Author | Message | Time |
---|---|---|
smoke | I've managed to get my d2xp client to authenticate and successfully log into battle.net chat, however, I am still having difficulty with what I am supposed to do with the returned IP address and port from 0x3e. On most gateways, the IP according to the BnetDocs doesn't seem to be a valid host at all, much less one that would respond on the port provided. What exactly do I need to do to initiate my realm connection? Thanks, -smoke | May 24, 2003, 3:54 AM |
Kp | [quote author=smoke link=board=17;threadid=1412;start=0#msg10528 date=1053748454] I've managed to get my d2xp client to authenticate and successfully log into battle.net chat, however, I am still having difficulty with what I am supposed to do with the returned IP address and port from 0x3e. On most gateways, the IP according to the BnetDocs doesn't seem to be a valid host at all, much less one that would respond on the port provided. What exactly do I need to do to initiate my realm connection? Thanks, -smoke [/quote]What address are you receiving? Packet dump of 0x3e preferred. | May 24, 2003, 4:45 AM |
smoke | Realm Logon Packet (0x3E - 83): 0x01 0x00 0x00 0x00 0x73 0x91 0xA6 0xFC 0x3F 0xF1 0x53 0x6E 0x36 0x1B 0x05 0x00 0x3F 0xF1 0x53 0x12 0x17 0xE0 0x00 0x00 0x00 0x00 0x00 0x00 0xA0 0x8A 0x38 0x00 0xEE 0xF6 0x28 0x17 0x50 0x58 0x32 0x44 0x36 0x38 0x58 0x49 0x3F 0xF1 0x53 0x6E 0x00 0x00 0x00 0x00 0xAD 0x78 0x32 0xA0 0x9C 0x95 0xF8 0xA0 0x48 0x70 0xEE 0x37 0x76 0xFA 0x88 0x8B 0xC0 0xC7 0x30 0x79 0x5B 0x6D 0x5D 0x73 0x6D 0x6F 0x6B 0x65 0x00 0x16 0x01 This is the packet I am receiving after I send a 0x3E packet to the server. The IP Address is the 5th dword of this packet. So it is 0x3F 0xF1 0x53 0x12, which is something like 63.241.83.18 (it may be reversed, I am uncertain in this particular case). Regardless, neither this case or the reversed case appear to be "valid" IP addresses. The port in which it tries to communicate is 57367 (reversing the 2 bytes gives the expected 6112... meaning this is in big-endian order instead of little-endian). I am assuming that once I am given this IP address and Port number, I am to open a new socket which then uses the MCP protocol instead of the BNCS protocol. Are there any other special packets I need to send before or after 0x3E in order to connect to the realm server? I would just sniff out packets directly from a diablo ii exp session, however, I don't have it installed where I am at the moment. So, it kind of makes things difficult to reverse-engineer. Thanks, smoke | May 24, 2003, 4:55 AM |
smoke | Even for the realm server? What does the port in the 0x3e client -> server packet relate to then? Anybody that has experience with these packets, please add clearification comments to the BNetDocs. The description currently there is very vague. Thanks, -smoke | May 24, 2003, 5:39 AM |
smoke | Well, Noodlez just helped me realize that unlike most values in these packets, the Port value is actually in Big-Endian order rather than the common Little-Endian. This is why the port number I was not 6112 as it should be. Thanks for you help guys. -smoke | May 24, 2003, 6:47 AM |
smoke | Are there any specific bytes of data that I must send to the MCP server before I start sending any MCP packets? (i.e. protocol byte of some kind) -smoke | May 24, 2003, 7:39 AM |
smoke | I took a wild guess on there being a protocol byte of some kind... and passing 0x01 seems to make it work. Thanks again for everybodies assistance (whether it be in comments, documentation, examples) -smoke | May 24, 2003, 7:45 AM |
Camel | [quote author=Maddox link=board=17;threadid=1412;start=0#msg10538 date=1053754540] The port is always 6112. [/quote] while probably true, i wouldn't assume that. if it was inteded to be static, the port would probably not be provided in the packet. also, certain battle.net clone servers such as bnetd don't have native realm support, so seperate add-on programs are used that listen on non-6112 ports. | May 25, 2003, 2:48 AM |
dRAgoN | [quote author=Camel link=board=17;threadid=1412;start=0#msg10587 date=1053830912] [quote author=Maddox link=board=17;threadid=1412;start=0#msg10538 date=1053754540] The port is always 6112. [/quote] while probably true, i wouldn't assume that. if it was inteded to be static, the port would probably not be provided in the packet. also, certain battle.net clone servers such as bnetd don't have native realm support, so seperate add-on programs are used that listen on non-6112 ports. [/quote] that is if you pland to run the realm server from the same computer which would run normaly 6113, where as if you have two seperate computers you could very well do 6112. | May 25, 2003, 9:02 PM |
Camel | [quote author=dRAgoN link=board=17;threadid=1412;start=0#msg10640 date=1053896555] [quote author=Camel link=board=17;threadid=1412;start=0#msg10587 date=1053830912] [quote author=Maddox link=board=17;threadid=1412;start=0#msg10538 date=1053754540] The port is always 6112. [/quote] while probably true, i wouldn't assume that. if it was inteded to be static, the port would probably not be provided in the packet. also, certain battle.net clone servers such as bnetd don't have native realm support, so seperate add-on programs are used that listen on non-6112 ports. [/quote] that is if you pland to run the realm server from the same computer which would run normaly 6113, where as if you have two seperate computers you could very well do 6112. [/quote] so what? there are servers that use ports other than 6112. unless you support the port word, your bot will not work with those (realm) servers. | May 26, 2003, 4:47 PM |
dRAgoN | [quote author=Camel link=board=17;threadid=1412;start=0#msg10759 date=1053967669] so what? there are servers that use ports other than 6112. unless you support the port word, your bot will not work with those (realm) servers. [/quote] which gives good reason to parse it out of the packet and use it that way rather then out right bind your port to 6112 just because someone says its always that. | May 26, 2003, 9:25 PM |
smoke | The only complaint I have is the misdocumentation on that portion of the packet. In the BnetDocs, it states it is a DWORD and not a word... that is the first error. Secondly, it doesn't state the byte-ordering which appears to be backwards from most everything else (big-endian vs the common x86 native little-endian). Personally, I try to rely on packets to tell me what to do instead of making assumptions which aren't necessarilly always true. After finding out the correct format of the packet, it was clearly 6112, and it is good to be able to use that value directly from the packet to provide the best compatibility. -smoke | May 27, 2003, 9:01 PM |
Arta | This has now been corrected, thanks to an error report from Madd0x. Some extra information has also been added to the packet that should clear up any remaining confusion. | May 27, 2003, 10:49 PM |
smoke | While on the topic of packets, does anybody have an idea why the Realm protocol frequently sends "55 55 55 55 55" packets for some reason? It almost seems like an undocumented delimiter between packets. I mean, if I were to assume that it was just like any other packet, this would result in my packet parsing code to assume a packet of length 0x5555 was being recieved. This is clearly not the case. Furthermore, has anybody documented the Diablo II Realm packets for creating/joining games? If not, I have started to unpack the data that are within those particular packets and I will be happy to submit my findings when I am finished. -Smoke | May 28, 2003, 12:06 AM |
Soul Taker | Notes from back when I was working on getting my bot to create LoD games: [code] (Realm) Send Word [Seq.] Byte [Null?] Byte [Difficulty flag] Word [Null?] Byte [0x01?] Word [0x08FF?] String [Name] String [Pass] String [Desc] -- Starts game creation/join challenge -- 0000 15 00 03 11 00 00 00 00 00 01 FF 08 44 69 65 00 ............Die. 0010 4E 6F 77 00 00 Now.. 0000 15 00 03 13 00 00 00 00 00 01 FF 08 44 69 65 00 ............Die. 0010 4E 6F 77 00 00 Now.. 0000 17 00 03 17 00 00 00 00 00 01 FF 08 44 69 65 65 ............Diee 0010 00 4E 6F 77 77 00 00 .Noww.. 0000 19 00 03 04 00 00 10 00 00 01 06 05 44 69 69 69 ............Diii 0010 65 00 4E 6F 6F 6F 77 00 00 e.Nooow.. 0000 1B 00 03 09 00 00 20 00 00 01 07 06 44 69 69 65 ...... .....Diie 0010 00 4E 6F 6F 77 00 50 6C 6C 7A 00 .Noow.Pllz. -- (Realm) Recv Dword [Pos. in line] == 0000 07 00 14 18 00 00 00 ....... 0000 07 00 14 1B 00 00 00 ....... 0000 07 00 14 12 00 00 00 ....... == (Realm) Recv Word [Seq.] Word [Value used in sends to game server] Word [Null?] Dword [Flags?] == 0000 0D 00 03 11 00 F5 03 00 00 00 00 00 00 ............. 0000 0D 00 03 13 00 9F 02 00 00 00 00 00 00 ............. 0000 0D 00 03 17 00 EC 03 00 00 00 00 00 00 ............. == (Realm) Send Word [Seq + 1] String [Name] String [Pass] == This is first when joining == 0000 0D 00 04 12 00 44 69 65 00 4E 6F 77 00 .....Die.Now. 0000 0D 00 04 14 00 44 69 65 00 4E 6F 77 00 .....Die.Now. 0000 0F 00 04 18 00 44 69 65 65 00 4E 6F 77 77 00 .....Diee.Noww. == (Bnet) Send Dword? [Create or join?] 4 Dwords [Null?] String [Name] String [Pass] -- Seems to tell Bnet you should be shown as in this game -- 0000 FF 1C 21 00 01 00 00 00 00 00 00 00 00 00 00 00 ..!............. 0010 00 00 00 00 00 00 00 00 44 69 65 00 4E 6F 77 00 ........Die.Now. 0020 00 . 0000 FF 1C 21 00 01 00 00 00 00 00 00 00 00 00 00 00 ..!............. 0010 00 00 00 00 00 00 00 00 44 69 65 00 4E 6F 77 00 ........Die.Now. 0020 00 . 0000 FF 1C 23 00 01 00 00 00 00 00 00 00 00 00 00 00 ..#............. 0010 00 00 00 00 00 00 00 00 44 69 65 65 00 4E 6F 77 ........Diee.Now 0020 77 00 00 w.. -- (Realm) Recv Word [Seq.] Dword [Values in 0x03] Dword [Gameserver IP] Dword [Values sent to gameserver in 0x65] Dword [Null?] -- Used to connect to game server -- 0000 15 00 04 12 00 F5 03 00 00 3F F0 CA 38 99 70 1A .........?..8.p. 0010 0B 00 00 00 00 ..... 0000 15 00 04 14 00 9F 02 00 00 3F F0 CA 62 21 71 43 .........?..b!qC 0010 17 00 00 00 00 ..... 0000 15 00 04 18 00 EC 03 00 00 3F F0 CA 3B 8C A4 C5 .........?..;... 0010 31 00 00 00 00 1.... -- (Bnet) Send Dword [Game ID] Dword [Version byte] String [Name] String [Pass] -- 0000 FF 22 14 00 50 58 32 44 09 00 00 00 44 69 65 00 ."..PX2D....Die. 0010 4E 6F 77 00 Now. 0000 FF 22 14 00 50 58 32 44 09 00 00 00 44 69 65 00 ."..PX2D....Die. 0010 4E 6F 77 00 Now. 0000 FF 22 16 00 50 58 32 44 09 00 00 00 44 69 65 65 ."..PX2D....Diee 0010 00 4E 6F 77 77 00 .Noww. -- (Realm) Send Empty == 0000 03 00 13 == (Bnet) Send Empty -- Leaves chat -- 0000 FF 10 04 00 -- *Connect to game server now* (Game) Recv == 0000 A7 01 (Game) Send Dword [Values from 0x04] Word [Values from 0x03 and 0x04] Byte [Char class] Byte [Version?] Dword [Null?] String [Char name] (fixed-len) Byte [0x4c] (unless char name is 15 bytes, then the terminating null replaces this) -- Needs to always be same len, can just put nulls in place of the junk data to make it this len. 0000 65 99 70 1A 0B F5 03 06 09 00 00 00 00 41 73 73 e.p..........Ass 0010 53 6F 75 6C 00 BB AA 6F 4B 00 00 00 4C Soul...oK...L 0000 65 93 E1 F4 07 A6 03 04 09 00 00 00 00 59 78 7A e............Yxz 0010 00 78 D4 77 E4 BB AA 6F 4B 00 00 00 4C .x.w...oK...L 0000 65 C8 25 C3 27 36 03 04 09 00 00 00 00 51 7A 78 e.%.'6.......Qzx 0010 73 00 D4 77 E4 BB AA 6F 4B 00 00 00 4C s..w...oK...L 0000 65 4A F6 3B 32 48 01 02 09 00 00 00 00 46 69 66 eJ.;2H.......Fif 0010 74 65 65 6E 43 68 61 72 73 48 75 6B 00 teenCharsHuk. 0000 65 00 D6 76 16 0C 02 00 09 00 00 00 00 48 65 49 e..v.........HeI 0010 49 5F 53 6C 61 79 65 72 00 00 00 00 4C I_Slayer....L -- (Game) Recv -- No clue -- 0000 05 7A 09 A5 E0 Got this instead only on Heii_Slayer?? 0000 06 75 D0 1D 9A 5E -- (Game) Send No idea Seems you can send anything in this and will get the same response - using it to keep connection active now -- 0000 6A 1B 04 7D 06 00 00 00 00 j..}..... 0000 6A 1D FE 7D 06 00 00 00 00 j..}..... 0000 6A E1 D2 7E 06 00 00 00 00 j..~..... 0000 6A 43 03 1A 00 00 00 00 00 jC....... 0000 6A 8E 58 AB 00 00 00 00 00 j.X...... 0000 6A 46 1F AD 00 00 00 00 00 jF....... 0000 6A EA CD 83 00 00 00 00 00 j........ -- (Game) Recv -- 0000 02 5C .\ -- (Game) Recv -- 0000 07 1F 7F FF FF FF C0 ....... -- (Game) Send -- Last packet before tons of data, game info -- 0000 68 h -- (Game) Send -- Leaves game -- 0000 66 f [/code] | May 28, 2003, 3:12 AM |
smoke | [quote author=Maddox link=board=17;threadid=1412;start=15#msg11155 date=1054327983] MCP 0x03 C->S (WORD) Difficulty (Normal = 0x00, Nightmare = 0x10, Hell = 0x20) [/quote] Maybe somewhere in here is a flag for hardcore/softcore? | May 30, 2003, 10:25 PM |
Soul Taker | I'd think the realm would determine that on it's own based on the character, but that's just a guess. | May 30, 2003, 10:34 PM |
smoke | Furthermore, I think this may be the same packet you would use for open realm. If that is the case, maybe the 0x01 indicates closed realm. I'll do some sniffing/comparing between those. It would be interesting to know if that information is encoded in that packet somewhere. -smoke | May 31, 2003, 1:20 AM |