• Welcome to Valhalla Legends Archive.
 

BotNet 0x02 Parse

Started by ChR0NiC, August 21, 2004, 02:47 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

ChR0NiC

August 21, 2004, 02:47 PM Last Edit: August 21, 2004, 02:49 PM by ChR0NiC
When I first logon I get a huge user list and I pretty much know the format of the user's but there seems to be 2 DWORD's before the userlist and after the result boolean and I was wondering if anybody could tell me what these represent, they aren't really discussed in the BotNet Latest by KP or on Bnet Docs so....

Code Select

0000:  01 02 08 00 01 00 00 00 01 06 42 00 4B 04 00 40   ....B.K.@


After that the userlist starts but it's not necessary to post that so...

UserLoser.

#1
August 21, 2004, 03:00 PM
Fix your data handler. That's two packets:


01 02 08 00 01 00 00 00


Note the bold, only 8 bytes in this packet.

Quote
(send to client) id 0x02: update bot status
(DWORD) status : 0=FAIL, 1=OK.  In version 4, this message is always success.


01 06 42 00 4B 04 00 40


Quote
(send to client) id 0x06: botnet bot information
Contents:
   (DWORD) bot id
   (4.1) (DWORD) database access flags
   (4.1) (DWORD) administrative capabilities
   (STRING:20) bot name
   (STRING:*) bot channel
   (DWORD) bot server
   (2) (STRING:16) unique account name
   (3) (STRING:*) database

Where's the other 66 bytes?

ChR0NiC

#2
August 21, 2004, 03:10 PM
Oh I see, so they put all the users together, I don't know why I didn't think of that before, thanks Userloser.

Kp

#3
August 21, 2004, 03:36 PM
Quote from: ChR0NiC on August 21, 2004, 03:10 PMOh I see, so they put all the users together, I don't know why I didn't think of that before, thanks Userloser.

No.  I queue each user individually, then the application-to-OS handler merges all outbound traffic (without regard to its type), and sends it to you.  You may or may not receive the users as a lumped object, depending on the size of your receive window and the frequency with which you call recv() relative to the frequency with which you receive data.  This is the exact same issue people encounter when receiving the userlist of a newly joined channel on battle.net -- botnet just has lots more entries than any given battle.net channel would.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

ChR0NiC

#4
August 21, 2004, 03:55 PM Last Edit: August 21, 2004, 06:45 PM by ChR0NiC
Quote from: Kp on August 21, 2004, 03:36 PM
Quote from: ChR0NiC on August 21, 2004, 03:10 PMOh I see, so they put all the users together, I don't know why I didn't think of that before, thanks Userloser.

No.  I queue each user individually, then the application-to-OS handler merges all outbound traffic (without regard to its type), and sends it to you.  You may or may not receive the users as a lumped object, depending on the size of your receive window and the frequency with which you call recv() relative to the frequency with which you receive data.  This is the exact same issue people encounter when receiving the userlist of a newly joined channel on battle.net -- botnet just has lots more entries than any given battle.net channel would.

Thanks alot !! ;D

Edit:
I noticed sometimes the packet runs out of room so it has to continue the rest of the particular packet on the next one, can anyone give me some tips as to how to handle this?
Print
|
Go Up Pages1
User actions