| Author | Message | Time |
|---|---|---|
| DotA.For.Rest | Redone from post https://davnit.net/bnet/vL/index.php?topic=14970.0 IPs of two computers that i used for testing and grabbing packets 192.168.0.1 - Host 192.168.0.3 - Client [code] 1. LAN Game Search/Create/Decreate 2. Join Game 3. Map Check/Download ===================================================== = 1. LAN Game Search/Create/Decreate = ===================================================== Lookup LAN Game W3GS_SEARCHGAME 0x2F OUT 255.255.255.255:06112 LEN:16 · / · · P X 3 W · · · · · · · · f7 2f 1000 50583357 14000000 00000000 (BYTE) f7 |W3GS Signature (BYTE) 2f |Packet Signature (WORD) 1000 |Packet Size (DWORD) 50583357 |Game Signature (DWORD) 14000000 |Always 0x14? Maby its game version (DWORD) 00000000 |Zero ***************************************************** Create LAN Game W3GS_CREATEGAME 0x31 OUT 255.255.255.255:06112 LEN:16 · 1 · · P X 3 W · · · · · · · · f7 31 1000 50583357 14000000 03000000 (BYTE) f7 |W3GS Signature (BYTE) 31 |Packet Signature (WORD) 1000 |Packet Size (DWORD) 50583357 |Game Signature (DWORD) 14000000 |Always 0x14? Maby its game version (DWORD) 03000000 |Creation Counter ***************************************************** Refresh LAN Game (every 5 seconds or slot change) W3GS_REFRESHGAME 0x32 OUT 255.255.255.255:06112 LEN:16 · 2 · · · · · · · · · · · · · · f7 32 1000 03000000 01000000 04000000 (BYTE) f7 |W3GS Signature (BYTE) 32 |Packet Signature (WORD) 1000 |Packet Size (DWORD) 03000000 |Creation Counter (DWORD) 01000000 |Client players in game (host counted) (DWORD) 04000000 |Total client slots (do not counts computers or closed slots) ***************************************************** Decreates LAN Game (happens when decrates game or game starts loadding) W3GS_DECREATEGAME 0x33 OUT 255.255.255.255:06112 LEN:8 · 3 · · · · · · f7 33 0800 02000000 (BYTE) f7 |W3GS Signature (BYTE) 33 |Packet Signature (WORD) 0800 |Packet Size (DWORD) 02000000 |Creation Counter ***************************************************** Response LAN Game Info (response on client game search W3GS_SEARCHGAME) W3GS_GAMEINFO 0x30 OUT 192.168.000.003:06112 LEN:117 · 0 u · P X 3 W · · · · · · · · · V · · · · · · · · · · ( F o r . R e s t ) · · · · I · · · f7 30 7500 50583357 14000000 01000000 e4569f00d098d0b3d180d0b02028466f722e526573742900 00 01034907 0101 } · · } · · · · C M · a q s ] ) 5 ) · M o s u U e m · q m e / w 3 m · · G o s / S e · s u · · · 7d01 997d01a3df1d434d 8b6171735d293529 cd4d6f737555656d e9716d652f77336d 8901476f732f5365 037375 010100 · · · · · · · · · · · · · · · · · · · · · · 04000000 09000000 01000000 04000000 00000000 e017 (BYTE) f7 |W3GS Signature (BYTE) 30 |Packet Signature (WORD) 0800 |Packet Size (DWORD) 50583357 |Game Signature (DWORD) 14000000 |Always 0x14? Maby its game version (DWORD) 01000000 |Creation Counter (char[]) e4569f00d098d0b3d180d0b02028466f722e526573742900 |Game Name (UTF-8 Coded) null terminated string (BYTE) 00 |Zero ----Coded Part of Packet---- (char[]) 0103490701017d01 |Coded data 997d01a3df1d434d 8b6171735d293529 cd4d6f737555656d e9716d652f77336d 8901476f732f5365 037375 (char[3])010100 |End tag of coded data |last Zero is not Coded - it used only for detect end of Coded data |Decode is simple: all Coded data splited by 8 bytes blocks |First byte of each block is first bits of 7 bytes data bit0 always 1 |Bit1 represents bit0 of byte1, bit2 represents bit0 of byte2 ... |Left 7 bytes bit0 set to 1 for coded data |Decoded result of our example will be: | M a p s \ ( 5 ) L o s t T e m p l e . w 3 m F o r . R e s t |02480600 00 7C00 7C00 A3DF1C42 4D6170735E2835294C6F737454656D706C652E77336D00 466F722E5265737400 00 |(DWORD) 02480600 |Game Flags | | Speed: (mask 0x00000003) cannot be combined | | 0x00000000 - Slow game speed | | 0x00000001 - Normal game speed | | 0x00000002 - Fast game speed | | Visibility: (mask 0x00000F00) cannot be combined | | 0x00000100 - Hide terrain | | 0x00000200 - Map explored | | 0x00000400 - Always visible (no fog of war) | | 0x00000800 - Default | | Observers/Referees: (mask 0x40003000) cannot be combined | | 0x00000000 - No Observers | | 0x00002000 - Observers on Defeat | | 0x00003000 - Additional players as observer allowed | | 0x40000000 - Referees | | Teams/Units/Hero/Race: (mask 0x07064000) can be combined | | 0x00004000 - Teams Together (team members are placed at neighbored starting locations) | | 0x00060000 - Fixed teams | | 0x01000000 - Unit share | | 0x02000000 - Random hero | | 0x04000000 - Random races |(BYTE) 00 |Zero |(BYTE) 7C |unknow value (zero for ladder games) |(BYTE) 00 |Zero |(BYTE) 7C |unknow value (zero for ladder games) |(BYTE) 00 |Zero |(DWORD) A3DF1C42 |Map file CRC32 |(char[])4D6170735E2835294C6F737454656D706C652E77336D00 | |Map path (null terminated) |(char[])466F722E5265737400 | |Host player name (null terminated) |(BYTE) 00 |Zero ----End of Coded Part---- (DWORD) 04000000 |Total game slots (count all slots) (DWORD) 09000000 |Game type tag | 0x00000001 - Custom | 0x00000009 - Blizzard/Ladder | (not used others possible values) | 0x00000002 - Melee | 0x00000003 - Free for all | 0x00000004 - one vs one | 0x00000005 - CTF | 0x00000006 - Greed | 0x00000007 - Slaughter | 0x00000008 - Sudden Death | 0x0000000A - Use Map Settings | 0x0000000B - Team Melee | 0x0000000C - Team FFA | 0x0000000D - Team CTF | 0x0000000F - Top vs Bottom | 0x00000010 - Iron man ladder (DWORD) 01000000 |Always 0x00000001? (DWORD) 04000000 |Free game slots (aviable for player connection) (DWORD) 00000000 |Hosting time in seconds (WORD) e017 |Hosts client port ***************************************************** Request game list (from Battle.Net) SID_GETADVLISTEX 0x09 OUT BATTLE.NET:06112 LEN:23 · · · · · · · · · · · · · · · · · · · · · · · ff 09 1700 00e07f00 00000000 00000000 14000000 0000 00 (BYTE) ff |W3GS Signature (BYTE) 09 |Packet Signature (WORD) 1700 |Packet Size (DWORD) 00e07f00 |Filter flags | Map author: (mask 0x00006000) can be combined | 0x00002000 - Blizzard | 0x00004000 - Custom | 0x00006000 - Any | Battle type: (mask 0x00018000) cant be combined | 0x00000000 - Battle | 0x00010000 - Scenario | 0x00018000 - Any | Map size: (mask 0x000E0000) can be combined | 0x00020000 - Small | 0x00040000 - Medium | 0x00080000 - Huge | 0x000E0000 - Any | Observers: (mask 0x00700000) can be combined | 0x00100000 - Allowed observers | 0x00200000 - Observers on defeat | 0x00400000 - No observers | 0x00700000 - Any (DWORD) 00000000 |Filter mask: can be combined (mask used only if not ANY value for filter) | 0x00006000 - Filter author | 0x00018000 - Battle type | 0x000E0000 - Map size | 0x00700000 - Observers | 0x00000000 - No filters (DWORD) 00000000 |Zero (DWORD) 14000000 |Always 0x14? Maby its game version (WORD) 0000 |Zero (BYTE) 00 |Zero ***************************************************** Response game list (from Battle.Net) SID_GETADVLISTEX 0x09 IN BATTLE.NET:06112 LEN:12 · · · · · · · · · · · · ff 09 0c00 00000000 01000000 IN BATTLE.NET:06112 LEN:2706 · · · · · · · · ff 09 920a 14000000 · I · · · · · · · · · R · · · · · · · · · · · · · · · · · · · · · · · · · · · · · b 1 0 0 0 0 0 0 0 · · I · · · y · · y · · · · · M · a q s ] E o w · o m o a e ] ) · 1 1 ) K e y _ · U o _ M i g e I · W 1 / 3 7 ) · S U S ) / w 3 · y · [ o m m m · · · · 0120490019040000 020017e052c19483 00000000 00000000 10000000 05000000 d0bad0bbd18ed18700 00 62 3130303030303030 0103490701017901f97901c7c19b854dcb6171735d456f77196f6d6f61655d29fb3131294b65795fad556f5f4d696765497f57312f333729dd535553292f77331179015b6f6d6d6d01010100 · I · · · · · · · · · · p · ~ · · · · · · · · · · · · · · · · F i n a l F a n t a s y O p e n R P G · · b 1 0 0 0 0 0 0 0 · · I · · · · · · · · · · { · M · a q s ] E o w · o m o a e ] G ) G ! o q e o ! · G i o a m ! 1 e / 1 1 / w 3 y · · S i m k e s · a q a o · · · 012049001d040000 020017e0d570897e 00000000 00000000 10000000 00000000 46696e616c2046616e74617379204f70656e205250470000623130303030303030010349070101f50199f50195917be94dcb6171735d456f77196f6d6f61655d472947216f71656f219547696f616d2131652f31312f773379ed0153696d6b65730b6171616f010100 · · B · · · · · · · · · S · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · 1 · · · · 1 · · 3 1 0 0 0 0 0 0 0 · · I · · · u · · u · · [ y = M · a q s ] G s o · { e o U i s o · o e ] ) 5 ) M · a e m s u s o ; m ! W E G ! 3 1 / 5 / w 3 y · W a u u i [ m · · · · 01a0420019040000 020017e053ef18aa 00000000 00000000 10000000 20000000 d0bcd0bed187d18320d180d183d181d181d0bad0b8d1852031d0bdd0b0312000003331303030303030300103490701017501b17501f55b793d4d8b6171735d47736f857b656f5569736fc56f655d2935294d9761656d7375736f3b6d215745472133312f352f7733790157617575695b6d01010100 · I · · · · · · · · · U · 6 · · · · · · · · · · · · · · · · · D o t A . 3 2 b - a p - s m - b l · · 9 1 0 0 0 0 0 0 0 · · I · · · u · · u · · · · · M · a q s ] E o w · o m o a e ] E + o u A ! A m m + s u a s s ! w · 7 / 3 3 c / w · 3 y · i 1 1 u · _ a c · · · 0120490007040000 020017e155d8369f 00000000 00000000 10000000 13000000 446f7441202e33326220202d6170202d736d202d626c00003931303030303030300103490701017501e17501bfcda7ed4dcb6171735d456f77196f6d6f61655d452b6f754121416d6d2b7375617373217789372f3333632f770333790169313175075f6163010100 · I · · · · · · · · · X · T 3 · · · · · · · · · · · · · · · · H u m a n s v s O r c s ! ! ! C o m e o n ! ! ! · · b 1 0 0 0 0 0 0 0 · · I · · · · · · · · s · ' s M · a q s ] E o w · o m o a e ] I · u m a o s w s · O s c s w 3 [ · 1 ] [ 1 ] / 1 · / w 3 y · C e · w a s e _ 7 7 · · · · 012049000c040000 020017e058895433 00000000 00000000 10000000 05000000 48756d616e73207673204f726373212121436f6d65206f6e21212100006231303030303030300103490701019501b1950173db27734dcb6171735d456f77196f6d6f61655d49af756d616f7377739b4f73637377335bbf315d5b315d2f318d2f773379014365f7776173655f373701010100 · I · · · · · · · · · > & · · · · · · · · · · · · · · · · · · d o t A v 6 . 3 2 - a p - s m n o l e a v e r s · · 9 4 0 0 0 0 0 0 0 · · I · · · u · · u · · · · · M · a q s ] e o w · o m o a e ] E ; o u A _ A m m k s u a s s _ w ] 7 [ 1 ] / 3 3 · / w 3 y · g a · m i e i · · · 0120490008040000 020017e03e26e48a 00000000 00000000 10000000 05000000 646f74412076362e3332202d6170202d736d206e6f206c65617665727300003934303030303030300103490701017501917501b3a7a9b74dcb6171735d656f77196f6d6f61655d453b6f75415f416d6d6b73756173735f775d375b315d2f3333cd2f773379016761176d696569010100 · E · · · · · · · · · V · · · · · · · · · · · · · · · · · · · F i n a l f a n t a s y F R ( l v l 2 5 o u + ) · · 4 1 0 0 0 0 0 0 0 · · I · · · · · · · · } · · O M · a q s ] E o w · o m o a e ] G · G G o s e w e · s ! s 1 c / w # 3 y · S y i m · e i o o · · · 012045000c040000 020017e056d0a8e5 00000000 00000000 10000000 12000000 46696e616c2066616e7461737920465220286c766c203235206f75202b290000343130303030303030010349070101f501c9f5017de7834f4dcb6171735d456f77196f6d6f61655d47a947476f73657765b173217331632f77233379015379696d0d65696f6f010100 ... (BYTE) ff |W3GS Signature (BYTE) 09 |Packet Signature (WORD) 920a |Packet Size ###If GameList empty### (DWORD) 00000000 |Zero if GameList is empty (DWORD) 01000000 |Always 0x00000001? (end of packet) ###If GameList not empty### (DWORD) 14000000 |Always 0x14? Maby its game version (Zero if GameList is empty) ===GameList=== (contains one or more GameInfo structures) ~~~GameInfo~~~ (DWORD) 01204900 |Game type | Game type tag: (read W3GS_GAMEINFO for this field) | 0x00000001 - Custom | 0x00000009 - Blizzard/Ladder | Map author: (mask 0x00006000) can be combined | 0x00002000 - Blizzard | 0x00004000 - Custom | Battle type: (mask 0x00018000) cant be combined | 0x00000000 - Battle | 0x00010000 - Scenario | Map size: (mask 0x000E0000) can be combined with 2 nearest values | 0x00020000 - Small | 0x00040000 - Medium | 0x00080000 - Huge | Observers: (mask 0x00700000) cant be combined | 0x00100000 - Allowed observers | 0x00200000 - Observers on defeat | 0x00400000 - No observers | Flags: | 0x00000800 - Private game flag (not used in game list) |Not all researched!!!! (DWORD) 19040000 |Unknow (sockaddr_in)020017e052c19483 |Host IP and Port used for join game (DWORD) 00000000 |Zero (DWORD) 00000000 |Zero (DWORD) 10000000 |Always 0x00000010? (DWORD) 05000000 |Hosting time in seconds (char[]) d0bad0bbd18ed18700 |GameName UTF-8 Coded (null terminated string) (BYTE) 00 |Zero (char) 62 |text formated hexadecimal Count of Free Slots (small case) (char[8])3130303030303030 |text formated hexadecimal Hosting Counter (upper case) ----Coded Part of Packet---- (char[]) 0103490701017901|Coded data f97901c7c19b854d cb6171735d456f77 196f6d6f61655d29 fb3131294b65795f ad556f5f4d696765 497f57312f333729 dd535553292f7733 1179015b6f6d6d6d 01 (char[3])010100 |End tag of coded data (and end tag of GameInfo) |Decoded data means same as W3GS_GAMEINFO coded part (read above) ----End of Coded Part---- ~~~GameInfo(end)~~~ ... ===GameList(end)=== ***************************************************** Create Custom Game (on Battle.Net) SID_STARTADVEX3 0x1C OUT BATTLE.NET:06112 LEN:117 · · u · · · · · · · · · · I · · · · · · · · · D o t A · · 9 1 0 0 0 0 0 0 0 · · I · · · u · · u · · · · · M · a q s ] E o w · o m o a e ] E + o u A ! A m m + s u a s s ! w · 7 / 3 3 c / w · 3 y · E o u A · / G o s / S e · s u · · · ff 1c 7500 10000000 00000000 01204900ff030000 00000000 446f744100 00 39 3130303030303030 0103490701017501e17501bfcda7ed4dcb6171735d456f77196f6d6f61655d452b6f754121416d6d2b7375617373217789372f3333632f77a3337901456f7541892f476f732f5365037375010100 (BYTE) ff |W3GS Signature (BYTE) 1c |Packet Signature (WORD) 7500 |Packet Size (DWORD) 10000000 |Always 0x00000010? (DWORD) 00000000 |Zero (DWORD) 01204900 |Game type (read SID_GETADVLISTEX 0x09 first GameInfo bytes) (DWORD) ff030000 |Always 0x000003FF? (DWORD) 00000000 |Zero (char[]) 446f744100 |GameName UTF-8 Coded (null terminated string) (BYTE) 00 |Zero (char) 39 |text formated hexadecimal Count of Free Slots (small case) (char[8])3130303030303030 |text formated hexadecimal Hosting Counter (upper case) ----Coded Part of Packet---- (char[]) 0103490701017501|Coded data e17501bfcda7ed4d cb6171735d456f77 196f6d6f61655d45 2b6f754121416d6d 2b73756173732177 89372f3333632f77 a3337901456f7541 892f476f732f5365 037375 (char[3])010100 |End tag of coded data |Decoded data means same as W3GS_GAMEINFO coded part (read above) ----End of Coded Part---- ===================================================== = 2. Join Game = ===================================================== Request Join Game (clients send this on every try to join game) W3GS_REQJOIN 0x1E IN 192.168.000.003:01040 LEN:42 · · 3 · · · · · · · 8 · · · · · · · · R u s s i a . O n l i n e · · · · · · · · · · · · · · · · · · · f7 1e 3300 05000000 fed83814 00 e117 02000000 5275737369612e4f6e6c696e6500 0100 020017e0c0a80003 00000000 00000000 (BYTE) f7 |W3GS Signature (BYTE) 1e |Packet Signature (WORD) 3300 |Packet Size (DWORD) 05000000 |Join game counter of client (DWORD) fed83814 |GetTickCount WinAPI value only for LAN games (Zero for battle.net games) (BYTE) 00 |Always zero? (i think its additional byte for tick count) (WORD) e117 |External game port (used by others Game clients to connect to this client) (DWORD) 02000000 |Total game join/create counter (char[]) 5275737369612e4f6e6c696e6500 |Client name (null terminated string) (WORD) 0100 |Always 0x0001? IPv4 type tag (sockaddr_in) 020017e0c0a80003 |Internal client IP and Port (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability ***************************************************** Reject Join Game (host Rejects join game request W3GS_REQJOIN) W3GS_REJECTJOIN 0x05 OUT 192.168.000.003:01047 LEN:8 · · · · · · · · f7 05 0800 09000000 (BYTE) f7 |W3GS Signature (BYTE) 05 |Packet Signature (WORD) 0800 |Packet Size (DWORD) 09000000 |Always 0x0000009? ***************************************************** Accept Join Game with Slot info (host send this to client on W3GS_REQJOIN) W3GS_SLOTINFOJOIN 0x04 Update Slot info (host send this to client on slot changes, even player dont know any info about players or donwload map) W3GS_SLOTINFO 0x09 OUT 192.168.000.003:01046 LEN:48 · · 0 · · · · · d · · · · ` · d · · · · · · ` · d - · · · · · f7 04 3000 1900 02 016402000000600164 00ff0000010c600164 2dd21302 00 02 · · · · · · · · · · · · · · · · · 02 02000416c0a80003 00000000 00000000 (BYTE) f7 |W3GS Signature (BYTE) 04 |Packet Signature (0x04 or 0x09) (WORD) 3000 |Packet Size (WORD) 1900 |SlotsInfo size (can be 0 if host updating slots at this moment) ----SlotsInfo---- (optional for W3GS_SLOTINFOJOIN but should be in W3GS_SLOTINFO) (BYTE) 02 |Count of slots (can be 0 for example in ladder game) (char[9])016402000000600164 |Slot1 (char[9])00ff0000010c600164 |Slot2 |(BYTE) 01 |PID - Player ID (0 - not client, 1 - host) |(BYTE) 64 |Download status (0x64 - 100%, 0xFF - not client) |(BYTE) 02 |SlotStatus (0 - open, 1 - closed, 2 - controlled) |(BYTE) 00 |Controller (1 - computer, 0 - human/open/closed) |(BYTE) 00 |Team Number from 0 to 11 (12 - free/observer/referee) |(BYTE) 00 |Color Number from 0 to 11 (12 - free/observer/referee) |(BYTE) 60 |Race flags | | 0x01 - Human | | 0x02 - Orc | | 0x04 - Night Elf | | 0x08 - Undead | | 0x20 - Random | | 0x40 - Race selected or fixed by map or ladder game |(BYTE) 01 |Controller Type (0 - easy comp, 2 - hard comp, 1 - human/normal comp) |(BYTE) 64 |Handicap from (valid values: 0x32, 0x3C, 0x46, 0x50, 0x5A, 0x64) (DWORD) 2dd21302 |GetTickCount WinAPI value of host (BYTE) 00 |Always zero? (i think its additional byte for tick count) (0xCC for ladder game) (BYTE) 02 |Count of slots (end tag?) (0xCC for ladder game) ----SlotsInfo End---- ----JoinInfo---- (only for W3GS_SLOTINFOJOIN) this part not contains in W3GS_SLOTINFO packets (BYTE) 02 |PID - Player ID that host gives to client (sockaddr_in)02000416c0a80003 |Host side client IP and Port (sockaddr_in structure) (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability ----JoinInfo End---- ==== Examples ==== Ladder game (not contains slots in Slot Info stucture, also 0xCC bytes) f704 1e00 0700 00 c7bdcf30 cc cc 05 0200 10b0 52d04788 00000000 00000000 Custom game without SlotsInfo f704 1700 0000 02 0200 0775 52d04708 00000000 00000000 Update slot info (without JoinInfo always) f709 4c00 4600 07 016402000000010164 02ff02000001010164 036402000002010164 046402000003010164 00ff02010109080164 00ff0201020a010164 00ff0201010b080164 9fc6a700 03 07 ==== Examples (end) ==== ***************************************************** Player information (host send this to each client on every player except player that recive this info) W3GS_PLAYERINFO 0x06 OUT 192.168.000.003:01053 LEN:52 · · 4 · · · · · · F o r . R e s t · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · f7 06 3400 12000000 01 466f722e5265737400 0100 0000000000000000 00000000 00000000 0000000000000000 00000000 00000000 (BYTE) f7 |W3GS Signature (BYTE) 06 |Packet Signature (WORD) 3400 |Packet Size (DWORD) 12000000 |Player join/create counter (BYTE) 01 |PID (char[]) 466f722e5265737400 |Player name (null terminated) (WORD) 0100 |Always 0x0001? IPv4 type tag (sockaddr_in)0000000000000000 |External player IP and Port (sockaddr_in structure) (Zero for host) (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability (sockaddr_in)0000000000000000 |Internal player IP and Port (sockaddr_in structure) (Zero for host) (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability (DWORD) 00000000 |Always zero? additional bytes for IPv6 compability ===================================================== = 3. Map Check/Download = ===================================================== Check map request (host send this to client after all players info) W3GS_MAPCHECK 0x3D OUT 192.168.000.003:01030 LEN:45 · = - · · · · · M a p s \ ( 2 ) H i l l s O f G l o r y . w 3 m · 6 u · · I · · · ' · · 6 f7 3d 2d00 01000000 4d6170735c28322948696c6c734f66476c6f72792e77336d00 36750100 49caebd1 2792eb36 (BYTE) f7 |W3GS Signature (BYTE) 3d |Packet Signature (WORD) 2d00 |Packet Size (DWORD) 01000000 |Always 0x00000001? (char[]) 4d6170735c28322948696c6c734f66476c6f72792e77336d00 |Map path (null terminated) (DWORD) 36750100 |File size (DWORD) 49caebd1 |Unknow DWORD (DWORD) 2792eb36 |Map file CRC32 ***************************************************** Response map size (client send this as response on map check) W3GS_MAPSIZE 0x42 IN 192.168.000.003:01033 LEN:13 · B · · · · · · · 6 u · · f7 42 0d00 01000000 01 36750100 (BYTE) f7 |W3GS Signature (BYTE) 42 |Packet Signature (WORD) 0d00 |Packet Size (DWORD) 01000000 |Always 0x00000001? (BYTE) 01 |Size flag | 0x01 - Got total size of file (happens on map check or finished download map) | next field: Map file size client have (Zero, if client request download map) | 0x03 - Continue donwload map file (happens after every W3GS_MAPPARTOK) | next field: Start location of part that client requests (or curren got file size) (DWORD) 36750100 |Map file size Remarks: If 2 players have same external IP and one of them dont have map, then those who have no map sends some packets to other from subnet to download Locally the map, without host. Need research this moments. ***************************************************** Prepare to download map (host send this to client if he have wrong size or have no map) W3GS_STARTDOWNLOAD 0x3F OUT 192.168.000.003:01034 LEN:9 · ? · · · · · · · f7 3f 0900 01000000 01 (BYTE) f7 |W3GS Signature (BYTE) 3f |Packet Signature (WORD) 0900 |Packet Size (DWORD) 01000000 |Always 0x00000001? (BYTE) 01 |Always 0x01? (think its PID from who client requests download) ***************************************************** Part of map file (host send this part by part if client needs update or download map after W3GS_STARTDOWNLOAD) W3GS_MAPPART 0x43 OUT 192.168.000.003:01035 LEN:1460 · C · · · · · · · · · · · · f7 43 b405 0201 01000000 00000000 t ! , v H M 3 W · · · · D o t A A l l s t a r s v 6 . 1 6 · h O · · · · · · · · · · · · · · · · 74212c76484d335700000000446f744120416c6c73746172732076362e313600684f01000a00000000000000000000000000... (BYTE) f7 |W3GS Signature (BYTE) 43 |Packet Signature (WORD) b405 |Packet Size (WORD) 0201 |Always 0x0102? (think first byte is receiver PID and second is sender PID) (DWORD) 01000000 |Always 0x00000001? (DWORD) 00000000 |File pointer (start location of this file part) (char[]) 74212c...|Part of file (1442 bytes maximum) to the end of packet ***************************************************** Part of map file succesful download (client send this on every part got) W3GS_MAPPARTOK 0x44 IN 192.168.000.003:01035 LEN:14 · D · · · · · · · · · · · · f7 44 0e00 0102 01000000 a2050000 (BYTE) f7 |W3GS Signature (BYTE) 44 |Packet Signature (WORD) 0e00 |Packet Size (WORD) 0102 |Always 0x0201? (think first byte is PID who should send next part and second is receiver PID) (DWORD) 01000000 |Always 0x00000001? (DWORD) a2050000 |File pointer (start location of next part that client request) [/code] ... Check for updates this post later ... | May 16, 2006, 3:44 PM |
| bethra | I didn't look through it all, but pretty nice. Good work. | May 16, 2006, 7:55 PM |
| HeRo | this is exactly what i've been needing, thanks | May 16, 2006, 11:14 PM |
| PaiD | Same, I needed this alot. Thanks Man! | May 16, 2006, 11:44 PM |
| maldn | i have some comments on the gameInfo packet. about the encoded part. i am very certain, as i stated in the other thread, that the encoded part starts after the 0x00 after the gamename. why? 1) in replays it starts there 2) some values tagged unknown by you do vanish... example: [code] i let my encoded data start with 01034907... not with 997d01... static const char enc1_raw[] = { 0x01,0x03,0x49,0x07,0x01,0x01,0x7d,0x01, 0x99,0x7d,0x01,0xa3,0xdf,0x1d,0x43,0x4d,0x8b,0x61, 0x71,0x73,0x5d,0x29,0x35,0x29,0xcd,0x4d,0x6f,0x73, 0x75,0x55,0x65,0x6d,0xe9,0x71,0x6d,0x65,0x2f,0x77, 0x33,0x6d,0x89,0x01,0x47,0x6f,0x73,0x2f,0x53,0x65, 0x03,0x73,0x75,0x01,0x01 }; [/code] if we decode that, we get [code] 02 48 06 00 00 7c 00 7c . H . . . | . | 00 a3 df 1c 42 4d 61 70 . . . . B M a p 73 5c 28 34 29 4c 6f 73 s \ ( 4 ) L o s 74 54 65 6d 70 6c 65 2e t T e m p l e . 77 33 6d 00 46 6f 72 2e w 3 m . F o r . 52 65 73 74 00 00 r e s t [/code] we are interested in the first 13 bytes. after that comes gamename&creator name and a null-char/byte. lets have a closer look (for reference look at w3g_format.txt section 4.3/4.4): [code] decoded gamesettings: 02 48 06 00 00 7c 00 7c 00 a3 df 1c 42 02 -> 00000010 -> fast gamespeed 48 -> 01001000 -> !hide ; !explored ; !nofog ; default ; no obs ; teams together 06 -> 00000110 -> fixed teams: on 00 -> 00000000 -> no full shared control; no rnd hero; no all rnd; no obs/refs 00 -> 00000000 -> 0 7c -> 01111100 -> unknown (0 in ladder games, but not in custom) 00 -> 00000000 -> 0 7c -> 01111100 -> unknown (0 in ladder games, but not in custom) 00 -> 00000000 -> 0 a3 df 1c 42 -> map checksum [/code] looks good eh? you dont have your obscure 'codedTag' and the unknown 0x7c00 anymore. maldn p.s. for those of you lazy looking into w3g_format.txt, here is section 4.4 [code] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 4.4 [GameSettings] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Make sure you have decoded the GameSettings (see 4.3). The game settings (extended options on create game screen) are packed using various flags distributed over 13 bytes. For details about the single options read the file "support/Readme/(PC)UIMainMenus.html" in your WarCraft III installation directory. Denoted below are only nonzero flags. offset | bitnr | Description -------+-------+--------------------------------------------------------------- 0x0000 | 0,1 | Game Speed: 0 = slow, 1 = normal, 2 = fast, 3 = unused -------+-------+--------------------------------------------------------------- 0x0001 | 0 | Visibility: 'hide terrain' | 1 | Visibility: 'map explored' | 2 | Visibility: 'always visible' (no fog of war) | 3 | Visibility: 'default' | 4,5 | Observer : 0 = off or 'Referees' (see 0x0003 Bit6) | | 1 = unused | | 2 = 'Obs on Defeat' | | 3 = on or 'Referees' | 6 | Teams Together (team members are placed at neighbored places) -------+-------+--------------------------------------------------------------- 0x0002 | 1,2 | Fixed teams: 0 = off, 1 = unused, 2 = unused, 3 = on -------+-------+--------------------------------------------------------------- 0x0003 | 0 | Full Shared Unit Control | 1 | Random Hero | 2 | Random Races | 6 | Observer: Referees (other observer bits are 0 or 3) -------+-------+--------------------------------------------------------------- 0x0004 | | 0 0x0005 | | unknown (0 in ladder games, but not in custom) 0x0006 | | 0 0x0007 | | unknown (0 in ladder games, but not in custom) 0x0008 | | 0 -------+-------+--------------------------------------------------------------- 0x0009 | 4Byte | Map Checksum //TODO: find algorithm - 0C | | -------+-------+--------------------------------------------------------------- [/code] | May 17, 2006, 11:31 AM |
| bethra | Does anyone know how the game signature is generated? | May 18, 2006, 1:31 AM |
| DotA.For.Rest | Can u post it here? plz. i have W3G_FORMAT version 1.12 and W3G_ACTIONS version 0.97 if you have new version post actions too, i cant found them also i've update W3GS_GAMEINFO (look first post again in this topic) | May 18, 2006, 9:09 AM |
| maldn | the game signature isnt exactly generated. if you have had a lookk at the actual bytes you might have noticed that 0x50583357 is PX3W in ASCII. taking byte-order into acount and you end up with W3XP -> Warcraft 3 Expansion (TFT) as for the w3g_* files, have a look at the cvs at http://warcraft.kliegman.com/ and a minor note: i wouldn call is 'game creation counter' its more like a game-id thats more or less upcounting on new seen/created games. but you can use whatever you want like 0xdeadbeef or so... maldn | May 18, 2006, 12:49 PM |
| DotA.For.Rest | Updated! Added SID_GETADVLISTEX and SID_STARTADVEX3 for WAR3/W3XP games, and changed some names of fields. thanks for link, got new versions of this files | May 18, 2006, 4:54 PM |
| bethra | [quote author=maldn link=topic=14994.msg152680#msg152680 date=1147956573] the game signature isnt exactly generated. if you have had a lookk at the actual bytes you might have noticed that 0x50583357 is PX3W in ASCII. taking byte-order into acount and you end up with W3XP -> Warcraft 3 Expansion (TFT) [/quote]Ah ok. So it's the Product ID then. Errr now I see, the guy documents the "Packet ID" as "Packet Signature". I guess I'm just used to how BnetDocs documents packets. It seems they use "ID" in place of "Signature". I guess I inadvertantly associate the word "Signature" with some unique value sometimes. Great work. I wish my Uni port forwarded port 6112 so that I could try and write a "DL Only" bot this summer while I'm bored as hell working there. | May 18, 2006, 10:02 PM |
| DotA.For.Rest | when im start learning english by my profession, i should understand that there is 2 different english languages, one is Speaking English, and other is Technical English. Cuz im programmer i decide learn Technical, and now i have alot of problems with speacking english ). i telling its for explain why Data Markers means same as Data Tag, why Object ID means Signature. its same for translate but first in Speaking English, second in Technical. i have read alot of Tech Books, but none of simple. Thats how i understand all of this. Im naming objects like it do most of Tech Books. Ofc i can name them with any names, but this more readable. for Tech books ID used only for internal object/structures/other numerations only. Thats why Player ID/Slot ID. Download Only BOT Cool Idea, did not thought about it. Great. | May 19, 2006, 6:44 AM |
| esby | I tried to sniff 0xf735 and 0xf736 packets, but apparently I can't get them when I create a private game on bnet. I see these packets when someone else hosts, but not when I do... I can see the other packets, so it's not a filter problem. I am wondering if there could be some warcraft III FT version that does not emmit those? Another question, are any information available about the various chat message packet ? esby | November 29, 2006, 7:44 PM |
| leax | maldn and hero seems to know alot on the subject though i couldnt get hold of them as i was having trouble with conenctions in another post https://davnit.net/bnet/vL/index.php?PHPSESSID=d1a63cea641ea1089ff4b00150e34b28&topic=16065.0 | November 30, 2006, 2:06 AM |
| JoeTheOdd | [quote]i am very certain, as i stated in the other thread, that the encoded part starts after the 0x00 after the gamename. why?[/quote] The 0x00 after the game name is called a null terminator. It's actually part of the game name, telling the computer where the string of bytes that identifies the name ends at. | November 30, 2006, 5:50 AM |
| rabbit | [quote author=maldn link=topic=14994.msg152623#msg152623 date=1147865509] i am very certain, as i stated in the other thread, that the encoded part starts after the 0x00 after the gamename. why? [/quote]https://davnit.net/bnet/vL/index.php?topic=9278.0 | November 30, 2006, 11:45 AM |
| Maddox | More info... Packet 0x1c first dword: masks: 0x00000010 public game 0x00000011 private game 0x00000002 game full 2nd dword: game time in seconds | December 9, 2007, 1:28 PM |
| DDA-TriCk-E | ###If GameList not empty### (DWORD) 14000000 |Always 0x14? Maby its game version (Zero if GameList is empty) ^ This is actually the number of games returned in packet 0x09 | May 3, 2010, 1:14 AM |