• Welcome to Valhalla Legends Archive.
 

Packets

Started by Death-Merchant, October 13, 2003, 09:33 PM

Previous topic - Next topic

Death-Merchant

Is there a place with a tutorial that teaches you how to use packets?

SiMi

Want me to write one?

Death-Merchant


Soul Taker

Quote from: Death-Merchant on October 13, 2003, 09:33 PM
Is there a place with a tutorial that teaches you how to use packets?
The internet.

Dark-Feanor

#4
I wrote one that helps a lil.  :P
It is on my FTP: [Link removed due to it's egregious wrongness]
- Feanor[xL]
clan exile
Firebot
iago: "caps lock is like cruise control for cool"

Soul Taker

I never knew that a WORD is an NT byte, a DWORD is just one byte followed by three nulls, etc.  Things like that, coupled with being unsure if a null-terminated string ends in a null, shows that you really shouldn't have tried making a packet tutorial.  Good faith, but you need to do some research.

Grok

#6
Now everybody's a smart ass.

+1 DaRk-FeAnOr

iago

QuoteI am pretty sure that the difference is that a NTstring is followed by a 0x00 (null) packet and an NONnTstring is not

That's not a null packet, that's a null byte, and you're right, NTString means Null-Terminated String.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


BlazingKnight

Is anybody going to answer the inital question?

iago

Quote from: BlazingKnight on October 14, 2003, 08:33 PM
Is anybody going to answer the inital question?

Yes, DaRk-FeAnOr did, and we've been commenting on his answer.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


SiMi

I say i write one about either Packet 0x50 or 0x51, Pick One!

Banana fanna fo fanna

51! 51! and put it on obd plz :)

Eric

#12
Quote from: Simi on October 14, 2003, 08:52 PM
I say i write one about either Packet 0x50 or 0x51, Pick One!

Quote

BnetDocs:

0x50
Direction: Client -> Server (Sent)
Format:
(DWORD)       Protocol ID (0)
(DWORD)       Platform ID
(DWORD)       Program ID
(DWORD)       Version
(DWORD)       Product language
(DWORD)       Local IP for NAT compatibility*
(DWORD)       Time zone bias*
(DWORD)       Locale ID*
(DWORD)       Language ID*
(STRING)       Country abreviation
(STRING)       Country

0x50
Direction: Server -> Client (Received)
Format:
(DWORD)       Logon Type
(DWORD)       Server Token
(DWORD)       UDPValue**
(FILETIME)    MPQ filetime
(STRING)       IX86ver filename
(STRING)       ValueString

Warcraft III Only:
(VOID)       128-byte Server signature

0x51
Direction: Client -> Server (Sent)
Format:
(DWORD)       Client Token
(DWORD)       Version
(DWORD)       Checksum
(DWORD)       Number of keys in this packet
(BOOLEAN)    Using Spawn

For Each Key:
(DWORD)       Key Length
(DWORD)       Product
(DWORD)       CDKEY Value 1
(DWORD)       Unknown (0)
(DWORD[5])    Hashed Key Data

(STRING)       Exe Information
(STRING)       CD Key owner name  

0x51
Direction: Server -> Client (Received)
Format:
(DWORD)       Result
(STRING)       Additional Information
Remarks: Reports success/failure on challenge.

Result:
0x000: Passed challenge
0x100: Old game version (Additional info field supplies patch MPQ filename)
0x101: Invalid version

0x200: Invalid CD key
0x201: CD key in use (Additional info field supplies name of user)
0x202: Banned key
0x203: Wrong product

The last 4 codes also apply to the second cdkey, as indicated by a bitwise combination with 0x010.

Now that's been covered.  No need to write a tutorial on what's already infront of you, simi. *cough bnetdocs cough* ... unless ofcourse you were going to explain in great detail the hashing procedures that are called in bnetauth.dll which I doubt you know how to do.

SiMi

Everytime i argue with you lord the thread always gets locked, either that or my post(s) get deleted. I'm not going to start with you nor end with you. If he needs any help parsing that information from bnetdocs, or if he needs another tutorial he can ask me.

iago

You're just lucky I don't moderate this board, this entire thread would be gone.

The problem is that the original question is extremely general.  To be valid, I think he would have to make his question much more specific.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*