Tuesday, August 28, 2007

How Games Use CD Key Information Online

Firstly, let me just say that stealing CD's keys is very lame and you really should be buying your own games. (help support companies that you enjoy, remember, piracy kills video game programmers, and I know how much you love your video games)

This article is completely for the purpose of information, freedom of speech and poking fun at the security of windows and people who think it is good enough to host multiplayer network games.

And because I can.

Although this File is public domain, please e-mail me before you go sticking it on your site, so I can keep a list of who has it so that if I update this or make any new files on such, I can inform you and give you the latest info.

Now I got that out of the way, I shall continue.

Many games these days require CD keys to activate, and legitimate ones at that if you want to play online without having to worry about someone else using the same key as you and getting annoying "Sorry, your CD key is in use" messages. Most popular of all is half life, to be more precise, Counter-strike.

I shall now refer to the game that requires the cd key as "Half life".

How CD key's work online:

For half-life, when you try to connect to a server, before you actually connect to that server, some information is passed on to a main server before you are allowed to actually properly connect to whatever server you want to play on.

This "Main server" basicly serves only one purpose: To check your WONID. (the ID your CD key gives you for online play). This WONID isn't actually your CD key, it's more or less an "Encrypted" Version of it, whilst also giving you an online "Identity". If you've been naughty on a server, like using some lame headshot hack or something, and are banned, your "WONID" is noted and thats the thing that gets banned.

The reason your WONID isn't your CD key number is that if everyone could see your CD key, there would be a lot more stealing of keys then there are now as it is.

If you still don't understand the difference between WONID and CD key, then I'll word it this way: Your CD key and WONID are directly linked, but are just different variations of each other. You use your CD key to activate your game. Your WONID is your "unique name" on the net, givin to you by your CD key. Everyone can see your WONID, no one can see your CD key unless they hack your computer or such.

Now, as I was originally saying, the main server checks your WONID, and then stores it there untill you decide to log off from whatever server it is you are on.

If anyone else try's to log onto a server, regardless if its the one you are on, and they are using the same CD key, they will have to pass through the main server, and the server will notice it has a WONID that's already logged on, and will not allow the second to come on untill the person with the same WONID logs off from his session.

So, over view in Diagram format:

Person1 with WONID 123 trys to connect to server "game". Before he completes connection, information is sent to "main". the WONID is noted, and let's 123 finish it's connection attempt.

123 --->Connect "Game"--->"Main" Notes "123" and stores it in it's memory---> 123 connects and frags happily, or dies whiles shouting "HAXOR!" or "CAMPER!".

Now, person2 is friends with person1, and person1 gave his CD key to person2 so he too can enjoy Counter strike or some other half life mod. Person2 decides he wants to join Person 1's game, and finds out that for some reason, it didn't work.

123 --->Connect "Game"--->"Main" looks at person2's WONID... and see's that the WONID is already playing.---> Sends the unfriendly message to Person2 "Sorry, your CD key is already in use, please try again later".

Person2 thinks "Maybe because we have the same CD key and tried going onto the same server it recognised me. What if I try a different server?" Well, same as the first, irrespective of the server.

123--->Connect "Game2"--->"Main" Notes "123" ...Already stored in it's memory --->Sends SYCDKIAIU.

Now that my quite lengthy and repetitive explanation is over, I now offer you a solution to such a problem: Getting keys that are legal, but no one uses anyway.

The most obvious of this, is to steal the keys from net cafes. Now, according to sales laws and such, LEGALLY, for every computer on a net cafe that has half life on it (or any other lan game) it should have it's own individual copy. Thats right, legally, 1 computer = 1 original copy of half life. Which means each should have their own unique CD key.

Now, some dodgey net cafes seem to think they are special, and decide to go and pirate half life, and the'll have some dodgey random key generator which is fine for network play, as there is no "official" server to check against the CD key to see if it has a WONID.

But if you try to use it online, you'll find out very fast that that it won't work as it's not really a valid CD key, its only enough to trick the game, but not the master server, as it knows all and sees all.

If you ever come across that runs a dodgey operation, do the gaming community a favour and dob them in to the local authority. Valve will love you for it. And you might even get your picture in the local paper or something Razz.

That or you can blackmail the net cafe owner into giving you "shut-up" Money.

Either way, heres how to find out if the cafe is running legit or not.

CD keys are not stored where you can find them easily, most games will "secure" the CD-key in the registry.

To access it, normally, you could just go "Start > Run > regedit > HKEY_CURRENT_User > Software > Valve > Half-life > Settings"

From there, look for a registry called "Key". The numbers after that is your CD Key.

Now, that's all well and dandy if you have full permission's at a net cafe or on your own computer, but what if they are running some sort of "cafe program" that restricts your access to just the games and select programs? Well, any decent net cafe will be offering the net, either as a seperate service or as part of the normal deal.

To access the registry, simple open up internet explorer, and then from the URL bar, just type C: .

Viola, you're in the computer. (pretty lame hacking huh?)

From there accessing the registry is as simple as "windows > system32 > then look for the registry program. Under different versions of windows, it will be named differently, be it will usually start with "reg". so just look out for the "regwhatever.exe" file and your in.

Now, take note of the key, write it down, email it to yourself or whatever, and then proceed to grab the rest of the keys from other computers. (Don't worry, no one will get too suspicious if you change comps every once in a while, windoze boxes are ghey and you can just blame it on "a bad box" or something if anyone does question you, though it's unlikely.)

Go home, edit your registry and change the CD key for half life to the stolen key, and try to log into a server.

You'll either have a legitamite key that no one else has, and hey, the net cafe won't be missing it, who the hell plays multiplayer games at a net-cafe online anyway? Or you'll get a message saying "your CD key is not a legitamite key. Please re-enter it" or something similer.

If it's the latter, feel free to dob that lousy net cafe in or blackmail them or something, if it's the former, you have a bunch of CD keys that no one else has and no one will be missing.

I hope this has somewhat enlightened you as to the behaviour and workings of CD-keys and dodgey net cafes.


Sriram said...

Cool da..Nice info :)

Sriram here.Visit my blog-http://maverickshaunt.blogspot.com/