How can i find opcode from winpcap packets

Hello all..
I want to find opcode with listening ethernet device
I am using winpcap library in c#. I have some sniff data in 15884 port but i think opcode location always different and i think winpcap adding ip-port header in data

lets some datas..
i am trying silkroadsecurity api but this datas is more than normal security silkroad data -.-" i think first 20byte is more..
who have idea ?

I guess the packet is encrypted. You have to decrypt it.
SilkroadSecurity API is working fine.

E: I checked the bitmask. It seems that the packet is not encrypted. Are you sure that the packet is a correct one?

Joymax did a bad job at some points as it seems
Some time ago I used wireshark to capture some packets and noticed that some contain data from older ones
length and everything is fine, except that the server sends more data than it needs to
no idea why, though

Just remove the crap from the end and you'll be fine

The server sometimes send multiple packet data in one packet. They do not send more data than required.

Quote:

Originally Posted by Schickl Joymax did a bad job at some points as it seems Some time ago I used wireshark to capture some packets and noticed that some contain data from older ones length and everything is fine, except that the server sends more data than it needs to no idea why, though Just remove the crap from the end and you'll be fine

Are you sure it's older data? TCP is a streaming protocol, so it's possible that one physical TCP message contains more than one logical SRO packet.

Quote:

Originally Posted by qkuh The server sometimes send multiple packet data in one packet. They do not send more data than required.

Quote:

Originally Posted by lesderid Are you sure it's older data? TCP is a streaming protocol, so it's possible that one physical TCP message contains more than one logical SRO packet.

I saw data from an older(obviously longer) packet there
no structure of a new one
So I would say yes, it's from an older packet