BWHF = brood war hack finder, not a hack.

If you google that exactly you will get it, it's a 3rd party program that analyzes replays for hacks pretty much instantly, and can load up a black list of known hackers, etc. I used it when I used to play around on bnet but those days are long gone :x It catches multi/autogather 100% of the time, but map hack is pretty much undetectable.. [unless a newer version was released in the 1-2 years I've been off bnet]

LunarDestiny

United States4177 Posts

May 04 2010 07:35 GMT

#23

BWHF is a replay scanner for hacks. It can not hack and most players use it to analyze their games.

http://code.google.com/p/bwhf/

LunarDestiny

United States4177 Posts

May 04 2010 07:39 GMT

#24

On May 04 2010 16:12 omfghi2u2 wrote:
I think the funniest hacks are when you play the UMS game tittled, "Banning game." And when you trap them, they drophack you.

But back on topic, I remember going into a game and someone came in the game and wrote in all caps, "BAN ME? I BAN YOU" and Bnet crashed.

This allah/frost guy is all over bnet.

Ironically, I think Allah made that Banning game and with extra hack speed.

MaRiNe23

United States747 Posts

May 04 2010 07:44 GMT

#25

What I've always wondered is..why does he keep the same game names. Like he always makes it ALLAH@USEAST or FROST@USEAST "something@USEAST". If he really wanted to annoy people he would make the game name like "1v1 python play/obs" so that people will join or some other popular UMS. Either he's dumb or he can't adjust the game name for whatever reason and always has to add "@USEAST at the end of his game name" I dunno it was always strange for me that he would keep the same game name so that ppl can just skip over his games.

L_Master

United States8017 Posts

May 04 2010 07:52 GMT

#26

I dunno it was always strange for me that he would keep the same game name so that ppl can just skip over his games.

Thing is, if you even gloss over them it will make SC crash, you don't even have to try and enter. But yeah, if he gave them random "real" names it would be far more annoying that it is now, where you just have to be careful where you place your cursor.

EleanorRIgby

Canada3923 Posts

May 04 2010 08:00 GMT

#27

On May 04 2010 16:44 MaRiNe23 wrote:
What I've always wondered is..why does he keep the same game names. Like he always makes it ALLAH@USEAST or FROST@USEAST "something@USEAST". If he really wanted to annoy people he would make the game name like "1v1 python play/obs" so that people will join or some other popular UMS. Either he's dumb or he can't adjust the game name for whatever reason and always has to add "@USEAST at the end of his game name" I dunno it was always strange for me that he would keep the same game name so that ppl can just skip over his games.

Clearly he wants to make a name from himself as an e-villian

anch

United States5457 Posts

May 04 2010 08:10 GMT

#28

On May 04 2010 14:15 krndandaman wrote:

Show nested quote +

Agreed.
R1CH would make him cry for his mommy.

Show him who's the real wizard around starcraft.

would be scary as hell if R1CH is Frost's alter ego.
dum dum dum.

lgd-haze

Sweden547 Posts

May 04 2010 08:32 GMT

#29

Release the ~~Krak~~.. R1CH!!

PobTheCad

Australia893 Posts

May 04 2010 09:49 GMT

#30

i first noticed those games on west about 1 1/2 - 2 months back
the past few weeks i noticed less of them but it may just be a time of day thing

Oddysay

Canada597 Posts

May 04 2010 10:14 GMT

#31

blizzard are behind the hacker ! they want you to switch to sc2 !!

seriously that kinda scary people can make hack like that , battle.net security was pretty bad if you think about that .

GTR

51399 Posts

May 04 2010 10:16 GMT

#32

infinity2k9

United Kingdom2397 Posts

May 04 2010 10:23 GMT

#33

You know, there is a drophack protector. It works well and is really funny when they try it cause it warns you too or counter-drops them. One guy i had was spamming it loads of times trying to drop me and was getting really mad about it. I just use that along with BWHF and i don't tend to have much trouble with hackers thanks to it (this is on USWest).

Excel Excel

142 Posts

May 04 2010 10:37 GMT

#34

On May 04 2010 16:34 superbabosheki wrote:

Show nested quote +

The only undetectable hacks (map hack, resource hack) happen to be the most useful; autogather and multicommand do not really help the hacker that much in higher level games, so they can turn off the easily detectable features and still have a massive advantage.

dhe95

United States1213 Posts

May 04 2010 11:01 GMT

#35

From Hot_Bid's R1CH quotes thread:

Sent a copy of this to hacks@blizzard, but if you catch anyone in person, direct them to this thread as this seems serious enough to warrant attention:

---------------------

There appears to be a hack circulating in SC:BW where an oversized game name is passed to bnet upon game creation. Bnet does not perform input sanitization on this value before storing it. Bnet then sends this information back to the client when the client is at the join game screen, at which point the oversized game name is added to the join game list box. When the user clicks the entry, the list box text is copied into an unchecked 128 byte buffer and a stack-based buffer overflow occurs.

On a quick glance, the return address looks possibly controllable, meaning with the right length and combination of characters, this could be exploited to execute arbitrary code on the StarCraft client.

Vulnerable code resides in battle.snp @ base + 0x237D0:

190237D0 |. 8B1D BCA20319 mov ebx,dword ptr ds:[<&USER32.SendMessa>; USER32.SendMessageA
190237D6 |. 6A 00 push 0 ; /lParam = 0
190237D8 |. 6A 00 push 0 ; |wParam = 0
190237DA |. 68 88010000 push 188 ; |Message = LB_GETCURSEL
190237DF |. 56 push esi ; |hWnd
190237E0 |. FFD3 call ebx ; \SendMessageA
190237E2 |. 83F8 FF cmp eax,-1
190237E5 |. 0F84 7D000000 je battle.19023868
190237EB |. 8D95 70FFFFFF lea edx,dword ptr ss:[ebp-90]
190237F1 |. 52 push edx ; /lParam
190237F2 |. 50 push eax ; |wParam
190237F3 |. 68 89010000 push 189 ; |Message = LB_GETTEXT
190237F8 |. 56 push esi ; |hWnd
190237F9 |. FFD3 call ebx ; \SendMessageA

As shown here, LB_GETTEXT is used to pull the string out of the listbox into edx. edx points to a stack buffer of 128 bytes. Since the string in the listbox is controlled by the attacker as no bounds checking is done on either the client or the server, a stack-based buffer overflow occurs.

My suggested immediate fix would be to limit the maximum game name / mapname and other user-controlled parameters that the battle.net server will accept as this would not require a client patch. If the user submits to bnet values of greater length than the BW client would normally allow, they can be flagged as malicious and handled accordingly. An additional suggested client-side update in the next patch would validate the game name and other parameters received from battle.net before working with them, to protect the player from 3rd party servers.

I would appreciate being informed of any updates to this issue, as if no action is taken I will make my own unofficial patch to address this bug. Thanks!

seems like R1CH already found this ages ago.

Nytefish

United Kingdom4282 Posts

May 04 2010 11:31 GMT

#36

^Also seems like Blizzard completely ignored him.

TwilightStar

United States649 Posts

May 04 2010 12:48 GMT

#37

Holy crap, that's one of my old/good friends from east... wtf is he doing this for xD

Kentucky

United States63 Posts

May 04 2010 13:44 GMT

#38

Who cares?

These people are only looking for attention and that's exactly what you give them by posting this pointless thread.

They're not clever, they're pathetic untalented unemployed retards who downloaded 1 millionth of an ounce of power over an internet game and now they're spending their time trying to annoy people because they're that desperate to get attention from someone even if it's negative attention from a stranger.

They have zero power over you, just avoid them and ignore them. Don't make their little game of annoying people fun for them by showing them how annoyed you are, just ignore it.

gumbum8

United States721 Posts

May 04 2010 14:05 GMT

#39

On May 04 2010 22:44 Kentucky wrote:
Who cares?

These people are only looking for attention and that's exactly what you give them by posting this pointless thread.

They're not clever, they're pathetic untalented unemployed retards who downloaded 1 millionth of an ounce of power over an internet game and now they're spending their time trying to annoy people because they're that desperate to get attention from someone even if it's negative attention from a stranger.

They have zero power over you, just avoid them and ignore them. Don't make their little game of annoying people fun for them by showing them how annoyed you are, just ignore it.

Uhm... So if he crashes everyone's computer on East, we should just ignore it and let East become a frost dessert? I'm kinda glad there was this warning, my friend only plays on East... (mac)