• Welcome to Valhalla Legends Archive.
 

Help w/ WPE

Started by gotcha_ass, January 19, 2003, 06:20 PM

Previous topic - Next topic

gotcha_ass

Ok I got WPE and logged my SC logon to see what I would get. I got stuff I jus have no friggin clue what it means can any help me decypher it?

UserLoser

#1
Don't know if this will help you or not, but there are some documents at: http://botdev.valhallalegends.com

gotcha_ass

#2
Ya I downloaded almost all of them but still dont see how to translate what the packet sniffer logged into something I can use.

Mesiah / haiseM

#3
All packets are in hex, but are sent as normal ascii characters, they are like the following:

bytes - appear in format: 00
words - appear in format: 00 00
dwords - appear in format: 00 00 00 00
qwords - appear in format: 00 00 00 00 00 00 00 00
strings - appear as any plain text: ...himynameisbob..

Depending on how a protocol works, a server can use this format to include data in any of those areas.

When you read a packet log, your not reading it how its actually been sent, so trying to send a packet in all hex will most likely be ignored, or cause the server to take disconnective action. (Unless the protocol uses hex, then who knows?)

To find out what the decimal number for a character in hex notation, you may need to convert them yourself, vb a few things to make this easy, or if you wanna be lazy, you can just use Windows Scientific Calculator.

View the packet byte for byte, letter by letter, and refer back to the documents at the Bot Dev Site.

This should help you get started.

]HighBrow Innovations
Coming soon...

AIM Online Status: 

gotcha_ass

#4
Thank You So Much, thats exactly what I needed. You truly are the messiah.

gotcha_ass

ok 1 little problem, I am having trouble discerning all the different packets, my log didnt put breaks or anything like that in there. Everyone keep talking about this packet does this or this packet does that, but how do I figure out which packet is which?

ok I guess what I am tryin to say is I cant read hex. I am not getting how you get a Dword in hex. I put the 1st 4 bytes together and then put them in the scientific calc, but got some outlandish number when I converted it to decimal. I am trying to figure out how to get the EventID then maybe I can figure it out from there.

Its the parsing thats killing me.

RhiNo

#6
Well iof you are using WPE on the far right where it shows you all the stuff you send recive S = Send R = Recive, Packets are generally the first part of the Recive and Send

Noodlez

#7
QuoteWell iof you are using WPE on the far right where it shows you all the stuff you send recive S = Send R = Recive, Packets are generally the first part of the Recive and Send
that made no sense.

to see which packet is which you are looking for the packet id, it should look like this

FF <PACKET ID> <LENGTH> <PACKET DATA>

the packetid will be 1 byte, the length will be a word

gotcha_ass

#8
thank you soo much that cleared it all up for me

Mesiah / haiseM

#9
Keep in mind thats just battle.net's tcp binary login protocol, if you log any udp packets, you will be confused.
]HighBrow Innovations
Coming soon...

AIM Online Status: 

soccerist

#10
Do you know where I can get a copy of WPE ?

thx.

RhiNo

#11
Do you know where I can get a copy of WPE ?
 
thx.

look through the old posts for something to do with packet sniffers started by me and i think there is a link in one of em

gotcha_ass

#12
search google for "winsock packet editor" sry I lost the link

soccerist

#13
Thx...but now there's another problem.  WPE supports only Windows 95/98.  I am using Windows 2000 Adv. Server.

And so... it won't even open when I start the application.  Any one else run into this problem too?  What packet logger thingy did you use?  Any recommendations of other good ones for this?

:)

Nova1313

#14
i suggest etheral or i like spynet alot but it shows you alot of useless info plus it costs and it was expensive. The company since went out of buisness i believe but it still works fine on win 2k/xp.

Etheral is free and can be found on sourceforge.
Spynet Costs alot. The company now only sells there new logger for around 900 dollars. Quite the pretty penny.

Im sure you can find it on the net there are demo's they had floating around. There has to be a crack somewhere. I just wouldn't know where to point you to for that.