• Welcome to Valhalla Legends Archive.
 

I need help decompressing D2 packets

Started by Juniper, March 14, 2006, 04:26 AM

Previous topic - Next topic
Print
|
Go Down Pages 1 2 3 4
User actions

Juniper

#45
June 14, 2006, 10:25 AM
Quote from: Ringo on June 14, 2006, 05:34 AM
Quote from: Juniper on June 12, 2006, 04:03 PM
Code Select
[DECODE] [DEBUG] Was passed array 'f2 05 04 60 c8 3f 07 02 8b 30 4c 6a 3e 1b 2d 35 0d c2 a6 08 5c 19 07 e0 e0 51 48 ac 35 ba b0 64 1f 83 81 44 c0 13 1a 8f 86 da 0c 2f 05 e1 e0 32 00 a2 c8 0b 1e 1c 1a 52 08 81 a0 65 2f b8 56 35 04 06 cf 4a 2c d8 2f 05 c7 0c 00 28 64 31 00 ce 1a 52 41 82 f1 dc 77 70 72 6a 09 cd 9e 94 59 b0 5e 0b 63 c0 5c 46 31 98 8f 30 07 1f 7f ff ff ff c0 19 52 08 81 a0 65 2f b8 53 35 03 c6 cf 4a 2c d8 2f 05 a7 0b 28 c6 23 13 ee 11 52 14 00 50 e6 5d 70 94 6a 0d 0d 9e 94 79 94 80 09 04 10 a0 02 87 32 e9 2c 67 44 b4 fa d4 0b a2 5a 7c 05 20 5d 12 d3 e5 c4 0b a4 70 d6 09 82 88 30 48 e1 a8 0c 03 41 71 23 86 71 40 77 04 c9 1c 31 83 40 5c 04 61 40 05 0e 65 d2 a3 86 53 50 6a 6c b4 8e 03 cf 9d 8f fc 89 01 a0 7c 5c 30 04 2e 14 00 50 e6 5d 0e 43 f1 15 6a 20 f9 21 1a 52 08 83 f0 dc 86 70 60 6a 05 4d 9e 94 59 b0 5e 0b 0e 44 00 a0 06 62 bb 80 10 52 08 81 a0 65 2f b9 10 6a 06 cd 9e 94 59 b0 0f 2e 83 20 0e 18 09 c3 a2 d1 28 79 09 0b e0 10 52 08 81 a0 65 2f b9 0e 6a 07 8d 9e 94 59 b0 10 52 41 82 f1 dc 77 70 74 6a 0a 8d 9e 94 59 b0 23 03 f0 a0 02 87 32 e9 a9 2c 36 1d 90 03 12 20 33 03 d2 28 e8 ba 0c 80 38 5c 27 0e 8b 44 a1 e4 24 2f 80 10 52 0d 8b ad 81 47 0a 86 a0 6c d9 e9 45 9b 00 34 02 b3 63 46 c1 68 5e 18 0d 0e c8 08 ca 64 25 8f 21 21 74 a2 1a 14 0a c8 30 5e 3b 8e e8 c1 d1 a8 2a 36 4a 94 d6 14 00 50 e6 1a 58 14 00 50 e6 5d 09 46 a0 d0 d9 69 74 19 80 70 c4 4e 1d 16 89 43 c8 48 5f 10 52 08 83 f0 dc 86 70 5e 6a 05 4d 9e 94 59 b0 10 52 0d 8b ad 81 47 0a 46 a0 70 d9 e9 45 9b 00 10 52 08 81 a0 65 2f b9 10 6a 08 4d 9e 94 59 b0 1f 52 14 00 50 e6 5d 72 18 d4 0f 1b 3d' for processing
I think your compression buffer is broken, because the message is only 106 bytes long, followed by a singlely compressed ping responce (07 1f 7f ff ff ff c0).
So i would say that F2 05 is part of a broken compressed packet. (check your recv buffer, that handles incoming data from the socket)

[EDIT]:
eh, i think your compressed data (quoted data), is currrupt through out.

You believe the data I'm giving the script is wrong/curropted?
Right now I'm passing onto the script the packets I get from tcpdump, I then strip them from their IP and TCP headers and process the data as mentioned above.

I've decided I'm going to post my original capture file.
The capture file can be found at: http://www.box.net/public/eg7dxlfbv6
If someone could decode/decompress this then I believe I'll be able to track down my problem and figure out why I'm not processing the input correctly.

Could someone *please* decode/decompress the capture file I'm posting and post/pm me back the result - I'll greatly appreciate it.

Thanks,
J

Juniper

#46
June 21, 2006, 04:57 AM Last Edit: June 22, 2006, 02:57 AM by Juniper
Alright, I'm on the brink of despair.

I must have checked my input and decode functions a dozen times, I used both ethereal and tcpdump and I cannot see anything wrong with my input. As far as I know, I'm passing on the data correctly, as opposed to what Ringo suggested earlier. I'm not saying Ringo is wrong, I'm just saying that I cannot see anything wrong with the data I'm handling.
I also read every possible post/thread relater to this subject of decompressing/parsing incoming packets.

Like I said in my previous post, I posted my capture file from tcpdump (it's filtered to only show S->C packets, because that's what I'm having problems with). It can be opened with ethereal too ofcourse.
I asked if someone could please grab the file and run it through thier decoder. No one did, so far.

Can someone please, pretty please (with a bit of sugar on topĀ  :) ) decode that file for me and post here, or send me even a pm with the result?

Thanks,
J

EDIT: Ringo solved my problem! it seems my tcpdump snaplen was wrong and I wasn't capturing the entire packet, but only 68 bytes of it, which it tcpdump's default.
Thanks again Ringo![/b]

MyndFyre

#47
June 25, 2006, 05:21 PM
So, were you not debugging in a way that would make that clear to you?  Or was this problem entirely unrelated to actually programming a bot?
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Juniper

#48
June 25, 2006, 06:32 PM
I just didn't even consider the possibility that I wasn't capturing the entire packet. I was unaware of the snaplen variable and once Ringo pointed me in the direction that my input might be bad, well, I just focused on that and with some help saw the problem.

J
Print
|
Go Up Pages 1 2 3 4
User actions