SCGP (Starcraft Game Protocol) Spec

[xpeh]

All 3.

So, i got some suggestions.

There are at least 3 packet identifier fields - first dword is not always 0, and your so-called "command" and "type" (i would perefer calling it type and subtype, if you don't suggest other, like in 802.11)

Type 2 subtype 5 (scgp_none) - imho it have to be called scgp_syncronize, because if you dont continiously anwer this packets, you get dropped. If you answer these packets, but don't answer others, host in game you joined is able to start game, then after some time he'll get the drop window and is unable to press drop button, as assumed by Python_Max, unless he disconnects from internet.

Maybe this is the reason because my simple bot didn't work - i didn't parsed these packets, and i wasn't showed in lobby.

Do you actually want to upload it to bnetdocs?

[Ringo]

There are at least 3 packet identifier fields - first dword is not always 0

If the 1st dword is not zero, then it's not a SCGP packet.

Type 2 subtype 5 (scgp_none) - imho it have to be called scgp_syncronize, because if you dont continiously anwer this packets, you get dropped. If you answer these packets, but don't answer others, host in game you joined is able to start game, then after some time he'll get the drop window and is unable to press drop button, as assumed by Python_Max, unless he disconnects from internet.

I'm not to sure what you mean, or getting at here.
You don't send type/command 2, packet id 5, ingame.
It's sent only in the game room, when there is no other data in the que buffer.
There is no "answer" to it.
Once the game starts and gets going tho, iirc, the client sends 0x37 each *beat*.
You can however, send them once the game starts, if you're a bot and Just want to idle through the game.

[xpeh]

There are at least 3 packet identifier fields - first dword is not always 0

If the 1st dword is not zero, then it's not a SCGP packet.

Then what kind of packet are they? They still exist.

Type 2 subtype 5 (scgp_none) - imho it have to be called scgp_syncronize, because if you dont continiously anwer this packets, you get dropped. If you answer these packets, but don't answer others, host in game you joined is able to start game, then after some time he'll get the drop window and is unable to press drop button, as assumed by Python_Max, unless he disconnects from internet.

I'm not to sure what you mean, or getting at here.
You don't send type/command 2, packet id 5, ingame.
It's sent only in the game room, when there is no other data in the que buffer.
There is no "answer" to it.
Once the game starts and gets going tho, iirc, the client sends 0x37 each *beat*.
You can however, send them once the game starts, if you're a bot and Just want to idle through the game.

It doesn't happen - AFAIR game client got a "drop" window very soon. I "played" 1x1 with your bot.

As i saw in sniffer log, client always answer to it with scgp_none with corresponding counters, at least in lobby.

Also, how many different counters are there? At least type 0 and type 2 have different one.

What is iirc?



What do i make wrong?

Code Select Expand

                                                         #  sentctr    rcvdctr
my $sc_hz      =       "\x03\x00\x00\x00\x00\x00\x00\x00";
                      # |   unknown     |chksum | length | sentctr  | rcvdctr    |cmd|typ|plr|sts|
my $sc_requestjoin =   "\x00\x00\x00\x00\x28\xC4\x10\x00"."\x00\x00"."\x01\x00"."\x00\x01\xFF\x00\x01\x00\x00\x00";

my $sc_requestjoin2 =  "\x00\x00\x00\x00\x40\xA8\x10\x00"."\x01\x00"."\x02\x00"."\x00\x03\xFF\x00\x01\x00\x00\x00";
my $sc_enter =
                       "\x00\x00\x00\x00\xF4\xED\x35\x00"."\x02\x00"."\x02\x00"."\x00\x07\xFF\x00".
                       "nick\0".
                       "PXES 1038 0 157 0 0 1038 0 0 PXES\0\0";

my $sc_pong =          "\x00\x00\x00\x00\x69\x7A\x0C\x00"."\x03\x00"."\x07\x00"."#\x00\x05\x01\x00";

# now send it all in this order

swrite($sc_hz);
swrite($sc_requestjoin);
swrite($sc_requestjoin);
swrite($sc_requestjoin);
swrite($sc_requestjoin2);
swrite($sc_enter);
swrite($sc_pong);



The game client doesn't see me.


What means verification flag?


Btw, i don't see any bbcodes panel here.

[Ringo]

Then what kind of packet are they? They still exist.

Yes, but they are not SCGP packets.
They should be listed on bnet docs.

It doesn't happen - AFAIR game client got a "drop" window very soon. I "played" 1x1 with your bot.

As i saw in sniffer log, client always answer to it with scgp_none with corresponding counters, at least in lobby.

Also, how many different counters are there? At least type 0 and type 2 have different one.

What is iirc?

Starting agame (melee, anyway) works fine with this SCGP bot for me.
But like i've said, command 2, packet 5 is not used out side of the game room.
Command 2 packets do not get responded to.
Each player sends any packets qued in their buffer every 250ms in the game room, and about 219ms once the game has started.
If you do have to respond to anything, you simply add the responce to you're command 2 send buffer, so it can be sent next time around.
When that time comes, in the game room, if there is no data in the command 2 send buffer, you send 0x05.

Theres a count for each packet command, for each player.
Command 2, you will probly notice, the counts need to be in synq with all other players.
Thats why all players are pretty much on the same command 2 counts. (or should be, at least)

The game client doesn't see me.


What means verification flag?

Because you're not fully joining the game.
From what I can see, you are sending enough infomation to get the game room data -- that is when you actualy join the game.

Pretty sure i've said what the verification flag is used for (if you're talking about what I think you're talking about)

[xpeh]

Then what kind of packet are they? They still exist.

Yes, but they are not SCGP packets.
They should be listed on bnet docs.

Are they? I haven't seen any SC protocol info.

When that time comes, in the game room, if there is no data in the command 2 send buffer, you send 0x05.

So this is not a "nop" command,  that can be just ignored, like SID_PING. So it can be called SCGP_LOBBYSYNC or something else.

The game client doesn't see me.


What means verification flag?

Because you're not fully joining the game.
From what I can see, you are sending enough infomation to get the game room data -- that is when you actualy join the game.

So why it doesn't work?

Pretty sure i've said what the verification flag is used for (if you're talking about what I think you're talking about)

Decypher pls.

[Ringo]

Are they? I haven't seen any SC protocol info.

They are used by all UDP battle.net clients iirc. (if I recall)

So this is not a "nop" command,  that can be just ignored, like SID_PING. So it can be called SCGP_LOBBYSYNC or something else.

Like SID_NULL would be a better example, hence why I called it SCGP_NULL or w/e I called it. (Does it really matter, or are you just trolling?)

Because you're not fully joining the game.
From what I can see, you are sending enough infomation to get the game room data -- that is when you actualy join the game.

So why it doesn't work?

I just told you.. you're only sending the 1st few packets, to get the game room infomation.
Thats like BNCS 0x50.
Now you actualy have to join the game (see clsSCGP.txt, or a packet log of starcraft)

Pretty sure i've said what the verification flag is used for (if you're talking about what I think you're talking about)

Decypher pls.

UDP is lossy, clients need to verify counts.
If you mean the status value, being 0x01, then it verifys packet counts.
It's only used in command 0x00/0x01 protocol iirc.

[xpeh]

Like SID_NULL would be a better example, hence why I called it SCGP_NULL or w/e I called it. (Does it really matter, or are you just trolling?)

Maybe you are just not interested in good protocol documentation? It were nice if the name of packet shows its meaning.
Afaik SID_NULL can be just ignored, can it? And you don't need syncronisation on BNET protocol.

I just told you.. you're only sending the 1st few packets, to get the game room infomation.
Thats like BNCS 0x50.
Now you actualy have to join the game (see clsSCGP.txt, or a packet log of starcraft)

126 kb vbasic code.. No thx.
I send SCGP_ENTER, is it not enough? As it's name says, it must enter a game, no?

UDP is lossy, clients need to verify counts.
If you mean the status value, being 0x01, then it verifys packet counts.
It's only used in command 0x00/0x01 protocol iirc.

So how it acts exactly?


And what the hell is iirc?

[MysT_DooM]

Dunno if you checked these links out, but they might help
http://forum.valhallalegends.com/index.php?topic=12107.0
http://www.darkblizz.org/Forum/index.php?topic=40.0

[Ringo]

Maybe you are just not interested in good protocol documentation? It were nice if the name of packet shows its meaning.
Afaik SID_NULL can be just ignored, can it? And you don't need syncronisation on BNET protocol.

I really don't get what you find so hard to undertand.
type 2, packet 5 has nothing to do at all, with sync, as stated a number of times already.
like SID_NULL, it can be ignored.
If you don't understand what the packet does based on its name, read the description.
This is nothing more than a simple guildline for packets and their descriptions.

126 kb vbasic code.. No thx.

If you're not willing to read the code I released, or compare the documentation with packet logs, then gtfo.

UDP is lossy, clients need to verify counts.
If you mean the status value, being 0x01, then it verifys packet counts.
It's only used in command 0x00/0x01 protocol iirc.

So how it acts exactly?

Es verifys Paket zählt.
Schauen Sie einfach in ein Paket anmelden, um zu sehen, wie.
Aber wenn Sie wissen, etwas über das Protokoll an alle, werden Sie wissen, gibt es nur einen Weg, das ist möglich.

[xpeh]

Maybe you are just not interested in good protocol documentation? It were nice if the name of packet shows its meaning.
Afaik SID_NULL can be just ignored, can it? And you don't need syncronisation on BNET protocol.

I really don't get what you find so hard to undertand.
type 2, packet 5 has nothing to do at all, with sync, as stated a number of times already.
like SID_NULL, it can be ignored.
If you don't understand what the packet does based on its name, read the description.
This is nothing more than a simple guildline for packets and their descriptions.

I haven't thought that it can be ignored. Are you really sure it can?

126 kb vbasic code.. No thx.

If you're not willing to read the code I released, or compare the documentation with packet logs, then gtfo.

So i showed you my packets, why don't it work? I see, you don't really want to help.

Es verifys Paket zählt.
Schauen Sie einfach in ein Paket anmelden, um zu sehen, wie.
Aber wenn Sie wissen, etwas über das Protokoll an alle, werden Sie wissen, gibt es nur einen Weg, das ist möglich.

It verifys packet counts.
Just look at a package Sign in to see how.
But if you know anything about the protocol at all, you know, there is only one way, it is possible.
--
It verifys packet count.
Log in to see if we look at the package.
However, if you know of all the agreements, you know, there is only one way, this is possible.

[Ringo]

Is this some lame attempt of getting me to answer the same questions over and over
I even translated an answer to german, since its possible you simply don't understand english.

So i showed you my packets, why don't it work? I see, you don't really want to help.

I see you don't really want to listen, I've told you at least 2 times why and you're still asking me why it doesn't work.

Troll much?

[xpeh]

Since you probably don't know any other language, please notice: don't use google translate unless you are really sure that it prodces good readable output.

The only thing you answered is to read sniffer output (you mean i didn't?) or to read vbasic code (i'm not a VB user, as you obviously know).

I think you are the troll of us 2.

[Ringo]

The only thing you answered is to read sniffer output (you mean i didn't?) or to read vbasic code (i'm not a VB user, as you obviously know).

Yes, i've told you (and now telling you again), what you were sending, was only the start, there is much more to send.
To see what else is sent, you need to review some packet logs.
If you don't understand any packets you are seeing, read the protocol spec, posted in this topic, for a description of each packet.
It will soon become clear what is sent in responce to what, etc.

I think you are the troll of us 2.

I acutaly lol'ed at this.



Since there is small chance, you are not trolling, let me brake down a packet dumb for you;
Note, this is a 1.11 or 1.12 packet dump, but shouldn't make any differnce.

Code Select Expand


14  :0  192.168.0.4:6112  20  RecvFrom 
0000  00 00 00 00 28 C4 10 00 00 00 01 00 00 01 FF 00    ....(...........
0010  01 00 00 00                                        ....

15  192.168.0.4:6112  :0  20  SendTo 
0000  00 00 00 00 33 B7 10 00 01 00 01 00 00 02 00 00    ....3...........
0010  01 00 00 00                                        ....

16  :0  192.168.0.4:6112  20  RecvFrom 
0000  00 00 00 00 28 C4 10 00 00 00 01 00 00 01 FF 00    ....(...........
0010  01 00 00 00                                        ....

17  :0  192.168.0.4:6112  20  RecvFrom 
0000  00 00 00 00 28 C4 10 00 00 00 01 00 00 01 FF 00    ....(...........
0010  01 00 00 00                                        ....

18  :0  192.168.0.4:6112  20  RecvFrom 
0000  00 00 00 00 40 A8 10 00 01 00 02 00 00 03 FF 00    ....@...........
0010  01 00 00 00                                        ....

19  :0  192.168.0.4:6112  57  RecvFrom 
0000  00 00 00 00 7E 9D 35 00 02 00 02 00 00 07 FF 00    ....~.5.........
0010  54 65 63 68 48 65 6C 70 65 72 00 50 58 45 53 20    TechHelper.PXES
0020  30 20 30 20 30 20 30 20 30 20 30 20 30 20 30 20    0 0 0 0 0 0 0 0
0030  50 58 45 53 00 31 32 33 00                         PXES.123.

A client is requesting to join the game.

Code Select Expand


21  192.168.0.4:6112  :0  98  SendTo 
0000  00 00 00 00 71 17 5E 00 02 00 03 00 00 08 00 00    ....q.^.........
0010  01 00 00 00 08 00 00 00 1F 00 00 00 05 00 00 00    ................
0020  07 00 00 00 62 62 6E 31 32 33 00 2C 2C 2C 36 2C    ....bbn123.,,,6,
0030  31 2C 32 2C 2C 31 2C 61 66 35 36 35 63 39 2C 34    1,2,,1,af565c9,4
0040  2C 2C 42 65 74 61 2D 50 6C 6F 67 67 65 72 0D 47    ,,Beta-Plogger.G
0050  72 65 65 6E 20 56 61 6C 6C 65 79 73 0D 00 31 32    reen Valleys..12
0060  33 00                                              3.

22  192.168.0.4:6112  :0  66  SendTo 
0000  00 00 00 00 22 C3 3E 00 03 00 03 00 00 06 00 00    ....".>.........
0010  32 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00    2...............
0020  1F 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00    ................
0030  00 00 00 00 42 65 74 61 2D 50 6C 6F 67 67 65 72    ....Beta-Plogger
0040  00 00                                              ..

23  192.168.0.4:6112  :0  20  SendTo 
0000  00 00 00 00 A3 36 10 00 04 00 03 00 00 0F 00 00    .....6..........
0010  00 00 00 00                                        ....

24  192.168.0.4:6112  :0  48  SendTo 
0000  00 00 00 00 78 09 2C 00 05 00 03 00 00 09 00 00    ....x.,.........
0010  02 00 01 00 00 00 00 00 01 01 01 02 02 00 03 01    ................
0020  00 01 00 00 00 00 00 32 00 00 00 00 00 00 00 00    .......2........

The host sends that player the game infomation, like who else is in the game.

Code Select Expand


25  192.168.0.4:6112  :0  17  SendTo 
0000  00 00 00 00 45 6A 0D 00 1D 00 1F 00 02 00 00 00    ....Ej..........
0010  05                                                 .

26  192.168.0.4:6112  :0  17  SendTo 
0000  00 00 00 00 48 66 0D 00 1E 00 1F 00 02 00 00 00    ....Hf..........
0010  05                                                 .

27  192.168.0.4:6112  :0  16  SendTo 
0000  00 00 00 00 4D 99 0C 00 06 00 03 00 00 04 00 00    ....M...........

29  192.168.0.4:6112  :0  17  SendTo 
0000  00 00 00 00 4B 62 0D 00 1F 00 1F 00 02 00 00 00    ....Kb..........
0010  05                                                 .

The host also starts up the command 2 stream with that player, and sends a command 0 ping packet (0x04)

Code Select Expand


30  :0  192.168.0.4:6112  16  RecvFrom 
0000  00 00 00 00 69 7A 0C 00 03 00 07 00 00 05 01 00    ....iz..........

The player answers the ping with a pong.

Code Select Expand


32  :0  192.168.0.4:6112  16  RecvFrom 
0000  00 00 00 00 64 7F 0C 00 04 00 07 00 00 04 01 00    ....d...........

The player also now sends a ping to the host

Code Select Expand


33  192.168.0.4:6112  :0  16  SendTo 
0000  00 00 00 00 62 80 0C 00 07 00 05 00 00 05 00 00    ....b...........

The host answers the ping, with a pong.

Code Select Expand


34  :0  192.168.0.4:6112  17  RecvFrom 
0000  00 00 00 00 59 52 0D 00 1F 00 20 00 02 00 01 00    ....YR.... .....
0010  05                                                 .

35  :0  192.168.0.4:6112  17  RecvFrom 
0000  00 00 00 00 5C 4E 0D 00 20 00 20 00 02 00 01 00    ....\N.. . .....
0010  05                                                 .

The player also now starts streaming with the host/other players

Code Select Expand


36  192.168.0.4:6112  :0  79  SendTo 
0000  00 00 00 00 F8 C8 4B 00 00 00 00 00 01 00 00 00    ......K.........
0010  4A 04 00 00 01 00 01 06 06 06 06 06 06 06 06 00    J...............
0020  00 00 00 06 06 06 06 06 06 06 06 00 00 00 00 06    ................
0030  06 06 06 06 06 06 06 00 00 00 00 01 01 01 01 01    ................
0040  01 01 01 01 00 00 00 01 01 01 01 01 01 01 01       ...............

37  192.168.0.4:6112  :0  17  SendTo 
0000  00 00 00 00 8A 16 0D 00 01 00 00 00 01 00 00 00    ................
0010  50                                                 P

The host now sends that player infomation about the game room settings etc.

Code Select Expand


42  :0  192.168.0.4:6112  16  RecvFrom 
0000  00 00 00 00 5F 82 0C 00 08 00 08 00 00 00 01 01    ...._...........

44  :0  192.168.0.4:6112  16  RecvFrom 
0000  00 00 00 00 36 B6 0C 00 02 00 02 00 01 00 01 01    ....6...........

The client now verifys their command 0 and command 1 counts, to see if all packets got through/any need to be resent.

Code Select Expand


45  :0  192.168.0.4:6112  34  RecvFrom 
0000  00 00 00 00 12 33 1E 00 23 00 23 00 02 00 01 00    .....3..#.#.....
0010  40 00 00 00 00 00 00 00 00 01 00 05 00 00 8A D7    @...............
0020  9F 0B                                              ..

The player now sends command 2, packet 0x40.
You will see after looking at a few packet logs, this is infact triggerd by the command 1, packet 0x50.

Code Select Expand


49  192.168.0.4:6112  :0  21  SendTo 
0000  00 00 00 00 50 51 11 00 02 00 00 00 01 00 00 00    ....PQ..........
0010  49 01 00 00 00                                     I....

The host now tells the player, and all other players, that the player has joined the game.
This should trigger the "X has joined the game" message, and players to /astat the player.

Code Select Expand


50  192.168.0.4:6112  :0  50  SendTo 
0000  00 00 00 00 A2 55 2E 00 03 00 00 00 01 00 00 00    .....U..........
0010  4F 1F 00 01 00 F5 9C 03 00 9E 9E 77 2A 28 38 29    O..........w*(8)
0020  47 72 65 65 6E 20 56 61 6C 6C 65 79 73 2E 73 63    Green Valleys.sc
0030  6D 00                                              m.

The host now asks the player if they have the map.

Code Select Expand


56  192.168.0.4:6112  :0  82  SendTo 
0000  00 00 00 00 28 A6 4E 00 26 00 26 00 02 00 00 00    ....(.N.&.&.....
0010  3D 64 3E 07 FF 06 06 00 3E 06 FF 06 06 00 3E 05    =d>.....>.....>.
0020  FF 06 06 00 3E 04 FF 06 06 00 3E 03 FF 06 06 00    ....>.....>.....
0030  3E 02 FF 06 06 00 3E 01 01 02 06 00 3E 00 00 02    >.....>.....>...
0040  06 00 3F 01 00 00 01 00 05 00 3F 00 00 00 01 00    ..?.......?.....
0050  05 00                                              ..

The host also now tells the player/other players, whos where in the game room.

Code Select Expand


57  :0  192.168.0.4:6112  27  RecvFrom 
0000  00 00 00 00 3C B8 17 00 00 00 04 00 01 00 01 00    ....<...........
0010  4F 08 00 00 00 00 01 F5 9C 03 00                   O..........

The player says they have the map.

Code Select Expand


60  192.168.0.4:6112  :0  16  SendTo 
0000  00 00 00 00 25 CA 0C 00 01 00 01 00 01 00 00 01    ....%...........

The host verifys the command 1 packet counts with the player, to make sure none were lost.
If any were, the player is expected to send a command 1, resend request.

Code Select Expand


65  :0  192.168.0.4:6112  18  RecvFrom 
0000  00 00 00 00 C4 36 0E 00 29 00 29 00 02 00 01 00    .....6..).).....
0010  3D 64                                              =d

The player tells everyone in the game, that their download is at 100%.

[xpeh]

SCTV Proxy
(similar to HLTV)

Is it possible?

[brew]

SCTV Proxy
(similar to HLTV)

Is it possible?

Well, I know of a certain SCRGTD.