Text only | Text with Images

Valhalla Legends Archive

Programming => General Programming => Assembly Language (any cpu) => Topic started by: thetempest on December 21, 2003, 04:29 PM

Title: Reverse Engineering suggestions
Post by: thetempest on December 21, 2003, 04:29 PM
Hey,

I'm intresting in hearing methods and ideas on ways to reverse engineer a RTS's INGAME mplayer packet protocol.

most importantly, how to associate action->packetID...the reason i think that that is SO difficult is because there are always packets FLYING everywhere. I dont know how to distenquish between the two.

Thanks
Title: Re:Reverse Engineering suggestions
Post by: Adron on December 21, 2003, 07:18 PM
Find the pattern!

Try to minimize what happens all the time, then look for the pattern in that. You may need to sample a lot of data.

After you see what is "nothing", do "something", perhaps many times, and look for the change in the pattern. If all of the pattern changes randomly, disassemble the game and look for encryption or compression of packets.
Title: Re:Reverse Engineering suggestions
Post by: Grok on December 21, 2003, 08:12 PM
Yup I do the same.  It is important to understand what 'chatter' exists free from your overt actions.  You can figure out the chatter later, it's often less fun.  Once you filter that out, or by just ignoring it, do something unique, and something less unique, that are the same class of action.

Like, shoot an enemy, then shoot a non-target.  You should have two new packets, both indicating you fired a shot, and possibly different parameters.  Unless they were in the same spot, you'll at least be shooting a different vector or grid location.

If you have a clean well-designed protocol, it could lend itself to figuring out.  I've been trying to figure out the protocol for one of my work applications for over a year.  It's a near-total mess, but the header is consistently organized.  It has an ID in the first WORD, which is a nice start.  But the rest of the packet data is such junk!  90% 00's most of the time.
Title: Re:Reverse Engineering suggestions
Post by: iago on December 22, 2003, 02:00 AM
In starcraft, when I do work on ingame packets, I dump them all to the screen and a file, with some pattern-filters.
Title: Re:Reverse Engineering suggestions
Post by: thetempest on December 22, 2003, 11:05 PM
what progs you use iago to filter?
Title: Re:Reverse Engineering suggestions
Post by: iago on December 23, 2003, 04:47 AM
I call them "if" statements..
Title: Re:Reverse Engineering suggestions
Post by: Grok on December 23, 2003, 06:34 AM
Quote from: iago on December 23, 2003, 04:47 AM
I call them "if" statements..

No way?  Me too!  j/k.  switch() is superior in nearly every case I'm accustomed to handling.
Title: Re:Reverse Engineering suggestions
Post by: Kp on December 23, 2003, 09:55 AM
Quote from: Grok on December 23, 2003, 06:34 AM
switch() is superior in nearly every case

*kick*  Bad pun!
Title: Re:Reverse Engineering suggestions
Post by: Banana fanna fo fanna on December 24, 2003, 09:57 PM
That was indeed terrible and horrific. -1
Text only | Text with Images