How to find packets
Ok, in this tutorial I'll show you how to find packets, let's start!
We must go to the function that handel the packets that the swf receive, it's located in net->ConnectionManager.html.
There are too much letters I know.
We must search "private function onData(event: DataEvent) : void" this is the function we need.
There are a lot of _loc_ but we must search for something special: _loc_3.
Code:
var _loc_2:* = String(event.data);
_loc_3 = _loc_2.split(ATTRIBUTE_SEPERATOR)
This parse the param of the function to an array, the next important line is:
Now we know that the packet starts with 0, asdf, FUCKYOU or whatever you want because the function starts on the next index (the index of a packet are separated by "|" so this is a normal packet INDEX0|INDEX1|INDEX2...)
Ok, let's take a look at the first case:
Code:
case ServerCommands.PET:
If we take a look at the file ServerCommands.html (in the same folder as ConnectionManager.html) and search for PET we will see that it's a constant:
Code:
public static const PET:String = "PET";
Now we know that the current packet is "0|PET", ok, let's continue!
Code:
this.petAssembly.assembleCommand(_loc_3);
This sends the packet to the class petAssembly (PetAssembly.html, in the same folder as ConnectionManager.html), let's open it and search for the function assembleCommand.
Code:
public function assembleCommand(param1:Array) : void
{
var _loc_2:* = param1[2];
if (this.delegateDict[_loc_2] != null)
{
var _loc_3:* = this.delegateDict;
_loc_3[_loc_2](param1);
}
else
{
this.playSound(73);
}// end else if
return;
}// end function
The important line is
Code:
if (this.delegateDict[_loc_2] != null)
What is _loc_2??
Code:
var _loc_2:* = param1[2];
This means that _loc_2 receives the value of the second index of the packet (remember that an array starts with index 0 so index 2 is "INDEX0|INDEX1|INDEX" the third index), now we must take a look at
Code:
private function initDelegateDict() : void
Let's take a random line:
Code:
this.delegateDict[ServerCommands.REPAIR_PET] = this.assemblePetRepair;
Ok, do you remember the function assembleCommand? If yes you should know that now the packet is something like "0|PET|ServerCommands.REPAIR_PET", now let's look at ServerCommands.html again and search for REPAIR_PET...
Code:
public static const REPAIR_PET:String = "R";
Ok, the packet is "0|PET|R", and now what? Now we must look at the assemblePetRepair function:
Code:
private function assemblePetRepair(param1:Array) : void
{
this.playSound(71);
this.toggleRepairButtonVisbility(false);
return;
}// end function
Ok, as in this function there isn'tt a line that says something like ServerCommands... this means that the packet is over, we don't need to find nothing else, the final packet is "0|PET|R" and is the repair packet for the pet, but let's take a look at another function:
Code:
private function assembleStopLaserAttack(param1:Array) : void
{
var _loc_2:* = 2;
var _loc_3:* = int(param1[++_loc_2]);
var _loc_4:* = this.main.screenManager.map; _loc_4.getCombatManager().removeLaserAttack(_loc_3);
return;
}// end function
Look at the line
Code:
var _loc_3:* = int(param1[++_loc_2]);
We use the parameter (the packet), which index? ++_loc_2, let's look for the definition of _loc_2, now we know that _loc_2 = 2, so ++_loc_2 = 1 + 2 = 3, then we know there's a 3rd index of the packet ("Index0|Index1|Index2|Index3") and it's parsed to int (number) so it can't be "0|PET|SL|asdf"
Code:
var _loc_4:* = this.main.screenManager.map;
_loc_4.getCombatManager().removeLaserAttack(_loc_3);
Now let's look at main.screenManager.map.getComnbatManager(), it returns a CombatManager object, now we must search for the class CombatManager (it's located in combat->CombatManager.html) and search for the function "removeLaserAttack"
Code:
public function removeLaserAttack(param1:int, param2:Boolean = true) : void
{
var _loc_3:* = this.laserAttacks[int(param1)];
if (_loc_3 != null)
{
if (param2)
{
_loc_3.cleanup();
}// end if
delete this.laserAttacks[int(param1)];
}// end if
return;
}// end function
With a bit of brain we can know that laserAttacks is a dictionary with userIDs as index for example an user with the userID 1 has the entry in the dictionary laserAttacks[1], so know we know that the packet is "0|PET|SL| petID" where petID is the ID of the pet.
Easy right? Maybe it's a bit boring but it's easy, I think this is called reverse engeneery.
What do we know now?
-How to find packets
-Pet repair packet: 0|PET|R
-Stop pet laser attack packet: 0|PET|SL| petID
See you!!