noisybox.net

BattleMail Cheat/Crack

Introduction:

So people around the office begin sending me these challenges via BattleMail. The download is bloated, but I still go there and install their cute little utility. I play a few games and it's slightly amusing.

I try and develop some kind of strategy, but quickly learn that this is merely a game of chance. Sure, you can play 1000 games and begin to learn your opponents strategies, but that certainly wasn't my style. I soon got tired of getting my ass kicked by people with more goof-off time than myself. I had to find a way to cheat...

The Process:

I saved a few of the BattleMail attachments to a temp directory and started exploring. What do you know...the .BMD files are all roughly the same size. So I open up a few in a hex editor (vedit was convenient at the time) and start looking for blocks of 12 bytes that change in each document. I reasoned that the 6 attacks and 6 blocks would be stored together at the same place in each document: I was right.

At an offset of 249 in each file are 12 bytes that are always have a value of 0, 1, or 2. Looks a lot like a mapping of Low, Medium, and High values to me. Now what I needed was a way to extract the information and make it useful to a cheater such as myself. A C program would work nicely.

I write a quick little C program to extract the bytes and display a human readable output of what attacks and what moves were used by the challenging player. Works like a charm. Perfect KO every time.

The Cheat:

To use the cheat files provided below, you must save the .BMD attachment to your hard drive prior to accepting the challenge. It should be noted that this cheat will ONLY work on incoming challenges...there is currently no known way to cheat at BattleMail when sending a challenge to another player. In fact, it is now likely that your opponent will chat and you will use.

The BMExtract.exe file provided below is intended to be run from the command line. Program usage is straightforward:

BMExtract.exe <filename.bmd>
   where <filename.bmd> is the name of the saved BattleMail attachment.

A list of each attack and block will be displayed in the order they were chosen. Now open up BattleMail and use the attachment to accept the challenge. Attack different zones from what your opponent has chosen for blocks. Block the zones that s/he attacks. Perfect KO every time.

Downloads:

I have provided two files for download:

BMextract.exe Windows executable utility to extract moves from a .BMD BattleMail document
BMextract.cpp Full free source code that demonstrates exactly how to extract the moves from a .BMD file. This is the exact same source used to create the above executable

The above files are provided without any guarantees or warranties of any kind. The code provided here is freeware and may be freely downloaded and used to any extent. I place these files openly into the public domain without restriction.

Comments:

Ok, I admit it. I took all the fun out of playing BattleMail. It's pointless now for anybody to challenge anybody else, because the opponent may simply cheat their way to victory. So what.

There are two main points that I would like to touch on briefly:

  1. BattleMail itself is banal. It is an excercise in futility. It is an over-hyped up version of ro-sham-bo (rock/paper/scissors). If you really enjoy this sort of thing, get some beers and play one-on-one ro-sham-bo for drinks. If you turn the television off long enough, you may even be able to avoid the advertising being pushed in your face.
  2. BattleMail should have done a much better job in hiding the moves in the document. There is no processing/encoding of the moves and they are extremely easy to find. There are numerous ways of hiding 12 bytes in a binary file. I won't go into detail, but anybody with some techical knowledge should be able to implement a better method in a few hours.

I also understand that BattleMail has a similar program (probably marketed at those hooligan Euro types) called BattleMail Soccer that allows players to have a shoot out contest. I have been told that the above software will not work directly on BattleMail Soccer documents. The main reason for this is that there are more than 3 choices for some of the moves. Apparently, the moves are stored in the same manner at the same location in the document file, the above program simply does not map the moves appropriately and does not recognize more than 3 choices per move.

I will leave modification of the above software as an excercise for the reader. If you have successfully modified the above code to be compatible with BattleMail Soccer, please drop me a note and provide me with code.