Extracting parts from a packet

Sorc.Polgara · August 17, 2004, 05:43 PM

DISCLAIMER: Noob questions

I'm trying to extract the information from the packet returned by the SID_AUTH_INFO (0x50)

The SID_AUTH_INFO response packet's format is this:

Quote
(DWORD) The NLS revision to use.*
(DWORD) Session key.
(DWORD) Nobody knows what the hell this is.
(FILETIME) A Win32 FILETIME structure specifying the file time of the version MPQ file.
(String) The filename of the version MPQ file.
(String) Checksum formula.
(Optional 128 bytes) Server signature.**

Microsoft says that the FILETIME structure is like 64-bits (16 bytes)

so the packet in bytes is like,

4 + 4 + 4 + 4 + 16 + (String) + (String)
(4 DWORDS) + (FILETIME) + (2 Strings)
32 bytes + (String) + (String)

If I wanted to get these first 4 DWORDs from the packet and store them in a array. Would this sample code do it correctly?

Code Select


Dim DWORD As String * 4
Dim PacketData As String
Dim PacketArray(0 To 3) As String

For i = 0 To 3 
DWORD = GetDWORD(PacketData)
PacketArray(i) = DWORD
PacketData = RemoveDWORD(PacketData)
Next

The function GetDWORD copies the immediate first 4 bytes in the packet.
The function RemoveDWORD cuts/removes the immediate first 4 bytes in the packet.

If this is correct, I would next get the next 3 parts,
16 bytes + (STRING) + (STRING)

So after I get these 4 DWORDs I would get the immediate 16 bytes as the FILETIME?

If this is correct, I would next have get the last two strings

I don't think there is a fixed length to these two strings... so how would I find the point that is between the two strings? By a Chr(0) between them?

I think I know what to do, but when I look and experiment with the output given to me by Grok's DebugOutput function... they conflict when I compare them.

Am I doing this right from what u can tell?

MyndFyre · August 17, 2004, 06:53 PM

Quote from: bethra on August 17, 2004, 05:43 PM
DISCLAIMER: Noob questions

I'm trying to extract the information from the packet returned by the SID_AUTH_INFO (0x50)

The SID_AUTH_INFO response packet's format is this:
Quote
(DWORD) The NLS revision to use.*
(DWORD) Session key.
(DWORD) Nobody knows what the hell this is.
(FILETIME) A Win32 FILETIME structure specifying the file time of the version MPQ file.
(String) The filename of the version MPQ file.
(String) Checksum formula.
(Optional 128 bytes) Server signature.**
Microsoft says that the FILETIME structure is like 64-bits (16 bytes)

Err, huh? 8 bits in a byte, therefore 64 bits = 8 bytes. Unless you don't know how to divide.

Quote from: bethra on August 17, 2004, 05:43 PM
If this is correct, I would next have get the last two strings

I don't think there is a fixed length to these two strings... so how would I find the point that is between the two strings? By a Chr(0) between them?

That is correct.

[edit]
The BNCS protocol uses C-style strings, which are variable-length delimited by a single '\0' character ( Chr(0) ) at the end when stored in memory. To get the string, you can use the Mid$ function, which I believe operates by taking the start index and the length of the substring you want to retrieve. So, since you already know where your start index is, you check each value to see if it is '\0', and then you subtract that character's index from the start index to get your length.

Sorc.Polgara · August 17, 2004, 07:32 PM

Quote from: MyndFyre on August 17, 2004, 06:53 PM
Quote from: bethra on August 17, 2004, 05:43 PM
DISCLAIMER: Noob questions

I'm trying to extract the information from the packet returned by the SID_AUTH_INFO (0x50)

The SID_AUTH_INFO response packet's format is this:
Quote
(DWORD) The NLS revision to use.*
(DWORD) Session key.
(DWORD) Nobody knows what the hell this is.
(FILETIME) A Win32 FILETIME structure specifying the file time of the version MPQ file.
(String) The filename of the version MPQ file.
(String) Checksum formula.
(Optional 128 bytes) Server signature.**
Microsoft says that the FILETIME structure is like 64-bits (16 bytes)

Err, huh? 8 bits in a byte, therefore 64 bits = 8 bytes. Unless you don't know how to divide.

heh, I asked my dad at the dinner "There are 8 bits in a byte right?" and he told me that no there were 4... rofl moral of the day, don't listen to ur parents!

MyndFyre · August 17, 2004, 07:59 PM

Quote from: bethra on August 17, 2004, 07:32 PM
heh, I asked my dad at the dinner "There are 8 bits in a byte right?" and he told me that no there were 4... rofl moral of the day, don't listen to ur parents!

When you have four bits, you have what is known as a nibble.

ChR0NiC · August 17, 2004, 08:03 PM

Pun intended ? Otherwise you have me confused

MyndFyre · August 17, 2004, 08:08 PM

Quote from: ChR0NiC on August 17, 2004, 08:03 PM
Pun intended ? Otherwise you have me confused

No, really -- four bits is a nibble.

Quote
nibble

<data> /nib'l/ (US "nybble", by analogy with "bite" -> "byte")
Half a byte. Since a byte is nearly always eight bits, a
nibble is nearly always four bits (and can therefore be
represented by one hex digit).

Other size nibbles have existed, for example the BBC
Microcomputer disk file system used eleven bit sector numbers
which were described as one byte (eight bits) and a nibble
(three bits).

-- Dictionary.com, about the 6th down.

Banana fanna fo fanna · August 18, 2004, 09:27 AM

i thought it was a nybble

Valhalla Legends Archive

Extracting parts from a packet

Sorc.Polgara

MyndFyre

Sorc.Polgara

MyndFyre

ChR0NiC

MyndFyre

Banana fanna fo fanna