are these packets correct?

Page 1 of 2 1 2
12/13/2010 19:12 sjaakie100#1
I've been busy creating my own packet sniffer for silkroad. But I don't know if the packets are oke. because I use winPcap to sniff the packets and it has all those headers init so I had to strip them but I don't know if I got them all.
These are the first few packets which I got after I started the launcher.

[Only registered and activated users can see links. Click Here To Register...]

Thank you:)
12/13/2010 19:23 aintx#2
These packet is right.
2 byte - data len
2 byte - opcode
2 byte - security bytes
after all packet is data.
You can check your data with and any open source emulator. ^^
12/13/2010 19:27 sjaakie100#3
Thank you:)
12/14/2010 14:43 lesderid#4
Or if you don't wanna download anything, just take a look at my packet documentation:
[Only registered and activated users can see links. Click Here To Register...]
12/14/2010 15:01 sjaakie100#5
Oke well I've got a new problem right now. (I didn't want to create a new thread so sorry for the double post)
I'm trying to read the packet size and the opcode but my reader returns in the 4th, 5th and the 7th packet wrong values. the 4th shows a wrong opcode the 5th are both values wrong and the 7th is the size wrong.
This is how it looks like:
[Only registered and activated users can see links. Click Here To Register...]

as you can see the 4th packet says opcode = ffff9000 which should be 9000 only.

this is a little code snippet of my reader which I use to read the size and opcode. I got these from Jmerlin's sremu2 for just testing if it works.
Code:
template <typename T>
T reading(byte* stream, int& pos, int len)
{
	if((int)(pos + sizeof(T)) > (int)len)
		return (T)0;

	T val = *(T*)&stream[pos];
	pos += sizeof(T);

	return val;
}

short packetReader::readWord(){
	return reading<short>(_buffer,_cur,_size);
}
I'm using this readWord function for the packet size and opcode. I assume that correct.

owh and by the way I'm printing the size and opcode like this:
Code:
	packetReader reader((byte*)data, size);
	short psize = reader.readWord() + 6;
	short opcode = reader.readWord();
	short security = reader.readWord();
	
        printf("packet size: %d\n", psize);
	printf("opcode: %.4x\n", opcode);
I hope someone could help me with this problem.

thank you:)

EDIT: @lesderid Yeah I saw your packet documentation it's great:) But I would like to have something which I can use and update because your documentation would be incorrect if joymax changes something. and I need something to sniff ingame without using a loader or something like that. because most of the packet sniffers are build in loaders so you don't get the first few packets at startup and you have to wait for a new release if joymax updates their opcodes and with this one I ain't got those problems.

btw sorry for my english:P
12/14/2010 15:05 aintx#6
Code:
	packetReader reader((byte*)data, size);
	short psize = reader.readWord();
	short opcode = reader.readWord();
	short security = reader.readWord();
	
        printf("packet size: %d\n", psize);
	printf("opcode: %.4x\n", opcode);
try like this. ^^ you do not need +6 for psize

edit :

right code(c#)
Code:
        ushort datasize = BitConverter.ToUInt16(buff, 0);
        ushort read_opcode = BitConverter.ToUInt16(buff, 2);
        byte[] buff_ = new byte[datasize];
        Array.Copy(buff, 6, buff_, 0, datasize);
like this ^^
12/14/2010 15:10 sjaakie100#7
Quote:
Originally Posted by aintx View Post
Code:
	packetReader reader((byte*)data, size);
	short psize = reader.readWord();
	short opcode = reader.readWord();
	short security = reader.readWord();
	
        printf("packet size: %d\n", psize);
	printf("opcode: %.4x\n", opcode);
try like this. ^^ you do not need +6 for psize
Thank you for your quick response.
It didn't solve my problem. I think I need to add + 6 because now I've got 6 bytes more in every packet than psize says. Like that 4th packet It says packet size: 0 but there are 6 bytes in it.
12/14/2010 16:26 Shadowz75#8
Quote:
Originally Posted by sjaakie100 View Post
Thank you for your quick response.
It didn't solve my problem. I think I need to add + 6 because now I've got 6 bytes more in every packet than psize says. Like that 4th packet It says packet size: 0 but there are 6 bytes in it.
Well, this is how silkroad builts the packets(the header is always 6 bytes big, the green marked)
Code:
struct TPacket
    {
[COLOR="Lime"]        public ushort size;
        public ushort opcode;
        public byte securityCount;
        public byte securityCRC;[/COLOR]
        public fixed byte [COLOR="Red"]data[/COLOR][8096];
    }
Code:
	short psize = reader.readWord();
this size is not the packet size, its the size of the data.

if you add +6 you add the size of the header, too.so your 4th packet has just no data in it.
12/14/2010 16:43 sjaakie100#9
Quote:
Originally Posted by Shadowz75 View Post
Well, this is how silkroad builts the packets(the header is always 6 bytes big, the green marked)
Code:
struct TPacket
    {
[COLOR="Lime"]        public ushort size;
        public ushort opcode;
        public byte securityCount;
        public byte securityCRC;[/COLOR]
        public fixed byte [COLOR="Red"]data[/COLOR][8096];
    }
Code:
	short psize = reader.readWord();
this size is not the packet size, its the size of the data.

if you add +6 you add the size of the header, too.so your 4th packet has just no data in it.
Thanks for explaining I get it now:).

I still the problem with the reading I think it's just a problem with the reader itself so I'll make my own one too see if that works.
12/14/2010 19:26 lesderid#10
Quote:
Originally Posted by sjaakie100 View Post
Thanks for explaining I get it now:).

I still the problem with the reading I think it's just a problem with the reader itself so I'll make my own one too see if that works.
Reader for SRO is kinda easy.
Well, it is in C#. You just inherit the BinaryReader class and you override some functions. (like string reading)

EDIT: My RawPacket and PacketReader class in C# (no support for encryption):
12/14/2010 19:31 sjaakie100#11
Quote:
Originally Posted by lesderid View Post
Reader for SRO is kinda easy.
Well, it is in C#. You just inherit the BinaryReader class and you override some functions. (like string reading)
I saw it in csremu:) but i'm using c++ so it's a bit more difficult:P btw when i print my packet like data[3],data[2] I get the right opcodes so it is a reading problem and not a prolbem with the data. I'll tell you guys if I got it working correctly but tips ect. are always welcome:)
12/14/2010 20:04 Haxor#12
I think C# coding much easier than C++
You can understand things more
You can read the last source files that Xsense uploaded
here
[Only registered and activated users can see links. Click Here To Register...]
If you read and understand you can get much things and learn alot
12/14/2010 20:13 lesderid#13
Quote:
Originally Posted by sjaakie100 View Post
I saw it in csremu:) but i'm using c++ so it's a bit more difficult:P btw when i print my packet like data[3],data[2] I get the right opcodes so it is a reading problem and not a prolbem with the data. I'll tell you guys if I got it working correctly but tips ect. are always welcome:)
Why don't you take a look at the boost library?
AFAIK, they have functions for reading etc. that are easy to adapt.
12/14/2010 23:14 sjaakie100#14
@saif1999 I'm using c++ because I don't like c#. And because It's slower with that whole .net framework stuff. but I'll take a look at the source of Xsense's emu.

@lesderid thanks I'll take a look in that library:). because I can't figure out why the data isn't correctly readed. The opcode is now correct (I had to change short in unsigned short) but i don't want to use this reader to read the rest of the packet because it's unreliable if a few packets ain't readed the right way.
12/15/2010 00:30 bootdisk#15
Quote:
Originally Posted by sjaakie100 View Post
I saw it in csremu:) but i'm using c++ so it's a bit more difficult:P btw when i print my packet like data[3],data[2] I get the right opcodes so it is a reading problem and not a prolbem with the data. I'll tell you guys if I got it working correctly but tips ect. are always welcome:)
You don't need a reader for C++.
Having such a system would be like trying to code Python in C++.

Just take a look [Only registered and activated users can see links. Click Here To Register...]. And it's by far worth to read the whole thread... it was one the biggest threads I've seen about private server coding scene.

Hope it helps as it's more related to C++ than C#.
Page 1 of 2 1 2