Battle.net Packet Introduction for Newbies

[Elneroth]

Didn't take me very long to write this, so if you find anything invalid or bad, please tell me so I can edit it out.
I tried to make this as most understanding as I could for beginners to learn Battle.net Packets.

Microsoft Word Document format can be found Here: http://www.insanedev.net/chaos/BNETPIntro.zip

--------------------------------------------------------------------------------------------------------------------------------------------------------

Introduction to Battle.net Packets

By: Galdunn (Andrew K.)

A step-by-step guide to reading sent/received packets from Battle.net/Battle.net clients.

Table of Contents:

Section 1: Hexadecimal Coding
Section 2: Battle.net Packet Formats
Section 3: BNCS (Battle.net Chat Server) Packet Format
Section 4: Realm Packet Format

Special Thanks To BNETDocs, for providing all the information you'll basically ever need for a successful Battle.net connection emulation.

BNETDocs information was used throughout this guide for packet information references.

I coded a handy tool for Converting to/from HEX format.
It can be found, here:
http://www.edevs.org
Look under the Software Releases download section, under Programming Tools.

Section 1 (Hexadecimal Coding) ----------------------------------------------------------------------------

Before you can start jumping into Battle.net packets, you need to know Hexadecimal Coding.

Dictionary.com's definition of Hexadecimal Coding:

Code Select Expand

A number representation
using the digits 0-9, with their usual meaning, plus the
letters A-F (or a-f) to represent hexadecimal digits with
values of (decimal) 10 to 15. The right-most digit counts
ones, the next counts multiples of 16, then 16^2 = 256, etc.

In my own words, Hexadecimal Coding is a way to express data in a numeric form. This form includes the number's 0 to 9, and the letters A to F.

Here's the basic memory types you need to know.
BYTE Example(00): 8 bit unsigned integer
WORD Example(00 00): 16 bit unsigned integer
DWORD Example(00 00 00 00): 32 bit unsigned integer
STRING Example(39 47 38 27 17 39 00): Strings are always ended with 00, also known as "Null Terminated".

Note: Some users like to express hex values in the format "0x##".
Example, the byte 00 would be expressed as 0x00.
Another example, the byte 34 would be expressed as 0x34.

There are certain ways to convert between strings and hexadecimal coding. I'll provide two functions to do so.

Here's a function I wrote to convert from String to HEX:

Code Select Expand

Public Function ToHex(ByVal strString As String) As String
Dim A&, strOut$, strC$
For A = 1 To Len(strString)
    If Len(Hex(Asc(Mid(strString, A, 1)))) = 1 Then
       strOut = strOut & " " & "0" & Hex(Asc(Mid(strString, A, 1)))
    Else
       strOut = strOut & " " & Hex(Asc(Mid(strString, A, 1)))
    End If
Next A
ToHex = strOut
End Function

What this function does is goes through every single character of a string, get's the ASCII value of it, then converts it to HEX using Visual Basic's Hex() function. If the length of the HEX value of the ASCII value is only 1, it adds a 0 before it to make it valid. (Byte)

This function does take quite a bit of lag to execute, so I wouldn't suggest using this very often.

Here's a function I wrote to convert from HEX to String formats.

Code Select Expand

Public Function ToStr(ByVal strString As String) As String
strString = Replace(strString, " ", "")
Dim A&, strOut$, strC$
For A = 1 To Len(strString) Step 2
       strOut = strOut & Chr(Val("&H" & Mid(strString, A, 2)))
Next A
ToStr = strOut
End Function

This function goes through every byte of a hex string, gets the character value of it, and returns a full line in String format.

This also is a bit laggy to execute, so I also wouldn't suggest using this very often.


Section 2: (Battle.net Packet Formats) ----------------------------------------------------------------------------

Battle.net is split into a few different type of packet formats.
Some types are:
BNCS (Battle.net Chat Server)
Realm (Diablo 2 Realm Servers)
I will only be explaining these two formats during this guide.


Section 3: (BNCS: Battle.net Chat Server) ----------------------------------------------------------------------------

All BNCS packets are composed of a Header and following data.
The header is the beginning of every packet.
The header format for BNCS is like this.

(Byte) FF – Always FF, to identify it's a BNCS packet.
(Byte) 36 – Packet ID – Provides an ID associated to what the packet's purpose is.
(Word) 09 00– Packet Length – Provides the length of what the entire packet should be.

All following data after the Header is information provided by the server.

Here is an example packet.
This is how most data, converted to hex, will look to the viewer.

Code Select Expand

FF 0A 49 00 47 61 6C 64 75 6E 6E 00 50 58 32 44 55 53 45 61 73 74 2C 47 61 6C 64 75 6E 6E 2C 84 80 FF FF FF FF FF FF FF FF FF FF FF 04 FF FF FF FF FF FF FF FF FF FF FF 57 E8 9E FF FF 02 FF FF 00 47 61 6C 64 75 6E 6E 00

FF 0A 49 00 – BNCS Header (As stated before, always in the beginning of the packet.)

(Byte) FF = Always FF, as mentioned before.
(Byte) 0A = Packet ID. In this case, 0A (or 0x0A), would signify the client that it's the packet sent after complete successful login.
(Word) 49 00 – Packet Length

Most packet information can be found @ http://bnetdocs.valhallalegends.com/content.php thanks to ValhallaLegends for providing it.

The packet information for this packet is the following. (From BNETDocs):
(STRING)     Unique Username
(STRING)     Statstring
(STRING)     Account name

This explains the data following the header.

Here's the packet again.  (Without the header)

Code Select Expand

47 61 6C 64 75 6E 6E 00 50 58 32 44 55 53 45 61 73 74 2C 47 61 6C 64 75 6E 6E 2C 84 80 FF FF FF FF FF FF FF FF FF FF FF 04 FF FF FF FF FF FF FF FF FF FF FF 57 E8 9E FF FF 02 FF FF 00 47 61 6C 64 75 6E 6E 00

If you take a look at BNETDoc's packet information, it shows the sequence of data inside the packet.
It starts with a Unique Username string, a Statstring string, then ends with an Account Name string.
As noted earlier, all strings end with 00, also known as Null Termination.

Now, let's split this packet up according to the Nulls (00's).

Code Select Expand

47 61 6C 64 75 6E 6E – (First String) – Unique Username
00
50 58 32 44 55 53 45 61 73 74 2C 47 61 6C 64 75 6E 6E 2C 84 80 FF FF FF FF FF FF FF FF FF FF FF 04 FF FF FF FF FF FF FF FF FF FF FF 57 E8 9E FF FF 02 FF FF – (Second String) - Statstring
00
47 61 6C 64 75 6E 6E – (Third String) - Username
00

The first split, 47 61 6C 64 75 6E 6E, should be the Unique Username string.
Let's use the function I made before to convert it to string value to see if that's true!

I received the string value "Galdunn" from the conversion. This indeed does support BNETDocs information regarding this packet! (Like most of them)

Apparantly, 47 61 6C 64 75 6E 6E is Galdunn in hex format.

Let's take a look at the second string, 50 58 32 44 55 53 45 61 73 74 2C 47 61 6C 64 75 6E 6E 2C 84 80 FF FF FF FF FF FF FF FF FF FF FF 04 FF FF FF FF FF FF FF FF FF FF FF 57 E8 9E FF FF 02 FF FF.
This string contains your Statstring. This is a complex string and contains some values even I don't know what they're for yet. (That's where research comes into play!) Let's convert this string with that nifty function now!

I received the following:
PX2DUSEast,Galdunn,,,€ÿÿÿÿÿÿÿÿÿÿÿ ÿÿÿÿÿÿÿÿÿÿÿWèžÿÿ ÿÿ
Pretty weird, eh?
Well, as far as I can see from this string, it contains a backward product ID PX2D, which is D2XP in the right order. This stands for Diablo 2: Lord of Destruction.
The second thing I can see is 'USEast', this is the name of the server realm I'm connected to.
The third thing I can see is Galdunn, which is my username. This is the same as above.
I myself do not know what the rest of this string represents, and so far, I don't really need to

There are certain things in some packets you can ignore, while in others, you risk the possibility of getting IP Banned if you mess up a single value.

Let's take a look at the third string now, 47 61 6C 64 75 6E 6E, as I can see, this is the same hex string as the first string, the Unique User ID, so it's safe to skip the converting part and just assume it's "Galdunn". This is also correct, assuming my account login name was Galdunn.

Congradulations. You've just learned your first Battle.net Packet!

Please take some time to Packet Log any battle.net client (I suggest Starcraft as a start), get the packet ID to each one (as taught above), and look it up according to http://www.bnetdocs.valhallalegends.com 's information. Try and see how many packets you can parse (decode).

Let's now move on to Realm Packets.

Section 4: (Realm Packet Format) ----------------------------------------------------------------------------

Realm packets are very similar to BNCS packets, yet they lack similarity in one field, the Header.

Realm packet headers always start with the packet length (Word).
Following the packet length value, comes the message id (Byte).

These are the only two values in Realm Headers, the rest of the packet is all data following the header.

Let's take a look at an example Realm Packet, this time we'll start out with a fairly simple packet.

07 00 01 00 00 00 00

07 00 – Packet Length
01 – Packet ID

Here's the packet without the header.
00 00 00 00

Here's the format to this packet, according to BNETDocs.
(DWORD)       Result

In DWORD results, such as this one, there are usually many values it can return.
Each different value signifies a different message, pre-determined.

According to BNETDocs, here are the possible results for this packet.
0x00: Success
0x0C: No Battle.net connection detected

Now we know that this packet returned the value, "Success", since the result was 00 00 00 00, and BNETDocs says that the 00 00 00 00 value signifies "Success".


--------------------------------------------------------------------------------------------------------------------------------------------------------

Congratulations again! You've finished reading my tutorial on how to read Battle.net packets!

From here on, I would suggest practicing your skills in packet logging connections and trying to figure out at your best what each packet does.

If you need any help decoding a packet, try the Battle.net Bot Development forums.

Note: PLEASE MAKE SURE YOU NO FOR CERTAIN IT HAS NOT ALREADY BEEN ANSWERED BEFORE YOU MAKE A NEW POST
Members of this forum hate it when they have to answer a question more than once!

[Elneroth]

Sorry, is this supposed to go in the References forums?
I can't delete it then move it, it's not letting me.
I'll leave it to a mod if it really needs to be moved.

[MyndFyre]

Sorry, is this supposed to go in the References forums?
I can't delete it then move it, it's not letting me.
I'll leave it to a mod if it really needs to be moved.

Spht and I will talk about it.  In the meantime, thank you for not double-posting.

[R.a.B.B.i.T]

n my own words, Hexadecimal Coding is a way to express data in a numeric form. This form includes the number's 0 to 9, and the letters A to F.

Hex is a number base, not a code.  It is also not way "way to express data in a numeric form", it's just a number base.  String are actually a way of expressing numbers in such a way that they can be translated into languages.

[shadypalm88]

I think this is a useful document.  I'm in the process of converting it to HTML format and editing it to add more background information.  You can see how it's coming along at this site.  Comments, suggestions, and corrections are welcome.

[Insolence]

I read it, seems pretty decent.

Although I'd REALLY like a tutorial on how to connect to b.net via C#

[Networks]

I read it, seems pretty decent.

Although I'd REALLY like a tutorial on how to connect to b.net via C#

It's called MSDN or Google!

[Insolence]

I read it, seems pretty decent.

Although I'd REALLY like a tutorial on how to connect to b.net via C#

It's called MSDN or Google!

You're a wealth of information.

[Warrior]

Don't know if that was sarcastic or not, I'd imagine the same way you'd do it for any other language?
Connect Send/Recieve data in a special order in thier special format and BAM you're connected.

Of course I'm being extremely broad here.

[R.a.B.B.i.T]

I think this is a useful document.  I'm in the process of converting it to HTML format and editing it to add more background information.  You can see how it's coming along at this site.  Comments, suggestions, and corrections are welcome.

You're part about xWORDS is incorrect.  The size of a WORD depends on the system.  The size you have them listed as is for a 16-bit system, which is probably not used anymore.  You should fix that.

Also, you just blurt out ASCII with no reference or description of what it is (which is the nature of the document)

[Kp]

I read it, seems pretty decent.Although I'd REALLY like a tutorial on how to connect to b.net via C#

It's called MSDN or Google!

You're a wealth of information.

Your insolence toward more senior members will not be tolerated much longer.

[shadypalm88]

I think this is a useful document.  I'm in the process of converting it to HTML format and editing it to add more background information.  You can see how it's coming along at this site.  Comments, suggestions, and corrections are welcome.

You're part about xWORDS is incorrect.  The size of a WORD depends on the system.  The size you have them listed as is for a 16-bit system, which is probably not used anymore.  You should fix that.

True, but that's the convention normally used here.  I should probably explain that better.

Also, you just blurt out ASCII with no reference or description of what it is (which is the nature of the document)

Where do I do that?  I do explain that it's a character encoding, and what that is; I'm not sure what else you mean.

[LivedKrad]

I read it, seems pretty decent.Although I'd REALLY like a tutorial on how to connect to b.net via C#

It's called MSDN or Google!

You're a wealth of information.

Your insolence toward more senior members will not be tolerated much longer.

Boss man's comin' down on you. Long time no speak, Kp!
To stay on topic, I think it's a nicely done document, and I look forward to shadypalm's editing and republishing. Who knows, if acceptable it may appear on BnetDocs!

[Archangel]

Nice documentation , i read it and its understandable.


[Opinion/Question]
Why do people always answer "Google"? its better to give usefull links to the documentation, that way this forum will just not have google links.

[LivedKrad]

Why waste your own time looking up a page that is probably within the top ten results of Google.com for someone else? That not only puts a burden on you, but makes the person lazy and dependent.