I'm not the best at packet sniffing, in fact, I think they're boring as hell but this is what I do.
These are just 2 methods that works for me:
Method 1
I run a proxy (nuconnector + an analyzer or my frankenstein app slip) then move to a place in which you're alone (Constantinople's shipyard area is a good place).
Trigger events (start doing stuff like casting skills look for all the C-S {client to server packets} and look what S-C are sent back). Usually for every C-S packet's OP code his server counter-part shares the last byte (please note the 'usually' there and for example, movement 0x7021 is replied by the server with 0xB021 on RSRO).
I think that might be the pretty 'rustic' way of doing it but it works and its logarithmic equal to the complex of what you're looking for.
Method 2
Use
.
That's a kick ass system in which you first record a complete play session and you can play it back later packet by packet.
Seriously, it's the best way in my opinion.
And not a way that I've tried but edxSilkroadLoader version 5 has an 'autoparser' feature which uses silkroad's client to get the packets parsed (you will see what's a 8 byte, 4 byte, 2 byte and byte values).
I'd recommend you to capture several packets of what you're interested in to then analyse them and have an accurate packet structure.
Oh, and my last advice, start developing your sniffing skills at RSRO. It's a good place to research as it doesn't have any anti cheat system.
Edit:
I forgot to add something that helped me too.
If you get a value that you don't know what it's, for example:
9E 3A 00 00 (00 00 3A 9E)
Quick way of guessing what it's is convert it back to decimal as it's hexadecimal. You'll get 15006. Search for all the characterdata_*, skilldata_*, itemdata_* (they're under server_dep inside Media.pk2) luckily you will end up with this line:
Quote:
|
1 15006 MOB_EU_THIEF_NPC_0139 0139 ?? ????(????) MOB_EU_THIEF_NPC_0001 SN_MOB_THIEF_NPC xxx 0 1 1 2 1 2 5000 3 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -1 0 -1 0 -1 0 -1 0 12 0 0 0 0 0 20 54 100 0 4 0 xxx xxx xxx xxx xxx 14 0 470 0 0 0 0 0 0 0 0 0 0 0 32 70 14 14 53 0 53 2 329 336860180 3 3000 10898 12298 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
|
See the 15006? That's the ID column, so that '00 00 3A 9E' refers to a thief npc (lol, I took the worst case) now the question is, were you doing something with a thief npc? if so, then you've found that 00 00 3A 9E points to an ID.
If all that has failed then start playing with bits. That means, start searching for a meaning of that value, bitwise operations gives a lot of answers most of the times.
Well, that's all I can think about, hope you have got the idea.
![[REQUEST]Packet Sniffing tutorial(ANALYZING)](https://www.elitepvpers.com/forum/iconimages/sro-coding-corner/request-packet-sniffing-tutorial-analyzing_ltr.gif){kind=small}
)
