## User Tag List

1. its send via https 1.1, so fiddler simply catches it

2. I was able to obtain my CharID, but whenever I attempt to purchase/sell/etc.. any items, the page can't be located... Even though I see it going through Fiddler.

Example url:
Code:
https://tradingpost-live.ncplatform.net/ws/item/24768/buy
Result:
File
JsSrv8/101.16730 Instance/36.370884310

However, I can get a bunch of listings. I'm able to see the stuff that I am buying or selling:

Code:
buying: https://tradingpost-live.ncplatform.net/ws/me.json?time=now&type=buy&charid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&offset=1&count=100
selling: https://tradingpost-live.ncplatform.net/ws/me.json?time=now&type=sell&charid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX&offset=1&count=100
How I was able to get my CharID, I loaded up Fiddler and got it to decode the HTTPS stream. Then I went and canceled an item I had a buy order for. In the fiddler stream, you'll be able to pick out your CharID if you have it decoding properly.

FYI, here are two that I can't get to work (because the pages don't respond when I attempt them outside the game:

Code:
CANCEL ITEM SALE:

https://tradingpost-live.ncplatform.net/ws/item/24720/cancel.json?listing=XXXXXXXXX&isbuy=1&charid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
You have to get the listing by pulling the JSON data for your buy orders and sell orders.

With all of this data, I've been able to put together some code that searches a few listings and evaluates what has large discrepancies between the buy-order price and the sale price, accounting for the TP fees and whatnot, to indicate which will yield the highest profit. Then I have to go search them manually ingame according to that data. It's helped me earn some gold, but I wish I could automate it entirely...
There is also another url that you can see all the buy/sale listings for each item, but I don't remember it. Then you can get in there and set even more granular specifications to the profit margin calculation.

3. Ok well it took me a few minutes to get fiddle sorted but here it is.

0x15c0cc0
so bytes are 2 characters.
4bytes-2bytes-2bytes-2bytes-6bytes.
First section 4 bytes. They are reversed in memory so in the char id it is 11 22 33 44, in memory it reads 44 33 22 11
second/thrid/sections 2 bytes each, all reversed again, 55 66 in char id, in memory 66 55
forth section is not reversed
last section is not reversed.

If that seems confusing maybe I'll try this to explain.
do a byte read of this, each line is each "section"
Code:
0x15C0CC3 0x15C0CC2 0x15C0CC1 0x15C0CC0
- 0x15C0CC5 0x15C0CC4
- 0x15C0CC7 0x15C0CC6
- 0x15C0CC8 0x15C0CC9
- 0x15C0CCA 0x15C0CCB  0x15C0CCC 0x15C0CCD 0x15C0CCE 0x15C0CCF
Enjoy, now where is the uninstall fiddler button lol

4. Awesome! I'll put that to work...

Maybe you can also help with the last piece of the puzzle? (If you're willing).

I can't seem to figure out what the difference in information sent to the web server between the game client and the browser. I'm thinking they are filtering based on header information. I'm hoping that maybe I can spoof the "proper" method since I now have all the moving pieces to buy/sell.

5. HAH! SUCCESS!
Kinda...

I was able to successfully cancel a buy order...
I'm still figuring my way around this, but I'm using Powershell, referencing some .NET assemblies I came across (found here: x64 Components: Email Component, Zip Component, Crypt Component, FTP, SSH, SFTP, MIME, XML, HTTP, IMAP for 64-bit .NET 2.0 Framework - Method examples here: Chilkat C# Http Class Reference)
Here's the code I used to throw together a simulated HTTP request:

Code:
$req = New-Object Chilkat.HttpRequest$req.AddHeader("Accept","*/*")
$req.AddHeader("Accept-Charset","en")$req.AddHeader("Accept-Encoding","gzip,deflate")
$req.AddHeader("Accept-Language","en")$req.AddHeader("Cookie","s=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX")
$req.AddHeader("User-Agent","Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1003.1 Safari/535.19 Awesomium/1.7.1")$req.AddHeader("Origin","https://tradingpost-live.ncplatform.net")
$req.AddHeader("Referer","https://tradingpost-live.ncplatform.net/item/24768")$req.AddHeader("X-Requested-With","XMLHttpRequest")

$http = New-Object Chilkat.Http$url = "https://tradingpost-live.ncplatform.net/ws/item/24768/cancel.json?listing=XXXXXXXXX&isbuy=1&charid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
$http.PostUrlEncoded($url,$req) I will be doing some testing now to see if I can submit a purchase and/or sell order. EDIT: Successful buy order by changing the URL to: Code: $url = "https://tradingpost-live.ncplatform.net/ws/item/24768/buy?count=1&price=217&charid=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

6. Hey Guys,

I can successfully validate a login, but then when I request the item page:
Code:
https://tradingpost-live.ncplatform.net/item/36041
With a GET request, all that's returned are strange characters..

LOGS - Imgur

• The first image shows the Debug Output of the page it retrieved. Just unreadable characters.
• The second image shows Fiddlers 'TextView' tab of the page.
• The last image shows Fiddlers 'JSON' tab of the page.

So is the page encrypted or something from plain text and can only be viewed through JSON? Because I used a JSONDecrypt function on the page and it just returns the same unfamiliar characters.. This is being done in AutoIT versus C#/C++/Java.

7. Originally Posted by lookaway
Hey Guys,

I can successfully validate a login, but then when I request the item page:
Code:
https://tradingpost-live.ncplatform.net/item/36041
With a GET request, all that's returned are strange characters..

LOGS - Imgur

• The first image shows the Debug Output of the page it retrieved. Just unreadable characters.
• The second image shows Fiddlers 'TextView' tab of the page.
• The last image shows Fiddlers 'JSON' tab of the page.

So is the page encrypted or something from plain text and can only be viewed through JSON? Because I used a JSONDecrypt function on the page and it just returns the same unfamiliar characters.. This is being done in AutoIT versus C#/C++/Java.
I guess you have noticed the httpS:// protocol, havent you? Now lets think a bit, strange characters and a encryption, hmmm hard to come up with the problem...

8. Originally Posted by Paranaix
I guess you have noticed the httpS:// protocol, havent you? Now lets think a bit, strange characters and a encryption, hmmm hard to come up with the problem...
Yeah I noticed it was secure. When I create the HttpObject I use $INTERNET_DEFAULT_HTTPS_PORT to connect with 443. Then when I send the request I send it with$WINHTTP_FLAG_SECURE, which is how it let's me login succesfully, it's just when I need to use GET versus POST it doesn't return the unencrypted data..

Code:
$hw_open = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 6.1; de; rv:1.9.2.7) Gecko/20100713 Firefox/3.6.7 GTB7.1")$hw_connect = _WinHttpConnect($hw_open, "https://tradingpost-live.ncplatform.net" ,$INTERNET_DEFAULT_HTTPS_PORT)
$h_openRequest = _WinHttpOpenRequest($hw_connect, "POST", "/item/36041", "HTTP/1.1", _
$WINHTTP_NO_REFERER,$WINHTTP_DEFAULT_ACCEPT_TYPES, \$WINHTTP_FLAG_SECURE)

EDIT: I got it. Two long days later. The Encoding I was accepting needed to be forced to uncompress. Instead of ("Accept-Encoding", "gzip, deflate") I needed ("Accept-Encoding", "gzip;q=0")

9. Originally Posted by SSlisa
Ok well it took me a few minutes to get fiddle sorted but here it is.

0x15c0cc0

[snip]
Has this offset changed? If so, anyone know a good way of finding it?

Edit: Just decided to grab Fiddler and find it myself.

For GW2 Build 16048
CharID - 0x015CF640

10. For GW2 Build 16071

CharID - 0x015DEF88

11. Hello,

i'd like to get this working (get info and set info into the TP wtihout being on GW2), but it seems that i got some trouble getting things working.

Can anyone give me some advise ? (like how i login, and how i can return info from item).

Thx

12. Originally Posted by Globeul
Hello,

i'd like to get this working (get info and set info into the TP wtihout being on GW2), but it seems that i got some trouble getting things working.

Can anyone give me some advise ? (like how i login, and how i can return info from item).

Thx
If you're using C#, use the code from this post (Selling, and taking items from trading post) to log in.

You can use the same methodology to issues requests for lists of items, buy/sell orders. You'll need your CharID though, which can be found at the address I mentioned in my previous post in this thread, and in the format SSlisa detailed above (first four bytes reversed as well as the next two two-byte sets). So you read out your CharID from that address, swap the first four, five/six and seven/eight bytes around, then print it into the URL.

There are multiple examples of what URLs to use.

As for getting item information and such, your best option is to go to GW2 Spidy on Github and look at the source and figure it out. It's all standard JSON for the most part.

Edit: Also check out Fiddler, which will let you see exactly what the Trading Post does when you buy/sell/list items. You'll want to use the little target process thing to select GW2 so you don't get all requests, and also click the Decode button at the top. I had to mess with it a bit to get the useful data.

13. Hey,

The thing is, i'm trying to do that with Autoit.
Second thing, i got the return value INT of the CharID - 0x015DEF88, and it give me a number with lenght = 9.

obviously not what i need to i guess...

14. You need to read 16 bytes out for the char ID, it's not an int :P

After you get an array of 16 bytes you need to reverse the first four bytes, the 5/6 bytes and the 7/8 bytes. Look at SSlissa's post above.

15. Okey

Thanks to you, i'm moving on

guess i miss something

Page 2 of 5 First 12345 Last