Page 2 of 20 FirstFirst 123456 12 ... LastLast
Results 16 to 30 of 300
  1. #16
    Contributor (ノಠ益ಠ)ノ彡ɹǝɥɔʇɐM CoreCoins User Winsane's Avatar
    Reputation
    207
    Join Date
    Oct 2010
    Posts
    370
    Thanks G/R
    0/1
    CoreCoins
    306
    Trade Feedback
    12 (42%)
    Quote Originally Posted by drm420 View Post

    sooooooooo blizzard goes through literally MILLLIONS OF SCREENSHOTS to find out ZOMG little tiny fell down a well and is exploiting it. pretty much this theory is so dumb that it should be moved out of the exploit section to infowars right now lol.
    What? Why would they be going through millions of screenshots? Are you retarded?

    This could be a way for them to be able to know from what character/account the screenshot was taken, it wouldn't be that hard to implement..

    I do agree that it does seem a bit far fetched, but with teams like RAoV posting insane exploits (dupes, server crashes) it wouldn't surprise me if they did something like this.

    Even if the marks have nothing to do with tracking characters, i would love to know why they are there.

  2. #17
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    Quote Originally Posted by drm420 View Post
    sooooooooo blizzard goes through literally MILLLIONS OF SCREENSHOTS to find out ZOMG little tiny fell down a well and is exploiting it. pretty much this theory is so dumb that it should be moved out of the exploit section to infowars right now lol. also this seems fitting
    Actually, this remains to be seen. But still, most people are stupid enough to brag about exploiting bugs in public, well known, forums using screenshots to prove it. I'll name one such forum: it starts with owned. And don't tell me that you do it because you love the game (http://www.ownedcore.com/forums/gene...75301-why.html). If you indeed cared for it, you wouldn't be reporting the bugs in here for everyone to see and exploit, but straight to Blizzard's private bugtraq.

    As I mentioned above, it's a bit fishy that Blizzard covers/embeds HALF the screenshot with padded data that we don't know what they store. The pattern repeats itself 5 times, as if it's trying to prevail among your graphics, making sure the person at the other end - who knows about its existence - gets the message. Notice that the middle, where you character usually stands, is empty. The sides the bottom and the top, where your bars usually are, are also empty. I am truly amazed that no one has ever noticed this before now (or have they?).

    Feel free to laugh and make fun of what you don't understand. But don't dismiss it until you make sure it's really nothing.
    Last edited by Sendatsu; 07-25-2016 at 01:39 PM.

  3. #18
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    Quote Originally Posted by bluesius View Post
    Idea: Can anyone go to Crystalsong forrest, close to dalaran, and grab a few screens from there? They have some trees there that has a overwhelming white color, if you disable the display of your character (console), you could theoretically get a totally white image. It would be cool to see the patterns on that image.
    That was a smart idea bluesius, I didn't remember those trees. With JPG 10 there's nothing, as expected. With JPG 9 though, well here you go:

    http://i.imgur.com/ZK5l1.jpg

    Edit: Woah I can now see the full actual code!! We can use this as basis! Go for the trees if you are going to try to decode this!

    http://i.imgur.com/IKMrX.jpg
    Last edited by Sendatsu; 09-09-2012 at 12:07 AM.

  4. #19
    Member CoreCoins User nishila's Avatar
    Reputation
    3
    Join Date
    Mar 2009
    Posts
    12
    Thanks G/R
    0/0
    CoreCoins
    1000
    Trade Feedback
    0 (0%)
    Screenshot by Lightshot would you just drop this already ?

    Theory is Theory

  5. #20
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    Quote Originally Posted by nishila View Post
    Screenshot by Lightshot would you just drop this already ?
    Please type:

    /console SET screenshotFormat "jpg"
    /console SET screenshotQuality "9"


    BEFORE you take the screenshots.

    If quality is at 10, the patterns don't appear.

  6. #21
    Contributor _Mike's Avatar
    Reputation
    309
    Join Date
    Apr 2008
    Posts
    531
    Thanks G/R
    0/1
    CoreCoins
    13
    Trade Feedback
    0 (0%)
    Code:
    __text:00B3C980                   ; =============== S U B R O U T I N E =======================================
    __text:00B3C980
    __text:00B3C980                   ; Attributes: bp-based frame
    __text:00B3C980
    __text:00B3C980                   ; ScrnScreenshot(void (*)(int), unsigned char *, unsigned int, char  const*, char  const*, char  const*)
    __text:00B3C980                   __Z14ScrnScreenshotPFviEPhjPKcS3_S3_ proc near
    __text:00B3C980                                                           ; CODE XREF: Script_Screenshot(lua_State *)+37
    __text:00B3C980                                                           ; sub_76C3C0+36
    __text:00B3C980
    __text:00B3C980                   arg_0           = dword ptr  8
    __text:00B3C980                   arg_4           = dword ptr  0Ch
    __text:00B3C980                   arg_8           = dword ptr  10h
    __text:00B3C980                   arg_C           = dword ptr  14h
    __text:00B3C980                   arg_10          = dword ptr  18h
    __text:00B3C980                   arg_14          = dword ptr  1Ch
    __text:00B3C980
    __text:00B3C980 55                                push    ebp
    __text:00B3C981 89 E5                             mov     ebp, esp
    __text:00B3C983 8B 45 08                          mov     eax, [ebp+arg_0]
    __text:00B3C986 A3 C4 7F 98 01                    mov     ds:__ZL15s_captureScreen, eax ; s_captureScreen
    __text:00B3C98B 8B 45 0C                          mov     eax, [ebp+arg_4]
    __text:00B3C98E A3 C8 7F 98 01                    mov     ds:__ZL16s_pWatermarkData, eax ; s_pWatermarkData
    __text:00B3C993 8B 45 10                          mov     eax, [ebp+arg_8]
    __text:00B3C996 A3 CC 7F 98 01                    mov     ds:__ZL21s_uWatermarkDataBytes, eax ; s_uWatermarkDataBytes
    __text:00B3C99B 8B 45 14                          mov     eax, [ebp+arg_C]
    __text:00B3C99E A3 D0 7F 98 01                    mov     ds:__ZL18s_screenshotFolder, eax ; s_screenshotFolder
    __text:00B3C9A3 8B 45 18                          mov     eax, [ebp+arg_10]
    __text:00B3C9A6 A3 D4 7F 98 01                    mov     ds:__ZL24s_screenshotNameOverride, eax ; s_screenshotNameOverride
    __text:00B3C9AB 8B 45 1C                          mov     eax, [ebp+arg_14]
    __text:00B3C9AE A3 D8 7F 98 01                    mov     ds:__ZL19s_depthNameOverride, eax ; s_depthNameOverride
    __text:00B3C9B3 C9                                leave
    __text:00B3C9B4 C3                                retn
    __text:00B3C9B4                   __Z14ScrnScreenshotPFviEPhjPKcS3_S3_ endp
    __text:00B3C9B4
    __text:00B3C9B4                   ; ---------------------------------------------------------------------------
    source: osX build 15662

    The watermark contains your account name, a timestamp and some other data that I haven't bothered looking at.

  7. The Following 1 Members Gave Thanks To _Mike For This Useful Post:

    Sendatsu
  8. #22
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    Quote Originally Posted by _Mike View Post
    The watermark contains your account name, a timestamp and some other data that I haven't bothered looking at.
    Nice find! It is possible that the information is encoded based on the image dimensions, but I have no way of confirming this (only the theory on QR codes).

    For those of us who don't "speak" Assembly, can you explain what we are looking at please? What is contained in s_pWatermarkData?
    Last edited by Sendatsu; 09-09-2012 at 02:11 AM.

  9. #23
    Contributor CoreCoins User drm420's Avatar
    Reputation
    101
    Join Date
    Aug 2012
    Posts
    192
    Thanks G/R
    1/2
    CoreCoins
    2056
    Trade Feedback
    0 (0%)
    Quote Originally Posted by _Mike View Post
    Code:
    __text:00B3C980                   ; =============== S U B R O U T I N E =======================================
    __text:00B3C980
    __text:00B3C980                   ; Attributes: bp-based frame
    __text:00B3C980
    __text:00B3C980                   ; ScrnScreenshot(void (*)(int), unsigned char *, unsigned int, char  const*, char  const*, char  const*)
    __text:00B3C980                   __Z14ScrnScreenshotPFviEPhjPKcS3_S3_ proc near
    __text:00B3C980                                                           ; CODE XREF: Script_Screenshot(lua_State *)+37
    __text:00B3C980                                                           ; sub_76C3C0+36
    __text:00B3C980
    __text:00B3C980                   arg_0           = dword ptr  8
    __text:00B3C980                   arg_4           = dword ptr  0Ch
    __text:00B3C980                   arg_8           = dword ptr  10h
    __text:00B3C980                   arg_C           = dword ptr  14h
    __text:00B3C980                   arg_10          = dword ptr  18h
    __text:00B3C980                   arg_14          = dword ptr  1Ch
    __text:00B3C980
    __text:00B3C980 55                                push    ebp
    __text:00B3C981 89 E5                             mov     ebp, esp
    __text:00B3C983 8B 45 08                          mov     eax, [ebp+arg_0]
    __text:00B3C986 A3 C4 7F 98 01                    mov     ds:__ZL15s_captureScreen, eax ; s_captureScreen
    __text:00B3C98B 8B 45 0C                          mov     eax, [ebp+arg_4]
    __text:00B3C98E A3 C8 7F 98 01                    mov     ds:__ZL16s_pWatermarkData, eax ; s_pWatermarkData
    __text:00B3C993 8B 45 10                          mov     eax, [ebp+arg_8]
    __text:00B3C996 A3 CC 7F 98 01                    mov     ds:__ZL21s_uWatermarkDataBytes, eax ; s_uWatermarkDataBytes
    __text:00B3C99B 8B 45 14                          mov     eax, [ebp+arg_C]
    __text:00B3C99E A3 D0 7F 98 01                    mov     ds:__ZL18s_screenshotFolder, eax ; s_screenshotFolder
    __text:00B3C9A3 8B 45 18                          mov     eax, [ebp+arg_10]
    __text:00B3C9A6 A3 D4 7F 98 01                    mov     ds:__ZL24s_screenshotNameOverride, eax ; s_screenshotNameOverride
    __text:00B3C9AB 8B 45 1C                          mov     eax, [ebp+arg_14]
    __text:00B3C9AE A3 D8 7F 98 01                    mov     ds:__ZL19s_depthNameOverride, eax ; s_depthNameOverride
    __text:00B3C9B3 C9                                leave
    __text:00B3C9B4 C3                                retn
    __text:00B3C9B4                   __Z14ScrnScreenshotPFviEPhjPKcS3_S3_ endp
    __text:00B3C9B4
    __text:00B3C9B4                   ; ---------------------------------------------------------------------------
    source: osX build 15662

    The watermark contains your account name, a timestamp and some other data that I haven't bothered looking at.
    no where in any of what you posted is there a time stamp or a character name nor is there any proof of where you got that from Im calling trolling if you want to prove this 100% let us put up our own screenshot to test you.

  10. #24
    Contributor _Mike's Avatar
    Reputation
    309
    Join Date
    Apr 2008
    Posts
    531
    Thanks G/R
    0/1
    CoreCoins
    13
    Trade Feedback
    0 (0%)
    Quote Originally Posted by drm420 View Post
    no where in any of what you posted is there a time stamp or a character name nor is there any proof of where you got that from Im calling trolling if you want to prove this 100% let us put up our own screenshot to test you.
    I gave you the client build number and the offsets. Look it up yourself.

  11. #25
    Contributor _Mike's Avatar
    Reputation
    309
    Join Date
    Apr 2008
    Posts
    531
    Thanks G/R
    0/1
    CoreCoins
    13
    Trade Feedback
    0 (0%)
    It's a disassembly listing from IDA Pro of the beta mac binary (because it has function names which the windows version doesn't).
    58D9F0 is the address of the same function in the current live windows 32 bit exe.
    Put a breakpoint on it and look at what the 2nd argument contains when you press print screen.
    58DA60 is the function which takes the actual screenshot, and BB6990 is where the watermark data is encoded.
    I'm working on a decoder but the functions are a bitch to reverse

    And I'm sorry for the harsh tone earlier. I had 2 tabs open and I mistook this for the mem editing section so I assumed people would know how to verify it themselves.
    Last edited by _Mike; 09-09-2012 at 02:39 AM.

  12. #26
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    As far as I understand up until now, based on the new data I acquired thanks to the white tree idea of bluesius, the repeating pattern has some static parts and some dynamic parts.

    1) The static parts remained the same on ALL characters who took the screenshot while being in the same account_id+location+guild+realm and having the same screen resolution (I don't know which of these factors are stored so I mentioned them all).

    2) The dynamic parts keep changing every time you take a new screenshot regardless of the character, so it probably has something to do with current time/date.

    If we change the screen resolution, the entire representation changes but the new screenshots still follow the above two rules.

    In order to see this visually, I singled out the unique element which comprises the pattern (by repeating itself 5 times on my resolution) and I used red for the static parts and blue for the dynamic parts:

    http://i.imgur.com/I4hnr.jpg

    (red dots intentionally blurred out for obvious reasons)

    Thanks to _Mike's disassembly (thanks Mike!), we now know that these extra data are not added for decompression reasons but as an extra watermark on top of the image.

    Can someone please analyze the Assembly code further and find what is stored in s_pWatermarkData and in s_uWatermarkDataBytes?
    Last edited by Sendatsu; 09-10-2012 at 12:43 AM.

  13. #27
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    Until you are finished with the programming part, I had a look at Blizzard's Terms of Use.

    The first part that I assume almost everyone knows is that we don't own anything, even though we pay for it every month:

    No Ownership Rights in Account.
    NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, YOU ACKNOWLEDGE AND AGREE THAT YOU SHALL HAVE NO OWNERSHIP OR OTHER PROPERTY INTEREST IN ANY ACCOUNT STORED OR HOSTED ON A BLIZZARD SYSTEM, INCLUDING WITHOUT LIMITATION ANY BNET ACCOUNT OR WORLD OF WARCRAFT ACCOUNT, AND YOU FURTHER ACKNOWLEDGE AND AGREE THAT ALL RIGHTS IN AND TO SUCH ACCOUNTS ARE AND SHALL FOREVER BE OWNED BY AND INURE TO THE BENEFIT OF BLIZZARD.
    The second part that not all may know is that, when the game is running, apart from checking our RAM and CPU processes for possible "unauthorized tasks", they also:

    B. WHEN THE GAME IS RUNNING, BLIZZARD MAY OBTAIN CERTAIN IDENTIFICATION INFORMATION ABOUT YOUR COMPUTER, INCLUDING WITHOUT LIMITATION YOUR HARD DRIVES, CENTRAL PROCESSING UNIT, IP ADDRESS(ES) AND OPERATING SYSTEM(S), FOR PURPOSES OF IMPROVING THE GAME AND/OR THE SERVICE, AND TO POLICE AND ENFORCE THE PROVISIONS OF ANY BLIZZARD AGREEMENT.
    Yes, Blizzard may obtain information about your hard drives, your CPU, your IP address (obviously) and your operating system, to police and enforce provisions. And apart from that, they can also:

    IN THE EVENT THAT THE GAME DETECTS AN UNAUTHORIZED THIRD PARTY PROGRAM, BLIZZARD MAY (a) COMMUNICATE INFORMATION BACK TO BLIZZARD, INCLUDING WITHOUT LIMITATION THE ACCOUNT NAME, DETAILS ABOUT THE UNAUTHORIZED THIRD PARTY PROGRAM DETECTED, AND THE TIME AND DATE THE UNAUTHORIZED THIRD PARTY PROGRAM WAS DETECTED;
    So, basically, every time a new patch comes along and we rush through the ToS screens to quickly check out the new content, Blizzard asks us, in full-caps rage, to allow them to communicate our account name, details about the running task(s) and the time and date of the detections.

    With the above in mind, it starts to become clearer why this information is included in each screenshot, and that we should be thankful they omitted also adding it on top of the full quality images like JPG10 or TGA (possibly to avoid deteriorating the quality).

    As certain laws point out though, like the newly voted Cookie law (which may apply mainly for websites but has already set a general standard), we must be specifically informed for every piece of information we are sharing with them.

    I understand from the ToS that they are scanning my hard disk and I have to agree with it, hoping that they won't access my personal files. But it was never explained that every time we share a screenshot, we also share our account name with it and possibly our IP address. If hackers find a way to read these data, it could endanger the security of our account and/or system. As I said a few posts back, security by obscurity never works, and you have been uncovered.
    Last edited by Sendatsu; 09-09-2012 at 03:16 AM.

  14. #28
    Contributor Sendatsu's Avatar
    Reputation
    250
    Join Date
    Sep 2012
    Posts
    98
    Thanks G/R
    1/7
    CoreCoins
    58
    Trade Feedback
    0 (0%)
    Introductory post updated with all the information we know up until now.

  15. #29
    Master Sergeant Etherea's Avatar
    Reputation
    30
    Join Date
    Feb 2007
    Posts
    135
    Thanks G/R
    0/0
    CoreCoins
    0
    Trade Feedback
    0 (0%)
    Clearly JPEG artifacts as pointed out by Frito and Arai. Anyone who continues to think this is a conspiracy is a complete moron. Given the nature of JPEG compression it wouldn't even be possible to code in high-detail QR codes, and if they were really doing this it would appear in lossless format as well.

  16. #30
    Corporal ReignDrop's Avatar
    Reputation
    5
    Join Date
    Nov 2010
    Posts
    34
    Thanks G/R
    0/0
    CoreCoins
    3
    Trade Feedback
    0 (0%)
    so i skipped pages 2 and 3 to say this. Is there seriously an argument that blizz might be tracking us through our print screens when we readily allow them all of our information via our internet connection to their servers? Any and everything that exists on a screen shot, hidden or not, they already have access to on their servers.

    What would be the point of finding you through a screen shot when they have people who already go through their server information to gather much more accurate and relevant information?

 

 
Page 2 of 20 FirstFirst 123456 12 ... LastLast

Similar Threads

  1. [Buying] [Check your Wardobe] LF Icebane Leggings - paying good (Look inside)
    By kryx123 in forum WoW-EU Account Buy Sell Trade
    Replies: 0
    Last Post: 08-01-2016, 08:32 AM
  2. [Selling] GODLY level 24, valor, 2,4k Dragonite, 1,9k Gyarados! RULE YOUR CITY!!! LOOK INSIDE!
    By JuggerNuat in forum Pokemon GO Buy Sell Trade
    Replies: 0
    Last Post: 07-21-2016, 04:51 AM
  3. [Selling] wow accounts fresh - your name - look inside *** Cheap ***
    By ondastha in forum WoW-EU Account Buy Sell Trade
    Replies: 0
    Last Post: 01-13-2015, 06:45 PM
  4. GUIDE: HOW TO USE TORRENTS (Look inside)
    By Hounro in forum Community Chat
    Replies: 14
    Last Post: 01-22-2007, 08:04 PM
All times are GMT -5. The time now is 07:23 PM. Powered by vBulletin® Version 4.2.2
Copyright © 2017 vBulletin Solutions, Inc. All rights reserved. Digital Point modules: Sphinx-based search