[D2GS] Problems with parse of the decompressed data.

[mime]

Hello, I have some problem with parsing d2gs decompressed data. At the parse I meet unknown packets...

It is an example of decompressing and parse of  first big packet after game logon:

Code Select Expand


Compressed packet:

17 5f a0 14 c6 b1 b9 48 a8 35 8c a3 2f ff 82 1b ._.....H.5../...
f3 25 62 e8 66 6c e8 6f bf 02 2c bf dd 7b bd c2 .%b.fl.o..,..{..
5d c2 65 c2 6d c2 75 d0 5d 8b 9f b8 ef 68 79 b8 ].e.m.u.]....hy.
f9 68 06 dc 07 da 02 34 25 db 40 4a 7c 0a 5c 3a .h.....4%.@J|.\:
bf 8f 96 db 6d b2 f8 c2 f7 77 7b df dd df 7e ef ....m....w{...~.
bb bb bd f1 c0 94 87 ef 7a 0f e4 73 47 bc e6 e7 ........z..sG...
0c 1a 0f 06 ac 1a 12 6f 7b df bc c0 d1 d7 7b de .......o{.....{.
e9 b7 ff ff 8f 83 c6 60 68 52 6b ff f0 fb ad ff .......`hRk.....
ad e7 72 03 90 12 02 b6 b7 9d c8 0a de b6 40 48 ..r...........@H
0f ad ad ff ff fa de b6 b7 ff f3 1b f1 89 f9 cc ................
5c 39 74 87 2b 93 d4 1f 14 5c e5 01 99 d2 28 18 \9t.+....\....(.
62 a0 c2 2f 1d 18 c2 33 ce 4c 8f 0e 8c c2 f9 02 b../...3.L......
73 02 a8 0d cd 1f 9a 56 c6 5c 3f 0c 80 21 10 f2 s......V.\?..!..
02 08 a3 a0 2c 84 4e 34 5f df 9a d6 c6 50 ed 95 ....,.N4_....P..
a2 a8 7a 84 79 0b 2e 66 26 17 15 49 c3 2a d4 8b ..z.y..f&..I.*..
82 24 83 e8 07 07 e0 1d 11 3c 3c 1e c0 4b 2c 34 .$.......<<..K,4
2c 92 c4 22 90 31 00 26 60 7c 1f 8e e0          ,..".1.&`|...
Length: 269

Decompressed packet:

59 01 00 00 00 04 44 72 75 67 46 72 65 65 00 00 Y.....DrugFree..
00 00 00 00 00 00 00 00 00 00 aa 00 01 00 00 00 ................
0c 69 59 f9 ff 1f 76 00 01 00 00 00 94 13 01 00 .iY...v.........
00 00 00 00 01 02 00 01 01 00 01 d9 00 01 da 00 ................
01 db 00 01 dc 00 01 04 00 01 05 00 01 03 00 01 ................
7f 00 14 82 00 01 8a 00 14 8d 00 01 91 00 14 94 ...............
00 06 95 00 14 99 00 03 9b 00 01 23 00 01 00 00 ...........#....
00 00 8a 00 ff ff ff ff 97 5e 01 00 01 01 01 01 .........^......
00 01 00 01 00 00 00 00 01 01 01 00 00 01 00 00 ................
00 01 01 00 00 01 01 01 01 01 00 01 00 00 77 28 ..............w(
06 00 00 00 00 00 01 00 01 00 04 00 00 00 00 00 ................
00 00 19 10 01 00 01 00 1d 00 01 18 05 10 81 11 ................
05 10 25 00 01 00 01 00 01 00 01 00 00 00 01 00 ..%.............
09 10 01 02 01 00 01 00 01 00 01 12 00 00 01 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
8a 81 00 00 09 10 4d 14 00 00 00 00 00 00 00 00 ......M.........
00 00 00 00 00 00 29 00 00 00 80 00 00          ......)......
Length: 269

Start parsing...

Packet: 0x59
01 00 00 00 04 44 72 75 67 46 72 65 65 00 00 00 .....DrugFree...
00 00 00 00 00 00 00 00 00                      .........
Length: 25

Packet: 0xaa
00 01 00 00 00 0c 69 59 f9 ff 1f                ......iY...
Length: 11

Packet: 0x76
00 01 00 00 00                                  .....
Length: 5

Packet: 0x94
01 00 00 00 00 00 01 02 00 01 01 00 01 d9 00 01 ................
da 00 01 db 00 01 dc 00 01 04 00 01 05 00 01 03 ................
00 01 7f 00 14 82 00 01 8a 00 14 8d 00 01 91 00 ...............
14 94 00 06 95 00 14 99 00 03 9b 00 01 23 00    .............#.
Length: 63

Here the beginning of unknown packets ...


The remained data :

Code Select Expand


02 00 00 00 00 8a 00 ff ff ff ff 97 5e 01 00 01 ............^...
01 01 01 00 01 00 01 00 00 00 00 01 01 01 00 00 ................
01 00 00 00 01 01 00 00 01 01 01 01 01 00 01 00 ................
00 77 28 06 00 00 00 00 00 01 00 01 00 04 00 00 .w(.............
00 00 00 00 00 19 10 01 00 01 00 1d 00 01 18 05 ................
10 81 11 05 10 25 00 01 00 01 00 01 00 01 00 00 .....%..........
00 01 00 09 10 01 02 01 00 01 00 01 00 01 12 00 ................
00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 8a 81 00 00 09 10 4d 14 00 00 00 00 00 .........M......
00 00 00 00 00 00 00 00 00 29 00 00 00 80 00 00 .........)......
00 00                                            ..
Length: 162


In what a problem? May be wrong length?

Thanks.

[mime]

I cannot find packets  yet 0x9D, 0x26, 0x9C ... : (

[Purri]

Code Select Expand

Packet: 0x59
01 00 00 00 04 44 72 75 67 46 72 65 65 00 00 00 .....DrugFree...
00 00 00 00 00 00 00 00 00                      .........
Length: 25

Even Length is 25, you need to skip first byte and start parsing at Length: 26. Hard to explaing with bad english

[mime]

Code Select Expand

Packet: 0x59
01 00 00 00 04 44 72 75 67 46 72 65 65 00 00 00 .....DrugFree...
00 00 00 00 00 00 00 00 00                       .........
Length: 25

Even Length is 25, you need to skip first byte and start parsing at Length: 26. Hard to explaing with bad english

26? Why? As I understand, length of 0x59  packet == 25 (without packetId).

[zeroirc]

Code Select Expand


Public m_PacketLengths() As Variant
m_PacketLengths = Array(&H1, &H8, &H1, &HC, &H1, &H1, &H1, &H6, &H6, &HB, &H6, &H6, &H9, &HD, &HC, &H10, _
                                         &H10, &H8, &H1A, &HE, &H12, &HB, &H0, &H0, &HF, &H2, &H2, &H3, &H5, &H3, &H4, &H6, _
                                         &HA, &HC, &HC, &HD, &H5A, &H5A, &H0, &H28, &H67, &H61, &HF, &H0, &H8, &H0, &H0, _
                                         &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H22, _
                                         &H8, &HD, &H0, &H6, &H0, &H0, &HD, &H0, &HB, &HB, &H0, &H0, &H0, &H10, &H11, _
                                         &H7, &H1, &HF, &HE, &H2A, &HA, &H3, &H0, &H0, &HE, &H7, &H1A, &H28, &H0, _
                                         &H5, &H6, &H26, &H5, &H7, &H2, &H7, &H15, &H0, &H7, &H7, &H10, &H15, &HC, _
                                         &HC, &H10, &H10, &HA, &H1, &H1, &H1, &H1, &H1, &H20, &HA, &HD, &H6, &H2, _
                                         &H15, &H6, &HD, &H8, &H6, &H12, &H5, &HA, &H4, &H14, &H1D, &H0, &H0, &H0, _
                                         &H0, &H0, &H0, &H2, &H6, &H6, &HB, &H7, &HA, &H21, &HD, &H1A, &H6, &H8, &H0, _
                                         &HD, &H9, &H1, &H7, &H10, &H11, &H7, &H0, &H0, &H7, &H8, &HA, &H7, &H8, &H18, _
                                         &H3, &H8, &H0, &H7, &H0, &H7, &H0, &H7, &H0, &H0, &H0, &H0, &H1)

Public Function GetSize(ByVal id As Byte, ByVal Data As String) As Integer
Dim interimVal As Integer


If id > 179 Then
GetSize = -2: Exit Function
End If

interimVal = m_PacketLengths(id)


If interimVal = 0 Then
 

  Select Case id
   Case &H9C
    GetSize = Asc(Mid$(Data, 3, 1)): Exit Function
   Case &H9D
    GetSize = Asc(Mid$(Data, 3, 1)): Exit Function
   Case &H5B
    GetSize = Asc(Mid$(Data, 2, 1)): Exit Function
   Case &HA8
    GetSize = Asc(Mid$(Data, 7, 1)): Exit Function
   Case &HAA
    GetSize = Asc(Mid$(Data, 7, 1)): Exit Function
   Case &HAC
    GetSize = Asc(Mid$(Data, 13, 1)): Exit Function
   Case &HAE
    GetSize = GetDWORD2(Mid(data, 2, 2)) + 3: Exit Function
   Case &H26
    p_data = Mid$(Data, 2)
    GetSize = Parsechat: Exit Function
   Case &H94
    GetSize = 6 + (Asc(Mid$(Data, 1, 1)) * 3): Exit Function
  End Select

End If

GetSize = interimVal: Exit Function
End Function


[rabbit]

Absolutely horrible code.

[Purri]

Im using ringo's DLL to get packet size:

Code Select Expand


Public Function GetPacketSize(data As String) As Long
    Dim tmpData$, RetSize&, OffSet&
    tmpData = data
    Call GamePacketSize(tmpData, RetSize, OffSet)
    data = Mid(data, 1 + OffSet) 'Remove Lengh header
    GetPacketSize = RetSize
End Function


[mime]

Where it is possible to find the code of GetPacketSize function from ringo's dll?

[Ringo]

At a quick glance, it look's like you're decompresssing incorrectly, and just decompressing through the joins/headers.
I say this mainly because:

Compressed packet:
17 5f a0 14 c6 b1 b9 48 a8 35 8c a3 2f ff 82 1b......
Length: 269

Assumeing you have posted the compressed data in full (so we can step through it, all the way to decompressed form) so we can help you easyer.
The 1st and/or 2nd byte of the compressed data, is the compressed packet header. This will tell you how long the compressed packet is, and how many bytes total the compressed packet header uses (1 or 2)
So for a compressed packet starting with 0x17, the header lengh (offset) should be 1 (size of the 0x17 byte) and the lengh of the compressed packet should be 0x16 (0x01+0x16=0x17), then you would decompress 16 bytes into 5f a0 14..... etc.

This post has examples of before and after decompression, stepping through from start to finish, of the enter game data.
http://forum.valhallalegends.com/index.php?topic=11756.msg123533#msg123533
This should proove very usefull as test data, to run through you're parser, decompress etc, then compare the decompressed results.


The compression code in D2GS.dll, is here: http://forum.valhallalegends.com/index.php?topic=13890.msg141520#msg141520
And the decompression code, here: http://forum.valhallalegends.com/index.php?topic=585.msg4318#msg4318
Both should contain the compressed packet header functions.

I'm pretty sure you're problem can be solved with the above 3 links.

hope this helps.

[mime]

Ringo, Thanks you for your answer

Code Select Expand


Compressed packet:

17 5f a0 14 c6 b1 b9 48 a8 35 8c a3 2f ff 82 1b ._.....H.5../...
f3 25 62 e8 66 6c e8 6f bf 02 2c bf dd 7b bd c2  ....


This compressed data without length bytes.

If to you it is not difficult, you can check up at yourselves these packets ?

I have just capture this package by means of Wireshark:

Code Select Expand


0000   f1 11 17 57 e8 05 31 ac 6e 52 2a 0d 63 28 cb ff
0010   e0 86 bf 32 56 2e 86 66 ce 86 fa fc 08 b2 bf dd
0020   7b bd c2 5d c2 65 c2 6d c2 75 d0 5d 8b 9f b8 ef
0030   68 79 b8 f9 68 06 dc 07 da 02 34 25 db 40 4a 7c
0040   0a 5c 3a af e3 e5 b6 db 6c be 30 bd dd de f7 f7
0050   77 df bb ee ee ef 7c 70 25 21 fb de 83 f9 1c d1
0060   ef 39 b9 c3 06 83 c1 ab 06 84 9b de f7 ef 30 34
0070   75 de f7 ba 6d ff ff e3 e0 f1 98 1a 14 9a ff fc
0080   3e eb 7f eb 79 dc 80 e4 04 80 ad ad e7 72 02 b7
0090   ad 90 12 03 eb 6b 7f ff fe b7 ad ad ff fc c6 bf
00a0   18 9f 9c c5 c3 97 48 72 b9 3d 41 f1 45 ce 50 19
00b0   9d 22 81 86 2a 0c 22 f1 d1 8c 23 3c e4 c8 f0 e8
00c0   cc 2f 90 27 30 2a 80 dc d0 e3 9a 56 c6 5c 3f 0c
00d0   80 21 10 f2 02 08 a3 a0 2c 84 4e 34 23 fa fc d6
00e0   b6 32 87 6c ad 15 43 d4 23 c8 59 73 31 30 b8 aa
00f0   4e 19 56 a4 5c 11 24 1f 40 38 3f 00 e8 89 e1 e0
0100   f6 02 59 61 a1 64 96 21 14 81 88 01 33 03 e0 fc
0110   77

// length 273


My program log:

Code Select Expand



Compressed data: // (without length bytes)

17 57 e8 05 31 ac 6e 52 2a 0d 63 28 cb ff e0 86 .W..1.nR*.c(....
bf 32 56 2e 86 66 ce 86 fa fc 08 b2 bf dd 7b bd .2V..f........{.
c2 5d c2 65 c2 6d c2 75 d0 5d 8b 9f b8 ef 68 79 .].e.m.u.]....hy
b8 f9 68 06 dc 07 da 02 34 25 db 40 4a 7c 0a 5c ..h.....4%.@J|.\
3a af e3 e5 b6 db 6c be 30 bd dd de f7 f7 77 df :.....l.0.....w.
bb ee ee ef 7c 70 25 21 fb de 83 f9 1c d1 ef 39 ....|p%!.......9
b9 c3 06 83 c1 ab 06 84 9b de f7 ef 30 34 75 de ............04u.
f7 ba 6d ff ff e3 e0 f1 98 1a 14 9a ff fc 3e eb ..m...........>.
7f eb 79 dc 80 e4 04 80 ad ad e7 72 02 b7 ad 90 .y........r....
12 03 eb 6b 7f ff fe b7 ad ad ff fc c6 bf 18 9f ...k...........
9c c5 c3 97 48 72 b9 3d 41 f1 45 ce 50 19 9d 22 ....Hr.=A.E.P.."
81 86 2a 0c 22 f1 d1 8c 23 3c e4 c8 f0 e8 cc 2f ..*."...#<...../
90 27 30 2a 80 dc d0 e3 9a 56 c6 5c 3f 0c 80 21 .'0*.....V.\?..!
10 f2 02 08 a3 a0 2c 84 4e 34 23 fa fc d6 b6 32 ......,.N4#....2
87 6c ad 15 43 d4 23 c8 59 73 31 30 b8 aa 4e 19 .l..C.#.Ys10..N.
56 a4 5c 11 24 1f 40 38 3f 00 e8 89 e1 e0 f6 02 V.\.$.@8?.......
59 61 a1 64 96 21 14 81 88 01 33 03 e0 fc 77     Ya.d.!....3...w
Length: 271

Decompressed data:

59 02 00 00 00 04 44 72 75 67 46 72 65 65 00 00 Y.....DrugFree..
00 00 00 00 00 00 00 00 00 00 aa 00 02 00 00 00 ................
0c 69 59 f9 ff 1f 76 00 02 00 00 00 94 13 02 00 .iY...v.........
00 00 00 00 01 02 00 01 01 00 01 d9 00 01 da 00 ................
01 db 00 01 dc 00 01 04 00 01 05 00 01 03 00 01 ................
7f 00 14 82 00 01 8a 00 14 8d 00 01 91 00 14 94 ...............
00 06 95 00 14 99 00 03 9b 00 01 23 00 02 00 00 ...........#....
00 00 8a 00 ff ff ff ff 97 5e 01 00 01 01 01 01 .........^......
00 01 00 01 00 00 00 00 01 01 01 00 00 01 00 00 ................
00 01 01 00 00 01 01 01 01 01 00 01 00 00 77 28 ..............w(
06 00 00 00 00 00 01 00 01 00 04 00 00 00 00 00 ................
00 00 19 10 01 00 01 00 1d 00 01 18 05 10 81 11 ................
05 10 25 00 01 00 01 00 01 00 01 00 00 00 01 00 ..%.............
09 10 01 02 01 00 01 00 01 00 01 12 00 00 01 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
8a 81 00 00 09 10 4d 14 00 00 00 00 00 00 00 00 ......M.........
00 00 00 00 00 00 29 00 00 00 80 00 00 00 00     ......)........
Length: 271



It is correct?

[mime]

up

[Ringo]

up

You're asking us, to hardcode the above data into a program, set up a make-shift parser and step through it to find any brakes?

This post has examples of before and after decompression, stepping through from start to finish, of the enter game data.
http://forum.valhallalegends.com/index.php?topic=11756.msg123533#msg123533
This should proove very usefull as test data, to run through you're parser, decompress etc, then compare the decompressed results.

The compression code in D2GS.dll, is here: http://forum.valhallalegends.com/index.php?topic=13890.msg141520#msg141520
And the decompression code, here: http://forum.valhallalegends.com/index.php?topic=585.msg4318#msg4318
Both should contain the compressed packet header functions.

You can do all of that you're self, with the above link's, I don't think you can really expect more than that, no?