[Release] Protocol Simulator / Wireshark Capture Parser menu
Follow us:

User Tag List

Results 1 to 2 of 2
  1. 09-16-2011 #1
    SKU's Avatar
    SKU
    SKU is offline
    Contributor
    Reputation
    306
    Join Date
    May 2007
    Posts
    565
    Thanks G/R
    0/0
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    [Release] Protocol Simulator / Wireshark Capture Parser

    Source: https://github.com/zku/Diablo-III-Protocol-Simulator

    Code:
    SUMMARY

author:             sku/thesku
description:        parses diablo3 tcp streams and
                    maps the packets to their respective
                    protobuf messages, simulates client
                    and server behaviour and keeps track
                    of bound services / responses etc.
credits:            shadow^dancer, TOM_RUS, #d3.dev
legal:              code posted to public domain by sku, no copyright
                    use at your own risk

DATA FILE FORMAT

1) open wireshark
2) filter for tcp.srcport==1119||tcp.dstport==1119
3) rightclick any packet -> Follow TCP stream
4) save all bytes to all.dat
5) save client->server bytes to c2s.dat
6) save server->client bytes to s2c.dat
7) place these 3 files in the ./data folder

OMG

yes, this is a poc, it's ugly, get over it
    Capturing a (failed) login attempt and then replaying it:
    Code:
    D3 client<->server protocol simulator
replaying real login protocol


*** server received packet ***
> this is total packet 0x0001
> this is server's 0x0001-th received packet
> packet header: [service=0x0] [method=0x1] [request=0x0] [unknown=0x0] [size=0x0]
> packet payload/protobuffer:
no payload!
> packet received on service id 0x00 with hash 0x00000000
handler 0x00000000 called, method: 0x1 (service id: 0x00)
>>> ConnectRequest



*** client received packet ***
> this is total packet 0x0002
> this is client's 0x0001-th received packet
> packet header: Answer [service=0xfe] [method=0x0] [request=0x0] [size=0x1a]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 0a 0c 08 dd e9 8e bb 0e 10 85 a8 c9 f3 04 12 0a
0010 08 c3 f2 02 10 df b5 cf f3 04
> packet received on service id 0xfe with hash 0xfffffffe
handler 0xfffffffe called, method: 0x0, request:0x0000 (service id: 0xfe)
>>> ConnectResponse
server_id {
  label: 3882071261
  epoch: 1316115461
}
client_id {
  label: 47427
  epoch: 1316215519
}



*** server received packet ***
> this is total packet 0x0003
> this is server's 0x0002-th received packet
> packet header: [service=0x0] [method=0x2] [request=0x1] [unknown=0x0] [size=0x13]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 0a 08 32 db 32 b7 ff 96 07 fa 12 07 0d 94 80 8c
0010 bf 10 02
> packet received on service id 0x00 with hash 0x00000000
handler 0x00000000 called, method: 0x2 (service id: 0x00)
>>> BindRequest
imported_service_hash: 3073563442
imported_service_hash: 4194801407
exported_service {
  hash: 3213656212
  id: 2
}



*** client received packet ***
> this is total packet 0x0004
> this is client's 0x0002-th received packet
> packet header: Answer [service=0xfe] [method=0x0] [request=0x1] [size=0x4]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 0a 02 04 03
> packet received on service id 0xfe with hash 0xfffffffe
handler 0xfffffffe called, method: 0x0, request:0x0001 (service id: 0xfe)
>>> BindResponse
imported_service_id: 4
imported_service_id: 3



*** server received packet ***
> this is total packet 0x0005
> this is server's 0x0003-th received packet
> packet header: [service=0x0] [method=0x2] [request=0x2] [unknown=0x0] [size=0xf]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 0a 04 01 fc ec 0d 12 07 0d 35 0e 24 71 10 03
> packet received on service id 0x00 with hash 0x00000000
handler 0x00000000 called, method: 0x2 (service id: 0x00)
>>> BindRequest
imported_service_hash: 233634817
exported_service {
  hash: 1898188341
  id: 3
}



*** client received packet ***
> this is total packet 0x0006
> this is client's 0x0003-th received packet
> packet header: Answer [service=0xfe] [method=0x0] [request=0x2] [size=0x3]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 0a 01 01
> packet received on service id 0xfe with hash 0xfffffffe
handler 0xfffffffe called, method: 0x0, request:0x0002 (service id: 0xfe)
>>> BindResponse
imported_service_id: 1



*** server received packet ***
> this is total packet 0x0007
> this is server's 0x0004-th received packet
> packet header: [service=0x1] [method=0x1] [request=0x3] [unknown=0x0] [size=0x53]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 0a 02 44 33 12 03 57 69 6e 1a 04 65 6e 55 53 22
0010 0b 73 6b 75 40 73 6b 75 2e 73 6b 75 28 02 32 33
0020 41 75 72 6f 72 61 20 33 39 36 62 38 36 33 32 61
0030 37 5f 70 75 62 6c 69 63 2f 31 38 38 20 28 41 75
0040 67 20 33 31 20 32 30 31 31 20 32 30 3a 32 35 3a
0050 30 37 29
> packet received on service id 0x01 with hash 0x0decfc01
handler 0x0decfc01 called, method: 0x1 (service id: 0x01)
>>> LogonRequest
program: "D3"
platform: "Win"
locale: "enUS"
email: "[email protected]"
listener_id: 2
version: "Aurora 396b8632a7_public/188 (Aug 31 2011 20:25:07)"



*** client received packet ***
> this is total packet 0x0008
> this is client's 0x0004-th received packet
> packet header: Answer [service=0xfe] [method=0x3] [request=0x3] [size=0x0]
> packet payload/protobuffer:
no payload!
> packet received on service id 0xfe with hash 0xfffffffe
handler 0xfffffffe called, method: 0x3, request:0x0003 (service id: 0xfe)
>>> LogonResponse



*** client received packet ***
> this is total packet 0x0009
> this is client's 0x0005-th received packet
> packet header: [service=0x0] [method=0x4] [request=0x0] [unknown=0x0] [size=0x2]
> packet payload/protobuffer:
     00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f
     -----------------------------------------------
0000 08 03
> packet received on service id 0x00 with hash 0x00000000
handler 0x00000000 called, method: 0x4 (service id: 0x00)
>>> DisconnectNotification
error_code: 3
    Reply With Quote Reply With Quote
    [Release] Protocol Simulator / Wireshark Capture Parser
  2. 09-17-2011 #2
    Nesox's Avatar
    Nesox
    Nesox is offline
    ★ Elder ★
    Reputation
    1280
    Join Date
    Mar 2007
    Posts
    1,238
    Thanks G/R
    0/3
    Trade Feedback
    0 (0%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Nicely done SKU, i'm sure someone will find this useful
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. [Release] Herbs to flag
    By Dave-evad in forum World of Warcraft Model Editing
    Replies: 9
    Last Post: 11-26-2006, 03:31 PM
  2. anti-warden Release #1
    By zhPaul in forum World of Warcraft Bots and Programs
    Replies: 40
    Last Post: 10-21-2006, 01:40 AM
  3. Burning Crusade Release
    By KOLOSSAL in forum World of Warcraft General
    Replies: 3
    Last Post: 10-10-2006, 12:33 AM
  4. ACA Capture Pro 5.10
    By Tenche in forum World of Warcraft Bots and Programs
    Replies: 3
    Last Post: 07-08-2006, 11:28 PM
  5. Sulfuras (guide to capture/create urbx weaponx)
    By oninuva in forum World of Warcraft Guides
    Replies: 4
    Last Post: 05-06-2006, 12:42 AM
All times are GMT -5. The time now is 05:16 AM. Powered by vBulletin® Version 4.2.3
Copyright © 2024 vBulletin Solutions, Inc. All rights reserved. User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2024 DragonByte Technologies Ltd.
Digital Point modules: Sphinx-based search