Valhalla Legends Archive

when im  start learning english by my profession, i should understand that there is 2 different english languages, one is Speaking English, and other is Technical English. Cuz im programmer i decide learn Technical, and now i have alot of problems with speacking english ).
i telling its for explain why Data Markers means same as Data Tag, why Object ID means Signature. its same for translate but first in Speaking English, second in Technical. i have read alot of Tech Books, but none of simple. Thats how i understand all of this.

Im naming objects like it do most of Tech Books. Ofc i can name them with any names, but this more readable.
for Tech books ID used only for internal object/structures/other numerations only. Thats why Player ID/Slot ID.

Download Only BOT Cool Idea, did not thought about it. Great.

Updated! Added SID_GETADVLISTEX and SID_STARTADVEX3 for WAR3/W3XP games, and changed some names of fields.

thanks for link, got new versions of this files

Can u post it here? plz.
i have W3G_FORMAT version 1.12
and W3G_ACTIONS version 0.97
if you have new version post actions too, i cant found them

also i've update W3GS_GAMEINFO (look first post again in this topic)

man . theres alot of cheats that blizzard cant detect. one of them MapHack - will not give link to this one.
i just want to say that all this hacks aviable for download. if u need - you will find what u need.

and one more -- as good TDA DotA player i can say, the CHEATS will not save yours hero against smart and skilled player.
skilled players never use CHEATS - cuz there is no reason to play then.
in ladder - good players do harras, so they know what you have every moment, and where u are.
you can call them CHEATERS cuz they have such skill.
only noob will use CHEAT, and he will die without skill.
its TWO different sides CHEATER and SKILLED. and real skill always own cheat.
I never cry when i see MapHackers in DotA games, cuz they always lose.
Let them play with Cheats. When they grow, they will turn it off. MapHack helps to learn skill.
Where better to go at start, what to build, but better look replay after game.
You cant kill all CHEATs - Never! Its same as you cant catch all HACKERs.
So relax and use this info for yours own purpose, but remember SKILL OWN CHEAT!
Better make some usefull mod like Banlist.NL, but without Country Detection.
im from Russia, and when im joining most of Custom Public games - they kick me cuz im Russian,
i ban such hosts on TDA Channel, so i will never see them again in Private Games.
........
plz dont post here replys ... i did new topick ... ask all Q there.

this topick moved to http://forum.valhallalegends.com/index.php?topic=14994.0

you sad kids can use it for cheating ... you are wrong ...
game sends only target commands (while in game) all path, damage, and other is calculated by warcraft client,
so even u will know where other player moves - it will not let u spuff packet to attack him for example if he invisible.
also you should know that most of kids use MapHack... its more easy way to see what enemy do...
also you should know that MoneyHack can pool money from player to player without understand packet strucrures.
also you should know that DropHack and many others cheats done!
all cheats aviable ... so there is no reason to do this again
this documentation will help many of smart guys to create theyr own Banlists programs, or AMP calculators in game,
or some other usefull addons.
you cant do BOT without understand how War3 client works!

beat me if im not right!

Redone from post http://forum.valhallalegends.com/index.php?topic=14970.0

IPs of two computers that i used for testing and grabbing packets
192.168.0.1 - Host
192.168.0.3 - Client


1. LAN Game Search/Create/Decreate
2. Join Game
3. Map Check/Download

=====================================================
= 1. LAN Game Search/Create/Decreate                =
=====================================================

Lookup LAN Game
W3GS_SEARCHGAME 0x2F
OUT 255.255.255.255:06112 LEN:16
·  /  · ·  P X 3 W  · · · ·  · · · ·
f7 2f 1000 50583357 14000000 00000000
(BYTE)  f7       |W3GS Signature
(BYTE)  2f       |Packet Signature
(WORD)  1000     |Packet Size
(DWORD) 50583357 |Game Signature
(DWORD) 14000000 |Always 0x14? Maby its game version
(DWORD) 00000000 |Zero

*****************************************************

Create LAN Game
W3GS_CREATEGAME 0x31
OUT 255.255.255.255:06112 LEN:16
·  1  · ·  P X 3 W  · · · ·  · · · ·
f7 31 1000 50583357 14000000 03000000
(BYTE)  f7       |W3GS Signature
(BYTE)  31       |Packet Signature
(WORD)  1000     |Packet Size
(DWORD) 50583357 |Game Signature
(DWORD) 14000000 |Always 0x14? Maby its game version
(DWORD) 03000000 |Creation Counter

*****************************************************

Refresh LAN Game (every 5 seconds or slot change)
W3GS_REFRESHGAME 0x32
OUT 255.255.255.255:06112 LEN:16
·  2  · ·  · · · ·  · · · ·  · · · ·
f7 32 1000 03000000 01000000 04000000
(BYTE)  f7       |W3GS Signature
(BYTE)  32       |Packet Signature
(WORD)  1000     |Packet Size
(DWORD) 03000000 |Creation Counter
(DWORD) 01000000 |Client players in game (host counted)
(DWORD) 04000000 |Total client slots (do not counts computers or closed slots)

*****************************************************

Decreates LAN Game (happens when decrates game or game starts loadding)
W3GS_DECREATEGAME 0x33
OUT 255.255.255.255:06112 LEN:8
·  3  · ·  · · · ·
f7 33 0800 02000000
(BYTE)  f7       |W3GS Signature
(BYTE)  33       |Packet Signature
(WORD)  0800     |Packet Size
(DWORD) 02000000 |Creation Counter

*****************************************************

Response LAN Game Info (response on client game search W3GS_SEARCHGAME)
W3GS_GAMEINFO 0x30
OUT 192.168.000.003:06112 LEN:117
·  0  u ·  P X 3 W  · · · ·  · · · ·  · V · · · · · · · · · ·   ( F o r . R e s t ) ·  ·  · · I ·  · ·
f7 30 7500 50583357 14000000 01000000 e4569f00d098d0b3d180d0b02028466f722e526573742900 00 01034907 0101
} ·  · } · · · · C M  · a q s ] ) 5 )  · M o s u U e m  · q m e / w 3 m  · · G o s / S e  · s u  · · ·
7d01 997d01a3df1d434d 8b6171735d293529 cd4d6f737555656d e9716d652f77336d 8901476f732f5365 037375 010100
· · · ·  · · · ·  · · · ·  · · · ·  · · · ·  · ·
04000000 09000000 01000000 04000000 00000000 e017
(BYTE)   f7       |W3GS Signature
(BYTE)   30       |Packet Signature
(WORD)   0800     |Packet Size
(DWORD)  50583357 |Game Signature
(DWORD)  14000000 |Always 0x14? Maby its game version
(DWORD)  01000000 |Creation Counter
(char[]) e4569f00d098d0b3d180d0b02028466f722e526573742900
                  |Game Name (UTF-8 Coded) null terminated string
(BYTE)   00       |Zero
----Coded Part of Packet----
(char[]) 0103490701017d01 |Coded data
         997d01a3df1d434d
         8b6171735d293529
         cd4d6f737555656d
         e9716d652f77336d
         8901476f732f5365
         037375
(char[3])010100   |End tag of coded data
                  |last Zero is not Coded - it used only for detect end of Coded data
                  |Decode is simple: all Coded data splited by 8 bytes blocks
                  |First byte of each block is first bits of 7 bytes data bit0 always 1
                  |Bit1 represents bit0 of byte1, bit2 represents bit0 of byte2 ...
                  |Left 7 bytes bit0 set to 1 for coded data
                  |Decoded result of our example will be:
                  |                               M a p s \ ( 5 ) L o s t T e m p l e . w 3 m    F o r . R e s t
                  |02480600 00 7C00 7C00 A3DF1C42 4D6170735E2835294C6F737454656D706C652E77336D00 466F722E5265737400 00
                  |(DWORD) 02480600 |Game Flags
                  |                 | Speed: (mask 0x00000003) cannot be combined
                  |                 |  0x00000000 - Slow game speed
                  |                 |  0x00000001 - Normal game speed
                  |                 |  0x00000002 - Fast game speed
                  |                 | Visibility: (mask 0x00000F00) cannot be combined
                  |                 |  0x00000100 - Hide terrain
                  |                 |  0x00000200 - Map explored
                  |                 |  0x00000400 - Always visible (no fog of war)
                  |                 |  0x00000800 - Default
                  |                 | Observers/Referees: (mask 0x40003000) cannot be combined
                  |                 |  0x00000000 - No Observers
                  |                 |  0x00002000 - Observers on Defeat
                  |                 |  0x00003000 - Additional players as observer allowed
                  |                 |  0x40000000 - Referees
                  |                 | Teams/Units/Hero/Race: (mask 0x07064000) can be combined
                  |                 |  0x00004000 - Teams Together (team members are placed at neighbored starting locations)
                  |                 |  0x00060000 - Fixed teams
                  |                 |  0x01000000 - Unit share
                  |                 |  0x02000000 - Random hero
                  |                 |  0x04000000 - Random races
                  |(BYTE)  00       |Zero
                  |(BYTE)  7C       |unknow value (zero for ladder games)
                  |(BYTE)  00       |Zero
                  |(BYTE)  7C       |unknow value (zero for ladder games)
                  |(BYTE)  00       |Zero
                  |(DWORD) A3DF1C42 |Map file CRC32
                  |(char[])4D6170735E2835294C6F737454656D706C652E77336D00
                  |                 |Map path (null terminated)
                  |(char[])466F722E5265737400
                  |                 |Host player name (null terminated)
                  |(BYTE)  00       |Zero
----End of Coded Part----
(DWORD)  04000000 |Total game slots (count all slots)
(DWORD)  09000000 |Game type tag
                  | 0x00000001 - Custom
                  | 0x00000009 - Blizzard/Ladder
                  | (not used others possible values)
                  | 0x00000002 - Melee
                  | 0x00000003 - Free for all
                  | 0x00000004 - one vs one
                  | 0x00000005 - CTF
                  | 0x00000006 - Greed
                  | 0x00000007 - Slaughter
                  | 0x00000008 - Sudden Death
                  | 0x0000000A - Use Map Settings
                  | 0x0000000B - Team Melee
                  | 0x0000000C - Team FFA
                  | 0x0000000D - Team CTF
                  | 0x0000000F - Top vs Bottom
                  | 0x00000010 - Iron man ladder
(DWORD)  01000000 |Always 0x00000001?
(DWORD)  04000000 |Free game slots (aviable for player connection)
(DWORD)  00000000 |Hosting time in seconds
(WORD)   e017     |Hosts client port

*****************************************************

Request game list (from Battle.Net)
SID_GETADVLISTEX 0x09
OUT BATTLE.NET:06112 LEN:23
·  ·  · ·  · · · ·  · · · ·  · · · ·  · · · ·  · ·  ·
ff 09 1700 00e07f00 00000000 00000000 14000000 0000 00
(BYTE)   ff       |W3GS Signature
(BYTE)   09       |Packet Signature
(WORD)   1700     |Packet Size
(DWORD)  00e07f00 |Filter flags
                  | Map author: (mask 0x00006000) can be combined
                  |  0x00002000 - Blizzard
                  |  0x00004000 - Custom
                  |  0x00006000 - Any
                  | Battle type: (mask 0x00018000) cant be combined
                  |  0x00000000 - Battle
                  |  0x00010000 - Scenario
                  |  0x00018000 - Any
                  | Map size: (mask 0x000E0000) can be combined
                  |  0x00020000 - Small
                  |  0x00040000 - Medium
                  |  0x00080000 - Huge
                  |  0x000E0000 - Any
                  | Observers: (mask 0x00700000) can be combined
                  |  0x00100000 - Allowed observers
                  |  0x00200000 - Observers on defeat
                  |  0x00400000 - No observers
                  |  0x00700000 - Any
(DWORD)  00000000 |Filter mask: can be combined (mask used only if not ANY value for filter)
                  | 0x00006000 - Filter author
                  | 0x00018000 - Battle type
                  | 0x000E0000 - Map size
                  | 0x00700000 - Observers
                  | 0x00000000 - No filters
(DWORD)  00000000 |Zero
(DWORD)  14000000 |Always 0x14? Maby its game version
(WORD)   0000     |Zero
(BYTE)   00       |Zero

*****************************************************

Response game list (from Battle.Net)
SID_GETADVLISTEX 0x09
IN BATTLE.NET:06112 LEN:12
·  ·  · ·  · · · ·  · · · ·
ff 09 0c00 00000000 01000000
IN BATTLE.NET:06112 LEN:2706
·  ·  · ·  · · · ·
ff 09 920a 14000000
·   I · · · · ·  · · · · R · · ·  · · · ·  · · · ·  · · · ·  · · · ·  · · · · · · · · ·  ·  b  1 0 0 0 0 0 0 0  · · I · · · y · · y · · · · · M · a q s ] E o w · o m o a e ] ) · 1 1 ) K e y _ · U o _ M i g e I · W 1 / 3 7 ) · S U S ) / w 3 · y · [ o m m m · · · ·
0120490019040000 020017e052c19483 00000000 00000000 10000000 05000000 d0bad0bbd18ed18700 00 62 3130303030303030 0103490701017901f97901c7c19b854dcb6171735d456f77196f6d6f61655d29fb3131294b65795fad556f5f4d696765497f57312f333729dd535553292f77331179015b6f6d6d6d01010100
·   I · · · · ·  · · · · · p · ~  · · · ·  · · · ·  · · · ·  · · · ·  F i n a l   F a n t a s y   O p e n   R P G · · b 1 0 0 0 0 0 0 0 · · I · · · · · · · · · · { · M · a q s ] E o w · o m o a e ] G ) G ! o q e o ! · G i o a m ! 1 e / 1 1 / w 3 y · · S i m k e s · a q a o · · ·
012049001d040000 020017e0d570897e 00000000 00000000 10000000 00000000 46696e616c2046616e74617379204f70656e205250470000623130303030303030010349070101f50199f50195917be94dcb6171735d456f77196f6d6f61655d472947216f71656f219547696f616d2131652f31312f773379ed0153696d6b65730b6171616f010100
· · B · · · · ·  · · · · S · · ·  · · · ·  · · · ·  · · · ·   · · · · · · · · · · ·   · · · · · · · · · · · · · ·   1 · · · · 1   · · 3 1 0 0 0 0 0 0 0 · · I · · · u · · u · · [ y = M · a q s ] G s o · { e o U i s o · o e ] ) 5 ) M · a e m s u s o ; m ! W E G ! 3 1 / 5 / w 3 y · W a u u i [ m · · · ·
01a0420019040000 020017e053ef18aa 00000000 00000000 10000000 20000000 d0bcd0bed187d18320d180d183d181d181d0bad0b8d1852031d0bdd0b0312000003331303030303030300103490701017501b17501f55b793d4d8b6171735d47736f857b656f5569736fc56f655d2935294d9761656d7375736f3b6d215745472133312f352f7733790157617575695b6d01010100
·   I · · · · ·  · · · · U · 6 ·  · · · ·  · · · ·  · · · ·  · · · ·  D o t A   . 3 2 b     - a p   - s m   - b l · · 9 1 0 0 0 0 0 0 0 · · I · · · u · · u · · · · · M · a q s ] E o w · o m o a e ] E + o u A ! A m m + s u a s s ! w · 7 / 3 3 c / w · 3 y · i 1 1 u · _ a c · · ·
0120490007040000 020017e155d8369f 00000000 00000000 10000000 13000000 446f7441202e33326220202d6170202d736d202d626c00003931303030303030300103490701017501e17501bfcda7ed4dcb6171735d456f77196f6d6f61655d452b6f754121416d6d2b7375617373217789372f3333632f770333790169313175075f6163010100
·   I · · · · ·  · · · · X · T 3  · · · ·  · · · ·  · · · ·  · · · ·  H u m a n s   v s   O r c s ! ! ! C o m e   o n ! ! ! · · b 1 0 0 0 0 0 0 0 · · I · · · · · · · · s · ' s M · a q s ] E o w · o m o a e ] I · u m a o s w s · O s c s w 3 [ · 1 ] [ 1 ] / 1 · / w 3 y · C e · w a s e _ 7 7 · · · ·
012049000c040000 020017e058895433 00000000 00000000 10000000 05000000 48756d616e73207673204f726373212121436f6d65206f6e21212100006231303030303030300103490701019501b1950173db27734dcb6171735d456f77196f6d6f61655d49af756d616f7377739b4f73637377335bbf315d5b315d2f318d2f773379014365f7776173655f373701010100
·   I · · · · ·  · · · · > & · ·  · · · ·  · · · ·  · · · ·  · · · ·  d o t A   v 6 . 3 2   - a p   - s m   n o   l e a v e r s · · 9 4 0 0 0 0 0 0 0 · · I · · · u · · u · · · · · M · a q s ] e o w · o m o a e ] E ; o u A _ A m m k s u a s s _ w ] 7 [ 1 ] / 3 3 · / w 3 y · g a · m i e i · · ·
0120490008040000 020017e03e26e48a 00000000 00000000 10000000 05000000 646f74412076362e3332202d6170202d736d206e6f206c65617665727300003934303030303030300103490701017501917501b3a7a9b74dcb6171735d656f77196f6d6f61655d453b6f75415f416d6d6b73756173735f775d375b315d2f3333cd2f773379016761176d696569010100
·   E · · · · ·  · · · · V · · ·  · · · ·  · · · ·  · · · ·  · · · ·  F i n a l   f a n t a s y   F R   ( l v l   2 5   o u   + ) · · 4 1 0 0 0 0 0 0 0 · · I · · · · · · · · } · · O M · a q s ] E o w · o m o a e ] G · G G o s e w e · s ! s 1 c / w # 3 y · S y i m · e i o o · · ·
012045000c040000 020017e056d0a8e5 00000000 00000000 10000000 12000000 46696e616c2066616e7461737920465220286c766c203235206f75202b290000343130303030303030010349070101f501c9f5017de7834f4dcb6171735d456f77196f6d6f61655d47a947476f73657765b173217331632f77233379015379696d0d65696f6f010100
...
(BYTE)   ff       |W3GS Signature
(BYTE)   09       |Packet Signature
(WORD)   920a     |Packet Size
###If GameList empty###
(DWORD)  00000000 |Zero if GameList is empty
(DWORD)  01000000 |Always 0x00000001? (end of packet)
###If GameList not empty###
(DWORD)  14000000 |Always 0x14? Maby its game version (Zero if GameList is empty)
===GameList=== (contains one or more GameInfo structures)
~~~GameInfo~~~
(DWORD)  01204900 |Game type
                  | Game type tag: (read W3GS_GAMEINFO for this field)
                  |  0x00000001 - Custom
                  |  0x00000009 - Blizzard/Ladder
                  | Map author: (mask 0x00006000) can be combined
                  |  0x00002000 - Blizzard
                  |  0x00004000 - Custom
                  | Battle type: (mask 0x00018000) cant be combined
                  |  0x00000000 - Battle
                  |  0x00010000 - Scenario
                  | Map size: (mask 0x000E0000) can be combined with 2 nearest values
                  |  0x00020000 - Small
                  |  0x00040000 - Medium
                  |  0x00080000 - Huge
                  | Observers: (mask 0x00700000) cant be combined
                  |  0x00100000 - Allowed observers
                  |  0x00200000 - Observers on defeat
                  |  0x00400000 - No observers
                  | Flags:
                  |  0x00000800 - Private game flag (not used in game list)
                  |Not all researched!!!!
(DWORD)  19040000 |Unknow
(sockaddr_in)020017e052c19483
                  |Host IP and Port used for join game
(DWORD)  00000000 |Zero
(DWORD)  00000000 |Zero
(DWORD)  10000000 |Always 0x00000010?
(DWORD)  05000000 |Hosting time in seconds
(char[]) d0bad0bbd18ed18700
                  |GameName UTF-8 Coded (null terminated string)
(BYTE)   00       |Zero
(char)   62       |text formated hexadecimal Count of Free Slots (small case)
(char[8])3130303030303030
                  |text formated hexadecimal Hosting Counter (upper case)
----Coded Part of Packet----
(char[]) 0103490701017901|Coded data
         f97901c7c19b854d
         cb6171735d456f77
         196f6d6f61655d29
         fb3131294b65795f
         ad556f5f4d696765
         497f57312f333729
         dd535553292f7733
         1179015b6f6d6d6d
         01
(char[3])010100   |End tag of coded data (and end tag of GameInfo)
                  |Decoded data means same as W3GS_GAMEINFO coded part (read above)
----End of Coded Part----
~~~GameInfo(end)~~~
...
===GameList(end)===

*****************************************************

Create Custom Game (on Battle.Net)
SID_STARTADVEX3 0x1C
OUT BATTLE.NET:06112 LEN:117
·  ·  u ·  · · · ·  · · · ·  ·   I · · · · ·  · · · ·  D o t A ·  ·  9  1 0 0 0 0 0 0 0  · · I · · · u · · u · · · · · M · a q s ] E o w · o m o a e ] E + o u A ! A m m + s u a s s ! w · 7 / 3 3 c / w · 3 y · E o u A · / G o s / S e · s u · · ·
ff 1c 7500 10000000 00000000 01204900ff030000 00000000 446f744100 00 39 3130303030303030 0103490701017501e17501bfcda7ed4dcb6171735d456f77196f6d6f61655d452b6f754121416d6d2b7375617373217789372f3333632f77a3337901456f7541892f476f732f5365037375010100
(BYTE)   ff       |W3GS Signature
(BYTE)   1c       |Packet Signature
(WORD)   7500     |Packet Size
(DWORD)  10000000 |Always 0x00000010?
(DWORD)  00000000 |Zero
(DWORD)  01204900 |Game type (read SID_GETADVLISTEX 0x09 first GameInfo bytes)
(DWORD)  ff030000 |Always 0x000003FF?
(DWORD)  00000000 |Zero
(char[]) 446f744100
                  |GameName UTF-8 Coded (null terminated string)
(BYTE)   00       |Zero
(char)   39       |text formated hexadecimal Count of Free Slots (small case)
(char[8])3130303030303030
                  |text formated hexadecimal Hosting Counter (upper case)
----Coded Part of Packet----
(char[]) 0103490701017501|Coded data
         e17501bfcda7ed4d
         cb6171735d456f77
         196f6d6f61655d45
         2b6f754121416d6d
         2b73756173732177
         89372f3333632f77
         a3337901456f7541
         892f476f732f5365
         037375
(char[3])010100   |End tag of coded data
                  |Decoded data means same as W3GS_GAMEINFO coded part (read above)
----End of Coded Part----

=====================================================
= 2. Join Game                                      =
=====================================================

Request Join Game (clients send this on every try to join game)
W3GS_REQJOIN 0x1E
IN 192.168.000.003:01040 LEN:42
·  ·  3 ·  · · · ·  · · 8 ·  ·  · ·  · · · ·  R u s s i a . O n l i n e ·  · ·  · · · · · · · ·  · · · ·  · · · ·
f7 1e 3300 05000000 fed83814 00 e117 02000000 5275737369612e4f6e6c696e6500 0100 020017e0c0a80003 00000000 00000000
(BYTE)   f7       |W3GS Signature
(BYTE)   1e       |Packet Signature
(WORD)   3300     |Packet Size
(DWORD)  05000000 |Join game counter of client
(DWORD)  fed83814 |GetTickCount WinAPI value only for LAN games (Zero for battle.net games)
(BYTE)   00       |Always zero? (i think its additional byte for tick count)
(WORD)   e117     |External game port (used by others Game clients to connect to this client)
(DWORD)  02000000 |Total game join/create counter
(char[]) 5275737369612e4f6e6c696e6500
                  |Client name (null terminated string)
(WORD)   0100     |Always 0x0001? IPv4 type tag
(sockaddr_in) 020017e0c0a80003
                  |Internal client IP and Port
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability

*****************************************************

Reject Join Game (host Rejects join game request W3GS_REQJOIN)
W3GS_REJECTJOIN 0x05
OUT 192.168.000.003:01047 LEN:8
·  ·  · ·  · · · ·
f7 05 0800 09000000
(BYTE)   f7       |W3GS Signature
(BYTE)   05       |Packet Signature
(WORD)   0800     |Packet Size
(DWORD)  09000000 |Always 0x0000009?

*****************************************************

Accept Join Game with Slot info (host send this to client on W3GS_REQJOIN)
W3GS_SLOTINFOJOIN 0x04
Update Slot info (host send this to client on slot changes, even player dont know any info about players or donwload map)
W3GS_SLOTINFO 0x09
OUT 192.168.000.003:01046 LEN:48
·  ·  0 ·  · ·  ·  · d · · · · ` · d  · · · · · · ` · d  - · · ·  ·  ·
f7 04 3000 1900 02 016402000000600164 00ff0000010c600164 2dd21302 00 02
·  · · · · · · · ·  · · · ·  · · · ·
02 02000416c0a80003 00000000 00000000
(BYTE)   f7       |W3GS Signature
(BYTE)   04       |Packet Signature (0x04 or 0x09)
(WORD)   3000     |Packet Size
(WORD)   1900     |SlotsInfo size (can be 0 if host updating slots at this moment)
----SlotsInfo---- (optional for W3GS_SLOTINFOJOIN but should be in W3GS_SLOTINFO)
(BYTE)   02       |Count of slots (can be 0 for example in ladder game)
(char[9])016402000000600164 |Slot1
(char[9])00ff0000010c600164 |Slot2
                  |(BYTE) 01 |PID - Player ID (0 - not client, 1 - host)
                  |(BYTE) 64 |Download status (0x64 - 100%, 0xFF - not client)
                  |(BYTE) 02 |SlotStatus (0 - open, 1 - closed, 2 - controlled)
                  |(BYTE) 00 |Controller (1 - computer, 0 - human/open/closed)
                  |(BYTE) 00 |Team Number from 0 to 11 (12 - free/observer/referee)
                  |(BYTE) 00 |Color Number from 0 to 11 (12 - free/observer/referee)
                  |(BYTE) 60 |Race flags
                  |          | 0x01 - Human
                  |          | 0x02 - Orc
                  |          | 0x04 - Night Elf
                  |          | 0x08 - Undead
                  |          | 0x20 - Random
                  |          | 0x40 - Race selected or fixed by map or ladder game
                  |(BYTE) 01 |Controller Type (0 - easy comp, 2 - hard comp, 1 - human/normal comp)
                  |(BYTE) 64 |Handicap from (valid values: 0x32, 0x3C, 0x46, 0x50, 0x5A, 0x64)
(DWORD)  2dd21302 |GetTickCount WinAPI value of host
(BYTE)   00       |Always zero? (i think its additional byte for tick count) (0xCC for ladder game)
(BYTE)   02       |Count of slots (end tag?) (0xCC for ladder game)
----SlotsInfo End----
----JoinInfo---- (only for W3GS_SLOTINFOJOIN) this part not contains in W3GS_SLOTINFO packets
(BYTE)   02       |PID - Player ID that host gives to client
(sockaddr_in)02000416c0a80003
                  |Host side client IP and Port (sockaddr_in structure)
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability
----JoinInfo End----
==== Examples ====
Ladder game (not contains slots in Slot Info stucture, also 0xCC bytes)
f704 1e00 0700 00 c7bdcf30 cc cc 05 0200 10b0 52d04788 00000000 00000000
Custom game without SlotsInfo
f704 1700 0000 02 0200 0775 52d04708 00000000 00000000
Update slot info (without JoinInfo always)
f709 4c00 4600 07 016402000000010164 02ff02000001010164 036402000002010164
046402000003010164 00ff02010109080164 00ff0201020a010164 00ff0201010b080164
9fc6a700 03 07
==== Examples (end) ====

*****************************************************

Player information (host send this to each client on every player except player that recive this info)
W3GS_PLAYERINFO 0x06
OUT 192.168.000.003:01053 LEN:52
·  ·  4 ·  · · · ·  ·  F o r . R e s t ·  · ·  · · · · · · · ·  · · · ·  · · · ·  · · · · · · · ·  · · · ·  · · · ·
f7 06 3400 12000000 01 466f722e5265737400 0100 0000000000000000 00000000 00000000 0000000000000000 00000000 00000000
(BYTE)   f7       |W3GS Signature
(BYTE)   06       |Packet Signature
(WORD)   3400     |Packet Size
(DWORD)  12000000 |Player join/create counter
(BYTE)   01       |PID
(char[]) 466f722e5265737400
                  |Player name (null terminated)
(WORD)   0100     |Always 0x0001? IPv4 type tag
(sockaddr_in)0000000000000000
                  |External player IP and Port (sockaddr_in structure) (Zero for host)
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability
(sockaddr_in)0000000000000000
                  |Internal player IP and Port (sockaddr_in structure) (Zero for host)
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability
(DWORD)  00000000 |Always zero? additional bytes for IPv6 compability

=====================================================
= 3. Map Check/Download                             =
=====================================================

Check map request (host send this to client after all players info)
W3GS_MAPCHECK 0x3D
OUT 192.168.000.003:01030 LEN:45
·  =  - ·  · · · ·  M a p s \ ( 2 ) H i l l s O f G l o r y . w 3 m ·  6 u · ·  I · · ·  ' · · 6
f7 3d 2d00 01000000 4d6170735c28322948696c6c734f66476c6f72792e77336d00 36750100 49caebd1 2792eb36
(BYTE)   f7       |W3GS Signature
(BYTE)   3d       |Packet Signature
(WORD)   2d00     |Packet Size
(DWORD)  01000000 |Always 0x00000001?
(char[]) 4d6170735c28322948696c6c734f66476c6f72792e77336d00
                  |Map path (null terminated)
(DWORD)  36750100 |File size
(DWORD)  49caebd1 |Unknow DWORD
(DWORD)  2792eb36 |Map file CRC32

*****************************************************

Response map size (client send this as response on map check)
W3GS_MAPSIZE 0x42
IN 192.168.000.003:01033 LEN:13
·  B  · ·  · · · ·  ·  6 u · ·
f7 42 0d00 01000000 01 36750100
(BYTE)   f7       |W3GS Signature
(BYTE)   42       |Packet Signature
(WORD)   0d00     |Packet Size
(DWORD)  01000000 |Always 0x00000001?
(BYTE)   01       |Size flag
                  | 0x01 - Got total size of file (happens on map check or finished download map)
                  |  next field: Map file size client have (Zero, if client request download map)
                  | 0x03 - Continue donwload map file (happens after every W3GS_MAPPARTOK)
                  |  next field: Start location of part that client requests (or curren got file size)
(DWORD)  36750100 |Map file size
Remarks: If 2 players have same external IP and one of them dont have map, then those who have no map
sends some packets to other from subnet to download Locally the map, without host.
Need research this moments.

*****************************************************

Prepare to download map (host send this to client if he have wrong size or have no map)
W3GS_STARTDOWNLOAD 0x3F
OUT 192.168.000.003:01034 LEN:9
·  ?  · ·  · · · ·  ·
f7 3f 0900 01000000 01
(BYTE)   f7       |W3GS Signature
(BYTE)   3f       |Packet Signature
(WORD)   0900     |Packet Size
(DWORD)  01000000 |Always 0x00000001?
(BYTE)   01       |Always 0x01? (think its PID from who client requests download)

*****************************************************

Part of map file (host send this part by part if client needs update or download map after W3GS_STARTDOWNLOAD)
W3GS_MAPPART 0x43
OUT 192.168.000.003:01035 LEN:1460
·  C  · ·  · ·  · · · ·  · · · ·
f7 43 b405 0201 01000000 00000000
t ! , v H M 3 W · · · · D o t A   A l l s t a r s   v 6 . 1 6 · h O · · · · · · · · · · · · · · · ·
74212c76484d335700000000446f744120416c6c73746172732076362e313600684f01000a00000000000000000000000000...
(BYTE)   f7       |W3GS Signature
(BYTE)   43       |Packet Signature
(WORD)   b405     |Packet Size
(WORD)   0201     |Always 0x0102? (think first byte is receiver PID and second is sender PID)
(DWORD)  01000000 |Always 0x00000001?
(DWORD)  00000000 |File pointer (start location of this file part)
(char[]) 74212c...|Part of file (1442 bytes maximum) to the end of packet

*****************************************************

Part of map file succesful download (client send this on every part got)
W3GS_MAPPARTOK 0x44
IN 192.168.000.003:01035 LEN:14
·  D  · ·  · ·  · · · ·  · · · ·
f7 44 0e00 0102 01000000 a2050000
(BYTE)   f7       |W3GS Signature
(BYTE)   44       |Packet Signature
(WORD)   0e00     |Packet Size
(WORD)   0102     |Always 0x0201? (think first byte is PID who should send next part and second is receiver PID)
(DWORD)  01000000 |Always 0x00000001?
(DWORD)  a2050000 |File pointer (start location of next part that client request)

...

Check for updates this post later ...

i understand what about you talking ... ill change all formating my info to more readable. also ill post it in new topic where i will change first post on every change. i will call it W3GS_format.txt. and there ill try post all diferent packets to understand how they comes.
sry my bad english.
this topic was my first in my life of this type, i mean information type, about structure of packets.
and ntohl(0x09000000) = 0x00000009; cuz 09 00 00 00 is hex format, each 2 symbols is byte, only bytes reverts theyr positions.
im programming 18 years and beleave me i know it!
try simple ASM code:
mov eax, 0x09000000
bswap eax // which means ntohl(eax)
after this eax will be 0x00000009
its just example.
i love assembler, and maby most of my examles will be asm coded.
assembler code works much faster than compiled C/C++ code, thats why i used it.

THIS TOPICK IS CLOSED FOR NOW. PLEASE WAIT WHILE I OPEN NEW TOPICK WITH NAME: W3GS_Format.txt

Quote from: maldn on May 15, 2006, 08:22 AM
did you check w3g_format.txt?

the bytes right after the 0x00 after the gamename up to the next 0x00 are all one encoded string.
well... they are 3 actually. so those 2 bytes you think are unknown are just those 2 bytes you have more before decoding.

but i have spotted something else...
after the gameID field there are some interesting bytes:

oh, and i have some docs about wc3-lan-games and packets and such, but havent posted them b/c they are not complete nor very polished. but since this is now an active topic here in the forums i might post them in the next few days.

yes i found all documentation on w3g and have readed it.
about 2 or 3 bytes it depends on Decoded data size. Decoded data always ends with 2 zeroes, but if size of Decoded data for example 8 with counting zeroes, then last zero is next coded block. and as it says first byte is represends bits0 of all data bytes. but we have zero there so result last block will be 010100. String data will be any 6 bytes and 2 zero, first 7 bytes - first block + 1 coder byte, last block 1 byte (zero) + 1 coder byte. this is moment where you think that data have 3 zeroes. but its fake.

about game packets - no need this here cuz i have all packets info, just need time to make it english. last question was COMMAND packets in game, but after reading W3G format there is no more questons. just wait all my info, or find bugs, or help to find field explain if i have no it

im posting all W3GS packets info, not only LAN, lan is easy to start explain

Request Join Game (clients send this on every try to join game)
W3GS_REQJOIN 0x1E
IN 192.168.000.003:01040 LEN:42

·  ·  3 ·  · · · ·  · · 8 ·  ·  · ·  · · · ·  R u s s i a . O n l i n e ·  · ·  · · · · · · · ·  · · · ·  · · · ·
f7 1e 3300 05000000 fed83814 00 e117 02000000 5275737369612e4f6e6c696e6500 0100 020017e0c0a80003 00000000 00000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Join game counter of client
                    |GetTickCount WinAPI value only for LAN games (Zero for battle.net games)
                             |Always zero?
                               |External game port (used by others Game clients to connect to this client)
                                    |Total game join/create counter
                                             |Client name (null terminated string)
                                                                           |Always 0x0001?
                                                                                |Internal client IP and Port (sockaddr_in structure)
                                                                                                 |Always zero?
                                                                                                          |Always zero?


Reject Join Game (host Rejects join game request W3GS_REQJOIN)
W3GS_REJECTJOIN 0x05
OUT 192.168.000.003:01047 LEN:8

·  ·  · ·  · · · ·
f7 05 0800 09000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Always 0x0000009?


Accept Join Game with Slot info (host send this to client on W3GS_REQJOIN)
W3GS_SLOTINFOJOIN 0x04
Update Slot info (host send this to client on slot changes)
W3GS_SLOTINFO 0x09
OUT 192.168.000.003:01046 LEN:48

·  ·  0 ·  · ·
f7 04 3000 1900
|W3GS Signature
   |Packet Signature
      |Packet Size
|SlotsInfo size (can be 0 if host updating slots at this moment)

----SlotsInfo---- (optional for W3GS_SLOTINFOJOIN)

·  · d · · · · ` · d  · · · · · · ` · d
02 016402000000600164 00ff0000010c600164
    016402000000600164
    026402000101410164
    016402000000600164
    026402000001410164
    016402000000600164
    026402000101480164
|Count of slots (can be 0 for example in ladder game)
   |Slot1 (9 bytes)   |Slot2 (9 bytes) ...
    \PID - Player ID (0 - not client, 1 - host)
      \Download status (0x64 - 100%, 0xFF - not client)
        \SlotStatus (0 - open, 1 - closed, 2 - controlled)
          \Controller (1 - computer, 0 - human/open/closed)
            \Team Number from 0 to 11 (12 - free/observer/referee)
              \Color Number from 0 to 11 (12 - free/observer/referee)
                \Race flags
                \0x01 - Human
                \0x02 - Orc
                \0x04 - Night Elf
                \0x08 - Undead
                \0x20 - Random
                \0x40 - Race selected or fixed by map or ladder game
                  \Controller Type (0 - easy comp, 2 - hard comp, 1 - human/normal comp)
                    \Handicap from (valid values: 0x32, 0x3C, 0x46, 0x50, 0x5A, 0x64)
- · · ·  ·  ·
2dd21302 00 02
|GetTickCount WinAPI value of host
         |Always zero? ( 0xCC for ladder game)
            |Count of slots (end tag?) (0xCC for ladder game)

----SlotsInfo End----
----JoinInfo---- (only for W3GS_SLOTINFOJOIN)

·  · · · · · · · ·  · · · ·  · · · ·
02 02000416c0a80003 00000000 00000000
|PID - Player ID that host gives to client
   |Host side client IP and Port (sockaddr_in structure)
                    |Always zero?
                             |Always zero?

----JoinInfo End----

Player information (host send this to each client on every player)
W3GS_PLAYERINFO 0x06
OUT 192.168.000.003:01053 LEN:52

·  ·  4 ·  · · · ·  ·  F o r . R e s t ·  · ·  · · · · · · · ·  · · · ·  · · · ·  · · · · · · · ·  · · · ·  · · · ·
f7 06 3400 12000000 01 466f722e5265737400 0100 0000000000000000 00000000 00000000 0000000000000000 00000000 00000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Player join/create counter
                    |PID
                       |Player name (null terminated)
                                          |Always 0x0001?
                                               |External player IP and Port (sockaddr_in structure) (Zero for host)
                                                                |Always Zero?
                                                                         |Always Zero?
                                                                                  |Internal player IP and Port (sockaddr_in structure) (Zero for host)
                                                                                                   |Always Zero?
                                                                                                            |Always Zero?


thanks but still unknown 2 bytes before map checksum

Response LAN Game Info (response on client game search W3GS_SEARCHGAME)
W3GS_GAMEINFO 0x30
OUT 192.168.000.003:06112 LEN:117

·  0  u ·  P X 3 W  · · · ·  · · · ·  · V · · · · · · · · · ·   ( F o r . R e s t ) ·
f7 30 7500 50583357 14000000 01000000 e4569f00d098d0b3d180d0b02028466f722e526573742900
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Game Signature
                    |Always 0x14? Maby its game version
                             |Creation Counter
                                      |Game Name (UTF-8 Coded) null terminated string


·  · · I ·  · · 
00 01034907 0101
|Zero
   |0x01010101 - Always
   |0x00000010 - Unit share
   |0x00000040 - Unknow - only set on map "(12)DivideAndConquer.w3m"
   |0x00000004 - Closed map
   |0x00000200 - Fast game speed
   |0x00030000 - Visibility: map explored
   |0x00050000 - Visibility: always visible (no fog of war)
   |0x00080000 - Visibility: default
   |0x00200000 - Observers on Defeat
   |0x00300000 - Additional players as observer allowed
   |0x00400000 - Teams Together (team members are placed at neighbored starting locations)
   |0x06000000 - Fixed teams
   |Default 0x07490301
            |Default 0x0101
            |0x0101 - Always
            |0x0040 - Referees
            |0x0002 - Random hero
            |0x0004 - Random races

----Coded Part of Packet----

} ·  · } · · · · C M  · a q s ] ) 5 )  · M o s u U e m  · q m e / w 3 m  · · G o s / S e  · s u · · ·
7d01 997d01a3df1d434d 8b6171735d293529 cd4d6f737555656d e9716d652f77336d 8901476f732f5365 037375010100
|Coded tag (this tag same as coded data start)
        <----over here
     |Coded Data ends on 0x000101 over here -------------------------------------------------------->
     |last Zero is not Coded - it used only for detect end of Coded data
     |Decode is simple: all Coded data splited by 8 bytes blocks
     |First byte of each block is first bits of 7 bytes data bit0 always 1
     |Bit1 represents bit0 of byte1, bit2 represents bit0 of byte2 ...
     |Left 7 bytes bit0 set to 1 for coded data
     |Decoded result of our example will be:
     |               M a p s \ ( 5 ) L o s t T e m p l e . w 3 m   F o r . R e s t
     |7C00 A3DF1C42 4D6170735E2835294C6F737454656D706C652E77336D00 466F722E526573740000
     \unknow SHORT value High byte always 0 - so its seems CRC8 of CRC32?
          \Map file CRC32
                   \Map path (null terminated string)
                                                                  \Host Player name (null terminated)

----End of Coded Part----                   

· · · ·  · · · ·  · · · ·  · · · ·  · · · ·  · ·
04000000 09000000 01000000 04000000 00000000 e017
|Total game slots (count all slots)
         |0x00000009 - Blizzard map tag
         |0x00000001 - Custom map tag
                  |Always 0x00000001?
                           |Free game slots (aviable for player connection)
                                    |Hosting time in seconds
                                             |Hosts client port


Now i need help to understad what means part of decoded data 7C00 A3DF1C42
its not depends on packet data at all, i think it depends on map file size or CRC32 of map file ... need to find out

IPs of two computers that i used for testing and grabbing packets
192.168.0.1 - Host
192.168.0.3 - Client

Lookup LAN Game
W3GS_SEARCHGAME 0x2F
OUT 255.255.255.255:06112 LEN:16

·  /  · ·  P X 3 W  · · · ·  · · · ·
f7 2f 1000 50583357 14000000 00000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Game Signature
                    |Always 0x14? Maby its game version
         |Zero


Create LAN Game
W3GS_CREATEGAME 0x31
OUT 255.255.255.255:06112 LEN:16

·  1  · ·  P X 3 W  · · · ·  · · · ·
f7 31 1000 50583357 14000000 03000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Game Signature
                    |Always 0x14? Maby its game version
         |Creation Counter


Refresh LAN Game (every 5 seconds or slot change)
W3GS_REFRESHGAME 0x32
OUT 255.255.255.255:06112 LEN:16

·  2  · ·  · · · ·  · · · ·  · · · ·
f7 32 1000 03000000 01000000 04000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Creation Counter
                    |Client players in game (host counted)
                             |Total client slots (do not counts computers or closed slots)


Decreates LAN Game (happens when decrates game or game starts loadding)
W3GS_DECREATEGAME 0x33
OUT 255.255.255.255:06112 LEN:8

·  3  · ·  · · · ·
f7 33 0800 02000000
|W3GS Signature
   |Packet Signature
      |Packet Size
           |Creation Counter


ty for link. i will post packet explain part by part. cuz there are alot of explanations. also i will post moments where i need help to find out.

working on explain text of all packets except command packet.
ty for information about w3g. ill try to found info about this file format. maby it will help to understand how it works

Soon ill add examples of all known by me packets with description, except command packets, also try to explain BNE packet 0x09 which contains custom game list. Need time to collect and write all data. I hope this info will be added to Reference of this site with my Name.
from DotA.For.Rest@Northrend - Paul. Im real member of clan TDA, and working on programming side of this clan only on Europe realm.
we do not use cheats - we adding to game more functions. for example im Working on Project called WC3 GRest Mod wich adds some special command to chat, its like Banlist.NL but more futures.