment=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=0:0,packet-num=4294967295,max-duration=0
Pragma: LinkBW=2147483647,rate=1.000, AccelDuration=10000, AccelBW=2147483647
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=15404
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................
Second connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: client-id=15404
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-C23A4CC70F59}
Pragma: xPlayStrm=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=4294967295:4294967295,packet-num=4294967295,max-duration=0
Pragma: LinkBW=1000000,rate=1.000, AccelDuration=10000, AccelBW=1000000
Pragma: stream-switch-count=2
Pragma: stream-switch-entry=ffff:1:0 ffff:2:0
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=12388
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................$D...L..........]..^.I.....`......
..^.I.N..un'
.k......k
(disconnects after few kbs)
First connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-F77041AF6FF2}
Pragma: packet-pair-experiment=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=0:0,packet-num=4294967295,max-duration=0
Pragma: LinkBW=2147483647,rate=1.000, AccelDuration=10000, AccelBW=2147483647
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=2287
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................
Second connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: client-id=2287
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-F77041AF6FF2}
Pragma: xPlayStrm=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=4294967295:4294967295,packet-num=4294967295,max-duration=0
Pragma: LinkBW=1000000,rate=1.000, AccelDuration=10000, AccelBW=1000000
Pragma: stream-switch-count=2
Pragma: stream-switch-entry=ffff:1:0 ffff:2:0
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=19947
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................$D...M..........]...
I.....z......&...
(WORKING!)
So what the hell is the difference between these two connections
.
First connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-C23A4CC70F59}
Pragma: packet-pair-experiment=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=0:0,packet-num=4294967295,max-duration=0
Pragma: LinkBW=2147483647,rate=1.000, AccelDuration=10000, AccelBW=2147483647
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=15404
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................
Second connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: client-id=15404
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-C23A4CC70F59}
Pragma: xPlayStrm=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=4294967295:4294967295,packet-num=4294967295,max-duration=0
Pragma: LinkBW=1000000,rate=1.000, AccelDuration=10000, AccelBW=1000000
Pragma: stream-switch-count=2
Pragma: stream-switch-entry=ffff:1:0 ffff:2:0
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=12388
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................$D...L..........]..^.I.....`......
..^.I.N..un'
.k......k
(disconnects after few kbs)
First connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-F77041AF6FF2}
Pragma: packet-pair-experiment=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=0:0,packet-num=4294967295,max-duration=0
Pragma: LinkBW=2147483647,rate=1.000, AccelDuration=10000, AccelBW=2147483647
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=2287
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................
Second connection:
GET / HTTP/1.0
Host: scantid.teamliquid.net
User-Agent: NSPlayer/11.08.0005.0000
Accept: */*
Accept-Language: en-us, *;q=0.1
Connection: Keep-Alive
Pragma: client-id=2287
Pragma: xClientGuid={3300AD50-2C39-46C0-AE0A-F77041AF6FF2}
Pragma: xPlayStrm=1
Supported: com.microsoft.wm.srvppair, com.microsoft.wm.sswitch, com.microsoft.wm.startupprofile, com.microsoft.wm.predstrm
Pragma: no-cache,stream-time=0,stream-offset=4294967295:4294967295,packet-num=4294967295,max-duration=0
Pragma: LinkBW=1000000,rate=1.000, AccelDuration=10000, AccelBW=1000000
Pragma: stream-switch-count=2
Pragma: stream-switch-entry=ffff:1:0 ffff:2:0
HTTP/1.0 200 OK
Content-type: application/octet-stream
Server: Cougar 4.1.0.3921
Pragma: no-cache
Pragma: client-id=19947
Pragma: features="broadcast"
Cache-Control: no-cache
$H..........0&.u.f.......b.lo.................G........ Seh............_."1...................................................................(......_......... Se..................... Se................... Se............M[......_\D+.W. U[......_\D+........7.................h....,.,.......h.......WMV3....................L................ Ser.......@.i.M[......_\D+P....a......... ......................a...D....>......
........\..........@R...1........H.........AR...1........H.........W.i.n.d.o.w.s. .M.e.d.i.a. .V.i.d.e.o. .9.......WMV3..+.W.i.n.d.o.w.s. .M.e.d.i.a. .A.u.d.i.o. .(.v.2.). .7.,. .8. .a.n.d. .9. .S.e.r.i.e.s.......a.6&.u.f.......b.l2............_."1.................$D...M..........]...
I.....z......&...
(WORKING!)
So what the hell is the difference between these two connections
.Not too bad
Not too bad, mainly just look through the input for any illegal ascii, then filter out any symbols or other characters that pokenum never uses and finally verify that its starting in one of the holdem/omaha/etc/modes and make sure the limit on monte carlo won't kill the server
the final shell command is escaped so there is zero chance of them using it to run other programs the only thing its vulnerable to now would be bugs in the pokenum program
the final shell command is escaped so there is zero chance of them using it to run other programs the only thing its vulnerable to now would be bugs in the pokenum program
R1CH's First Day at Work
Nazgul: rich first day at work
Nazgul: im in a convo with him + meat
Nazgul: its like reading a detective book where half of the words are gibberish
Nazgul: im in a convo with him + meat
Nazgul: its like reading a detective book where half of the words are gibberish
R1CH's Desktop
Screenshot of R1CH’s desktop
+ Show Spoiler [Show R1CH’s Desktop] +
![[image loading]](http://www.teamliquid.net/staff/Hot_Bid/R1CH/R1CHDesktop.png )
I'm Good With One
Nazgul: im on teamviewer looking at what rich is doing haha
Nazgul: and its supercool
Nazgul: he has 1 monitor and his taskbar has 40 things open
me: haha
me: yeah he posted this screenshot with like 80 irc windows open
me: i was like WTF
Nazgul: rofl
me: the task bar was insane i couldnt even read any of the things on it
Nazgul: i told him i thought he should get 2-3 monitors atleast
Nazgul: but apparently he is “good with one”'
Nazgul: and its supercool
Nazgul: he has 1 monitor and his taskbar has 40 things open
me: haha
me: yeah he posted this screenshot with like 80 irc windows open
me: i was like WTF
Nazgul: rofl
me: the task bar was insane i couldnt even read any of the things on it
Nazgul: i told him i thought he should get 2-3 monitors atleast
Nazgul: but apparently he is “good with one”'
Battle.net Fix Your Game Names
R1CH sent this email to Blizzard:
+ Show Spoiler [R1CH’s Email to Blizzard] +
Sent a copy of this to hacks@blizzard, but if you catch anyone in person, direct them to this thread as this seems serious enough to warrant attention:
---------------------
There appears to be a hack circulating in SC:BW where an oversized game name is passed to bnet upon game creation. Bnet does not perform input sanitization on this value before storing it. Bnet then sends this information back to the client when the client is at the join game screen, at which point the oversized game name is added to the join game list box. When the user clicks the entry, the list box text is copied into an unchecked 128 byte buffer and a stack-based buffer overflow occurs.
On a quick glance, the return address looks possibly controllable, meaning with the right length and combination of characters, this could be exploited to execute arbitrary code on the StarCraft client.
Vulnerable code resides in battle.snp @ base + 0x237D0:
190237D0 |. 8B1D BCA20319 mov ebx,dword ptr ds:[<&USER32.SendMessa>; USER32.SendMessageA
190237D6 |. 6A 00 push 0 ; /lParam = 0
190237D8 |. 6A 00 push 0 ; |wParam = 0
190237DA |. 68 88010000 push 188 ; |Message = LB_GETCURSEL
190237DF |. 56 push esi ; |hWnd
190237E0 |. FFD3 call ebx ; \SendMessageA
190237E2 |. 83F8 FF cmp eax,-1
190237E5 |. 0F84 7D000000 je battle.19023868
190237EB |. 8D95 70FFFFFF lea edx,dword ptr ss:[ebp-90]
190237F1 |. 52 push edx ; /lParam
190237F2 |. 50 push eax ; |wParam
190237F3 |. 68 89010000 push 189 ; |Message = LB_GETTEXT
190237F8 |. 56 push esi ; |hWnd
190237F9 |. FFD3 call ebx ; \SendMessageA
As shown here, LB_GETTEXT is used to pull the string out of the listbox into edx. edx points to a stack buffer of 128 bytes. Since the string in the listbox is controlled by the attacker as no bounds checking is done on either the client or the server, a stack-based buffer overflow occurs.
My suggested immediate fix would be to limit the maximum game name / mapname and other user-controlled parameters that the battle.net server will accept as this would not require a client patch. If the user submits to bnet values of greater length than the BW client would normally allow, they can be flagged as malicious and handled accordingly. An additional suggested client-side update in the next patch would validate the game name and other parameters received from battle.net before working with them, to protect the player from 3rd party servers.
I would appreciate being informed of any updates to this issue, as if no action is taken I will make my own unofficial patch to address this bug. Thanks!
---------------------
There appears to be a hack circulating in SC:BW where an oversized game name is passed to bnet upon game creation. Bnet does not perform input sanitization on this value before storing it. Bnet then sends this information back to the client when the client is at the join game screen, at which point the oversized game name is added to the join game list box. When the user clicks the entry, the list box text is copied into an unchecked 128 byte buffer and a stack-based buffer overflow occurs.
On a quick glance, the return address looks possibly controllable, meaning with the right length and combination of characters, this could be exploited to execute arbitrary code on the StarCraft client.
Vulnerable code resides in battle.snp @ base + 0x237D0:
190237D0 |. 8B1D BCA20319 mov ebx,dword ptr ds:[<&USER32.SendMessa>; USER32.SendMessageA
190237D6 |. 6A 00 push 0 ; /lParam = 0
190237D8 |. 6A 00 push 0 ; |wParam = 0
190237DA |. 68 88010000 push 188 ; |Message = LB_GETCURSEL
190237DF |. 56 push esi ; |hWnd
190237E0 |. FFD3 call ebx ; \SendMessageA
190237E2 |. 83F8 FF cmp eax,-1
190237E5 |. 0F84 7D000000 je battle.19023868
190237EB |. 8D95 70FFFFFF lea edx,dword ptr ss:[ebp-90]
190237F1 |. 52 push edx ; /lParam
190237F2 |. 50 push eax ; |wParam
190237F3 |. 68 89010000 push 189 ; |Message = LB_GETTEXT
190237F8 |. 56 push esi ; |hWnd
190237F9 |. FFD3 call ebx ; \SendMessageA
As shown here, LB_GETTEXT is used to pull the string out of the listbox into edx. edx points to a stack buffer of 128 bytes. Since the string in the listbox is controlled by the attacker as no bounds checking is done on either the client or the server, a stack-based buffer overflow occurs.
My suggested immediate fix would be to limit the maximum game name / mapname and other user-controlled parameters that the battle.net server will accept as this would not require a client patch. If the user submits to bnet values of greater length than the BW client would normally allow, they can be flagged as malicious and handled accordingly. An additional suggested client-side update in the next patch would validate the game name and other parameters received from battle.net before working with them, to protect the player from 3rd party servers.
I would appreciate being informed of any updates to this issue, as if no action is taken I will make my own unofficial patch to address this bug. Thanks!
Blizzard Fix Your Lag
On December 16 2008 19:18 R1CH wrote:
So I finally got around to taking a look at the lag issues in 1.16. Seems someone at Blizzard thought it would be a good idea to throw a 10ms delay into the game loop AND a 5ms delay after processing the Windows message queue. 15ms of delays in a game that previously has 0ms of delays can mess up quite a few things, as evidenced by the problems the early versions of CPU Savior had. For a game with a pro scene like Starcraft, this really should never have made it past QA, if there even was any.
Why 15ms? Who knows. The most you need is 1ms to stop 100% CPU usage, which is what CPU Savior uses. They also added some delays onto the bnet screens (the game loop isn't run on the bnet screen, so the 15ms delays wouldn't work), very similar to the comments I made in the CPU Savior source code - except instead of delaying on infrequently-used parts of the code, there is a 5ms delay on code that is run very often - hence why the bnet screens feel so sluggish.
So what happens now? I could make a patch to fix the lag issues in 1.16, but what would that achieve? Iccup already is remaining on 1.15.3, KeSPA has shunned 1.16 and I would hope Blizzard already realizes what a disaster of a patch 1.16 is. Why are they taking so long to fix what I could do in a few hours? And who is responsible for this mess in the first place?
So I finally got around to taking a look at the lag issues in 1.16. Seems someone at Blizzard thought it would be a good idea to throw a 10ms delay into the game loop AND a 5ms delay after processing the Windows message queue. 15ms of delays in a game that previously has 0ms of delays can mess up quite a few things, as evidenced by the problems the early versions of CPU Savior had. For a game with a pro scene like Starcraft, this really should never have made it past QA, if there even was any.
Why 15ms? Who knows. The most you need is 1ms to stop 100% CPU usage, which is what CPU Savior uses. They also added some delays onto the bnet screens (the game loop isn't run on the bnet screen, so the 15ms delays wouldn't work), very similar to the comments I made in the CPU Savior source code - except instead of delaying on infrequently-used parts of the code, there is a 5ms delay on code that is run very often - hence why the bnet screens feel so sluggish.
So what happens now? I could make a patch to fix the lag issues in 1.16, but what would that achieve? Iccup already is remaining on 1.15.3, KeSPA has shunned 1.16 and I would hope Blizzard already realizes what a disaster of a patch 1.16 is. Why are they taking so long to fix what I could do in a few hours? And who is responsible for this mess in the first place?
I will update this as more R1CH quotes come out.
