sniffing help !

06/26/2012 05:36 dragonsword1#1

ok i now got the packet sending thing now i need to get the packets data to send and i dont know how to sniff them from sro :S i downloaded wire shark and it moniters the whole network activity which is practicaly imposible to get sro packets from it .... so what i was asking is a tutorial link or a easy program on how to sniff the packets from sro

MARK: when i use edx loader to sniff packets the game crashes after 3 or 4 secs from login

help will be apreciated :)

06/26/2012 10:42 zeteris#2

Quote:

Originally Posted by dragonsword1

ok i now got the packet sending thing now i need to get the packets data to send and i dont know how to sniff them from sro :S i downloaded wire shark and it moniters the whole network activity which is practicaly imposible to get sro packets from it .... so what i was asking is a tutorial link or a easy program on how to sniff the packets from sro

MARK: when i use edx loader to sniff packets the game crashes after 3 or 4 secs from login

help will be apreciated :)

You can try using phConnector and phAnalyzer :) It's very easy to use :)

06/27/2012 00:11 Nezekan#3

Wireshark is really easy to use, if you know how to use the filters ^^

06/27/2012 05:05 dragonsword1#4

hmm well thanks both :) but is there a tutorial on wireshark filtering :D ?

and i'll try ph connector but is there a tutorial for the connector or can you tell me the steps to make it work i cant get it to open the game :D ! thanks for the help ;)

06/27/2012 10:53 kevin_owner#5

There are a few different ways to sniff the packets.

You have wireshark which monitors all outgoing and incoming packets. Normally if I want to filter packets from a certain port I use this filter expression:

Code:

tcp.port eq 15779

. This shows me all the packets send to and coming from port 15779.
This is a great way to get the packets but unfortunately you'll have to parse all the packets by yourself which is pretty hard.

Then there is PHConnector and nuconnector. These are basicly proxy's so you can connect to them with a program and you receive all the packets send from C -> S and S -> C. But you'll still have to parse them by yourself. Although this makes it easier to parse them since you receive the packets in your program and you can do with them whatever you want.

And then there is edxSilkroadLoader which I like the most. The packet parser parses and dumps the packets for you. You only have to find out what the values mean and you're done. But if you're using an official server this can be pretty hard since the security will most likely crash the client. But if you're using a private server you can find a server which doesn't have xtrap enabled and use this loader.

A lot of packets are the same in every version of silkroad so it can really be worth it to find out values of packets in the vsro server files.

06/27/2012 16:06 dragonsword1#6

thanks kevin you were more than helpful :)