Request for Research: The Starcraft Game Protocol

MysT_DooM · April 19, 2007, 08:54 PM

well i started again on this project and I have a unknown label in my 0x06 notes and was wondering if any of you guys knew what it might be.

What i reckon it might be is the amount of times or speed (like send me every x seconds) ...well nm thats the purpose of the command seq counter....so hmmm...no idea

Quote
[Host sends this]

UDPPKT_WhosWho(0x06) C -> S

(DWORD) Null
(WORD) UDP Checksum of Packet
(WORD) Length
(WORD) Sent
(WORD) Recv
(BYTE) Command (Always &H0)
(BYTE) Packet ID (&H6)
(WORD) Host ID (&H0)
(DWORD) Unknown
(DWORD) Player ID
(DWORD) [?]Host Location[?] or is Host &H1 [?]
(DWORD) Null
(DWORD) Command SEQ Counter (Same from 0x08)
(WORD) Unknown
(WORD) Port
(DWORD) IP
(DWORD) Null
(DWORD) Null
(STRING) Player Name
(WORD) Null Ending

Quote
SEND-> 0000 00 00 00 00 E4 72 37 00 03 00 03 00 00 06 00 00 .....r7.........
SEND-> 0010 2B 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 +...............
SEND-> 0020 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 '...............
SEND-> 0030 00 00 00 00 74 68 69 65 66 00 00 ....thief..

SEND-> 0000 00 00 00 00 19 B8 36 00 03 00 03 00 00 06 00 00 ......6.........
SEND-> 0010 2A 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 *...............
SEND-> 0020 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
SEND-> 0030 00 00 00 00 4D 79 73 74 00 00 ....Myst..

SEND-> 0000 00 00 00 00 44 27 37 00 03 00 03 00 00 06 00 00 ....D'7.........
SEND-> 0010 2B 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 +...............
SEND-> 0020 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3...............
SEND-> 0030 00 00 00 00 54 68 69 65 66 00 00 ....Thief..

MysT_DooM · April 22, 2007, 01:04 PM

upon further review seems like a corelation between the size of the packet and that unknown data

iago · April 22, 2007, 01:17 PM

Hope this helps:

Code Select

struct message {
 unsigned long udptype;
 unsigned short checksum;
 unsigned short len;
 unsigned short pos1;
 unsigned short pos2;
 unsigned char cls;
 unsigned char cmd;
 unsigned char sender;
 unsigned char resend;
 char data[];
 };

I'm not entirely sure on what the fields mean, but they roughly correspond to TCP fields (seq, ack, etc.) as well as the priority of the packet.

And by the way, hex is denoted by prepending 0x or appending h, as in 0x123 or 123h. That whole "&h" business is ewwy.

MysT_DooM · April 22, 2007, 04:12 PM

yeh thats the baseline structure of the udp packet, but still wondering if someone knows the what the data means, the first dword in char data[]; for this specific packet. (the first 2 Unknowns are not rly unknown, i know wat there purpose is, i just couildnt figure out a name for it at the time so thats why i wrote unknown, the unknown im talking bout is the one highlighted in orange)

starting to think it has something to do with the length, after a few packet logs with different username lengths and diff maps. just wondering b4 i go further. most likly is something to do with length; just looking for second opinions

Ringo · April 29, 2007, 05:29 PM

I think* it is used to work out the start-locations and/or color of a player (or all players), based on there asigned player ID/Index.
Its been awhile, and I cant find anything on it in any old projects, but I pretty sure that is what it is.
(If im not getting confused with that command 2, 0x40somthing packet that is issued when the game starts

)

MysT_DooM · April 29, 2007, 05:41 PM

ur confused

The value is the same when logged using different lengthd usernames to shrink/expand the length of packet and the value changes appropreiatly.
so a log with a 3 digit usernames would all have same value, 4digit usernames all smae value , etc etc
So it has something to do with length.

Ringo · April 29, 2007, 05:50 PM

Ah, yeah I am

Your right, its a lengh dword, from offset 0x17 (that dword/start of packet payload) to the end of the packet.

Heinermann · July 12, 2007, 10:33 AM

In comparison to the Replay Opcode format, the packet opcodes, I have observed to be the same.

Opcodes: http://www.maplantis.org/index.php?pg=wiki;id=99
Orders: http://www.maplantis.org/index.php?pg=wiki;id=104
Units: http://www.maplantis.org/index.php?pg=wiki;id=101
Technologies: http://www.maplantis.org/index.php?pg=wiki;id=102
Upgrades: http://www.maplantis.org/index.php?pg=wiki;id=103

Slot Owner
* 00 - Inactive
* 01 - Passive (Enemy)
* 02 - Occupied by Human Player
* 03 - Rescue Passive
* 04 - Unused
* 05 - Computer
* 06 - Human (Open Slot)
* 07 - Neutral
* 08 - Closed

Race
* 00 - Zerg
* 01 - Terran
* 02 - Protoss
* 03 - Unused (Independent)
* 04 - Unused (Neutral)
* 05 - User Selectable
* 06 - Random (Forced in UMS[not actually random], Random in melee)
* 07 - Inactive

Also I'm assuming there are packets for

1. Making game public.
2. Booting/Banning a player.
3. Clicking Start in the Mission Briefing.
4. Sending Text.
5. Team Melee stuff.

MysT_DooM · November 13, 2007, 08:15 PM

Quote from: Heinermann on July 12, 2007, 10:33 AM

Also I'm assuming there are packets for

4. Sending Text.

yep

Code Select



S>C & C>S  InGame Chat 
(DWORD)  Null
(WORD)   UDP Checksum of Packet
(WORD)   Length
(WORD)   Sent
(WORD)   Recv
(BYTE)   Command (Command 1)
(BYTE)   Packet ID (&H0)
(WORD)   Player ID
(WORD)   Unused
(STRING) Message

                  00 00 .. 
00 00 7F D2 2B 00 23 00 1B 00 01 00 00 00 00 00 57 68 79 20 77 6F ....+.#.........Why wo
75 6C 64 20 49 20 63 61 72 65 20 6F 66 20 62 6F 74 73 20 3C 2E 3C uld I care of bots <.<
00          .


           00 00 ..
00 00 54 9C 1A 00 1D 00 13 00 01 00 00 00 00 B5 4D 79 73 74 20 69 ..T.............Myst i
73 20 65 6D 6F 00        is emo.

Code Select


C>S S>C In GameRoom Chat
(DWORD)  Null
(WORD)   UDP Checksum of Packet
(WORD)   Length
(WORD)   Sent
(WORD)   Recv
(BYTE)   Command (Command 1)
(BYTE)   Packet ID (&H0)
(WORD)   Player ID 
(WORD) Unknown (Seems to be always 00 4C)
(STRING) Message

           00 00 ..
00 00 2E BD 1A 00 05 00 01 00 01 00 00 00 4C 68 65 6C 6C 6F 20 62 ..............Lhello b
61 64 61 73 73 00        adass.

00 00                                                     ..
00 00 2D 38 11 00 03 00 05 00 01 00 01 00 4C 64 61 6D 00  ..-8..........Ldam.

           00 00 ..
00 00 91 8B 1A 00 06 00 06 00 01 00 02 00 4C 64 75 64 65 20 50 75 ..............Ldude Pu
62 20 73 75 78 00        b sux.

and

Quote from: Heinermann on July 12, 2007, 10:33 AM
Also I'm assuming there are packets for

1. Making game public.

5. Team Melee stuff.

As for the making game public, just dont have a pw in your 0x1C (TCP)

And for Team Melee that would be decided in the "statstring" area of your 0x1C by the GameType section of that, team melee i would think means Top vs Bottom so it would be "f".

Leaky · November 19, 2007, 10:02 PM

Quote(DWORD) Null
(WORD) UDP Checksum of Packet
(WORD) Length
(WORD) Sent
(WORD) Recv
(BYTE) Command (Command 1)
(BYTE) Packet ID (&H0)
(WORD) Player ID
(WORD) Unused
(STRING) Message

you keep getting the header incorrect...

Code Select


(DWORD)  UDP Class
(WORD)   UDP Checksum of Packet
(WORD)   Length
(WORD)   Sent
(WORD)   Recv
(BYTE)   Command
(BYTE)   Packet ID
(WORD)   Player ID
(WORD)   Resend
(STRING) Message

the header was already established a while back

no need to rename parts of it

Leaky · November 19, 2007, 10:09 PM

Quote from: MysT_DooM on April 19, 2007, 08:54 PM
well i started again on this project and I have a unknown label in my 0x06 notes and was wondering if any of you guys knew what it might be.

What i reckon it might be is the amount of times or speed (like send me every x seconds) ...well nm thats the purpose of the command seq counter....so hmmm...no idea

Quote
[Host sends this]

UDPPKT_WhosWho(0x06) C -> S

(DWORD) Null
(WORD) UDP Checksum of Packet
(WORD) Length
(WORD) Sent
(WORD) Recv
(BYTE) Command (Always &H0)
(BYTE) Packet ID (&H6)
(WORD) Host ID (&H0)
(DWORD) Unknown
(DWORD) Player ID
(DWORD) [?]Host Location[?] or is Host &H1 [?]
(DWORD) Null
(DWORD) Command SEQ Counter (Same from 0x08)
(WORD) Unknown
(WORD) Port
(DWORD) IP
(DWORD) Null
(DWORD) Null
(STRING) Player Name
(WORD) Null Ending

Quote
SEND-> 0000 00 00 00 00 E4 72 37 00 03 00 03 00 00 06 00 00 .....r7.........
SEND-> 0010 2B 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 +...............
SEND-> 0020 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 '...............
SEND-> 0030 00 00 00 00 74 68 69 65 66 00 00 ....thief..

SEND-> 0000 00 00 00 00 19 B8 36 00 03 00 03 00 00 06 00 00 ......6.........
SEND-> 0010 2A 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 *...............
SEND-> 0020 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
SEND-> 0030 00 00 00 00 4D 79 73 74 00 00 ....Myst..

SEND-> 0000 00 00 00 00 44 27 37 00 03 00 03 00 00 06 00 00 ....D'7.........
SEND-> 0010 2B 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 +...............
SEND-> 0020 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3...............
SEND-> 0030 00 00 00 00 54 68 69 65 66 00 00 ....Thief..

Quote
[Host sends this]

UDPPKT_WhosWho(0x06) C -> S

(DWORD) Null
(WORD) UDP Checksum of Packet
(WORD) Length
(WORD) Sent
(WORD) Recv
(BYTE) Command (Always &H0)
(BYTE) Packet ID (&H6)
(WORD) Host ID (&H0)
(DWORD) Unknown
(DWORD) Player ID
(DWORD) [?]Host Location[?] or is Host &H1 [?]
(DWORD) Null
(DWORD) Command SEQ Counter (Same from 0x08)
(WORD) Unknown
(WORD) Port
(DWORD) IP
(DWORD) Null
(DWORD) Null
(STRING) Player Name
(WORD) Null Ending

you've got those switched

should be

Code Select


[Host sends this]

UDPPKT_WhosWho(0x06) C -> S

(DWORD) Length - Length of packet data (not including header) 
(DWORD) Player ID 
(BOOLEAN) Is Host? 
(DWORD) **Unknown 
(DWORD) Command 2 Sequence Counter -- Recieved 
(WORD) Family - always 0x02 AF_INET 
(WORD) Port 
(DWORD) IP Address 
(DWORD) SIN_ZERO(0)
(DWORD) SIN_ZERO(1)
(STRING) Username 
(STRING) Stat String

that's the actual packet data, and the header is the same standard one.

Heinermann · December 06, 2007, 11:47 AM

I have updated the wiki on command class 1 and 2 data.

http://www.maplantis.org/index.php?pg=wiki;id=99

bLueStar · June 18, 2009, 02:46 AM

Heres some juicy info

Quote from: bLueStar
########################################################
## JOIN GAME SEQUENCE - DATA SENT THROUGH UDP TO HOST ##
########################################################

HEADER :
(DWORD) Null Padding
(WORD) Data Checksum
(WORD) Data Length
(WORD) Seq. 1
(WORD) Seq. 2
(BYTE) CLS
(BYTE) Command
(BYTE) Player ID
(BYTE) Resend
(VOID) Data

************************************************************************************************************************************************
*   NOTES:
*
*   The type (STRING) always end with 0x00 even when the string is empty.
*
*   CLS can be either 0, 1 or 2.
*   Theres a Seq1 and a Seq2 for the 3 kind of CLS.
*
*   Seq1 start at 0 and Seq2 start at 1 for CLS 0
*
*   When you send a packet : Send the datas and then increase the Seq1 of the aimed CLS by one.
*   When you receive a packet : The Seq2 of the aimed CLS become the Seq1 received + 1
*   When you receive the SERVER GAME INFO packet, the Seq1 of the CLS 2 become "CurrentClass2Sequence" found in SERVER GAME INFO structure.
*   This sequence number (Seq1 and Seq2) are used to synchronize each players/packets. The host give you what Seq2 was when you joined.
*   The host will be the first to send you a CLS 2 packet so the Seq2 of CLS 2 will become his Seq1 + 1.
************************************************************************************************************************************************

DETAILED JOIN SEQUENCE :

1) Send : CLIENT GAME JOIN REQUEST (SEND 3 TIME THE EXACT SAME PACKET AND INCREASE THE SEQUENCE ONLY ONCE)
2) Receive : SERVER GAME JOIN REPLY
3) Send : CLIENT UNKNOWN (RESPONSE TO "SERVER GAME JOIN REPLY" ?)
4) Send : CLIENT PLAYER INFO
5) Receive : SERVER GAME INFO
   For each playerCount in SERVER GAME INFO {
6)      Receive : SERVER PLAYERS INFO
   }
7) Receive : SERVER END OF PLAYER INFO ??
8) Receive : SERVER GAME SETTING INFO
9) Send : Reply to SERVER GAME SETTING INFO with an empty CLS 0, CMD 4 packet
10) Receive : CLS 0, CMD 4 packet
11) Send : Reply to last packet with an empty CLS 0, CMD 5 packet

Begin of CLS 2 Synchronization

------------------------------------------------------------------------------------------------------------------

Title: CLIENT GAME JOIN REQUEST
Direction: C>S
Class: 00
Command: 01
Player ID: FF <---- you still dont know your player ID
Resend: 00
Data:
(DWORD) Unknown - Always 0x00000001

------------------------------------------------------------------------------------------------------------------

Title: SERVER GAME JOIN REPLY
Direction: C<S
Class: 00
Command: 02
Player ID: 00
Resend: 00
Data:
(DWORD) Result - Always 0x00000001 (maybe to confirm that this is a listening starcraft game)

------------------------------------------------------------------------------------------------------------------

Title: CLIENT UNKNOWN (RESPONSE TO "SERVER GAME JOIN REPLY" ?)
Direction: C>S
Class: 00
Command: 03
Player ID: FF <---- you still dont know your player ID
Resend: 00
Data:
(DWORD) Unknown - Always 0x00000001

------------------------------------------------------------------------------------------------------------------

Title: CLIENT PLAYER INFO
Direction: C>S
Class: 00
Command: 07
Player ID: FF <---- you still dont know your player ID
Resend: 00
Data:
(STRING) Username
(STRING) StatsFromProduct
(STRING) Unknown - Always empty

------------------------------------------------------------------------------------------------------------------

Title: SERVER GAME INFO
Direction: C<S
Class: 00
Command: 08
Player ID: 00
Resend: 00
Data:
(DWORD) PlayersCount (Computer doesn't count)
(DWORD) UsableSlotsCount
(DWORD) CurrentClass2Sequence
(DWORD) Unknown - Always 0x00000004
(DWORD) GameTimeElapsed (in seconds)
(STRING) GameName
(STRING) GameStats
(STRING) Unknown - Always empty

------------------------------------------------------------------------------------------------------------------

Title: SERVER PLAYERS INFO
Direction: C<S
Class: 00
Command: 06
Player ID: 00
Resend: 00
Data:
(DWORD) DataSize
(DWORD) playerID
(DWORD) isHost
(DWORD) Unknown - Always 0x00000000
(DWORD) CurrentClass2Sequence
(WORD) Unknown - 0x0002 when not host
(WORD) PlayerPort - 0x0000 if host
(DWORD) PlayerIP - 0x00000000 if host
(DWORD) Unknown - Always 0x00000000
(DWORD) Unknown - Always 0x00000000
(STRING) Username
(STRING) StatsString - Empty if host

------------------------------------------------------------------------------------------------------------------

Title: SERVER END OF PLAYER INFO ??
Direction: C<S
Class: 00
Command: 0F
Player ID: 00
Resend: 00
Data:
(DWORD) Unknown - Always 0x00000000

------------------------------------------------------------------------------------------------------------------

Title: SERVER GAME SETTING INFO
Direction: C<S
Class: 00
Command: 09
Player ID: 00
Resend: 00
Data:
(WORD) GameType - (0x02 = Melee, 0x03 = FFA, 0x04 = 1v1, 0x05 = CTF, 0x06 = Greed, 0x07 = Slaughter, 0x08 = Sudden Death, 0x0A = UMS, 0x0B = Team Melee, 0x0C = Team FFA, 0x0D = Team CTF, 0x0F = TvB)

If GameType = Greed
   (WORD) Unknown - Always 0x0001
   (WORD) Ressource
If GameType = Slaughter
   (WORD) Unknown - Always 0x0001
   (WORD) Minutes
If GameType = Team Melee OR GameType = Team FFA OR GameType = Team CTF
   (WORD) Unknown - NumberOfTeams - 1 ??
   (WORD) NumberOfTeams
If GameType = TvB
   (WORD) MatchUp - determine the amount of players in Home Team
   (WORD) MatchUp - same...wtf?
Else
   (WORD) Unknown - Always 0x0001
   (WORD) Unknown - Always 0x0000

(WORD) Unknown - Always 0x0000
(BYTE) Unknown - (Logged : 0x01)
(BYTE) Unknown - (Logged : 0x01)
(BYTE) Unknown - (Logged : 0x01)
(BYTE) Unknown - (Logged : 0x02)
(BYTE) Unknown - (Logged : 0x02)
(BYTE) Unknown - (Logged : 0x00)
(BYTE) Unknown - (Logged : 0x01)
(BYTE) Unknown - (Logged : 0x01)
(BYTE) Unknown - (Logged : 0x00)
(BYTE) Unknown - (Logged : 0x01)
(BYTE) Unknown - (Logged : 0x00)
(BYTE) Unknown - (Logged : 0x00) <---- same value as "Minutes" when GameType = Slaughter
(DWORD) Unknown - (Logged : 0x00000032)
(DWORD) Unknown - (Logged : 0x00000000)
(DWORD) Unknown - (Logged : 0x00000000)

------------------------------------------------------------------------------------------------------------------

Anyone can help with SERVER GAME SETTING INFO??? Unknown datas has nothing to do with slots states/races/players in the game, could it be the default slot race ??

Heinermann · October 26, 2009, 09:12 AM

http://code.google.com/p/vgce/source/browse/trunk/docs/Blizzard/Starcraft/packets2.txt
Still slightly outdated.

Notes:
Command class 1 is SNetSendMessage and SNetReceiveMessage via storm.
Command class 2 is SNetSendTurn and SNetReceiveTurns.
Command class 3 is unknown, but used by SNet135. (SNet135 is not used by Starcraft or older Blizzard games, even though storm.dll exports this entry. Someone please check if it is used in WC3 or WoW.)
Command class 0 is used for everything else.

SNetJoinGame uses command IDs 1(const size 4), 2(const size 4), 4(variable size?), 7(variable size?), and 12(const size 12).
SNetSetGameMode uses command ID 14(const size 4).
SNetLeaveGame uses command ID 11(const size 8).
SNetDropPlayer uses command ID 12(const size 12).
SNetInitializeProvider uses command IDs 3(const size 4), 5(variable size?), 6(variable size?), 8(variable size?), 9(variable size?), and 15(const size 4).
SNetGetOwnerTurnsWaiting and some others use command ID 13 (const size 4).

QuoteAnyone can help with SERVER GAME SETTING INFO??? Unknown datas has nothing to do with slots states/races/players in the game, could it be the default slot race ??

Try this:

Code Select


u16         GameTemplate_gameType;
u16         GameTemplate_subType;
u16         GameTemplate_subTypeDisplay;
u16         GameTemplate_subTypeLabel;
u8          GameTemplate_victoryConditions
                {
                    0x00 = "Map Default",
                    0x01 = "Melee",
                    0x02 = "Highest Score",
                    0x03 = "Resources",
                    0x04 = "CTF",
                    0x05 = "Sudden Death",
                    0x06 = "Slaughter",
                    0x07 = "One on One"
                };
u8          GameTemplate_resourceType
                {
                    0x00 = "Map Default",
                    0x01 = "Fixed Value",
                    0x02 = "Low",
                    0x03 = "Medium",
                    0x04 = "High",
                    0x05 = "Income"
                };
u8          GameTemplate_useStandardUnitStats;
u8          GameTemplate_fogOfWarUnused;
u8          GameTemplate_startingUnits
                {
                    0x00 = "Map Default",
                    0x01 = "Workers Only",
                    0x02 = "Workers and Center"
                };
u8          GameTemplate_useFixedPositions;
u8          GameTemplate_restrictionFlags
                {
                    0x01 = "Allow Computer Players",
                    0x02 = "Allow Single Player"
                };
u8          GameTemplate_alliesAllowed;
u8          GameTemplate_teams;
u8          GameTemplate_cheats;
u8          GameTemplate_tournamentMode;
u32         GameTemplate_victoryConditionValue;
u32         GameTemplate_resourcesValue;
u32         GameTemplate_unused;
u8          extraUnused;

Units, orders, upgrades, techs, etc. Can all be found in modding tools(DATEdit) and websites(Staredit.net).