S>C 0x17 SID_READMEMORY

Transport Layer:Transmission Control Protocol (TCP)
Application Layer:Battle.net v1 TCP Messages (SID)
Message Id:0x17
Message Name:SID_READMEMORY
Direction:Server to Client
Options: Deprecated
Used By:Starcraft Original, Starcraft Broodwar
Starcraft Shareware, Starcraft Japanese
Diablo Retail, Diablo Shareware
Warcraft II BNE
Message Format:
(does not include protocol header)
(UINT32) Request ID
(UINT32) Address
(UINT32) Length

Remarks

Rudimentary hack detection system. Was never used probably due to terrible implementation with little security.

Yes, it is possible for a PvPGN server to read EVERYTHING that is in the process' memory, including sensitive information such as your CDKey.

Found at:
battle!1901D470h (as of 1.16.1)

NOTE: No longer used, as Warden is now used to monitor for hacks. The Battle.net clients still support this though so one can code in support for it if one so desires. Due to it being no longer actively used by Battle.net, this packet is being marked as defunct.

Anonymous

Comments

xpeh

Change the status, it's not defunct. It still works.

Caaaaarrrrlll

Do you have proof that any Blizzard client still uses this packet, or in fact that Battle.net still sends this?

xpeh

Battle.Net clients still support it. So it can be used with Battle.Net emulators, or if someone uses man in the middle.

Kyro

Updated packet information to include this:

NOTE: No longer used, as Warden is now used to monitor for hacks. The Battle.net clients still support this though so one can code in support for it if one so desires. Due to it being no longer actively used by Battle.net, this packet is being marked as defunct.

Thanks for your contribution, xpeh. :)