| Author | Message | Time |
|---|---|---|
| HdxBmx27 | I've come along this during my work on creating a emu server, But anyways. For some reason Diablo 1 Will think it failed the version check even when it recieves success unless it recieves 255 extra bytes of random data.... [code] 21 63.241.83.107:6112 192.168.0.10:4406 264 Recv 0000 FF 07 08 01 02 00 00 00 00 00 CF 02 F9 26 00 10 .............&.. 0010 61 68 68 61 68 61 00 00 00 00 00 00 80 EB 43 00 ahhaha........C. 0020 40 57 6D 11 D8 F0 CF 02 A0 F1 CF 02 F0 78 AA 01 @Wm..........x.. 0030 00 00 00 60 CA D1 1E 51 A8 F0 CF 02 AD EC 43 00 ...`...Q......C. 0040 D8 F0 CF 02 E0 87 87 0D 77 23 77 2E 63 2E 7A 00 ........w#w.c.z. 0050 72 65 65 77 69 6E 73 00 F0 25 17 03 00 00 00 60 reewins..%.....` 0060 CC F0 CF 02 14 33 44 00 E9 22 00 10 D0 F0 CF 02 .....3D.."...... 0070 2A 65 72 75 00 00 00 00 68 43 C4 01 68 43 C4 01 *eru....hC..hC.. 0080 FF 00 00 00 01 00 00 00 F4 F0 CF 02 F9 26 00 10 .............&.. 0090 E9 22 00 10 F8 F0 CF 02 1F 23 00 10 01 00 00 00 .".......#...... 00A0 F8 07 00 00 30 02 A4 01 09 00 00 00 00 00 00 00 ....0........... 00B0 AC F1 CF 02 2F 32 45 00 00 01 5F 02 00 27 00 10 ..../2E..._..'.. 00C0 00 00 00 00 18 F1 CF 02 DC F1 CF 02 01 00 00 00 ................ 00D0 00 E0 CE B7 B5 65 00 00 00 00 00 00 00 00 00 10 .....e.......... 00E0 00 00 20 00 10 00 00 00 E4 F1 CF 02 01 00 00 00 .. ............. 00F0 77 00 00 00 14 A9 E9 01 00 00 00 59 00 00 00 00 w..........Y.... 0100 00 00 20 00 14 A9 E9 01 .. .....[/code] This is only seen in 1.09, other versions accept it correctly without the extra data... [code]17 127.0.0.1:6112 127.0.0.1:4332 9 Recv 0000 FF 07 09 00 02 00 00 00 00 .........[/code] Has anyone attempted to look into exactly what D1 does with this data? It does not care what the data is, but this should be documented none the less.... Anyone got anything to input? ~-~(HDX)~-~ | January 4, 2007, 4:52 AM |
| UserLoser | Hmm old news. This appears to be just a random memory chunk from the server. A while back Skywing and I analyzed it somewhat and didn't find anything significant. It's probably just some sort of internal structure used to store data. | January 4, 2007, 5:46 AM |
| HdxBmx27 | Ya, I remember talking about it with you a long time ago. The main thing I wanted to know, is exactly WHY does the client say it fails if it is not there? So I was hoping someone could poke a round a little and look at the actual client. ~-~(HDX)~-~ | January 4, 2007, 5:48 AM |
| Ringo | Remember 0x07 has 2 strings following the DWORD, not 1 :P afaik, d1/w2 wont read past offset 0x0A for packet 0x07. [code] 1 127.0.0.1:3668 127.0.0.1:6112 1 Recv 0000 01 . 2 127.0.0.1:3668 127.0.0.1:6112 26 Recv 0000 FF 1E 1A 00 01 00 00 00 00 00 00 00 00 00 00 00 ................ 0010 00 00 00 00 00 00 00 00 00 00 .......... 3 127.0.0.1:6112 127.0.0.1:3668 20 Send 0000 FF 05 14 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0010 00 00 00 00 .... 4 127.0.0.1:3668 127.0.0.1:6112 62 Recv 0000 FF 12 3E 00 C0 BF AF 70 E9 2F C7 01 C0 BF AF 70 ..>....p./.....p 0010 E9 2F C7 01 00 00 00 00 09 04 00 00 09 08 00 00 ./.............. 0020 09 08 00 00 45 4E 47 00 34 34 00 47 42 52 00 55 ....ENG.44.GBR.U 0030 6E 69 74 65 64 20 4B 69 6E 67 64 6F 6D 00 nited Kingdom. 5 127.0.0.1:6112 127.0.0.1:3668 12 Send 0000 FF 1D 0C 00 01 00 00 00 02 00 00 00 ............ 6 127.0.0.1:3668 127.0.0.1:6112 20 Recv 0000 FF 06 14 00 36 38 58 49 4C 54 52 44 2A 00 00 00 ....68XILTRD*... 0010 00 00 00 00 .... 7 127.0.0.1:6112 127.0.0.1:3668 8 Send 0000 FF 25 08 00 81 8E B7 0E .%...... 8 127.0.0.1:6112 127.0.0.1:3668 50 Send 0000 FF 06 32 00 00 9E A9 CB 72 FC C6 01 6C 6F 63 6B ..2.....r...lock 0010 64 6F 77 6E 2D 49 58 38 36 2D 30 37 2E 6D 70 71 down-IX86-07.mpq 0020 00 05 A9 CB 95 D6 93 FC 98 2A A6 DA 99 0C A8 54 .........*.....T 0030 50 00 P. 9 :0 127.0.0.1:6112 12 RecvFrom 0000 09 00 00 00 02 00 00 00 01 00 00 00 ............ 10 127.0.0.1:6112 :0 8 SendTo 0000 05 00 00 00 74 65 6E 62 ....tenb 11 127.0.0.1:6112 :0 8 SendTo 0000 05 00 00 00 74 65 6E 62 ....tenb 12 :0 127.0.0.1:6112 12 RecvFrom 0000 09 00 00 00 02 00 00 00 01 00 00 00 ............ 13 127.0.0.1:6112 :0 8 SendTo 0000 05 00 00 00 74 65 6E 62 ....tenb 14 127.0.0.1:6112 :0 8 SendTo 0000 05 00 00 00 74 65 6E 62 ....tenb 15 127.0.0.1:3668 127.0.0.1:6112 8 Recv 0000 FF 25 08 00 81 8E B7 0E .%...... 16 :0 127.0.0.1:6112 12 RecvFrom 0000 09 00 00 00 02 00 00 00 01 00 00 00 ............ 17 127.0.0.1:6112 :0 8 SendTo 0000 05 00 00 00 74 65 6E 62 ....tenb 18 127.0.0.1:6112 :0 8 SendTo 0000 05 00 00 00 74 65 6E 62 ....tenb 19 127.0.0.1:3668 127.0.0.1:6112 41 Recv 0000 FF 07 29 00 36 38 58 49 4C 54 52 44 2A 00 00 00 ..).68XILTRD*... 0010 01 09 00 01 B4 9A 28 27 DC A6 09 1C 7B 6E 33 E3 ......('....{n3. 0020 D9 50 BC 43 98 41 82 90 00 .P.C.A... 20 127.0.0.1:6112 127.0.0.1:3668 10 Send 0000 FF 07 0A 00 02 00 00 00 00 00 .......... 21 127.0.0.1:3668 127.0.0.1:6112 4 Recv 0000 FF 2D 04 00 .-.. 22 127.0.0.1:3668 127.0.0.1:6112 8 Recv 0000 FF 14 08 00 74 65 6E 62 ....tenb 23 127.0.0.1:3668 127.0.0.1:6112 24 Recv 0000 FF 33 18 00 1A 00 00 00 00 00 00 00 74 6F 73 5F .3..........tos_ 0010 55 53 41 2E 74 78 74 00 USA.txt. 24 127.0.0.1:3668 127.0.0.1:6112 25 Recv 0000 FF 33 19 00 1B 00 00 00 00 00 00 00 62 6E 73 65 .3..........bnse 0010 72 76 65 72 2E 69 6E 69 00 rver.ini. 25 127.0.0.1:3668 127.0.0.1:6112 36 Recv 0000 FF 29 24 00 58 AF B7 0E 02 00 00 00 17 7F E1 C7 .)$.X........... 0010 36 CF 47 CF 22 AE 20 9E E9 95 A8 AD E5 8C F7 3E 6.G.". ........> 0020 68 75 68 00 huh. 26 127.0.0.1:6112 127.0.0.1:3668 8 Send 0000 FF 29 08 00 01 00 00 00 .)...... 27 127.0.0.1:3668 127.0.0.1:6112 37 Recv 0000 FF 0A 25 00 68 75 68 00 4C 54 52 44 20 31 20 30 ..%.huh.LTRD 1 0 0010 20 30 20 33 30 20 31 30 20 32 30 20 32 35 20 31 0 30 10 20 25 1 0020 37 33 20 30 00 73 0. 28 127.0.0.1:3668 127.0.0.1:6112 8 Recv 0000 FF 0B 08 00 4C 54 52 44 ....LTRD 29 127.0.0.1:3668 127.0.0.1:6112 42 Recv 0000 FF 0C 16 00 01 00 00 00 44 69 61 62 6C 6F 20 52 ........Diablo R 0010 65 74 61 69 6C 00 FF 15 14 00 36 38 58 49 4C 54 etail.....68XILT 0020 52 44 00 00 00 00 1A D4 9C 45 RD.......E [/code] [quote author=UserLoser link=topic=16166.msg162943#msg162943 date=1167889580] Hmm old news. This appears to be just a random memory chunk from the server. A while back Skywing and I analyzed it somewhat and didn't find anything significant. It's probably just some sort of internal structure used to store data. [/quote] Its the send packet buffer, no? https://davnit.net/bnet/vL/index.php?topic=15674.0 I Asumed its just not been overwriten, because that extra given space is not ment to be there :P | January 4, 2007, 10:41 AM |
| HdxBmx27 | http://bnetdocs.valhallalegends.com/content.php?Section=m&Code=25 Seince when does it have two strings? (Documented) And doh >.< I remembered talking with UL about it, but I didn't remember posting it. But its still not documented anywhere... Any possible idea what that string use to be used for? What does D1 actually do with it? ~-~(HDX)~-~ | January 4, 2007, 3:34 PM |
| Skywing | There have been two strings since day one. | January 4, 2007, 6:14 PM |
| TheMinistered | If you want to know why the client fails without the data. Do the following: Get Diablo1 installed and run it in a debugger and/or analyze via disassembler. Find where it handles that certain packet and under what case causes it to signal failure. | January 4, 2007, 8:29 PM |
| HdxBmx27 | [quote author=Skywing link=topic=16166.msg162949#msg162949 date=1167934478]There have been two strings since day one.[/quote]Then why isnt it documented? Thats my main point I guess. As for debugging it myself, I can do that this weekend, Right now for the most part I am out of my house useing a friends laptop, and she dosen't have IDA intalled. ~-~(HDX)~-~ | January 5, 2007, 12:18 AM |
| Skywing | [quote author=Hdx link=topic=16166.msg162952#msg162952 date=1167956328] [quote author=Skywing link=topic=16166.msg162949#msg162949 date=1167934478]There have been two strings since day one.[/quote]Then why isnt it documented? Thats my main point I guess. As for debugging it myself, I can do that this weekend, Right now for the most part I am out of my house useing a friends laptop, and she dosen't have IDA intalled. ~-~(HDX)~-~ [/quote] Presumably because not everyone who has done research into the Battle.net protocol has posted all of their findings on BnetDocs. My recollection is that the second string specified an auxiliary patch file (or files - it is treated as an array that is double null terminated, I believe) that should be applied in addition to the patch file given in the first string. This capability was never used by the server, to my knowledge (likely because bnupdate supports splitting patches into multiple sub-MPQs encapsulated by a single outer MPQ anyway). | January 5, 2007, 9:06 PM |
| HdxBmx27 | Humm okay, thanks for the information. I still beleave that Bnet docs should have some sort of mention of it. So I posted a comment. My jumpdrive got currupted somehow -.- so my BNCS server project is gone... So I'll have to restart it. Anyone know of a way to recover a USB Flash Drive? ~-~(HDX)~-~ | January 6, 2007, 3:18 AM |
| zorm | [quote author=Hdx link=topic=16166.msg162995#msg162995 date=1168053482] Humm okay, thanks for the information. I still beleave that Bnet docs should have some sort of mention of it. So I posted a comment. My jumpdrive got currupted somehow -.- so my BNCS server project is gone... So I'll have to restart it. Anyone know of a way to recover a USB Flash Drive? ~-~(HDX)~-~ [/quote] While I've never tried it you might look at [url]http://www.cgsecurity.org/wiki/PhotoRec[/url]. Someone suggested it once on a photography forum, figured it might be of interest to you if you haven't solved the problem already. | January 11, 2007, 4:30 AM |
| HdxBmx27 | I jsut snagged a few mins with ghost at school. Ive been able to snag ~75% of the data. So its all good, I'm still trying to get everything working. (It works, jsut need to re-work my user management, right now it is extramly gay [allow for multiple logins w/o chaning name, dosen't remove user when they disconnect, etc]) ~-~(HDX)~-~ | January 11, 2007, 5:12 AM |
| zorm | Ah thats cool, atleast you were able to recover some of it. | January 11, 2007, 4:46 PM |
| ShaDoWDeM | just wanted to share this, i thought it was kinda wierd/funny that it replied cool FF 25 08 00 3B FB 27 C7 FF 25 08 00 00 00 00 00 .%..;.'. .%...... FF 07 29 00 36 38 58 49 4C 54 52 44 2A 00 00 00 ..).68XI LTRD*... 01 00 09 01 C6 3F 13 37 ED 0D 12 66 07 58 E2 7C .....?.7 ...f.X.| 49 B0 BE A4 87 F0 21 62 00 I.....!b . [1/21/2007 2:39:13 PM:739] FF 07 08 01 02 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 63 6F 6F 6C 00 00 00 00 00 00 00 00 00 00 00 00 cool.... ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ 00 00 00 00 00 00 00 00 ........ | January 21, 2007, 7:44 PM |