D2GS Packet Research

[Ringo]

Right.. but notice as I reassign a new data clump from the PREVIOUS data clump to newClump, and then continue to parse the rest of that clump from there..

I had nothing to do for the last half hour, so i wrote one for you, but i havent tested it at all, so its bound to need debugging.
Should give you a better idea tho

Code Select Expand


Private Declare Function GamePacketDecode Lib "D2GS.dll" _
    (ByVal indata As String, _
    ByVal insize As Long, _
    ByVal outdata As String, _
    ByVal outmax As Long, _
    ByRef outsize As Long) As Integer



Public Sub DoData(ByVal cData As String)

'used as a tmp buffer for the decompressed packets
Dim tmpBuf As String

'used to store packet lenghs
Dim dLen As Long

'holds any existing broken data
Static sBuf As String

'counts loops to stop crash's
Dim BugCount(1) As Long
BugCount(0) = 0
BugCount(1) = 0

'buffer new data with any existing old data
sBuf = sBuf & cData

'create a loop to brake up each compressed packet
Do

    'check this loop hasnt got stuck
    If PlusLoop(BugCount(0)) = False Then Exit Sub
   
    'store the compressed packets size in dLen
    dLen = GPSize(sBuf)
   
    'compressed packet is broken (will be buffered next time)
    If Len(sBuf) < dLen Then Exit Sub
   
    'check sanity
    If cR(dLen, 1, 4000) = False Then
        'loss the data on error
        sBuf = ""
        Exit Sub
    End If
   
    'create a tmp-buffer to store decompressed packets in
    tmpBuf = String(dLen * 2 + 250, Chr(0))
   
    'decompress it (see datadecomp function)
    If DataDecomp(sBuf, dLen, tmpBuf) = -1 Then
        'error, message will be cut short.
        'add more padding!
    End If
   
    'create a loop to split up and parse the _
    decompressed packets in tmpBuf
    Do
       
        'check this loop hasnt got stuck
        If PlusLoop(BugCount(1)) = False Then GoTo BrakeDECOMPloop
   
        'get the packets lengh from your packet size array
        dLen = D2GS_Packet_Lengh_Array(Asc(Left(tmpBuf, 1)))
       
        'if -1 then calculate the packets lengh
        If dLen = -1 Then dLen = Get_Verying_Packet_Size(tmpBuf)
       
        'return -1 on unknown/error
        If dLen = -1 Then
            'your verying packet lengh function
            'should return -1 on unknown
            'display packet data?
            tmpBuf = "" 'brakes this loop
        Else
            'dlen holds the decompressed packets lengh
            'cut it out the decompressed packet from tmpBuf and parse it
            Call Parse(Left(tmpBuf, dLen))
            'set tmpBuf to the next possible packet
            tmpBuf = Mid(tmpBuf, 1 + dLen)
        End If
    Loop Until Len(tmpBuf) < 1
BrakeDECOMPloop:
Loop Until Len(sBuf) < 2
End Sub



Private Function GPSize(D As String) As Long
If Asc(Mid(D, 1, 1)) < &HF0 Then
    'the lengh is the 1st byte - the lengh header
    GPSize = Asc(Mid(D, 1, 1)) - 1
    'remove the lengh header from sBuf to be returned
    D = Mid(D, 2)
Else
    'the lengh if the 1st byte and 16, left shifted by 8 + 2nd byte - the lengh header
    GPSize = (LeftShift(Asc(Mid(D, 1, 1)) And &HF, 8) + (Asc(Mid(D, 2, 1)) - 2))
    'remove the lengh header from sBuf to be returned
    D = Mid(D, 3)
End If
End Function



Private Function DataDecomp(Data As String, ByVal pSize As Long, OutBuf As String) As Long
Dim SizeReturn As Long
If GamePacketDecode(Left(Data, pSize), Len(Left(Data, pSize)), OutBuf, Len(OutBuf), SizeReturn) = -1 Then
    'needed more padding
    DataDecomp = -1 'return error
Else
    DataDecomp = 1
End If
'cut the decompressed data out of are tmpBuf for returning
OutBuf = Left(OutBuf, SizeReturn)
'set sbuf to the next compressed packet
Data = Mid(Data, 1 + SizeReturn)
End Function



Private Function LeftShift(ByVal Value As Long, ByVal Shift As Long) As Double
LeftShift = CDbl(Value * (2 ^ Shift))
End Function



Public Function cR(Bit As Long, Min As Integer, max As Integer) As Boolean
cR = True
If Bit < Min Or Bit > max Then cR = False
End Function



Public Function PlusLoop(AddOn As Long) As Boolean
Const BRAKEAGE As Integer = 100 'brake loops over this number
'add 1 to the loop counter
AddOn = AddOn + 1
'brake if over BRAKEAGE
If AddOn > BRAKEAGE Then
    AddOn = 0
    PlusLoop = False
Else
    PlusLoop = True
End If
End Function








and the same with out all the explainations;

Code Select Expand


Public Sub DoData(ByVal cData As String)
Dim tmpBuf As String, dLen As Long, BugCount(1) As Long
Static sBuf As String
BugCount(0) = 0
BugCount(1) = 0
sBuf = sBuf & cData
Do
    If PlusLoop(BugCount(0)) = False Then Exit Sub
    dLen = GPSize(sBuf)
    If Len(sBuf) < dLen Then Exit Sub
    If cR(dLen, 1, 4000) = False Then: sBuf = "": Exit Sub
    tmpBuf = String(dLen * 2 + 250, Chr(0))
    If DataDecomp(sBuf, dLen, tmpBuf) = -1 Then
        'add more padding!
    End If
    Do
        If PlusLoop(BugCount(1)) = False Then GoTo BrakeDECOMPloop
        dLen = D2GS_Packet_Lengh_Array(Asc(Left(tmpBuf, 1)))
        If dLen = -1 Then dLen = Get_Verying_Packet_Size(tmpBuf)
        If dLen = -1 Then
            tmpBuf = ""
        Else
            Call Parse(Left(tmpBuf, dLen))
            tmpBuf = Mid(tmpBuf, 1 + dLen)
        End If
    Loop Until Len(tmpBuf) < 1
BrakeDECOMPloop:
Loop Until Len(sBuf) < 2
End Sub

Private Function GPSize(D As String) As Long
If Asc(Mid(D, 1, 1)) < &HF0 Then
    GPSize = Asc(Mid(D, 1, 1)) - 1
    D = Mid(D, 2)
Else
    GPSize = (LeftShift(Asc(Mid(D, 1, 1)) And &HF, 8) + (Asc(Mid(D, 2, 1)) - 2))
    D = Mid(D, 3)
End If
End Function

Private Function DataDecomp(Data As String, ByVal pSize As Long, OutBuf As String) As Long
Dim SizeReturn As Long
If GamePacketDecode(Left(Data, pSize), Len(Left(Data, pSize)), OutBuf, Len(OutBuf), SizeReturn) = -1 Then
    DataDecomp = -1
Else
    DataDecomp = 1
End If
OutBuf = Left(OutBuf, SizeReturn)
Data = Mid(Data, 1 + SizeReturn)
End Function

Private Function LeftShift(ByVal Value As Long, ByVal Shift As Long) As Double
LeftShift = CDbl(Value * (2 ^ Shift))
End Function

Public Function cR(Bit As Long, Min As Integer, max As Integer) As Boolean
cR = True
If Bit < Min Or Bit > max Then cR = False
End Function

Public Function PlusLoop(AddOn As Long) As Boolean
Const BRAKEAGE As Integer = 100
AddOn = AddOn + 1
If AddOn > BRAKEAGE Then
    AddOn = 0
    PlusLoop = False
Else
    PlusLoop = True
End If
End Function


Hope this helps!

[LivedKrad]

Not at all. That thing is more broken than mine.

[Ringo]

Not at all. That thing is more broken than mine.

Cos it needed a very small bit of debugging.

All you need to change is:
    D2GS_PACKET_ARRAY(Asc(Mid(tmpBuf, 1, 1)))
    GET_D2GS_VERYING_SIZE(tmpBuf)
    'PARSE Left(tmpBuf, dLen)
and it WILL work!

Code Select Expand


Public Sub DoData(ByVal cData As String)
Dim tmpBuf As String
Dim dLen As Long
Static sBuf As String
Dim BugCount(1) As Long
sBuf = sBuf & cData
Do
    If PlusLoop(BugCount(0)) = False Then Exit Sub
    dLen = GPSize(sBuf)
    If Len(sBuf) < dLen Then Exit Sub
    tmpBuf = String(dLen * 2 + 250, Chr(0))
    Call DataDecomp(sBuf, dLen, tmpBuf)
    Do
        If PlusLoop(BugCount(1)) = False Then GoTo BrakeDECOMPloop
        dLen = D2GS_PACKET_ARRAY(Asc(Mid(tmpBuf, 1, 1)))
        If dLen = -1 Then dLen = GET_D2GS_VERYING_SIZE(tmpBuf)
        If dLen = -1 Then
            'unknown lengh
            tmpBuf = ""
        Else
            'PARSE Left(tmpBuf, dLen)
            tmpBuf = Mid(tmpBuf, 1 + dLen)
        End If
    Loop Until Len(tmpBuf) < 1
    BugCount(1) = 0
BrakeDECOMPloop:
Loop Until Len(sBuf) < 2
End Sub



Private Function GPSize(D As String) As Long
On Error Resume Next
If Asc(Mid(D, 1, 1)) < &HF0 Then
    GPSize = Asc(Mid(D, 1, 1)) - 2
    D = Mid(D, 2)
Else
    GPSize = LeftShift(Asc(Mid(D, 1, 1)) And &HF, 8) + Asc(Mid(D, 2, 1)) - 3
    D = Mid(D, 3)
End If
End Function



Private Function DataDecomp(Data As String, ByVal pSize As Long, OutBuf As String) As Long
Dim SizeReturn As Long
DataDecomp = GamePacketDecode(Left(Data, pSize), Len(Left(Data, pSize)), OutBuf, Len(OutBuf), SizeReturn)
OutBuf = Left(OutBuf, SizeReturn)
Data = Mid(Data, 2 + pSize)
End Function



Private Function LeftShift(ByVal Value As Long, ByVal Shift As Long) As Double
LeftShift = CDbl(Value * (2 ^ Shift))
End Function



Public Function PlusLoop(AddOn As Long, Optional BRAKEAGE As Integer = 100) As Boolean
AddOn = AddOn + 1
If AddOn > BRAKEAGE Then
    AddOn = 0
    PlusLoop = False
Else
    PlusLoop = True
End If
End Function


I hope this helps! (again)

[LivedKrad]

First of all, I don't have those functions or that array. Secondly, I used my own. Maybe that one is the problem.

Code Select Expand


        'get the packets lengh from your packet size array
        dLen = D2Parse.GetSize(Asc(Left(tmpBuf, 1)), tmpBuf)



Public Function GetSize(ByVal ID As Byte, ByVal data As String) As Integer
Dim interimVal As Integer
If ID > 179 Then
GetSize = -2: Exit Function
End If
interimVal = m_PacketLengths(ID)

If interimVal = &HFFFFFFFF Then
 
  Select Case ID
   Case &H9C
    GetSize = Asc(Mid$(data, 3, 1)): Exit Function
   Case &H9D
    GetSize = Asc(Mid$(data, 3, 1)): Exit Function
   Case &H5B
    GetSize = Asc(Mid$(data, 2, 1)): Exit Function
   Case &HA8
    GetSize = Asc(Mid$(data, 7, 1)): Exit Function
   Case &HAA
    GetSize = Asc(Mid$(data, 7, 1)): Exit Function
   Case &HAC
    GetSize = Asc(Mid$(data, 13, 1)): Exit Function
   Case &HAE
    GetSize = gword(Mid(data, 2, 2)) + 3: Exit Function
   Case &H26
    p_data = Mid$(data, 2)
    GetSize = Parsechat: Exit Function
   Case &H94
    GetSize = 6 + (Asc(Mid$(data, 1, 1)) * 3): Exit Function
  End Select

End If

GetSize = interimVal: Exit Function 'return interimVal;
End Function



m_PacketLengths = Array(&H1, &H8, &H1, &HC, &H1, &H1, &H1, &H6, &H6, &HB, &H6, &H6, &H9, &HD, &HC, &H10, _
&H10, &H8, &H1A, &HE, &H12, &HB, -1, -1, &HF, &H2, &H2, &H3, &H5, &H3, &H4, &H6, _
                                              &HA, &HC, &HC, &HD, &H5A, &H5A, -1, &H28, &H67, &H61, &HF, &H0, &H8, &H0, &H0, &H0, _
                                              &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, &H0, -1, &H8, _
                                              &HD, &H0, &H6, &H0, &H0, &HD, &H0, &HB, &HB, &H0, &H0, &H0, &H10, &H11, &H7, &H1, _
                                              &HF, &HE, &H2A, &HA, &H3, &H0, &H0, &HE, &H7, &H1A, &H28, -1, &H5, &H6, &H26, &H5, _
                                              &H7, &H2, &H7, &H15, &H0, &H7, &H7, &H10, &H15, &HC, &HC, &H10, &H10, &HA, &H1, &H1, _
                                              &H1, &H1, &H1, &H20, &HA, &HD, &H6, &H2, &H15, &H6, &HD, &H8, &H6, &H12, &H5, &HA, _
                                              &H4, &H14, &H1D, &H0, &H0, &H0, &H0, &H0, &H0, &H2, &H6, &H6, &HB, &H7, &HA, &H21, _
                                              &HD, &H1A, &H6, &H8, -1, &HD, &H9, &H1, &H7, &H10, &H11, &H7, -1, -1, &H7, &H8, _
                                              &HA, &H7, &H8, &H18, &H3, &H8, -1, &H7, -1, &H7, -1, &H7, -1, &H0, -1, &H1, &H1)


[Ringo]

First of all, I don't have those functions or that array. Secondly, I used my own.

That was the idea

I dont see anything blatently wrong with your array and decompressed packet size function, are you useing this code, or the one right up top?
Because up top, that code needed some debugging, witch i did and reposted 2 posts above. (here)

[LivedKrad]

Well, I did slight modifications to the routine you gave me. It has exactly the same results as all other packet decompressors/parsers I have made: a huge bunch of null packets and some weird ones.

Code Select Expand


[8:17:06 PM] DCSitter - v1 - Build: 45 - Copyright LivedKrad 2005.
[8:17:06 PM] Pre-variable-set done.
[8:17:09 PM] Starting connection to 63.240.202.120:6112
[8:17:09 PM] Connected to server 63.240.202.120:6112
[8:17:09 PM] Checking version..
[8:17:09 PM] Accessing account information..
[8:17:09 PM] Logging on to realm..
[8:17:09 PM] Connected to MCP server.
[8:17:09 PM] Character logon successful
[8:17:11 PM] Retrieving IP Address..
[8:17:11 PM] Attempting to idle in game trades with password
[8:17:11 PM] Game IP Address: 63.240.202.73
[8:17:11 PM] Game Server Token: 770
[8:17:11 PM] Game Hash: 270410304
[8:17:11 PM] Connected to D2GS.
[8:17:11 PM]  «- [0xAF] Game server requested login.
[8:17:11 PM] Logging into game..
[8:17:11 PM] Send: 0x68
[8:17:11 PM] TEST: LOGON OK
[8:17:11 PM] Send: 0x6D
[8:17:11 PM]  «- [0x5C] Game Login Results Received.
[8:17:11 PM] Game login was successful.
[8:17:11 PM]  -» [0x6A] Attempting to enter game...
[8:17:11 PM] Game join was successful.
[8:17:11 PM] Dump: GetSize() returned length: 33 : 8F 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ?...............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00                                                ................
[8:17:11 PM] Dump: GetSize() returned length: 26 : 59 C6 10 BB B6 04 6C 6B 63 6C 6F 6E 65 68 75 6E   YÆ.»¶.lkclonehun
74 74 72 65 73 00 00 00 00 00                     ttres...........
[8:17:11 PM] Dump: GetSize() returned length: 12 : AA 00 C6 10 BB B6 0C 69 59 F9 FF 1F               ª.Æ.»¶.iYùÿ.....
[8:17:11 PM] Dump: GetSize() returned length: 6 : 76 00 C6 10 BB B6                                 v.Æ.»¶..........
[8:17:11 PM] Dump: GetSize() returned length: 450 : 94 0A C6 10 BB B6 00 00 01 02 00 01 01 00 01 D9   ".Æ.»¶.........Ù
00 01 DA 00 01 DB 00 01 DC 00 01 04 00 01 05 00   ..Ú..Û..Ü.......
01 03 00 01 22 00 26 C6 10 BB B6 D9 00 01 1F 00   ....".&Æ.»¶Ù....
5E 01 00 01 01 01 01 01 01 01 01 01 01 01 01 01   ^...............
01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01   ................
01 01 01 01 01 00 28 06 00 00 00 00 00 01 00 00   ......(.........
00 00 00 00 00 00 00 00 00 19 00 01 00 01 00 0C   ................
00 01 00 05 00 81 01 05 00 25 00 01 00 00 00 00   .....?...%......
00 01 00 00 00 00 00 09 00 01 0A 01 00 01 00 04   ................
00 01 02 00 00 01 00 00 00 00 00 00 00 00 00 00   ................
00 00 00 00 00 00 00 00 00 00 00 00 00 01 04 00   ................
00 00 00 00 00 00 00 00 00 00 00 00 00 29 00 00   .............)..
00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00   .€..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B 00   ................
C6 10 BB B6 5F 01 00 00 00 1D 00 1E 1D 01 0A 1D   Æ.»¶_...........
02 14 1D 03 19 1E 07 00 37 1E 09 00 0A 1E 0B 00   ........7.......
5C 1D 0C 01 9C 0E 14 10 C1 B9 7E 12 10 00 A2 00   \...œ...Á¹~...¢.
65 08 00 80 06 17 03 02 9C 0E 14 10 E0 3C 3F 99   e..€....œ...à<?™
10 00 A2 00 65 08 06 80 06 17 03 02 9C 04 14 10   ..¢.e..€....œ...
70 9E 9F 4C 10 00 A2 00 65 00 52 92 36 37 06 02   pžŸL..¢.e.R'67..
9C 04 17 10 38 AF 4F 26 10 00 80 00 65 00 10 22   œ...8¯O&..€.e.."
F6 86 07 02 8E F0 1F 9C 04 16 10 9C B7 27 13 00   ö†..Žð.œ...œ·'..
00 80 00 65 00 00 3A D6 16 03 82 F1 15 9D 06 1E   .€.e..:Ö..,ñ.?..
05 CE BB 93 09 00 C6 10 BB B6 11 00 82 00 65 84   .λ"..Æ.»¶..,.e,,
08 80                                             .€..............
[8:17:11 PM] uh oh! Error processing dump: (Packet: 16): 16 86 07 82 80 C0 C1 E1 3F                        .†.,€ÀÁá?.......


Any ideas what this 16 is? Never seen it, and obviously my packet size array has no value for it, because it's being return as -1.

[Ringo]

heh, it was right under are nose's 
Is it a bug...
Is it a glitch..
NO.. its super packet!

[8:17:11 PM] Dump: GetSize() returned length: 450 : 94 0A C6 10 BB B6 .................

Code Select Expand


   Case &H94
    GetSize = 6 + (Asc(Mid$(data, 1, 1)) * 3): Exit Function

If that was done right, you would have saw a 0x20 right after 0x94, but your useing the packet id (DOH)
6 + (packetID[0x94] * 3) = super packet 450

hope this helps!

[LivedKrad]

Thanks for noticing that. I fixed that after I posted it on here, but I still have many other problems. I just don't know what the problems are!

[LivedKrad]

Ok man, test your code with your parsing/decompression because it sure as hell does not work with mine. This is probably my error BTW, I am not suggesting that it is yours.

[LordNevar]

Code Select Expand

Private Declare Function GamePacketDecode Lib "D2GS.dll" (ByVal indata As String, ByVal insize As Long, ByVal outdata As String, ByVal outmax As Long, ByRef outsize As Long) As Integer
Private Declare Function GamePacketSize Lib "D2GS.dll" (ByVal Data As String, ByRef size As Long, ByRef offset As Long) As String

Public Function DecodePacket(Data As String) As String
Dim size&, offset&, outsize&, outdata$
    GamePacketSize Data, size, offset
    outdata = String(size + 6, vbNullChar)
    GamePacketDecode Mid(Data, offset + 1), size + 5, outdata, size + 5, outsize
    DecodePacket = outdata
End Function

Code Select Expand

Public Sub ParseD2GS(Data As String)
    Dim PacketID As Byte
    If D2GS.InGame = True Then
        Data = DecodePacket(Data)
        PacketID = Asc(Left$(Data, 1))
    Else
        PacketID = Asc(Left$(Data, 1))
    End If

I've been using this code in my bot for quite sometime now, and have had no problems with it. Your more than welcome to it.

[Ringo]

Ok man, test your code with your parsing/decompression because it sure as hell does not work with mine. This is probably my error BTW, I am not suggesting that it is yours.

Here, try this source code that i made, so you can see it working and splitting up and parseing a very large clump of packets, including big and small.

Hope this helps!

[Elneroth]

Ugh, I've come back from a couple months ago to do a quick update on my huge project I abandoned.

So, what exactly has changed? I read the entire topic and have seen a few things.

As far as I can tell, has every single packet ID used in D2GS increased by one?

&H1AE -> &H67 -> &H6C
I've been looking at other posts and see:
&H1AF -> &H68 -> &H6D
I don't know what &H5C02 changed to though.

Also, what exactly has changed with the arrivle of 'warden'?
Has the sequence changed?

I read somewhere that you have to send 0x66 Right when you connect but other people have said you have to send it in responce to &H1AE (Considering the old &H1AE changed to &H1AF if the above is correct.)
And what is REQUIRED to be sent with 0x66? Can you just send a blank packet or do you have to include nulls?

[Ringo]

Ugh, I've come back from a couple months ago to do a quick update on my huge project I abandoned.

So, what exactly has changed? I read the entire topic and have seen a few things.

As far as I can tell, has every single packet ID used in D2GS increased by one?

&H1AE -> &H67 -> &H6C
I've been looking at other posts and see:
&H1AF -> &H68 -> &H6D
I don't know what &H5C02 changed to though.

Also, what exactly has changed with the arrivle of 'warden'?
Has the sequence changed?

I read somewhere that you have to send 0x66 Right when you connect but other people have said you have to send it in responce to &H1AE (Considering the old &H1AE changed to &H1AF if the above is correct.)
And what is REQUIRED to be sent with 0x66? Can you just send a blank packet or do you have to include nulls?

Hi, long time no see
this post and below should help show warden packets and 1.11 connection sequance, other wise the C > S and S > C packets in this thread got updated awhile ago for 1.11b.

AFAIK, there is next to zero infomation on emulating warden atm

[LivedKrad]

Ok man, test your code with your parsing/decompression because it sure as hell does not work with mine. This is probably my error BTW, I am not suggesting that it is yours.

Here, try this source code that i made, so you can see it working and splitting up and parseing a very large clump of packets, including big and small.

Hope this helps!

Genius, well done Ringo. Works perfectly. Now to investigate what went wrong with mine. Thanks a million!

[NetNX]

Hmm i come back after so long and find out that this topic has drifted so far from packet research... ?