| Author | Message | Time |
|---|---|---|
| ThePro | Hello! I don't know if this is the wrong board to post this, but since it seems you have some knowledge in reverse engeneering gameprotocols (like BNCS) It could be the correct one. ;) Sometimes I play F1 2002 with some friends over the Internet. This is the Best F1 Multiplayer Game I ever played but unfortunally there exists no dedicated server. :( You have to run a copy of that game to open a server. When more than 5 Players connect, the game will be unplayable since there are lots of data to be transmitted. The F1 series has been canceld by EA SPORTS so there is no hope to wait for another game of them. :( Since I have a root Server with a 100Mbit connection my idea was to write an open source dedicated server by my own. The hardest part of it is to analyse the games protocol. Is here anyone who has some knowledge in reverse engeneering a protocol or could help me a little bit? Here is an example how a packet looks like: [code] 0000: 04 00 43 00 20 F6 FF 0F 43 00 02 00 00 00 54 68 ..C. ...C.....Th 0010: 65 50 72 6F 00 00 00 00 00 00 00 00 00 00 00 00 ePro............ 0020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4D 47 ..............MG 0030: 30 35 00 00 00 00 00 FF 00 00 00 00 00 00 00 00 05.............. 0040: 03 77 02 00 00 00 01 00 00 00 00 xx xx xx xx xx .w......... [/code] This is send by the Server, when someone connects. My name on the Server is 'ThePro', so this Packet seems to tell the other player how my name is. | June 9, 2007, 12:13 PM |
| Kp | For protocols of any complexity, you will probably have to disassemble at least parts of the game binary to figure out the meaning of some fields. Depending on how the F1 designers implemented the game, you may end up needing to implement a substantial portion of the game logic in your server. There are a fair number of people who read the forums and have some background in reverse engineering. Reverse engineering a non-trivial protocol is rarely quick, so I doubt you'll get much help here. Most people who do this do it for some personal gain. This contrasts with certain other types of help provided here, which are easy to give and so do not require gain as a motivator. | June 9, 2007, 3:34 PM |
| warz | If you were to ask questions specifically regarding reverse engineering tips and tricks, or 'what does this asm do', or 'whats wrong with my code here', you'll most likely receive some helpful answers. | June 9, 2007, 3:56 PM |
| ThePro | Okay, I started to analyse today. I found out, which packet hat to be send, when the Server changes the track. I used WPE Pro to spoof that package, so the game on my other computer tought, that a new track has to be loaded, but on the server the old track was still running. :D Here are some pics: http://img73.imageshack.us/img73/5521/f11tm1.jpg http://img470.imageshack.us/img470/9669/f12lc7.jpg http://img470.imageshack.us/img470/918/f13cn2.jpg It seems, it is a very simple protocol, with no special "out of sync" detection. Just the coordinates will be transmitted permanently (every 100ms I guess) by UDP packets. Now I tried to resend one of this coordinate packets, but I got an Error by WPE Pro :( In the Messages box I got a "CONNECTION SUCCESFULLY OPEN" but a moment later the Packet(s) Error gets increased by one. I noticed, that the coordinates will be send to 0.0.0.0:17677, but the "next track" packages will be send to the network IP of my other machine. This are the 2 magic "track change packes" [code] 30 192.168.0.29:30477 192.168.0.21:30477 127 Send 0000 04 00 77 00 A0 F6 FF 0F 00 00 00 00 6C 6F 6C 00 ..w.........lol. 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 10 ................ 0030 48 6C 6F 6C 00 00 00 00 00 00 00 00 00 00 00 00 Hlol............ 0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0050 00 49 54 41 4C 59 00 00 00 00 00 00 00 00 00 00 .ITALY.......... 0060 00 00 00 10 01 01 64 02 00 06 02 B3 0B BD A9 00 ......d......... 0070 3F 00 00 00 00 7F FE 0A 00 45 0D 00 00 00 00 ?........E..... 31 192.168.0.29:30477 192.168.0.21:30477 16 Send 0000 04 00 08 00 01 F6 FF 0F 00 00 45 45 06 73 09 45 ..........EE.s.E [/code] As you can see, the packages are adressed to 192.168.0.21 Now the coodinate packes: [code] 1 :0 0.0.0.0:17677 72 RecvFrom 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 81 0C ..@.`........:.. 0010 40 11 04 4F 09 45 F1 6B 9B 43 B8 FC 7F C0 F7 10 @..O.E.k.C...... 0020 5F 41 AD FF AE 11 FA FF 0C 0C 04 04 FD FF FD FF _A.............. 0030 FE FF 00 00 00 00 00 00 00 00 00 00 00 00 1D 00 ................ 0040 E7 FF C0 50 2E 21 00 80 ...P.!.. 2 0.0.0.0:17677 :0 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 11 BA 50 09 45 C1 A6 43 41 70 13 EE BF 31 1E @..P.E..CAp...1. 0020 5A C3 ED FF 28 0C 00 00 0C 0C 04 04 00 00 00 00 Z...(........... 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 01 00 C0 F1 0F 00 00 E0 ........ [/code] WTF? why 0.0.0.0? | June 10, 2007, 12:51 PM |
| Ringo | [quote author=ThePro link=topic=16774.msg169968#msg169968 date=1181479891] It seems, it is a very simple protocol, with no special "out of sync" detection. Just the coordinates will be transmitted permanently (every 100ms I guess) by UDP packets. [/quote] I would guess that the 100ms "beat" is responceable for game sync, as for a driving game, its very important to know exacly what interval a player turned, accelerated, broke, etc, to work out there exact position/speed on the track. The UDP packets should* have a sent and recv count (maybe offset 0x0E) for somthing like this, to keep track of lost/late packets. Depending if the UDP data is transmited to the server, or the player, is going to depend how much (if any) game phisics/logic your server is going to need built in (see Kp's post) [quote author=ThePro link=topic=16774.msg169968#msg169968 date=1181479891] This are the 2 magic "track change packes" [code] 30 192.168.0.29:30477 192.168.0.21:30477 127 Send 0000 04 00 77 00 A0 F6 FF 0F 00 00 00 00 6C 6F 6C 00 ..w.........lol. 0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0020 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 10 ................ 0030 48 6C 6F 6C 00 00 00 00 00 00 00 00 00 00 00 00 Hlol............ 0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0050 00 49 54 41 4C 59 00 00 00 00 00 00 00 00 00 00 .ITALY.......... 0060 00 00 00 10 01 01 64 02 00 06 02 B3 0B BD A9 00 ......d......... 0070 3F 00 00 00 00 7F FE 0A 00 45 0D 00 00 00 00 ?........E..... 31 192.168.0.29:30477 192.168.0.21:30477 16 Send 0000 04 00 08 00 01 F6 FF 0F 00 00 45 45 06 73 09 45 ..........EE.s.E [/code] As you can see, the packages are adressed to 192.168.0.21 Now the coodinate packes: [code] 1 :0 0.0.0.0:17677 72 RecvFrom 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 81 0C ..@.`........:.. 0010 40 11 04 4F 09 45 F1 6B 9B 43 B8 FC 7F C0 F7 10 @..O.E.k.C...... 0020 5F 41 AD FF AE 11 FA FF 0C 0C 04 04 FD FF FD FF _A.............. 0030 FE FF 00 00 00 00 00 00 00 00 00 00 00 00 1D 00 ................ 0040 E7 FF C0 50 2E 21 00 80 ...P.!.. 2 0.0.0.0:17677 :0 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 11 BA 50 09 45 C1 A6 43 41 70 13 EE BF 31 1E @..P.E..CAp...1. 0020 5A C3 ED FF 28 0C 00 00 0C 0C 04 04 00 00 00 00 Z...(........... 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 01 00 C0 F1 0F 00 00 E0 ........ [/code] WTF? why 0.0.0.0? [/quote] I think its shows as 0.0.0.0 rather than the network IP, because of WPE or becuase of a router (Im not sure, but its nothing to worry about if you know the correct address) Rather than editing the packets with WPE to see the effect, depending how much packet modifying you need to do, it maybe worth createing a gateway, so the F1 game connects to that, and the gayeway connects to the F1 server host, and proxys the data through the gateway. That should give easy access to packet modications both ways, as wall as making it easy to create a sutible packet buffer, parseing routines, and so on, ready for when you start a server. Also the gateway can be the packetlogger as well :) Im not sure how much you have looked into the packets, but it looks like the 1st 8 bytes are a packet header, and the rest being the payload. (WORD) 0x04 (WORD) Lengh Of Packet (discluding the header lengh of 8 ) (DWORD) Maybe a checksum or some packet ID+ maybe (VOID) Packet Also it looks like the UDP messages has a 2nd header at the start of the packet payload. Im guessing the F1 game deals and transmites forces, because the udp coordinate packets seem to have alot of values in that would suggest things like acceleration, braking, turning forces etc are all transmited constantly. also, lol at them 2 in 1 track ss's :) | June 10, 2007, 1:58 PM |
| ThePro | [quote author=Ringo link=topic=16774.msg169969#msg169969 date=1181483923] I think its shows as 0.0.0.0 rather than the network IP, because of WPE or becuase of a router (Im not sure, but its nothing to worry about if you know the correct address) [/quote] Hm, it seems to be a problem of WPE. I used Ethereal to check the Packets and noticed, that all packets are adressed correctly to 192.168.0.21 I tried to send the Packet manually with WPE, but I still get an error. Could you suggest me another good packet editor? I've downloaded NetXray but it says, thats only possible to install it on Machines located in Canada or USA. :( [quote author=Ringo link=topic=16774.msg169969#msg169969 date=1181483923] Im not sure how much you have looked into the packets, but it looks like the 1st 8 bytes are a packet header, and the rest being the payload. (WORD) 0x04 (WORD) Lengh Of Packet (discluding the header lengh of 8 ) (DWORD) Maybe a checksum or some packet ID+ maybe (VOID) Packet Also it looks like the UDP messages has a 2nd header at the start of the packet payload. Im guessing the F1 game deals and transmites forces, because the udp coordinate packets seem to have alot of values in that would suggest things like acceleration, braking, turning forces etc are all transmited constantly. also, lol at them 2 in 1 track ss's :) [/quote] No, I didn't checked it yet, but you are right thx. Its similar to BNCS. PS: The lol you can see twice was the Gamename I choosed when I opend the server. :) | June 10, 2007, 3:13 PM |
| l2k-Shadow | [quote author=ThePro link=topic=16774.msg169970#msg169970 date=1181488396] Could you suggest me another good packet editor? I've downloaded NetXray but it says, thats only possible to install it on Machines located in Canada or USA. :( [/quote] that could probably be cracked. | June 10, 2007, 4:37 PM |
| ThePro | Yes, but I dunno how. I tried W32Dasm but I didn't find the string resource of the MessageBox. | June 10, 2007, 5:08 PM |
| l2k-Shadow | can u post a link to it? | June 10, 2007, 5:51 PM |
| ThePro | http://www.elitegrounds.net/winPeditors/netxray.zip | June 10, 2007, 5:53 PM |
| ThePro | Thats what I found out yet: (It will be updated, when I found out more. Last update: 13.June.2007, 04:31 GMT+1:00) [u]Ports[/u] F1 2002 is using some ports with own special tasks. Port 3297 (UDP) The task of this port is to tell the name of the server, which track is currently running and the ammount of connected Players. This will be shown in the Serverlist. A client has to send "\status\" and the Server will answer like this: "\\gamename\\f12002\\gamever\\1.000\\hostname\\ThePros Dediacted Server\\hostport\\3397\\mapname\\Germany\\numplayers\\1\\maxplayers\\16\\maxdatarate\\22\\fuelmultiplier\\1\\player_0\\ThePro\\vehicle_0\\MM03\\score_0\\0\\ping_0\\0\\final\\\\queryid\\2.1" Port 30477 (TCP) This port will be used for any other information (track change, chat messages, player leaves etc.) It will also be used, right after a client connected to give it some Information about the server. (which car does every player has etc.) Port 17677 (UDP) The gamedata will be transmitted here. Server and client are sending packets in both directions permanently. I think the contents of the packets will be current speed, coordinates, forces etc. like ringo said above. [u]Packets[/u] F1_HEADER: SyncByte (WORD) (Always 0x04) Datalen (WORD) MessageID (DWORD) F1_SC_LOGIN_UNKNOWN1: (MessageID: 0x0FFFF6C0) [Client => Server] Unknown: 02 00 45 0D C0 A8 00 15 00 00 00 06 40 00 36 00 F1_SC_LOGIN_UNKNOWN2: (MessageID: 0x0FFFF780) [Client => Server] Unknown: 00 9A 83 7C D8 FC 80 7C FF F1_SC_PLAYERINFO: (MessageID: 0x0FFFF620) [Server => Client] Unknown: 43 00 02 00 00 00 Playername[32]: (char) (Unknown if terminated) CarModelName[8] (char) (Unknown if terminated) Unknown: 00 FF 00 00 00 00 00 00 00 00 03 77 02 00 00 00 01 00 00 00 00 F1_SC_TRACKINFO: (MessageID: 0x0FFFF6A0) [Server => Client] Unknown: 00 00 00 00 Gamename[32]: (char) Unknown (DWORD) Gamename[32] (char) Trackname[16?] (char) Unknown: (Maybe the rules like weather, damage etc.) 00 00 10 01 01 64 02 00 16 00 A0 0B 8E 58 CB 3D 00 00 00 00 FF FF 0A 00 00 00 00 00 00 00 F1_SC_LOGIN_UNKNOWN3: (MessageID: 0x0FFFFA40) [Server => Client] Unknown: (DWORD) 03 00 F1_SC_LOGIN_REQUEST_UNKNOWN: (MessageID: 0x0FFFF601) [Client => Server] Unknown: 00 00 43 44 00 00 00 00 F1_SC_LOGIN_REQUEST_UNKNOWN: (MessageID: 0x0FFFF601) [Server => Client] Unknown: 00 3D 44 44 6B 7E 4A 42 02 00 00 00 00 00 80 (In one of the two responses the Rest will be 'BF 00 00 80' alot of times.) F1_SC_CHATMSG: (MessageID: 0x0FFFF201) [Client => Server] Union (WORD) ChatMessageLen(10 bits) Sender (6 bits) Unknown (WORD) (Always 0x4446) Unknown (DWORD) (Timestamp?) Message (char) (nonterminated. The length of ChatMessageLen will be asumed) F1_SC_LEAVE: (MessageID: 0x0FFFF7C0) [Client => Server] none [u]Notes[/u] F1_SC_LOGIN_REQUEST_UNKNOWN (0x0FFFF601) seems to be a special message, with different meanings with a subheader. [u]Messages[/u] F1_SC_CHATMSG = 0x0FFFF201 F1_SC_LOGIN_UNKNOWN1 = 0x0FFFF6C0 F1_SC_LOGIN_UNKNOWN2 = 0x0FFFF780 F1_SC_LEAVE = 0x0FFFF7C0 F1_SC_PLAYERINFO = 0x0FFFF620 F1_SC_TRACKINFO = 0x0FFFF6A0 F1_SC_LOGIN_UNKNOWN3 = 0x0FFFFA40 F1_SC_LOGIN_REQUEST_UNKNOWN = 0x0FFFF601 | June 12, 2007, 4:13 PM |
| ThePro | The hardest part will be editing the received packet of a client correctly and send them to the other clients. Here is a dump of the Server, when 2 clients are connected: [code] 2 Hide Hide 72 RecvFrom 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 81 0C ..@.`........:.. 0010 40 10 61 29 3A 45 22 F9 CD C1 34 05 F9 C0 C2 80 @.a):E"...4..... 0020 E6 41 EE FF F3 FF 00 00 0C 0C 04 04 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ 3 Hide Hide 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 10 21 2A 3A 45 AA 96 27 C2 2D 0B F9 C0 2D 32 @.!*:E..'.-...-2 0020 E6 41 EE FF EB FF 00 00 0D 0D 05 05 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ [/code] [code] 4 Hide Hide 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 10 E4 2A 3A 45 AA 96 27 C2 2D 0B F9 C0 2D 32 @..*:E..'.-...-2 0020 E6 41 EE FF EB FF 00 00 0D 0D 05 05 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ 5 Hide Hide 72 RecvFrom 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 81 0C ..@.`........:.. 0010 40 10 F7 2A 3A 45 23 F9 CD C1 34 05 F9 C0 C2 80 @..*:E#...4..... 0020 E6 41 EE FF F3 FF 00 00 0C 0C 04 04 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ [/code] [code] 6 Hide Hide 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 10 9E 2B 3A 45 AA 96 27 C2 2E 0B F9 C0 2D 32 @..+:E..'.....-2 0020 E6 41 EE FF EB FF 00 00 0D 0D 05 05 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ 7 Hide Hide 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 10 5C 2C 3A 45 A9 96 27 C2 2E 0B F9 C0 2D 32 @.\,:E..'.....-2 0020 E6 41 EE FF EB FF 00 00 0D 0D 05 05 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF FF ................ 0040 00 00 C0 F1 01 00 00 E0 ........ [/code] [code] 8 Hide Hide 72 RecvFrom 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 81 0C ..@.`........:.. 0010 40 10 93 2C 3A 45 23 F9 CD C1 34 05 F9 C0 C2 80 @..,:E#...4..... 0020 E6 41 EE FF F3 FF 00 00 0C 0C 04 04 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ 9 Hide Hide 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 10 0E 2D 3A 45 A9 96 27 C2 2D 0B F9 C0 2D 32 @..-:E..'.-...-2 0020 E6 41 EE FF EB FF 00 00 0D 0D 05 05 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 ........ 10 Hide Hide 72 SendTo 0000 04 00 40 00 60 09 BE 00 04 01 08 BE 00 3A 80 0C ..@.`........:.. 0010 40 10 CC 2D 3A 45 A9 96 27 C2 2D 0B F9 C0 2D 32 @..-:E..'.-...-2 0020 E6 41 EE FF EB FF 00 00 0D 0D 05 05 00 00 00 00 .A.............. 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 0040 00 00 C0 F1 01 00 00 E0 [/code] Hm, I thought that the data of all clients just get forwarded but it isn't that easy. Sometimes random pieces of a packet gets modified, before its get forwarded. Without any Information about the packets, it will be very hard or impossible to handle that. | June 13, 2007, 12:44 AM |
| warz | Who is hosting the server? The game acts as the host, correct? In that case, you'll need to debug the game while you host it, and locate the message dispatcher. | June 13, 2007, 2:17 AM |
| ThePro | [quote author=betawarz link=topic=16774.msg170065#msg170065 date=1181701027] Who is hosting the server? The game acts as the host, correct? In that case, you'll need to debug the game while you host it, and locate the message dispatcher. [/quote] Yes, the game acts as host. Thats why I want to make a dedicated server. :) Debugging is the next thing I'll try, but I'm no reversing expert. I will download Ollydebug tomorrow and give it a try. Maybe this is a nice practice in reversing apps. ;) | June 13, 2007, 3:05 AM |
| ThePro | I found another packet editor called 'Packetyzer' Its a very powerful packet editor, which is also able to modify UDP packets. Now I was able to play with the Gamedata Packet. When I sent a modified packet, for 1ms the car of the player where I spoofed the packet went to that position, which was stored in that packet. With a littebit trail and error I found out the following most important Data: x,y,z - Koordinates x,y,z - rotation Dunno which bytes they use yet and which data is stored in the packet else, since I just wanted to know if there is some encryption or something. As you can see there is not .:) With that, I should be able to get a running server soon. :) Finally I will go sleep now. Updates will follow tomorrow. | June 13, 2007, 5:40 AM |
| ThePro | Finally I have enough information, to make the server. :) I was wrong with that the Server changes random pieces of Bytes before forwarding the packets. I found out, that just one byte will be changed, where the PlayerID of the geometry stuff is stored. With that you can define, on which player the following information will take effect. The rest will be forwarded 1:1 except 4 bytes. If you still let them on their values you received from the client, it will work anyway (dunno whats the sense then). Fortunally the PlayerID will be set by the client so I dont have to write a routine for it. Now its also unnessecary to know which speed, forces etc. will be transmitted. //Game Protocol F1_GC_PLAYERDATA: 0x00BE0960 Unknown: 04 01 08 BE 00 3A PlayerID: (BYTE, union) Unknown (10 bits) ID(4bits) Geometry stuff: 0C 80 10 28 CD 15 45 FD 78 6A C2 82 E6 F8 C0 AB 0E 9A 41 ED FF DE F3 00 00 0D 0D 05 05 00 00 00 00 00 00 FB FF 00 00 00 00 00 00 00 00 00 00 DC FF 06 00 40 F1 0F 00 00 A0 | June 13, 2007, 8:30 PM |
| ThePro | I've deceided to make something like the BnetDocs to collect my researches. Here it is: page is down, use my bitbucket page instead: http://bitbucket.org/thepro/f1-2002-dedicated-server/wiki/packets If someone is interested in researching F1 2002 too, please write me a private message in this forum. | July 15, 2007, 12:18 AM |
| ThePro | After two years I decided to continue this project. I'm using mercurial now, which is a very cool version control system. The whole project will be open source and it will be available on bitbucket.org for everyone. This is the wiki of the packets I reversed yet: http://bitbucket.org/thepro/f1-2002-dedicated-server/wiki/packets If you are good in reversing and/or python and are interested to help me feel free to contact me. | August 15, 2009, 9:57 PM |
| ThePro | Are there any tips on how to find the routine which build the packets? I already found the routine which copies the data into the send() buffer (By setting a breakpoint on send() and tracing up) but I need to know how this data is built. The Problem is it seems I am stuck in an endless loop (Thats a network thread which waits for the data to be sent I guess) Setting a breakpoint on the data which will be copied in the buffer doesen't help, since olly breaks all the time then when leaving step mode. (Dynamic allocation) | February 24, 2010, 5:41 AM |