• Welcome to Valhalla Legends Archive.
 

packets

Started by ILurker, March 10, 2003, 04:06 PM

Previous topic - Next topic

ILurker

someone please tell me how the hell i find the ping, and other stuff
Figure 1.1
RECV-> 0000   FF 0F 3D 00 01 00 00 00 00 00 00 00 C5 01 00 00    ..=.............
RECV-> 0010   00 00 00 00 0D F0 AD BA 0D F0 AD BA 53 61 72 63    ............Sarc
RECV-> 0020   61 73 74 69 63 00 52 41 54 53 20 30 20 30 20 30    astic.RATS 0 0 0
RECV-> 0030   20 31 20 30 20 30 20 30 20 30 20 30 00                                                          1 0 0 0 0 0.

user's flags is 0x00000000, ping is 453, account is "Sarcastic", and statstring is "RATS 0 0 0 1 0 0 0 0 0".

Banana fanna fo fanna

#1
Instead of giving you the answer (since I don't know it ;)), I suggest doing an experiment.

Look at a CHAT client's packet and record it.

Then look at a low ping client's packet, and a high ping one's (in SC). Compare and see which dword/word/whatever it is.

Noodlez

#2
Packet ID: 0x0F
Direction: Server -> Client (Recieved)
Format: (DWORD)             Event ID
(DWORD)             User's Flags
(DWORD)             Ping
(DWORD)             IP Address (Defunct)
(DWORD)             Account number (Defunct)
(DWORD)             Registration Authority (Defunct)
(STRING)             Username
(STRING)             Text

Banana fanna fo fanna

#3
Screw you n00dz ;)

ILurker

#4
wtf are dwords and strings, and where in the packet do i look to find them? i mean like which (numbers?/lines?)

Mesiah / haiseM

#5
ok here i go again, i did this once, but since nobody bothers to SEARCH, ill do it again.

Bytes - appear in format "00" in a packet log, this is the equivilant as 1 character in a string.

Words - appear in format "00 00" in a packet log, this is equivilant as 2 characters in a string.

DWords - appear in format "00 00 00 00" in a packet log, this is equivilant as 4 characters in a string.

QWords - appear in format "00 00 00 00 00 00 00 00" in a packet log, this is equivilant as 8 characters in a string.

NTString (Null Terminated String) - appears as plain text, with a null byte at the end "00".

String - appears as plain text.


When you read a packet log, your reading it in Hex, which makes it easier to distinguish then reading it as plain strings, because if you look at a word or dword in string, it can appear as any array of characters, but have a more meaningful use than that.

Figure 1.1
RECV-> 0000   FF 0F 3D 00 01 00 00 00 00 00 00 00 C5 01 00 00    ..=.............
RECV-> 0010   00 00 00 00 0D F0 AD BA 0D F0 AD BA 53 61 72 63    ............Sarc
RECV-> 0020   61 73 74 69 63 00 52 41 54 53 20 30 20 30 20 30    astic.RATS 0 0 0
RECV-> 0030   20 31 20 30 20 30 20 30 20 30 20 30 00             1 0 0 0 0 0.

user's flags is 0x00000000, ping is 453, account is "Sarcastic", and statstring is "RATS 0 0 0 1 0 0 0 0 0".

the ping is the third dword in the packet, as noodlez said, but your viewing it in hex, so you wont just see "453", you have to take that dword in hex, and conver it to decimal:

1st dword = 01 00 00 00
2nd dword = 00 00 00 00
3rd dword = C5 01 00 00

If you convert 1C5 from hex into decimal, you will get 453, and that is the users ping.

Can we get something like this on bnetdocs or botdev site or something?
]HighBrow Innovations
Coming soon...

AIM Online Status: 

Noodlez

mesiah, i dont think that belongs on bnet docs. by making a binary bot it's assumed you have that knowledge...

wow, isnt ILurker the one who called me a vb "n00b" and said i shold stop programming?

but, to follow the rules i'll help you, despite how much i hate you.
pos = 1
mid(data,pos,4) 'would extract the first dword
pos = pos + 4 'moving on to the next dword
mid(data,pos,4)
pos = pos + 4
'to extract a string you would continue where you left off 'and stop at a null
string = mid(data,pos, instr(mid(data,pos)-1,vbnullchar)) 'the -1 is because you don't want the null to be part of your string
pos = pos + len(string) + 1

Camel

Quote...your reading it in Hex...
you're

Quotemesiah, i dont think that belongs on bnet docs. by making a binary bot it's assumed you have that knowledge...

wow, isnt ILurker the one who called me a vb "n00b" and said i shold stop programming?

but, to follow the rules i'll help you, despite how much i hate you.
pos = 1
mid(data,pos,4) 'would extract the first dword
pos = pos + 4 'moving on to the next dword
mid(data,pos,4)
pos = pos + 4
'to extract a string you would continue where you left off 'and stop at a null
string = mid(data,pos, instr(mid(data,pos)-1,vbnullchar)) 'the -1 is because you don't want the null to be part of your string
pos = pos + len(string) + 1

if you want to be ubernewbish, you you be so lazy as to write an 'extract' string...using globally defined variables, of course...  8)

Arta

Small nitpicky correction:

QuoteString - appears as plain text.

This is false. BNCS does not use any such type. Data that appears to be a non-terminated string is always 4 bytes long - they are DWORDS that just happen to look like strings.

ILurker

#9
Quotewow, isnt ILurker the one who called me a vb "n00b" and said i shold stop programming?

I dont recall ever saying that

Banana fanna fo fanna

#10
For christ's sake...before you post:

1) Use the forum's search
2) Use bnetdocs
3) Use google

Noodlez

#11
QuoteI dont recall ever saying that
i'd look through your old posts, but you deleted them after i proved you were an idiot

Mesiah / haiseM

#12
yoni, i was just pointing out what it is in general, not limiting it to the use of BNCS, otherwise i wouldnt have added the definition of a QWord :-P
]HighBrow Innovations
Coming soon...

AIM Online Status: 

Yoni

#13
Quoteyoni,
huh? I didn't even reply in this thread (until now)

MrRaza

#14
Maybe it got deleted...   ;)