• Welcome to Valhalla Legends Archive.
 

Starting over...

Started by Smarter, September 24, 2007, 06:25 AM

Previous topic - Next topic

Smarter

Well, again I have disappeared and returned to Battle.Net, and Battle.Net related programming.. and instead of randomly diving head first into random sections of it, I decided I would start over, and go with the basics, I am looking to fully understand the Connection Sequence, instead of just implementing it, so I was wondering if anyone could point me in the direction of some helpful documents? :-D (Also, I plan to make step by step projects in C#, that I will release public for anyone else interested in learning, fully commented/documented ;)).

Edit:

Well, after doing alittle searching on my own, I stumbled onto the "new" bnetdocs, and looked at their logon sequence listed:

SEND -> SID_AUTH_INFO (0x50)
RECV SID_AUTH_CHECK (0x51)
RECV SID_LOGONRESPONSE (0x29)
RECV SID_UDPPINGRESPONSE (0x14) [SEXP/STAR/W2BN]
SEND -> SID_ENTERCHAT (0x0A)

Isn't that a bit inaccurate? Wouldn't it be more accurately:

SEND -> SID_AUTH_INFO (0x50)
RECV SID_AUTH_INFO (0x50)
SEND -> SID_AUTH_CHECK (0x51)
RECV SID_AUTH_CHECK (0x51)
RECV SID_LOGONRESPONSE (0x29)
RECV SID_UDPPINGRESPONSE (0x14) [SEXP/STAR/W2BN]
SEND -> SID_ENTERCHAT (0x0A)

Maybe instead of linking me, someone could very simply layout the basic connection sequence on a Diablo II connection, using BNLS?
Since '99

BrutalNet.Net

Yegg

You send and receive the same Battle.net packets when you're using BNLS. You just have BNLS tell you what to send for whatever Battle.net packets you don't want to do the work for (cdkey decoding, hashing, etc.). Look over the list of BNLS packets. You probably won't even need to use many of them. IMO, the packets for decoding, hashing, and checkversion are the most important one's and the rest probably won't need to be used.

Smarter

Yeah, as usual I took it upon my self to do some research, and have setup my method of connecting so far:
Get VerBytes:

BNLS -> C > S: BNLS_REQUESTVERSIONBYTE (0x10) (#define PRODUCT_DIABLO2 (0x04))
BNLS <- S > C: BNLS_REQUESTVERSIONBYTE (0x10)

Start Connection:
BNCS -> C > S: 0x01 (Protocol Byte)
BNCS -> C > S: BNCS_SID_AUTH_INFO (0x50)
BNCS <- S > C: BNCS_SID_AUTH_INFO (0x50)
BNLS -> C > S: BNLS_CDKEY_EX (0x0c)
BNLS <- S > C: BNLS_CDKEY_EX (0x0c)
BNLS -> C > S: BNLS_VERSIONCHECKEX (0x18)
BNLS <- S > C: BNLS_VERSIONCHECKEX (0x18)
BNCS -> C > S: BNCS_SID_AUTH_CHECK (0x51)
BNCS <- S > C: BNCS_SID_AUTH_CHECK (0x51)

Right now i'm in the process of just doing a normal D2DV Connection, so I'd actually be using BNLS_CDKEY (0x01), but that's as far as i've gotten, as I got stupped as to how to read a BOOL, then realized it's still sent as a DWORD, so I just haven't gotten around to continuing from there.
Since '99

BrutalNet.Net

Camel

You should use BNLS_VERSIONCHECKEX2, so that you can support lockdown.

MysT_DooM

on a side note, you shud use 0x3A instead of the old 0x29 since its wat the client uses now and youll get more responce msgs from it


vb6, something about that combination of numbers and letters is sexy

Yegg

I don't have time to check it out at the moment, but does/will BNLS support lockdown?

Don Cullen

Yes, it supports lockdown.
Regards,
Don
-------

Don't wonder why people suddenly are hostile when you treat them the way they shouldn't be- it's called 'Mutual Respect'.

Barabajagal

Both BNLS and JBLS support lockdown using packet 3A. The new BNETDocs packet sequences are not yet corrected (I'll get around to it some time).

Camel

Quote from: MysT_DooM on September 24, 2007, 12:32 PM
on a side note, you shud use 0x3A instead of the old 0x29 since its wat the client uses now and youll get more responce msgs from it

Quote from: Andy on September 24, 2007, 02:05 PM
Both BNLS and JBLS support lockdown using packet 3A. The new BNETDocs packet sequences are not yet corrected (I'll get around to it some time).

BNLS_VERSIONCHECKEX2 is 0x1A, not 0x3A

Barabajagal


Smarter

I seem to be having trouble....heres a packet log from ethereal:

No.     Time        Source                Destination           Protocol Info
      1 0.000000    172.*.*.*       64.183.189.104        TCP      1157 > 9367 [SYN] Seq=0 Len=0 MSS=1460

0000  bc 85 20 00 01 00 01 00 01 00 00 00 08 00 45 00   .. ...........E.
0010  00 30 0b c2 40 00 80 06 e6 49 ac a8 5d f4 40 b7   [email protected]..].@.
0020  bd 68 04 85 24 97 a3 5f 6d 13 00 00 00 00 70 02   .h..$.._m.....p.
0030  40 00 00 d4 00 00 02 04 05 b4 01 01 04 02         @.............

No.     Time        Source                Destination           Protocol Info
      2 0.610351    64.183.189.104        172.*.*.*       TCP      9367 > 1157 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1360

0000  01 00 01 00 00 00 bc 85 20 00 01 00 08 00 45 00   ........ .....E.
0010  00 30 7b e3 00 00 70 06 c6 28 40 b7 bd 68 ac a8   .0{...p..(@..h..
0020  5d f4 24 97 04 85 f1 cb e0 88 a3 5f 6d 14 70 12   ].$........_m.p.
0030  40 00 2e d2 00 00 02 04 05 50 01 01 04 02         @........P....

No.     Time        Source                Destination           Protocol Info
      3 0.610351    172.*.*.*       64.183.189.104        TCP      1157 > 9367 [ACK] Seq=1 Ack=1 Win=17680 Len=0

0000  bc 85 20 00 01 00 01 00 01 00 00 00 08 00 45 00   .. ...........E.
0010  00 28 0b c3 40 00 80 06 e6 50 ac a8 5d f4 40 b7   .([email protected]..].@.
0020  bd 68 04 85 24 97 a3 5f 6d 14 f1 cb e0 89 50 10   .h..$.._m.....P.
0030  45 10 56 22 00 00                                 E.V"..

No.     Time        Source                Destination           Protocol Info
      4 0.653320    172.*.*.*       64.183.189.104        TCP      [TCP segment of a reassembled PDU]

0000  bc 85 20 00 01 00 01 00 01 00 00 00 08 00 45 00   .. ...........E.
0010  00 30 0b c4 40 00 80 06 e6 47 ac a8 5d f4 40 b7   [email protected]..].@.
0020  bd 68 04 85 24 97 a3 5f 6d 14 f1 cb e0 89 50 18   .h..$.._m.....P.
0030  45 10 a2 a0 00 00 ff 10 08 00 34 30 78 30         E.........40x0

No.     Time        Source                Destination           Protocol Info
      5 0.664062    172.*.*.*       63.240.202.139        TCP      1158 > 6112 [SYN] Seq=0 Len=0 MSS=1460

0000  bc 85 20 00 01 00 01 00 01 00 00 00 08 00 45 00   .. ...........E.
0010  00 30 0b c5 40 00 80 06 d9 ea ac a8 5d f4 3f f0   .0..@.......].?.
0020  ca 8b 04 86 17 e0 ab 66 63 79 00 00 00 00 70 02   .......fcy....p.
0030  40 00 02 c1 00 00 02 04 05 b4 01 01 04 02         @.............

No.     Time        Source                Destination           Protocol Info
      6 1.110351    63.240.202.139        172.*.*.*       TCP      6112 > 1158 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1360

0000  01 00 01 00 00 00 bc 85 20 00 01 00 08 00 45 00   ........ .....E.
0010  00 30 ff f0 00 00 75 06 30 bf 3f f0 ca 8b ac a8   .0....u.0.?.....
0020  5d f4 17 e0 04 86 8b 5c c4 12 ab 66 63 7a 70 12   ]......\...fczp.
0030  ff ff f3 a4 00 00 02 04 05 50 01 01 04 02         .........P....

No.     Time        Source                Destination           Protocol Info
      7 1.110351    172.*.*.*       63.240.202.139        TCP      1158 > 6112 [ACK] Seq=1 Ack=1 Win=17680 Len=0

0000  bc 85 20 00 01 00 01 00 01 00 00 00 08 00 45 00   .. ...........E.
0010  00 28 0b c6 40 00 80 06 d9 f1 ac a8 5d f4 3f f0   .(..@.......].?.
0020  ca 8b 04 86 17 e0 ab 66 63 7a 8b 5c c4 13 50 10   .......fcz.\..P.
0030  45 10 da f4 00 00                                 E.....

No.     Time        Source                Destination           Protocol Info
      8 1.110351    64.183.189.104        172.*.*.*       TCP      9367 > 1157 [FIN, ACK] Seq=1 Ack=9 Win=65527 Len=0

0000  01 00 01 00 00 00 bc 85 20 00 01 00 08 00 45 00   ........ .....E.
0010  00 28 7b e6 40 00 70 06 86 2d 40 b7 bd 68 ac a8   .({[email protected]@..h..
0020  5d f4 24 97 04 85 f1 cb e0 89 a3 5f 6d 1c 50 11   ].$........_m.P.
0030  ff f7 9b 31 00 00                                 ...1..

No.     Time        Source                Destination           Protocol Info
      9 1.110351    172.*.*.*       64.183.189.104        TCP      1157 > 9367 [ACK] Seq=9 Ack=2 Win=17680 Len=0

0000  bc 85 20 00 01 00 01 00 01 00 00 00 08 00 45 00   .. ...........E.
0010  00 28 0b c7 40 00 80 06 e6 4c ac a8 5d f4 40 b7   .([email protected]..].@.
0020  bd 68 04 85 24 97 a3 5f 6d 1c f1 cb e0 8a 50 10   .h..$.._m.....P.
0030  45 10 56 19 00 00                                 E.V...

.... I'm not exactly sure what is going wrong, but my program doesn't notice any of the recieves...
Since '99

BrutalNet.Net

Hdx

You're not sending anything.
make sure to alw2ays use the filter tcp.len > 0
~Hdx

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Barabajagal

Also, in etheral, use the TCP Stream Follower. It makes reading packets so much easier.

Smarter

Well, I found out I was sending the packet in the wrong format, was sending it in BNCS Format to BNLS, so this is my new packet construction:

            if (bnls.IsConnected)
            {
                DataBuffer send0x10 = new DataBuffer();
                int Length = 0;
                send0x10.InsertInt16(Convert.ToInt16(Length)); //Message Size + Header.
                send0x10.InsertByte((byte)BNLSPacketId.BNLS_REQUESTVERSIONBYTE);
                send0x10.InsertByte(0x04);
                bnls.BeginListener();
                Length = send0x10.Count;
                bnls.SendData(send0x10.GetData());
            }


However, i'm not sure how to get the size of a packet, before it's made, so I attempted it this way.... and here's my new dump (Thx for the help with ethereal):

0000  bc 85 20 00 01 00 01 00  01 00 00 00 08 00 45 00   .. ..... ......E.
0010  00 2c 14 4b 40 00 80 06  dd c4 ac a8 5d f4 40 b7   .,.K@... ....].@.
0020  bd 68 04 d2 24 97 c3 d6  d0 fd 51 3a 60 1e 50 18   .h..$... ..Q:`.P.
0030  45 10 e2 61 00 00 00 00  10 04                     E..a.... ..     

.... 00 00  10 04                     E..a.... ..      : Doesn't look correct to me.... someone help please :'(.
Since '99

BrutalNet.Net

Hdx

#14
You're inserting length before you are setting its value. So its always 0.
Anyways. What language you working in.
Someone has got to have A Packet buffer with a BNLS headder function
But for 0x10 it should be 7
(WORD) Length - 2 bytes
(BYTE) ID - 1 byte
(DWORD) Product ID - 4 bytes
4+1+2=7

Also, if you're logging your own bot. http://wpepro.net/ thats a good packetlogger. Nice and simple, intuitive to use.
~Hdx

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status